📡 Meshtastic for SKYNET2

This documentation describes a production-ready Meshtastic infrastructure using:

• Proxmox

• Privileged LXC

• MeshMonitor (serial bridge mode)

• Mosquitto MQTT (LAN + TLS Internet access)

• Cloudflare DNS

• Let’s Encrypt certificates

• Optional Discord integration (documented elsewhere)

This guide assumes:

• You are self-hosting

• You want full control

• You are not relying on Meshtastic’s public MQTT infrastructure

What This Setup Does

This infrastructure provides:

• A hardwired Meshtastic node connected via USB to a server
• A central MeshMonitor instance acting as:
  • Network monitor
  • Message hub
  • Serial bridge
• A secure MQTT broker allowing:
  • Remote users (cellular / internet) to participate
  • Integration with other systems (Discord, dashboards, automations)
• A clean separation between:
  • RF mesh traffic
  • Internet transport
  • User-facing services
• Key Design Decisions
  • MeshMonitor is the source of truth
  • The core node does NOT use Wi-Fi
  • MQTT is optional and client-driven
  • No Docker required
  • No VM required
  • Everything runs natively in one LXC

High-Level Architecture

[ Meshtastic Nodes ]
        ↓ RF
[ Core Node via USB ]
        ↓ Serial
[ MeshMonitor ]
        ↓
[ Mosquitto MQTT ]
   ↓            ↓
 Internet    LAN Services

Chapters

General Information

Random things and other notes I've encountered along the way

Infrastructure

Everything server-side

2.1 Proxmox Container Setup

Container Requirements

• Debian-based LXC (Debian 12 recommended)
• Privileged container (required for USB access)
• Static IP recommended

Why Privileged?

USB serial access inside LXC is vastly simpler and more reliable when privileged.
Security tradeoff is acceptable for this use case.