c471b6a7dd
Separate infrastructure services from application stack for operational resilience. Following Gemini's architectural guidance. Infrastructure Services: - Gitea (git.corrosionmgmt.com) - Source control, CI/CD, releases * SQLite database (self-contained) * Port 8090: Web UI * Port 2222: SSH - SeaweedFS (cdn.corrosionmgmt.com) - S3-compatible object storage * Port 8091: Filer UI (primary CDN interface) * Port 8092: S3 API (programmatic access) * Port 9333: Master UI (internal admin) * Port 8080: Volume server (internal) Benefits: - Restarting Corrosion app doesn't affect Git/CDN services - No shared database dependencies (Gitea uses SQLite) - Clear separation between infrastructure and application concerns - Foundation for plugin ecosystem and map hosting Deployment: cd infra && docker compose up -d See infra/README.md for full setup instructions and NPM configuration. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2.4 KiB
2.4 KiB
Nginx Proxy Manager Configuration
Required Proxy Hosts
1. Gitea (Source Control)
Domain Names:
git.corrosionmgmt.com
Details:
Scheme: http
Forward Hostname / IP: <asgard-internal-ip>
Forward Port: 8090
Cache Assets: No
Block Common Exploits: Yes
Websockets Support: Yes
SSL:
Force SSL: Yes
HTTP/2 Support: Yes
HSTS Enabled: Yes
Advanced (if needed):
# For SSH git clone support over HTTPS (optional)
location ~ ^/(.+\.git)/(git-upload-pack|git-receive-pack)$ {
proxy_pass http://<asgard-ip>:8090;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
2. SeaweedFS CDN (Object Storage)
Domain Names:
cdn.corrosionmgmt.com
Details:
Scheme: http
Forward Hostname / IP: <asgard-internal-ip>
Forward Port: 8091
Cache Assets: Yes (Enable caching for static files)
Block Common Exploits: Yes
Websockets Support: Yes
SSL:
Force SSL: Yes
HTTP/2 Support: Yes
HSTS Enabled: Yes
Custom Locations (Optional):
If you want to expose the S3 API at a different path:
# S3 API at cdn.corrosionmgmt.com/s3
location /s3/ {
proxy_pass http://<asgard-ip>:8092/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
Port Summary
| Service | Container | Internal Port | Host Port | Domain |
|---|---|---|---|---|
| Gitea Web | corrosion-gitea | 3000 | 8090 | git.corrosionmgmt.com |
| Gitea SSH | corrosion-gitea | 22 | 2222 | git.corrosionmgmt.com:2222 |
| SeaweedFS Filer | corrosion-cdn | 8888 | 8091 | cdn.corrosionmgmt.com |
| SeaweedFS S3 | corrosion-cdn | 8333 | 8092 | Internal only |
| SeaweedFS Master | corrosion-cdn | 9333 | 9333 | Internal only |
| SeaweedFS Volume | corrosion-cdn | 8080 | 8080 | Internal only |
Testing
After configuring NPM, test the proxies:
# Test Gitea
curl -I https://git.corrosionmgmt.com
# Test SeaweedFS CDN
curl -I https://cdn.corrosionmgmt.com
# Test S3 API (internal)
curl http://<asgard-ip>:8092/
Firewall Rules (if applicable)
If Asgard has a firewall, ensure these ports are accessible:
From Nginx Proxy Manager to Asgard:
- 8090 (Gitea)
- 8091 (SeaweedFS Filer)
Optional (for internal access):
- 8092 (S3 API - for backend services)
- 9333 (Master UI - for admin)
External SSH (if using git over SSH):
- 2222 (Gitea SSH)