c471b6a7dd
Separate infrastructure services from application stack for operational resilience. Following Gemini's architectural guidance. Infrastructure Services: - Gitea (git.corrosionmgmt.com) - Source control, CI/CD, releases * SQLite database (self-contained) * Port 8090: Web UI * Port 2222: SSH - SeaweedFS (cdn.corrosionmgmt.com) - S3-compatible object storage * Port 8091: Filer UI (primary CDN interface) * Port 8092: S3 API (programmatic access) * Port 9333: Master UI (internal admin) * Port 8080: Volume server (internal) Benefits: - Restarting Corrosion app doesn't affect Git/CDN services - No shared database dependencies (Gitea uses SQLite) - Clear separation between infrastructure and application concerns - Foundation for plugin ecosystem and map hosting Deployment: cd infra && docker compose up -d See infra/README.md for full setup instructions and NPM configuration. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Corrosion Infrastructure Stack
Purpose: Dedicated infrastructure services (Git, CDN) separated from application stack for operational resilience.
Services
Gitea (git.corrosionmgmt.com)
- Container:
corrosion-gitea - Host Port: 8090
- SSH Port: 2222
- Database: SQLite (self-contained)
- Purpose: Source control, CI/CD, companion agent releases
SeaweedFS (cdn.corrosionmgmt.com)
- Container:
corrosion-cdn - Filer UI Port: 8091 (primary CDN interface)
- S3 API Port: 8092 (programmatic access)
- Master Port: 9333 (admin/monitoring)
- Volume Port: 8080 (internal storage)
- Purpose: Map hosting, plugin packages, companion binaries, backups
Deployment
First-time setup:
cd infra
docker compose up -d
Nginx Proxy Manager Configuration:
Proxy Host 1: Git
- Domain:
git.corrosionmgmt.com - Forward IP:
<asgard-internal-ip>(e.g., 192.168.x.x or 172.17.0.1) - Forward Port:
8090 - Websockets: ✅ Enable
- SSL: ✅ Force SSL, HTTP/2 Support
Proxy Host 2: CDN
- Domain:
cdn.corrosionmgmt.com - Forward IP:
<asgard-internal-ip> - Forward Port:
8091 - Websockets: ✅ Enable
- SSL: ✅ Force SSL
Architecture Benefits
- Resilience: Restarting Corrosion app doesn't affect Git/CDN
- Simplicity: No shared database dependencies
- Separation: Infrastructure vs application concerns
- Scalability: Can move to dedicated hardware later
Access Points
- Gitea Web: https://git.corrosionmgmt.com
- Gitea SSH: ssh://git@git.corrosionmgmt.com:2222
- CDN Filer UI: https://cdn.corrosionmgmt.com
- S3 API: http://:8092 (internal only, no proxy)
- SeaweedFS Master: http://:9333 (internal only, no proxy)
First-time Gitea Setup
- Navigate to https://git.corrosionmgmt.com
- Initial setup wizard will appear
- Accept defaults (SQLite database pre-configured)
- Create admin account
- Enable Actions in admin panel
S3 Configuration (for Backend API)
Add to Corrosion backend .env:
S3_ENDPOINT=http://<asgard-internal-ip>:8092
S3_ACCESS_KEY=<generate-random-key>
S3_SECRET_KEY=<generate-random-secret>
S3_BUCKET=corrosion-maps
S3_REGION=us-east-1
Maintenance
# View logs
docker compose logs -f
# Restart services
docker compose restart
# Update images
docker compose pull
docker compose up -d
# Backup data
tar -czf gitea-backup-$(date +%Y%m%d).tar.gz gitea/
tar -czf seaweedfs-backup-$(date +%Y%m%d).tar.gz seaweedfs/
Integration with Corrosion
- Companion agent binaries → Gitea releases
- Map files → SeaweedFS buckets
- Custom plugins → Gitea private repos (Phase 3)
- Backup snapshots → SeaweedFS volumes