Files

T

jason b4ac3b9968 Scaffold and Phase 0-1

2026-05-09 22:18:00 -05:00

34 KiB

Raw Blame History

SERVICES.md — ALPHA Service Catalog

Primary host: Unraid ALPHA Primary network: br0 (10.2.0.0/24, static IPs) Secondary network: Docker bridge (172.17.0.0/16, port-mapped to host 10.2.0.2) Reverse proxy: Nginx Proxy Manager at 10.2.0.3 (admin UI on :81) Last Updated: 2026-05-09

This is the canonical reference for every service running on the ALPHA Unraid server and the off-host services that integrate with it (Home Assistant, off-site client UISP). Reuse this file across projects (MCP gateways, dashboards, monitoring, automation, documentation) — it is the single source of truth for service identity, purpose, networking, public hostnames, and integration potential.

Each entry includes:

Purpose — what it does and why it exists
Image source — Docker image origin (where applicable)
Network — br0 (static LAN IP) / bridge (Docker NAT) / host / off-host
Address — reachable IP/port for LAN clients
Public hostname(s) — domain(s) bound via Nginx Proxy Manager
Category — functional grouping
Owner — personal, business, commercial, infra, or third-party
MCP Plugin Status — current placement in the Total MCP Gateway plan

Brand Domains

Domain	Brand	Purpose	Used For
`alwisp.com`	Personal	Jason's personal-brand domain	Most services (default)
`mpm.to`	Business / work	Work-only short domain	Work-routed aliases for work services (`cpas.mpm.to`, `wfh.mpm.to`)
`qrknit.com`	Commercial product	QR.knit SaaS public domain	QR.knit app only

Rule of thumb: if a service has both an *.alwisp.com and *.mpm.to hostname, the mpm.to alias is the work-facing entry point. Personal/dual-use services live only under alwisp.com.

Quick Index

Service	Public Hostname	LAN Address	Category	MCP Status
adminer	— (LAN-only)	`10.2.0.2:7070`	DB Admin	Skip
alwisp_db	—	`10.2.0.7`	Database	Indirect
alwisp_web	`alwisp.com`	`10.2.0.8:80`	Personal Site	Candidate
breedr	—	`10.2.0.17`	Custom App (Personal)	Candidate
bx (client UISP)	`bx.alwisp.com`	`71.45.182.201:1443` (off-host)	Network Mgmt (client)	Skip
codedump	—	`10.2.0.34`	Custom App (PM)	Candidate
cpas	`cpas.alwisp.com`, `cpas.mpm.to`	`10.2.0.14:3001`	HR / Compliance	Candidate
DONNA	`donna.alwisp.com`	`10.2.0.28:18789` (stopped)	AI / OpenClaw (friend)	Skip
email-sigs	`sig.alwisp.com`	`10.2.0.10:3000`	HR / IT	Skip (no API)
fabdash	`fabdash.alwisp.com`	`10.2.0.13:8080`	Production	Candidate
Gitea	`git.alwisp.com`, `registry.alwisp.com`	`10.2.0.15:3000`	Source Control + Registry	Phase 1
gitea-mcp	`mcp.alwisp.com`	`10.2.0.16:8081`	MCP / Gitea Bridge	Existing → folded into gateway
Gitea-Runner	—	`172.17.0.7`	CI/CD	Indirect
Home Assistant	`ha.alwisp.com`	`10.2.0.12:8123` (off-host)	Smart Home (controller)	Candidate
totalmcp	(planned)	`10.2.0.35:8811` (planned)	MCP Gateway	THIS PROJECT
inven	—	`10.2.0.25`	Custom MRP (in dev)	Future
invoiceninja-v5	`inv.alwisp.com`	`10.2.0.2:8000` (HTTP), `:8444` (HTTPS)	Finance	Candidate
MariaDB-Official	—	`10.2.0.2:3306`	Database (shared)	Skip
matter-server	—	`10.2.0.2` (host net)	Smart Home (protocol)	Candidate
memer	`meme.alwisp.com`	`10.2.0.30:3000`	Personal / Media	Candidate
mrp (CODEX)	`mrp.alwisp.com`	`10.2.0.19:3000`	MRP / ERP	Phase 3 (`codex-mrp`)
mrp-qrcode	`qrmrp.alwisp.com`	`10.2.0.32:3000`	MRP (specialized)	Future
n8n	`n8n.alwisp.com`	`10.2.0.20:5678` (stopped)	Automation	Skip
NEBULA (Transmission)	`neb.alwisp.com`	`10.2.0.5:9091`	Torrent	Candidate
NGINX (NPM)	`internal.alwisp.com`	`10.2.0.3:81` (admin), `:80`/`:443` (proxy)	Reverse Proxy	Candidate
NOVA (OpenClaw)	`nova.alwisp.com`	`10.2.0.26:18789`	AI / Compute (primary)	Phase 2
nyaa	—	`10.2.0.21`	Torrent Crawler	Candidate
obsidian	—	`10.2.0.2:3000` (HTTP), `:3001` (HTTPS)	Notes / PKM	Phase 6 (deferred)
plex	—	`10.2.0.2` (host net)	Media	Candidate
postgresql16	—	`10.2.0.2:5432`	Database (shared)	Skip
QR.knit	`qrknit.com`, `www.qrknit.com`	`10.2.0.9:5000`	Commercial SaaS	Candidate
rackmapper	—	`10.2.0.23`	Datacenter Mgmt	Phase 3
Redis	—	`10.2.0.2:6379`	Cache (shared)	Skip
stepview	`step.alwisp.com`	`10.2.0.33:3000`	3D Model Viewer	Candidate
syncthing	—	`10.2.0.2:8384` (web), `:21027/UDP`	File Sync	Candidate
ui-tracker	—	`10.2.0.29`	Stock Watcher	Candidate
UISP	`wisp.alwisp.com`	`10.2.0.4:443`	Network Mgmt	Candidate
unifi-access-dashboard	—	`10.2.0.11`	Access Control	Phase 3 (`unifi`)
wfh	`wfh.alwisp.com`, `wfh.mpm.to`	`10.2.0.18:3000`	HR / Remote Work	Candidate
Decommissioned: to.alwisp.com	`to.alwisp.com`	`10.2.0.6:5000` (unused)	—	—
Decommissioned: url.alwisp.com	`url.alwisp.com`	`10.2.0.2:8080` (unused)	—	—

Infrastructure & Networking

NGINX (NPM)

Purpose: Nginx Proxy Manager — reverse proxy, SSL termination, and routing for every public-facing service. NPM admin UI lives at internal.alwisp.com. All *.alwisp.com, *.mpm.to, and *.qrknit.com traffic terminates here.
Image: jc21/nginx-proxy-manager
Network: br0
Address: 10.2.0.3 (proxy on :80 / :443, admin UI on :81)
Public hostname: internal.alwisp.com → 10.2.0.3:81 (admin UI)
Category: Infra / Networking
Owner: infra (third-party)
MCP Plugin Status: Candidate — npm_list_proxy_hosts, npm_create_proxy_host, npm_renew_cert, npm_check_cert_status. Useful for managing routes from agents.

UISP

Purpose: Ubiquiti UISP / UNMS — manages Ubiquiti UISP-line gear (airMAX, EdgeSwitch, EdgeRouter, UFiber). Distinct from UniFi Access. Used for monitoring radio links, switch ports, and ISP-grade gear.
Image: nico640/docker-unms
Network: br0
Address: 10.2.0.4:443
Public hostname: wisp.alwisp.com → https://10.2.0.4:443
Category: Infra / Networking
Owner: infra (third-party)
MCP Plugin Status: Candidate — uisp_list_devices, uisp_get_device_status, uisp_list_sites, uisp_get_link_quality.

bx (offsite client UISP)

Purpose: Off-site UISP instance for a client. Reachable via NPM proxy entry bx.alwisp.com for convenience access. Not running on ALPHA — points to a client's public IP.
Network: off-host (external WAN)
Address: 71.45.182.201:1443 (HTTPS — client's public IP)
Public hostname: bx.alwisp.com → https://71.45.182.201:1443
Category: Infra / Networking (client-facing)
Owner: third-party (client environment, exposed by client to Jason)
MCP Plugin Status: Skip — client-owned, separate trust boundary.

NEBULA (Transmission)

Purpose: Transmission BitTorrent daemon (named "NEBULA" — not the Nebula VPN/mesh product). General-purpose torrent client; pairs with nyaa for niche-source automation.
Image: lscr.io/linuxserver/transmission
Network: br0
Address: 10.2.0.5:9091 (Transmission RPC / web UI)
Public hostname: neb.alwisp.com → http://10.2.0.5:9091
Category: Infra / Media Acquisition
Owner: personal (third-party image)
MCP Plugin Status: Candidate — transmission_add_torrent, transmission_list_torrents, transmission_pause, transmission_remove, transmission_get_stats. Pairs with nyaa.

syncthing

Purpose: Peer-to-peer encrypted file sync across devices/servers. Used for keeping appdata, project files, and personal directories in sync without cloud dependencies.
Image: lscr.io/linuxserver/syncthing
Network: bridge
Address: 10.2.0.2:8384 (web UI), 10.2.0.2:21027/UDP (discovery)
Public hostname: — (LAN-only)
Category: Infra / File Sync
Owner: infra (third-party)
MCP Plugin Status: Candidate — syncthing_list_folders, syncthing_folder_status, syncthing_list_devices, syncthing_pause_folder, syncthing_rescan.

Source Control & CI/CD

Gitea

Purpose: Self-hosted Git server. Primary source-control hub for all custom applications. Also hosts the Gitea Container Registry at the same host/port (proxied separately as registry.alwisp.com for clarity).
Image: gitea/gitea
Network: br0
Address: 10.2.0.15:3000
Public hostnames:
- git.alwisp.com → http://10.2.0.15:3000 (Git web UI + API)
- registry.alwisp.com → http://10.2.0.15:3000 (Gitea container registry — same backend)
Category: Source Control + Container Registry
Owner: infra (third-party)
MCP Plugin Status: Phase 1 — gitea_list_repos, gitea_get_file, gitea_commit_file, gitea_list_issues, gitea_create_issue, plus future registry tools (registry_list_images, registry_get_image_tags).

gitea-mcp

Purpose: Existing standalone MCP bridge for Gitea (current production MCP endpoint). Reachable at mcp.alwisp.com. Will be superseded by the Total MCP Gateway's gitea plugin once Phase 1 lands.
Image: docker.gitea.com/.../mcp-server
Network: br0
Address: 10.2.0.16:8081
Public hostname: mcp.alwisp.com → http://10.2.0.16:8081
Category: MCP / Source Control bridge
Owner: infra (third-party)
MCP Plugin Status: Existing MCP server — to be replaced by gateway's gitea plugin. The replacement (totalmcp) lives on its own static IP 10.2.0.35:8811, so this container can keep running undisturbed during the transition.

totalmcp

Purpose: THIS PROJECT. Unified MCP gateway exposing every backend service on ALPHA (and off-host integrations like Home Assistant) as a single MCP endpoint for Claude Code, Codex, and Antigravity. Hot-reloadable plugin architecture; one stable URL per agent.
Image: git.alwisp.com/jason/totalmcp:latest (built via Gitea Actions)
Network: br0
Address: 10.2.0.35:8811 (next available static IP, iterated above codedump @ .34)
Public hostname: (planned — likely mcp.alwisp.com once gitea-mcp is decommissioned, or a new gw.alwisp.com / agents.alwisp.com)
Category: MCP Gateway / Agent Control Plane
Owner: personal (custom build — see PLAN.md)
MCP Plugin Status: THIS PROJECT. Phase roadmap in PLAN.md covers: Phase 1 (gitea, unraid), Phase 2 (docker, openclaw→NOVA), Phase 3 (unifi, codex-mrp, streamvault, rackmapper), Phase 6 (chronicle, obsidian — deferred), Phase 7 (npm, uisp, transmission, syncthing, plex, nyaa), Phase 8 (home-assistant), Phase 9 (invoiceninja, fabdash, cpas, wfh), Phase 10 (breedr, codedump, ui-tracker, stepview, qrknit, memer, alwisp-web).

Gitea-Runner

Purpose: Gitea Actions runner (CI/CD executor). Builds Docker images for custom apps and pushes them to git.alwisp.com registry on every commit.
Image: gitea/act_runner
Network: bridge
Address: 172.17.0.7 (no host port mapping)
Public hostname: —
Category: CI/CD
Owner: infra (third-party)
MCP Plugin Status: Indirect — managed via Gitea API.

AI & Compute

NOVA (OpenClaw)

Purpose: Jason's primary OpenClaw inference instance. Local LLM runtime (Ollama-style, custom-branded). The OpenClaw-named container in the Unraid Docker tab serves this nova.alwisp.com proxy entry. Provides chat completion endpoint for local model use without sending data to external APIs.
Image: ghcr.io/opencla.../enclaw
Network: br0
Address: 10.2.0.26:18789
Public hostname: nova.alwisp.com → http://10.2.0.26:18789
Category: AI / Compute
Owner: personal (custom build)
MCP Plugin Status: Phase 2 (openclaw plugin) — endpoint URL: http://10.2.0.26:18789. Tools: openclaw_chat, openclaw_list_models, openclaw_get_model_info.

DONNA (OpenClaw — friend's instance)

Purpose: Second OpenClaw instance set up for a friend, who never uses it. Currently stopped. Same image as NOVA, separate container at a different IP.
Image: ghcr.io/opencla.../enclaw
Network: br0
Address: 10.2.0.28:18789 (container currently stopped)
Public hostname: donna.alwisp.com → http://10.2.0.28:18789
Status: Stopped (unused)
Category: AI / Compute (shared with another user)
Owner: personal (hosted for a friend)
MCP Plugin Status: Skip — unused; not worth a plugin slot. If reactivated, reuse the OpenClaw plugin with a different endpoint URL.

Smart Home (off-host)

Home Assistant

Purpose: Home Assistant — the central smart-home controller. Hosted on its own dedicated machine (not on ALPHA). Talks to matter-server (on ALPHA) for Matter-protocol devices, plus Zigbee, Z-Wave, and other integrations directly from the HA host.
Image: N/A (lives on a separate physical/VM host)
Network: off-host (LAN)
Address: 10.2.0.12:8123 (HTTPS)
Public hostname: ha.alwisp.com → https://10.2.0.12:8123
Category: Smart Home (controller)
Owner: personal (third-party software, separate host)
MCP Plugin Status: Candidate — ha_list_entities, ha_get_state, ha_call_service, ha_list_automations, ha_trigger_automation, ha_get_history. Auth: long-lived access token from HA. Note: this is the higher-leverage smart-home plugin — matter-server is just the protocol bridge underneath HA.

matter-server

Purpose: Matter protocol server. Bridges Matter-compliant smart-home devices to a controller (Home Assistant above). Enables device commissioning and inter-vendor smart-home interoperability.
Image: ghcr.io/home-assistant-libs/python-matter-server (likely)
Network: host
Address: 10.2.0.2 (host networking — required for Matter mDNS)
Public hostname: —
Category: Smart Home / IoT (protocol bridge)
Owner: personal (third-party)
MCP Plugin Status: Candidate (lower priority than HA plugin) — direct Matter access. In practice, prefer ha.* tools because Home Assistant abstracts Matter + Zigbee + Z-Wave behind one API.

Custom Business Apps

cpas

Purpose: Conduct Points & Action System — work HR app for tracking employee handbook violations on a points system. Records infractions, assigns point values, tracks running totals per employee, triggers escalation thresholds.
Image: library/cpas (custom)
Network: br0
Address: 10.2.0.14:3001
Public hostnames:
- cpas.alwisp.com (personal-brand alias)
- cpas.mpm.to (work-brand canonical)
Category: HR / Compliance
Owner: business (custom build)
MCP Plugin Status: Candidate — cpas_list_violations, cpas_get_employee_score, cpas_log_violation, cpas_list_at_risk_employees.

fabdash

Purpose: Fabrication calendar/dashboard for the production metal shop. Tracks shop schedule, work orders in flight, machine assignments, operator capacity.
Image: library/fabdash (custom)
Network: br0
Address: 10.2.0.13:8080
Public hostname: fabdash.alwisp.com → http://10.2.0.13:8080
Category: Production / Operations
Owner: business (custom build)
MCP Plugin Status: Candidate — fabdash_get_today_schedule, fabdash_list_active_jobs, fabdash_machine_status, fabdash_create_job.

mrp (CODEX)

Purpose: Original custom MRP/ERP system (image mrp-codex). Hybrid manufacturing-resource-planning + enterprise-resource-planning. Manages work orders, BOMs, inventory, purchasing.
Image: library/mrp-codex (custom)
Network: br0
Address: 10.2.0.19:3000
Public hostname: mrp.alwisp.com → http://10.2.0.19:3000
Category: ERP / MRP
Owner: business (custom build)
MCP Plugin Status: Phase 3 (codex-mrp) — work orders, BOMs, inventory, purchasing.

mrp-qrcode

Purpose: Second-generation MRP, specialized in pure manufacturing resource planning (no ERP overlap). QR-code-driven workflow — operators scan parts/locations to advance work orders. Independent of the original CODEX MRP.
Image: registry.alwisp.com/.../mrp-qrcode (custom)
Network: br0
Address: 10.2.0.32:3000
Public hostname: qrmrp.alwisp.com → http://10.2.0.32:3000
Category: MRP (specialized)
Owner: business (custom build)
MCP Plugin Status: Future — separate plugin once stable. Distinct from codex-mrp.

inven

Purpose: Third custom MRP, in active development. Different design philosophy from mrp (CODEX) and mrp-qrcode. Not yet production.
Image: library/inven (custom)
Network: br0
Address: 10.2.0.25 (port not yet exposed via NPM)
Public hostname: —
Category: MRP (in development)
Owner: business (custom build)
MCP Plugin Status: Future — wait until design stabilizes.

rackmapper

Purpose: Server rack and datacenter inventory mapper. Tracks rack layouts, U-position of devices, cable runs, links physical hardware to logical services.
Image: library/rackmapper (custom)
Network: br0
Address: 10.2.0.23 (no public proxy)
Public hostname: —
Category: Infra Documentation
Owner: business (custom build)
MCP Plugin Status: Phase 3 — rackmapper_list_racks, rackmapper_get_rack, rackmapper_list_devices, rackmapper_map_service.

wfh

Purpose: Work-From-Home task tracker and form-submission portal. Lets remote employees log daily tasks, submit timesheets, file required forms.
Image: library/wfh (custom)
Network: br0
Address: 10.2.0.18:3000
Public hostnames:
- wfh.alwisp.com (personal-brand alias)
- wfh.mpm.to (work-brand canonical)
Category: HR / Remote Work
Owner: business (custom build)
MCP Plugin Status: Candidate — wfh_list_tasks, wfh_get_employee_log, wfh_submit_form, wfh_list_pending_submissions.

email-sigs

Purpose: Company-wide email signature generator. Renders consistent, branded signatures from a central template. Used by all employees.
Image: library/email-sigs (custom)
Network: br0
Address: 10.2.0.10:3000
Public hostname: sig.alwisp.com → http://10.2.0.10:3000
Category: HR / IT
Owner: business (custom build)
MCP Plugin Status: Skip — no API exists currently. Reconsider if API added.

codedump

Purpose: Personal project tracker — quick-view dashboard for ongoing projects, completion percentages, rough status. Lightweight self-reporting alternative to a full PM tool.
Image: registry.alwisp.com/.../codedump (custom)
Network: br0
Address: 10.2.0.34 (no public proxy currently)
Public hostname: —
Category: Project Management (personal)
Owner: personal (custom build)
MCP Plugin Status: Candidate — codedump_list_projects, codedump_get_project, codedump_update_completion, codedump_add_project.

ui-tracker

Purpose: UniFi store stock tracker. Watches Ubiquiti's online store for out-of-stock items and sends a Telegram message when an item comes back in stock.
Image: library/ui-tracker (custom)
Network: br0
Address: 10.2.0.29 (no public proxy)
Public hostname: —
Category: Monitoring / Notification
Owner: personal (custom build)
MCP Plugin Status: Candidate — uitracker_list_watched, uitracker_add_watch, uitracker_remove_watch, uitracker_get_alert_history.

Personal Apps

alwisp_web

Purpose: Public HTML server for the alwisp personal-brand website. The root of alwisp.com.
Image: library/alwisp_web (custom)
Network: br0
Address: 10.2.0.8:80
Public hostname: alwisp.com → http://10.2.0.8:80
Category: Personal Site
Owner: personal (custom build)
MCP Plugin Status: Candidate (low priority) — alwisp_publish_page, alwisp_update_page, alwisp_list_pages.

alwisp_db

Purpose: Dedicated MySQL database for alwisp_web. Holds CMS / dynamic content for the personal-brand site.
Image: library/mysql
Network: br0
Address: 10.2.0.7 (port 3306 internal)
Public hostname: —
Category: Database (service-owned)
Owner: personal (third-party image, custom data)
MCP Plugin Status: Indirect — accessed only via alwisp_web.

breedr

Purpose: Golden Retriever breeding/whelping calendar and genealogy app for Jason's kennel. Tracks breeding pairs, due dates, whelping logs, litter records, multi-generational pedigree.
Image: library/breedr (custom)
Network: br0
Address: 10.2.0.17 (no public proxy)
Public hostname: —
Category: Personal / Hobby
Owner: personal (custom build)
MCP Plugin Status: Candidate — breedr_list_dogs, breedr_get_pedigree, breedr_list_upcoming_litters, breedr_log_whelp_event.

memer

Purpose: Personal meme sharing and organizing app. Tag-based library, upload UI, shareable links.
Image: git.alwisp.com/.../memer (custom)
Network: br0
Address: 10.2.0.30:3000
Public hostname: meme.alwisp.com → http://10.2.0.30:3000
Category: Personal / Media
Owner: personal (custom build)
MCP Plugin Status: Candidate (low priority) — memer_search, memer_upload, memer_get_random, memer_list_tags.

Commercial / SaaS

QR.knit

Purpose: Commercial short-link and QR code generation app. Multi-tenant SaaS — generates branded QR codes and shortlinks. Public product, sold/licensed externally. Owns its own brand domain (qrknit.com).
Image: library/qrknit (custom)
Network: br0
Address: 10.2.0.9:5000
Public hostnames:
- qrknit.com → http://10.2.0.9:5000
- www.qrknit.com → http://10.2.0.9:5000
Category: Commercial SaaS
Owner: commercial (custom build)
MCP Plugin Status: Candidate — qrknit_create_link, qrknit_get_analytics, qrknit_list_links, qrknit_generate_qr.

Productivity / PKM

obsidian

Purpose: Obsidian vault hosted via the LinuxServer.io Obsidian image (web-accessible vault). Personal/business knowledge management.
Image: lscr.io/linuxserver/obsidian
Network: bridge
Address: 10.2.0.2:3000 (web UI), 10.2.0.2:3001 (HTTPS)
Public hostname: —
Category: Notes / PKM
Owner: personal (third-party)
MCP Plugin Status: Phase 6 (deferred) — requires Obsidian Local REST API plugin first. Tools: obsidian_note_create/read/update/append/search, obsidian_list_vault.

Media & Entertainment

plex

Purpose: Plex Media Server — movies, TV, music streaming to clients across the home and remote.
Image: lscr.io/linuxserver/plex
Network: host
Address: 10.2.0.2 (host networking — Plex default ports 32400, 32469, etc.)
Public hostname: — (Plex handles its own remote access via plex.tv tunnel)
Category: Media / Entertainment
Owner: personal (third-party)
MCP Plugin Status: Candidate — plex_search_library, plex_recently_added, plex_now_playing, plex_server_status, plex_list_libraries.

nyaa

Purpose: Custom nyaa.si torrent crawler and auto-downloader. Watches nyaa.si for matching titles, queues them into the torrent client when matches appear.
Image: library/nyaa (custom)
Network: br0
Address: 10.2.0.21 (no public proxy)
Public hostname: —
Category: Media Acquisition (automation)
Owner: personal (custom build)
MCP Plugin Status: Candidate — nyaa_list_watches, nyaa_add_watch, nyaa_get_recent_matches, nyaa_force_check. Pairs with NEBULA.

Access Control

unifi-access-dashboard

Purpose: UniFi Access dashboard — door entry, badge/credential management, access events. Distinct from UISP (which manages UISP-line ISP gear).
Image: library/unifi-access-dashboard (custom or thin wrapper)
Network: br0
Address: 10.2.0.11
Public hostname: —
Category: Physical Security / Access Control
Owner: business (custom or wrapped)
MCP Plugin Status: Phase 3 (unifi) — unifi_list_access_events, unifi_list_users, unifi_get_door_status, unifi_list_sites.

Finance

invoiceninja-v5

Purpose: Invoice Ninja v5 — open-source invoicing, billing, expense tracking, client management.
Image: maihai/invoiceninja_v5
Network: bridge
Address: 10.2.0.2:8000 (HTTP), 10.2.0.2:8444 (HTTPS)
Public hostname: inv.alwisp.com → http://10.2.0.2:8000
Category: Finance / Billing
Owner: business (third-party)
MCP Plugin Status: Candidate — invoiceninja_list_invoices, invoiceninja_create_invoice, invoiceninja_list_clients, invoiceninja_get_payment_status, invoiceninja_send_invoice.

3D / CAD

stepview

Purpose: Custom STEP/STP (.stp/.step) 3D model viewer. Lets clients view CAD models in a browser without being able to download the source files. Used for client preview while protecting IP.
Image: registry.alwisp.com/.../stepview (custom)
Network: br0
Address: 10.2.0.33:3000
Public hostname: step.alwisp.com → http://10.2.0.33:3000
Category: Engineering / Client Preview
Owner: business (custom build)
MCP Plugin Status: Candidate — stepview_list_models, stepview_upload_model, stepview_create_share_link, stepview_revoke_share.

Automation

n8n

Purpose: n8n workflow automation engine. Currently stopped, barely used.
Image: n8nio/n8n
Network: br0
Address: 10.2.0.20:5678 (container currently stopped)
Public hostname: n8n.alwisp.com → http://10.2.0.20:5678
Status: Stopped (barely used)
Category: Automation
Owner: infra (third-party)
MCP Plugin Status: Skip — barely used per user. Skip unless usage picks up.

Databases (Shared)

Rule: These databases are accessed directly by the services that own them. The MCP gateway does not expose direct DB plugins — services should expose their own domain-specific tools instead.

MariaDB-Official

Purpose: Shared MariaDB instance for general-purpose use by multiple services.
Image: library/mariadb
Network: bridge
Address: 10.2.0.2:3306
Public hostname: —
Category: Database (shared)
Owner: infra (third-party)
MCP Plugin Status: Skip.

postgresql16

Purpose: Shared PostgreSQL 16 instance.
Image: library/postgres
Network: bridge
Address: 10.2.0.2:5432
Public hostname: —
Category: Database (shared)
Owner: infra (third-party)
MCP Plugin Status: Skip.

Redis

Purpose: Shared Redis cache / pub-sub.
Image: library/redis
Network: bridge
Address: 10.2.0.2:6379
Public hostname: —
Category: Database / Cache (shared)
Owner: infra (third-party)
MCP Plugin Status: Skip.

adminer

Purpose: Web UI for browsing/editing the shared databases (MariaDB, PostgreSQL, MySQL alwisp_db).
Image: library/adminer
Network: bridge
Address: 10.2.0.2:7070
Public hostname: —
Category: DB Admin Tool
Owner: infra (third-party)
MCP Plugin Status: Skip — UI-only, not API-driven.

Decommissioned / Unused

NPM still has live proxy entries for these, but the underlying services are abandoned, replaced, or never reactivated. Do not target these in MCP plugins. Candidates for cleanup.

`to.alwisp.com` → `http://10.2.0.6:5000`

Purpose (historical): Earlier custom URL shortener (Jason's first attempt). Replaced by QR.knit's link-shortening features.
Status: Unused — superseded by QR.knit. Container at 10.2.0.6:5000 no longer relied on.
Recommendation: Remove proxy entry and decommission container at next cleanup.

`url.alwisp.com` → `https://10.2.0.2:8080`

Purpose (historical): Earlier short-link / URL service.
Status: Unused.
Recommendation: Remove proxy entry; investigate what (if anything) is still listening on 10.2.0.2:8080 before reusing the port.

n8n (covered above)

See n8n — container stopped, barely used.

DONNA (covered above)

See DONNA — second OpenClaw instance for a friend, never used, container stopped.

Networking Conventions

`br0` static-IP services (`10.2.0.0/24`)

Services on br0 get their own LAN IP and are reachable directly from any device on the network. Used for: anything that needs to expose multiple ports cleanly, or where a stable LAN-routable address simplifies inter-service communication.

`bridge` (Docker NAT) services

Services on the default Docker bridge network sit behind the host (10.2.0.2) with port mappings. Used for: third-party images that don't fight with port conflicts and don't need their own LAN identity.

`host` networking

Used only when a service requires direct host networking (mDNS, broadcast, multicast, or wide port ranges) — currently plex and matter-server.

Off-host services

Reachable on the LAN but not running on ALPHA: Home Assistant (10.2.0.12) and the client UISP behind bx.alwisp.com. The MCP gateway can target these the same way it targets ALPHA services — it's just an outbound HTTP call.

Reverse Proxy Map (NPM)

Reference of every NPM proxy host → backend, grouped by domain. Source: NPM admin at internal.alwisp.com.

`*.alwisp.com` (personal brand)

Hostname	→ Backend	Service
`alwisp.com`	`http://10.2.0.8:80`	alwisp_web
`cpas.alwisp.com`	`http://10.2.0.14:3001`	cpas
`donna.alwisp.com`	`http://10.2.0.28:18789`	DONNA (stopped)
`fabdash.alwisp.com`	`http://10.2.0.13:8080`	fabdash
`git.alwisp.com`	`http://10.2.0.15:3000`	Gitea
`ha.alwisp.com`	`https://10.2.0.12:8123`	Home Assistant (off-host)
`internal.alwisp.com`	`http://10.2.0.3:81`	NPM admin UI
`inv.alwisp.com`	`http://10.2.0.2:8000`	invoiceninja-v5
`mcp.alwisp.com`	`http://10.2.0.16:8081`	gitea-mcp
`meme.alwisp.com`	`http://10.2.0.30:3000`	memer
`mrp.alwisp.com`	`http://10.2.0.19:3000`	mrp (CODEX)
`n8n.alwisp.com`	`http://10.2.0.20:5678`	n8n (stopped)
`neb.alwisp.com`	`http://10.2.0.5:9091`	NEBULA (Transmission)
`nova.alwisp.com`	`http://10.2.0.26:18789`	NOVA (OpenClaw)
`qrmrp.alwisp.com`	`http://10.2.0.32:3000`	mrp-qrcode
`registry.alwisp.com`	`http://10.2.0.15:3000`	Gitea container registry
`sig.alwisp.com`	`http://10.2.0.10:3000`	email-sigs
`step.alwisp.com`	`http://10.2.0.33:3000`	stepview
`to.alwisp.com`	`http://10.2.0.6:5000`	(decommissioned)
`url.alwisp.com`	`https://10.2.0.2:8080`	(decommissioned)
`wfh.alwisp.com`	`http://10.2.0.18:3000`	wfh
`wisp.alwisp.com`	`https://10.2.0.4:443`	UISP
`bx.alwisp.com`	`https://71.45.182.201:1443`	Client UISP (off-host)

`*.mpm.to` (work brand)

Hostname	→ Backend	Service
`cpas.mpm.to`	`http://10.2.0.14:3001`	cpas (work alias)
`wfh.mpm.to`	`http://10.2.0.18:3000`	wfh (work alias)

`qrknit.com` (commercial product)

Hostname	→ Backend	Service
`qrknit.com`	`http://10.2.0.9:5000`	QR.knit
`www.qrknit.com`	`http://10.2.0.9:5000`	QR.knit

Categorization Summary

Category	Services
Infra / Networking	NGINX (NPM), UISP, NEBULA (Transmission), syncthing, bx (client UISP, off-host)
Source / CI	Gitea, gitea-mcp, Gitea-Runner
MCP Gateway	totalmcp (this project — planned, 10.2.0.35:8811)
AI / Compute	NOVA (OpenClaw, primary), DONNA (OpenClaw, friend's, stopped)
HR / Compliance	cpas, wfh, email-sigs
Production / MRP	mrp (CODEX), mrp-qrcode, inven, fabdash
Datacenter / Infra Mgmt	rackmapper, ui-tracker
Personal Apps	alwisp_web, alwisp_db, breedr, codedump, memer
Commercial SaaS	QR.knit
Productivity / PKM	obsidian
Media	plex, nyaa, NEBULA
Smart Home	Home Assistant (off-host), matter-server
Physical Security	unifi-access-dashboard
Finance	invoiceninja-v5
Engineering / Client Preview	stepview
Automation	n8n (stopped)
Databases (shared)	MariaDB, postgresql16, Redis, adminer
Decommissioned	to.alwisp.com, url.alwisp.com

Owner Legend

personal — Jason's personal projects, hobbies, or self-hosted utilities (typically under alwisp.com)
business — Custom apps for the metal-fab business / company operations (work-routed under mpm.to)
commercial — Apps sold or licensed to external customers (under their own brand domain, e.g., qrknit.com)
infra — Infrastructure plumbing (proxies, runners, AI runtime)
third-party — Off-the-shelf images run as-is

Reuse Notes

This document is intentionally project-agnostic. To reuse it in a different project:

Drop this file into the new project's repo (root or docs/).
Trim sections that aren't relevant to that project's scope.
Update the MCP Plugin Status column if the new project has a different integration plan.
Keep the Purpose, Image, Network, Address, Public hostname(s), and Owner fields stable — they describe the service itself, not the consumer's intent.
The Reverse Proxy Map section is the fastest way to get oriented — it's a one-page view of every public route and what it points at.

34 KiB Raw Blame History