2.1 KiB
2.1 KiB
| title | description | published | date | tags | editor | dateCreated |
|---|---|---|---|---|---|---|
| Pocket Grimoire | Portable travel lab — offline-first, encrypted, self-contained | true | 2026-04-12T00:00:00.000Z | pocket, portable, travel | markdown | 2026-04-12T00:00:00.000Z |
Pocket Grimoire
Pocket Grimoire is a portable, encrypted, offline-first companion to Netgrimoire. It travels. It runs without internet. It tunnels home via WireGuard when connectivity is available. And it doubles as one of the two Vault Grimoire offsite nodes — every time it leaves the house, it takes an encrypted copy of the data with it.
Hardware at a Glance
- Laptop — Docker host, ZFS pool
pocket-greenat/srv/greenpg/ - GL.iNet Beryl AX (GL-MT3000) — travel router, LAN
192.168.8.0/24, WireGuard peerPortaPotty - 2x Onn 4K streaming boxes — hotel/TV playback
- Anker 200W GaN charging station — one plug for everything
- SSDs — Vault (always connected) + Green (personal trips only)
Software Stack
| Service | Purpose | Mode |
|---|---|---|
| Jellyfin | Media playback | Read/write |
| Stash (PocketStash, port 9998) | Adult media | Read-only travel mode |
| Wiki.js | Documentation mirror | Pull-only |
| Filebrowser | File access | Read/write |
WireGuard Home Tunnel
WireGuard peer PortaPotty (192.168.32.5) connects back to OPNsense on Netgrimoire when internet is available. All management traffic and sync operations use the tunnel.
As a Vault Node
Pocket Grimoire receives a syncoid push from znas before each trip:
syncoid znas:vault/Green/Pocket pocket:/srv/greenpg/Green
This makes it an offsite encrypted backup node whenever it leaves home. See Vault Architecture.
Sections
| Hardware | Full hardware list, power kit, storage layout |
| Software | Services, Docker config, ZFS pool |
| Sync & Deployment | Pre-travel checklist, syncoid, deployment guide |