KH3Group IT Documentation
This site is the operational reference for the KH3Group infrastructure. It exists to help system administrators and support engineers understand the environment, operate services consistently, recover from failures, and hand responsibility to future staff without relying on undocumented knowledge.
Purpose
The infrastructure provides internet access, network security, virtualization, internal name resolution, application hosting, source control, continuous delivery, storage, and business applications. This documentation records the deployed state and the procedures required to support it.
Intended Audience
- System administrators responsible for servers, networking, storage, and backups
- Support engineers diagnosing access or application incidents
- Service owners maintaining business applications
- Future staff taking over operational responsibility
Scope
The site covers:
- Physical hardware, asset details, and management access
- Network architecture, addressing, routing, DNS, and firewall boundaries
- Proxmox VE virtual machines and LXC containers
- Docker Engine workloads and their persistent data
- Service dependencies, ingress, databases, and storage
- Operational runbooks, backup, restore, troubleshooting, and publishing
Secrets, passwords, private keys, recovery codes, and live tokens are intentionally excluded. Store them in the approved password manager and use the configuration redaction procedure before committing exported configuration.
Start Here
Documentation Standard
Each operational page should identify its purpose, architecture, configuration, procedures, troubleshooting guidance, related systems, and references. Unknown values are marked To be verified instead of being guessed.
Update the relevant page in the same change that modifies infrastructure. Follow the documentation maintenance guide, run mkdocs build --strict, and verify all referenced images and internal links before publishing.