¶ Reference - IP and Port Assignments
Live reference for homelab hosts, CTIDs, public URLs, internal targets, and service ports.
| Field |
Value |
| Audience |
Administrator |
| Primary source |
Live NPM SQLite, proxmox2 pct list, MCP homelab and network topics |
| Routing model |
Cloudflare Tunnel -> NPM -> internal service |
| NPM validation |
is_deleted = 0 only |
| Last verified |
2026-06-12 |
Use this page when adding services, debugging routing, or checking whether a public URL points to the expected internal host. Public routes are managed in Nginx Proxy Manager on CTID 101.
| Name |
IP |
Role |
Access |
| UDM Beast |
10.0.2.1 |
Router, WireGuard VPN |
https://router.pittsfamily.me |
| Mnemosyne |
10.0.2.10 |
TrueNAS SCALE, apps, storage |
https://nas.pittsfamily.me |
| proxmox1 |
10.0.2.11 |
HA/media/ops hypervisor |
https://proxmox1.pittsfamily.me |
| Home Assistant |
10.0.2.12 |
HAOS VM 100 |
https://homeassistant.pittsfamily.me |
| proxmox2 |
10.0.2.13 |
Infrastructure hypervisor |
https://proxmox2.pittsfamily.me |
| NPM |
10.0.2.14 |
Nginx Proxy Manager |
https://npm.pittsfamily.me |
| Pi-hole |
10.0.2.15 |
DNS |
https://pihole.pittsfamily.me |
| Vaultwarden |
10.0.2.17 |
Credential vault |
https://vault.pittsfamily.me |
| Homelab-MCP |
10.0.2.18:3101 |
MCP backend |
Through Sentinel |
| Cortex |
10.0.2.19 |
AI workstation |
SSH state unverified |
| Authentik |
10.0.2.24:9000 |
Legacy/current IdP |
https://authentik.pittsfamily.me |
| Sentinel |
10.0.2.25:3200 |
OAuth AS and MCP proxy |
https://mcp.pittsfamily.me |
| QNAP |
10.0.2.50 |
Reserved NVR/Frigate |
https://nvr.pittsfamily.me |
| CTID |
Name |
IP |
Ports / service |
| 101 |
npm |
10.0.2.14 |
80, 81, 443 |
| 102 |
pihole |
10.0.2.15 |
53, 80 |
| 103 |
mcp-server |
10.0.2.16 |
stopped old MCP |
| 104 |
vaultwarden |
10.0.2.17 |
80 |
| 105 |
agent-memory-core / Homelab-MCP |
10.0.2.18 |
3101 |
| 106 |
ai-gateway / Authentik |
10.0.2.24 |
9000 |
| 107 |
sentinel |
10.0.2.25 |
3200 |
| Public URL |
Internal target |
Notes |
homeassistant.pittsfamily.me |
http://10.0.2.12:8123 |
Home Assistant |
nas.pittsfamily.me |
https://10.0.2.10:443 |
TrueNAS |
proxmox1.pittsfamily.me |
https://10.0.2.11:8006 |
Proxmox UI |
mcp.pittsfamily.me |
http://10.0.2.25:3200 |
Sentinel MCP entry |
photos.pittsfamily.me |
http://10.0.2.10:2283 |
Immich |
proxmox2.pittsfamily.me |
https://10.0.2.13:8006 |
Proxmox UI |
router.pittsfamily.me |
https://10.0.2.1:443 |
UniFi |
pihole.pittsfamily.me |
http://10.0.2.15:80 |
Pi-hole |
vault.pittsfamily.me |
http://10.0.2.17:80 |
Vaultwarden |
npm.pittsfamily.me |
http://10.0.2.14:81 |
NPM admin |
navidrome.pittsfamily.me |
http://10.0.2.21:4533 |
Media |
lidarr.pittsfamily.me |
http://10.0.2.21:8686 |
Media |
prowlarr.pittsfamily.me |
http://10.0.2.21:9696 |
Media |
calibre.pittsfamily.me |
http://10.0.2.21:8083 |
Media |
torrent.pittsfamily.me |
http://10.0.50.10:8080 |
VPN/torrent |
uptime.pittsfamily.me |
http://10.0.2.21:3001 |
Uptime Kuma |
help.pittsfamily.me |
http://10.0.2.23:3000 |
Wiki.js |
nvr.pittsfamily.me |
https://10.0.2.50:52443 |
QNAP/NVR |
cloud.pittsfamily.me |
http://10.0.2.10:30125 |
Nextcloud |
dedup.pittsfamily.me |
http://10.0.2.10:8086 |
Immich dedup |
paperless.pittsfamily.me |
http://10.0.2.10:30070 |
Paperless |
paperless-ai.pittsfamily.me |
http://10.0.2.10:30226 |
Paperless AI |
authentik.pittsfamily.me |
http://10.0.2.24:9000 |
Authentik |
sentinel.pittsfamily.me |
http://10.0.2.25:3200 |
Sentinel route |
| Network |
VLAN |
Subnet |
DNS |
| Pitts LAN |
native |
10.0.2.0/24 |
10.0.2.15 |
| Pitts Guest |
20 |
10.0.20.0/24 |
10.0.2.15 |
| Kellerman Cameras |
30 |
10.0.30.0/24 |
UniFi default |
| Pitts IoT |
40 |
10.0.40.0/24 |
10.0.2.15 |
| Pitts Media Stack |
50 |
10.0.50.0/24 |
UniFi default |
| WireGuard |
native |
10.0.100.0/24 |
10.0.2.15 |
¶ Maintenance
ssh proxmox2 'pct exec 101 -- sqlite3 -header -column /opt/npm/data/database.sqlite "select id,domain_names,forward_scheme,forward_host,forward_port,enabled from proxy_host where is_deleted = 0 order by id;"'
ssh proxmox2 'pct list'
¶ Backup and Recovery
This is reference data. The backing systems are NPM SQLite, Proxmox configs, and MCP topics. If the page is stale, re-query live systems rather than copying old tables.
- Restore NPM first so public routes work.
- Restore core services at the same IPs where possible.
- Re-run the NPM SQLite query above.
- Compare every public URL to the service restore plan.
- Update this page and the NPM runbook.
¶ Known Issues and Quirks
| Issue |
Impact |
Action |
proxmox1 live CLI status is currently unreliable |
Some guest data is from MCP/plan, not fresh CLI |
Reverify after proxmox1 SSH repair. |
| Some routes intentionally do not force SSL in NPM |
Cloudflare or app behavior may handle edge cases |
Review before changing. |