chore: initial public release

2026-04-20 20:49:48 -04:00
commit 6730781dd0
23 changed files with 2124 additions and 0 deletions
@@ -0,0 +1,15 @@
+# Authentication Flow
+
+```mermaid
+sequenceDiagram
+  User->>Caddy: HTTPS request
+  Caddy->>Authentik: Forward auth check
+  Authentik-->>Caddy: 401 if unauthenticated
+  Caddy-->>User: Redirect to auth.lerkolabs.com
+  User->>Authentik: Login (OIDC or forward auth)
+  Authentik-->>User: Session cookie
+  User->>Caddy: HTTPS request + cookie
+  Caddy->>Authentik: Forward auth check
+  Authentik-->>Caddy: 200 OK
+  Caddy->>Service: Proxy request
+```
@@ -0,0 +1,9 @@
+# DNS Resolution Chain
+
+```mermaid
+graph LR
+  D[Device] --> PH[Pi-hole\n10.2.0.11]
+  PH --> UB[pfSense Unbound\n10.x.0.1]
+  UB --> CF[Cloudflare\n1.1.1.1]
+  PH -- "*.lerkolabs.com" --> CADDY[Caddy\n10.2.0.20]
+```
@@ -0,0 +1,15 @@
+# Network Topology
+
+```mermaid
+graph TD
+  ONT[AT&T Fiber ONT] --> BGW[BGW320 IP Passthrough]
+  BGW --> PF[pfSense N100]
+  PF --> SW[Omada Switch]
+  SW --> MGMT[VLAN 1000 MGMT\n10.0.0.0/24]
+  SW --> LAN[VLAN 1010 LAN\n10.1.0.0/24]
+  SW --> HL[VLAN 1020 Homelab\n10.2.0.0/24]
+  SW --> GUEST[VLAN 1030 Guests\n10.3.0.0/24]
+  SW --> IOT[VLAN 1040 IoT\n10.4.0.0/24]
+  SW --> WFH[VLAN 1050 WFH\n10.5.0.0/24]
+  SW --> DMZ[VLAN 1 DMZ\n10.99.0.0/24]
+```