Kavi Infrastructure¶

Welcome to the internal documentation for Kavi's server infrastructure.

Internal Only

This documentation is accessible only via internal access. Do not share credentials.

🌐 Quick Access¶

Servers¶

Server	IP	Type	Purpose	Managed By
Bruno	`188.34.198.57`	CPX32 (4vCPU/8GB)	Production	Terraform + Ansible
development-vps	`46.224.125.1`	CX32 (4vCPU/8GB)	Development	Manual
Eva (Kimsufi)	`144.217.76.53`	Dedicated	Media Server	Manual

!!! danger "Decommissioned Servers" - ~~production-vps (116.203.109.220)~~ → Replaced by Bruno - ~~prod-vps-2026 (195.201.98.132)~~ → Failed attempt, delete - ~~CPX42-Kavi-Hetzner (46.224.146.107)~~ → Old Coolify, delete

Services - Bruno (188.34.198.57)¶

Service	URL	Purpose
Infisical	secrets.kua.cl	Secrets management
Kuanary	media.kua.cl	Media CDN API
imgproxy	cdn.kua.cl	Image optimization
Forgejo	git.kua.cl	Self-hosted Git
Obsidian	notes.kua.cl	Note taking
Docs	docs.kua.cl	This documentation

Services - Development VPS (46.224.125.1)¶

Service	Purpose
Open WebUI	AI Chat Interface
Ollama	Local LLM Runtime

Services - Kimsufi (144.217.76.53)¶

Service	URL	Purpose
Plex	plex.kua.cl	Media streaming
Immich	photos.kua.cl	Photo management
Radarr	radarr.kua.cl	Movies
Sonarr	sonarr.kua.cl	TV Shows
Overseerr	overseerr.kua.cl	Requests

📊 Infrastructure Overview¶

┌──────────────────────────────────────────────────────────────────────────┐
│                         KAVI INFRASTRUCTURE                               │
│                    (Terraform + Ansible Managed)                          │
├──────────────────────────────────────────────────────────────────────────┤
│                                                                           │
│  ┌──────────────┐  ┌─────────────────────┐  ┌─────────────────────┐     │
│  │   KIMSUFI    │  │   BRUNO (PROD)      │  │  DEVELOPMENT VPS    │     │
│  │   (Canada)   │  │    (Germany)        │  │    (Germany)        │     │
│  │              │  │  188.34.198.57      │  │   46.224.125.1      │     │
│  │              │  │                     │  │                     │     │
│  │  • Plex      │  │  • Traefik v3.6+    │  │  • Open WebUI       │     │
│  │  • Immich    │  │  • Infisical        │  │  • Ollama           │     │
│  │  • Radarr    │  │  • Kuanary          │  │                     │     │
│  │  • Sonarr    │  │  • imgproxy         │  │                     │     │
│  │  • Overseerr │  │  • Forgejo          │  │                     │     │
│  │  • qBittorr. │  │  • Obsidian         │  │                     │     │
│  │              │  │  • PostgreSQL       │  │                     │     │
│  │              │  │  • Redis            │  │                     │     │
│  └──────┬───────┘  └─────────┬───────────┘  └─────────────────────┘     │
│         │                    │                                           │
│         ▼                    ▼                                           │
│  ┌─────────────┐  ┌──────────────────────┐                              │
│  │ Local Disk  │  │   STORAGE            │                              │
│  │   8TB HDD   │  │                      │                              │
│  │             │  │  • Storage Box (5TB) │                              │
│  └─────────────┘  │  • S3 Object Storage │                              │
│                   └──────────────────────┘                              │
└──────────────────────────────────────────────────────────────────────────┘

🔧 Quick Commands¶

SSH Access¶

# Bruno (Production)
ssh root@188.34.198.57

# Development VPS
ssh root@46.224.125.1

# Kimsufi
ssh root@144.217.76.53

Docker¶

# Check containers on Bruno
ssh root@188.34.198.57 "docker ps --format 'table {{.Names}}\t{{.Status}}'"

# View Traefik logs
ssh root@188.34.198.57 "docker logs --tail 50 traefik"

# Restart a service
ssh root@188.34.198.57 "docker restart <container_name>"

Bootstrap & Onboarding¶

# Create a device bundle
cd ~/coder-core/.bootstrap && ./create-device-bundle.sh

# Serve bundles over Tailscale
cd ~/coder-core/.bootstrap && ./serve-via-tailscale.sh

# Setup a new device (from the new device)
curl http://<TAILSCALE_IP>:8080/device-bootstrap.age | age -d | bash

Deploy Updates¶

cd ~/coder-core/ansible
ansible-playbook playbooks/deploy-services.yml --limit bruno \
  -e "infisical_client_id=YOUR_ID" \
  -e "infisical_client_secret=YOUR_SECRET"

Terraform¶

cd ~/coder-core/terraform/hetzner
./bin/deploy-infra.sh plan   # Preview changes
./bin/deploy-infra.sh apply  # Apply changes
./bin/deploy-infra.sh output # View outputs

⚠️ Critical Version Requirements¶

Component	Minimum Version	Reason
Traefik	v3.6+	Docker 29.x API compatibility
Ubuntu	24.04	LTS with Docker 29.x
Docker	29.x	Ships with Ubuntu 24.04

Traefik Version

Never use Traefik < v3.6 on Ubuntu 24.04. It causes: client version 1.24 is too old. Minimum supported API version is 1.44

📁 Documentation Sections¶

Architecture - Full system diagram
Hetzner VPS - Bruno server details
Services - All production services
Traefik - Reverse proxy setup
S3 & Storage Box - Persistent data storage
Provisioning Protocol - How to provision servers
Bootstrap System - Encrypted bundles for onboarding
Tailscale Onboarding - Setup new devices via Tailscale
Disaster Recovery - Emergency procedures
Troubleshooting - Common issues

Last updated: January 2026 - Bruno is the primary production server