Phase Space
← RETURN_TO_CORE

DATE: 0001-01-01
ACCESS: PUBLIC

The Phase Space: A Complete Homelab Tech Stack Inventory

As of February 2026. This is a raw inventory draft for phasespace.co — edit for public consumption.

TL;DR

Three-node Proxmox cluster, two NVIDIA Blackwell GPUs (RTX 5090 + RTX 5060), 156GB total RAM, 28TB NAS, 40+ LXC containers and VMs, four specialized AI agents running on-premises 24/7. This is what it actually takes to run AI infrastructure at home.

Proxmox Cluster Overview

Cluster name: grue-cluster
PVE version: 9.1.2, kernel 6.17.4-1-pve
Nodes: 3 (all online, uptime ~4.8 days at time of writing)

pve-dev — 10.2.1.10

SpecValue
Form factorMinisforum MS-A2
CPUAMD Ryzen 9 7945HX (16C/32T, 2.5–5.4 GHz)
RAM64 GB DDR5
GPUNVIDIA GeForce RTX 5090 (GB202, 32GB VRAM)
Boot storageNVMe (system)
VM storage100GB NVMe thin-provisioned
RolePrimary AI compute — Ollama inference, OpenClaw multi-agent, MCP servers, code environment
RAM used~43 GB / 64 GB

Services on pve-dev: Ollama GPU (VM 690), MCP Quantum Context (VM 680), Clawdbot/Phase Space (VM 620), Home Assistant (VM 300), Gitea (LXC 600), Open WebUI (LXC 611), code-quantum VSCode (LXC 630), data-quantum SQL (LXC 640), v8 MCP Server (LXC 670)

pve-utility — 10.2.1.15

SpecValue
Form factorMinisforum NAB9
CPUIntel Core i9-12900H (14C/20T, 2.5–5.0 GHz)
RAM64 GB DDR5
GPUNVIDIA GeForce RTX 5060 (GB206, 8GB VRAM)
Boot storageNVMe (64GB system)
VM storage921 GB NVMe thin-provisioned (128 GB used, 14%)
NAS mounts8× NFS mounts from Synology NAS (28TB pool, 25% used)
RoleInfrastructure hub — reverse proxy, DNS, monitoring, productivity, AI transcription
RAM used~22 GB / 64 GB

Services on pve-utility: Transcriptor/Ollama-utility GPU (VM 610), Caddy reverse proxy (LXC 115), Cloudflare tunnel (LXC 120), Tailscale VPN router (LXC 125), Ansible control node (LXC 130), Technitium DNS secondary (LXC 151), Prometheus (LXC 400), InfluxDB (LXC 401), Grafana (LXC 405), Uptime Kuma (LXC 406), Beszel Hub (LXC 407), ntfy (LXC 408), UniFi Poller (LXC 410), Homer Dashboard (LXC 420), CopyParty file server (LXC 530), CouchDB/Obsidian LiveSync (LXC 535), Nextcloud (LXC 540), n8n (LXC 660), Karakeep (LXC 520)

pve-media — 10.2.1.20

SpecValue
Form factorBeelink EQ14
CPUIntel Core i3-1220P (10C/12T)
RAM32 GB DDR4
GPUNone
Boot storageSSD (34 GB system)
PBS storage458 GB NVMe dedicated backup datastore
NAS mounts3× NFS mounts
RoleMedia stack + Proxmox Backup Server
RAM used~5.4 GB / 32 GB

Services on pve-media: Technitium DNS primary (LXC 150), MeTube YouTube downloader (LXC 220), Sonarr (LXC 221), Radarr (LXC 222), Jellyfin (LXC 223), Prowlarr (LXC 224), qBittorrent+VPN (LXC 225), Lidarr (LXC 226), FileBot (LXC 227), Music-Tools (LXC 228), Jellyseerr (LXC 229), Readarr (LXC 230)

Network Topology

Physical Network

  • Switch: UniFi USW Aggregation
  • Router/Firewall: UniFi Dream Machine SE (UDM SE)
  • APs: UniFi U7 Pro (Wi-Fi 7)
  • 10GbE: Dedicated VLAN 60 (StorageVLAN10gb, 10.10.20.0/24) connecting pve-utility ↔ Synology NAS at 10 Gbps for NFS/backup traffic
  • Monitoring: UniFi Poller → Prometheus → Grafana (LXC 410/400/405)

VLANs

VLANNameSubnetPurpose
1Unifi Infrastructure10.2.0.0/24UniFi network hardware only
10Management Services10.2.10.0/24LXC/VM management plane
21Trusted10.2.1.0/24Primary services + hosts
210IoT10.2.30.0/24Home Assistant, Zigbee, smart devices
2Surveillance10.2.20.0/24Security cameras (internet-isolated)
3Silo10.2.40.0/24Airgapped experimentation, malware analysis
60StorageVLAN10gb10.10.20.0/2410GbE Proxmox ↔ NAS storage fabric
1610Guest192.168.10.0/24Isolated guest WiFi

IP strategy (VLAN 21): Ranges 1–230 reserved for static allocation (infrastructure, services, media), DHCP pool intentionally tiny (10.2.1.231–254, 24 IPs) — all servers have static IPs.

Tailscale Mesh

Every device with internal access runs a Tailscale client. Key nodes:

  • Tailscale subnet router: LXC 125 (10.2.1.125) → advertises 10.2.1.0/24 and 10.2.10.0/24
  • Redundant router: Synology NAS (Athena)
  • pauls-mbp: 100.111.17.71 (M3 Max 16-core/64GB)
  • calarts-mbp: 100.98.171.89 (M3 Max 14-core/36GB)
  • Clawdbot VM: 100.108.11.29

Remote access to any 10.2.x.x service works via Tailscale regardless of location, without a VPN app on the device — just the Tailscale subnet route.

DNS

Technitium DNS in active-failover cluster:

  • Primary: LXC 150 on pve-media (10.2.1.150)
  • Failover: LXC 151 on pve-utility (10.2.1.151)
  • Features: ad-blocking, local domain resolution (.lab, .iot), DNS-over-HTTPS, conditional forwarding

External Access Architecture

InterneCCCCBtlllaaooodcuuudkdddyefffn.lllrdgaaaerrrrvsueeeeeerr.EATsvadcueiigcnceenpe(sersC(slolDx(oD((y1uoGe0dSon(.f,ocL2lgrX.aClyC1rDep.eNt1x)Oe1)DAd5Nu,,St)hLpXoMCrFtA12800))wildcard.grue.aiprotection)

Exposed services: code.grue.ai, grafana.grue.ai, gitea.grue.ai, ha.grue.ai, nextcloud.grue.ai.
All *.grue.ai subdomains require Google OAuth by default. Adding a new external service takes about 3 minutes (one Caddyfile line + one DNS record).

GPU Compute

RTX 5090 — pve-dev (10.2.1.10)

DetailValue
GPUNVIDIA GeForce RTX 5090 (GB202, Blackwell)
VRAM32 GB
CUDA13.0
Drivernvidia-driver-580-open
PCIe passthroughVM 690 (Ollama GPU)
Performance~417 tok/s (llama3.2:3b), ~242 tok/s (llama3.1:8b)

Workloads:

  • Primary Ollama inference — 29 models on NFS, 140GB total
  • MCP Quantum Context — semantic search, embedding generation (nomic-embed-text, 768-dim), RAG
  • Fallback embedding target for MCP when RTX 5060 is saturated

Models on RTX 5090 (Ollama, 10.2.1.69):

  • llama3.3:70b-instruct-q2_K (26 GB) — general reasoning, instruction following
  • llama3.1:70b-instruct-q4_K_M (42 GB) — high quality 70B
  • deepseek-r1:70b (42 GB) — chain-of-thought reasoning
  • deepseek-r1:14b (9 GB) — fast reasoning
  • gemma2:27b-instruct-q8_0 (28 GB) — Google’s 27B
  • gemma2:27b (15 GB)
  • qwen2.5:32b-instruct (19 GB) — default OpenClaw fallback model
  • llama3.1:8b, llama3.2:3b, llama3.2:1b, llama3.2-vision:11b
  • mistral-large:latest (73 GB — requires full VRAM, loaded on demand)
  • deepseek-coder:6.7b, codellama:7b, codellama:13b, codegemma:7b-instruct
  • nomic-embed-text (274 MB) — embeddings for mem0/Qdrant
  • phi3:mini, phi3:medium, hermes3:latest, marco-o1:7b, mistral:7b, and others

RTX 5060 — pve-utility (10.2.1.15)

DetailValue
GPUNVIDIA GeForce RTX 5060 (GB206, Blackwell)
VRAM8 GB
CUDA13.0
Drivernvidia-driver-580-open
PCIe passthroughVM 610 (Transcriptor/Ollama-utility)

Workloads:

  • Whisper transcription — GPU-accelerated video/audio transcription via OpenAI Whisper (Docker). 3AM daily batch processing against NAS media library.
  • Ollama-utility — lightweight local inference (llama3.2:3b, nomic-embed-text). Primary embedding source for MCP Quantum Context.
  • Ollama HA — MCP uses this as primary (low latency, 10.2.1.61:11434), RTX 5090 as fallback (10.2.1.69:11434)

Services Inventory

Full container/VM list. All on VLAN 21 (10.2.1.0/24) unless noted.

Infrastructure & Management

IDServiceIPPortNodeNotes
115Caddy10.2.1.11580pve-utilityReverse proxy. Routes all *.grue.ai by Host header. ~30MB RAM.
120Cloudflared10.2.1.120pve-utilityCentral Cloudflare tunnel for all external services
125Tailscale VPN10.2.1.125pve-utilitySubnet router. Alpine Linux, ~17MB RAM.
130Ansible10.2.1.130pve-utilityAutomation control node. Manages all 3 Proxmox hosts, 30+ LXCs, 6 VMs. Automated OS updates on cron.
150Technitium DNS (primary)10.2.1.1505380pve-mediaAd-blocking DNS + local resolution
151Technitium DNS (secondary)10.2.1.1515380pve-utilityDNS failover

Monitoring & Observability

IDServiceIPPortNotes
400Prometheus10.2.1.409090Primary metrics collection
401InfluxDB10.2.1.418086Time-series database
405Grafana10.2.1.983000Dashboards for cluster, network, services
406Uptime Kuma10.2.1.147300138 monitors. Alerts via ntfy.
407Beszel Hub10.2.1.578090Agent-based server metrics (alternative to Prometheus node exporter)
408ntfy10.2.1.5880Push notification server. Self-hosted. All Uptime Kuma alerts route here.
410UniFi Poller10.2.1.449130Pulls UniFi switch/AP metrics into Prometheus
420Homer Dashboard10.2.1.453000Unified service landing page
490Network Testing10.2.1.495201Alpine LXC with iPerf3, speedtest-cli, mtr, nmap, DNS tools

Productivity & Web Apps

IDServiceIPPortNotes
520Karakeep10.2.1.523000AI-powered bookmark manager. v0.30.0. Built from source. Chromium + Meilisearch + yt-dlp (50MB video cap). Assets on NAS.
530CopyParty10.2.1.1533924File server. NAS-backed. Tailscale Serve: https://copyparty.ide-grue.ts.net
535CouchDB/Obsidian10.2.1.535984Obsidian LiveSync sync server. CouchDB 3.5.1. Database: grue-brain. NFS storage. HTTPS via Tailscale for mobile.
540Nextcloud10.2.1.5480NC 32.0.3. PHP 8.3 + PostgreSQL 17 + Redis. NAS-backed via NFS. 16GB upload limit. External: https://nextcloud.grue.ai
660n8n10.2.1.665678Workflow automation. Self-hosted.

Media Stack

Full *arr stack on pve-media, NFS to Synology NAS (28TB, 22TB free):

IDServiceIPPortNotes
220MeTube10.2.1.2208081YouTube/web video downloader
221Sonarr10.2.1.2218989TV automation
222Radarr10.2.1.2227878Movie automation
223Jellyfin10.2.1.2238096Media server. Family guide hosted on nginx :8081.
224Prowlarr10.2.1.2249696Indexer manager
225qBittorrent+PIA VPN10.2.1.2258080Torrent client with built-in PIA kill switch
226Lidarr10.2.1.2268686Music automation
227FileBot10.2.1.2275800File renaming/organization
228Music-Tools10.2.1.228Music processing utilities
229Jellyseerr10.2.1.2295055Media request management (Jellyfin-native fork of Overseerr). Docker.
230Readarr10.2.1.2308787Book/audiobook automation

Smart Home

IDServiceIPPortNotes
300Home Assistant OS 16.110.2.1.308123Full HAOS VM. Zigbee2MQTT :8080. SLZB-06M Zigbee coordinator on IoT VLAN. External: https://ha.grue.ai

Development & AI

IDServiceIPPortNotes
600Gitea10.2.1.603000Self-hosted Git. External: https://gitea.grue.ai
610Transcriptor VM10.2.1.6111434RTX 5060 passthrough. Whisper + Ollama-utility. Docker. 3AM cron batch.
611Open WebUI10.2.1.623000Ollama web interface
620Clawdbot VM10.2.1.6518789+Phase Space host — 4 OpenClaw AI agents
630code-quantum10.2.1.638080VSCode Server. External: https://code.grue.ai
640data-quantum10.2.1.64SQL dev database
670v8 MCP Server10.2.1.67Development MCP
680MCP Quantum Context10.2.1.68345616GB VM. Quantum, Perplexity, Vibe-check, Context7 (:3007), Ref (:3008), codebase-mcp (:3458) MCPs. PostgreSQL + 7727 contexts. 28ms avg embedding.
690Ollama GPU10.2.1.691143416GB VM. RTX 5090 passthrough. 29 models, 140GB on NFS.

Total active containers/VMs: ~40 (LXCs + VMs across 3 nodes)

AI Stack

OpenClaw Multi-Agent System (“The Phase Space”)

Four specialized AI agents, each a separate OpenClaw gateway on VM 620 (Clawdbot, 10.2.1.65). Deployed February 2026. Isolated secrets, models, skills, memory collections, and workspaces per agent.

AgentPortModelRole
The Attractor18789Claude Opus 4.6Creative core, personal assistant, sole external voice. Telegram, Obsidian PKM, Perplexity deep research, image generation.
The Governor18800Claude Sonnet 4.5Infrastructure guardian. Proxmox, DNS, backups, monitoring. Destructive-Confirmation Protocol for all state changes.
The Gradient18900Claude Opus 4.6Engineering. Code repos, PRs, CI/CD, MCP development.
The Emission18901Gemini FlashPublic content airlock. Sanitizes output for external consumption. No shell, no internal IPs, no memory.

Memory architecture: 2-layer

  • Layer 1: Qdrant (localhost:6333, Docker) + mem0 plugin. Per-agent collections. Embeddings via nomic-embed-text (768-dim). Memory extraction via llama3.3:70b-instruct-q2_K.
  • Layer 2: File-based (PHASE-SPACE.md, MEMORY.md, daily memory/YYYY-MM-DD.md)

Gemini two-lane architecture: Prevents API quota exhaustion.

  • System Lane (ADC): free, used for heavy context tasks (log analysis, large file ingestion)
  • Service Lane (API key): reserved for media generation and Emission agent
  • Google AI Ultra plan: $250/month, 500 Pro prompts/day

Channels: Telegram (@Grueaibot) — exclusive to The Attractor. No other agent has messaging access.

Ollama Inference

Two GPU endpoints with automatic failover:

EndpointGPUVRAMSpeedPrimary use
10.2.1.61:11434RTX 50608GB~187 tok/sEmbeddings, lightweight inference, Transcriptor
10.2.1.69:11434RTX 509032GB~417 tok/sHeavy inference, 70B models

MCP Quantum Context uses 10.2.1.61 as primary (lower latency, same node as utility services), falls back to 10.2.1.69 automatically.

Notable model sizes: mistral-large is 73GB — larger than the RTX 5090’s 32GB VRAM, loaded via Ollama’s chunked loading. deepseek-r1:70b at 42GB fills most of VRAM.

Whisper Transcription Pipeline

VM 610 (Transcriptor, pve-utility, RTX 5060):

  • OpenAI Whisper via Docker, GPU-accelerated
  • NAS model cache at /volume1/data/transcriptor/models
  • 22TB NAS storage available for source media
  • Daily 3AM cron: batch-processes new video/audio files dropped in watched NAS directory
  • Output: SRT/VTT subtitle files, transcripts
  • SSH: [email protected]

Storage

Synology NAS — “Athena” (10.2.1.101)

DetailValue
Total capacity28 TB
Used~7 TB (25%)
Free~21 TB
Network10GbE (VLAN 60) to pve-utility; 1GbE to pve-media

NFS volumes exported to cluster:

ShareMountConsumer
/volume1/Media_Library/mnt/pve/media-libraryJellyfin, *arr stack
/volume1/nextcloud/mnt/pve/nextcloud-nfsNextcloud data
/volume1/couchdb/mnt/couchdb-nasCouchDB/Obsidian
/volume1/data/copyparty/mnt/copyparty-nasCopyParty file server
/volume1/data/karakeep/mnt/karakeep-nasKarakeep assets
/volume1/proxmox_backups/mnt/pve/backups-1gPBS secondary, LXC backups
/volume1/proxmox_library/mnt/pve/library-1gVM templates, ISOs
/volume1/dataVariousGeneral data

pve-utility Local Storage

StorageTypeTotalUsedPurpose
utility-nvmeLVM thin921 GB128 GB (14%)LXC rootfs, VM disks
localdir68 GB11 GB (16%)ISO images, templates

Proxmox Backup Server (PBS) — pve-media

DetailValue
Datastore/mnt/pbs-nvme
Total458 GB NVMe
Used245 GB (57%)
Dedup factor67×
Prune policykeep-last=3, keep-daily=7, keep-weekly=4, keep-monthly=2
Secondary backupNAS /volume1/proxmox_backups (1GbE, PBS → NAS sync)

PBS stores compressed, deduplicated backups for all production LXCs and VMs. 67× dedup is real — backups of similar Debian LXCs compress and deduplicate aggressively.

Monitoring

Uptime Kuma

38 monitors. Notification channel: ntfy (self-hosted, 10.2.1.58). Every monitor sends push alerts to the uptime-alerts topic, delivered via ntfy app to phone.

Coverage: all production LXC services, VMs, external DNS resolution, Tailscale endpoints, MCP health endpoints.

Beszel

Agent-based system metrics (CPU, RAM, disk, network) for each container/VM. Better granularity than Prometheus node exporter for per-container views.

Prometheus + Grafana

  • Prometheus scrapes: node exporters on all Proxmox hosts and key VMs, UniFi Poller, Home Assistant integration
  • Grafana dashboards: cluster health, network bandwidth, VLAN traffic, GPU utilization, media stack activity
  • InfluxDB: Home Assistant historical data (sensor history, energy monitoring)
  • External: https://grafana.grue.ai (Cloudflare Access protected)

Network Hardware

DeviceModelNotes
Router/FirewallUniFi Dream Machine SEUDM SE. 8-port 2.5GbE + 2× 10GbE SFP+
Core switchUniFi USW AggregationVLAN trunking
Access pointsUniFi U7 ProWi-Fi 7, VLAN-aware SSIDs
ZigbeeSLZB-06MEthernet Zigbee coordinator, IoT VLAN

Automation

Ansible (LXC 130, 10.2.1.130):

  • Manages: all 3 Proxmox hosts, 32 LXC containers, 6 VMs
  • Playbooks: update-lxc-containers.yml, update-vms.yml, update-proxmox-hosts.yml
  • Cron: daily OS updates at 3AM PT, 6-hour connectivity pings
  • SSH key auth deployed to all managed hosts

OpenClaw agents run on cron (heartbeat + task scheduling) via built-in cron scheduler. The Governor monitors cluster health on each heartbeat and files GitHub issues for unresolved outages.

The Attractor’s Mac Nodes

Paired via OpenClaw node system to The Attractor (port 18789):

  • pauls-mbp (Tailscale 100.111.17.71) — M3 Max 16-core, 64GB RAM
  • calarts-mbp (Tailscale 100.98.171.89) — M3 Max 14-core, 36GB RAM
  • airhead (Tailscale 100.80.38.71) — 2015 MacBook Air, NixOS

Security Posture

  • All external services behind Cloudflare Access (Google OAuth, wildcard MFA)
  • Internal services: VPN-only (Tailscale) or LAN-only
  • No services exposed directly to internet except via Cloudflare tunnel
  • Agent secrets: per-agent files with least-privilege scoping. Agents cannot access each other’s secrets by policy (soft boundary — same Linux user, enforced by convention).
  • Silo VLAN (3) for isolated/untrusted workloads
  • Guest WiFi (VLAN 1610) fully isolated from all internal networks
  • qBittorrent always runs inside PIA VPN with kill switch

Fun Numbers

MetricValue
Total cluster RAM160 GB (64+64+32)
Total GPU VRAM40 GB (32+8)
Active LXCs + VMs~40
Ollama models29 on RTX 5090, 2 on RTX 5060
NAS free space~21 TB
PBS dedup factor67×
DNS monitors38 (Uptime Kuma)
Ansible-managed hosts~35
AI agents4 (Attractor, Governor, Gradient, Emission)
MCP context store7,727 contexts (PostgreSQL)
Embedding latency~28ms avg (nomic-embed-text, RTX 5060)
Whisper batch schedule3AM daily, GPU-accelerated

Draft generated 2026-02-18. IPs, credentials, and model versions current at time of writing. Sanitize before publishing: remove 10.2.x.x IPs, token references, and any credential hints.

NEXT →
Part 1: The Timebase Corrector and the …
person
Paul Kyle // Director — Phase Space