docs(infra): document new infra v2 structure and usage
This commit is contained in:
29
docs/infra.md
Normal file
29
docs/infra.md
Normal file
@@ -0,0 +1,29 @@
|
||||
Infrastructure v2
|
||||
|
||||
Goals
|
||||
|
||||
- Modular stacks you can pick individually (Nextcloud, etc.)
|
||||
- Unified reverse proxy (Traefik) with automatic TLS
|
||||
- Clear env layering and git‑ignored secrets
|
||||
- Simple Make targets for a smooth DX
|
||||
|
||||
Layout
|
||||
|
||||
- infra/core/traefik: Traefik compose + static/dynamic config
|
||||
- infra/apps/<service>: Self‑contained compose stacks and .env.example
|
||||
- infra/env/<env>/common.env: Shared environment defaults per environment
|
||||
- infra/secrets: Local secret files (ignored)
|
||||
- scripts/infra/bootstrap.sh: Creates proxy network and ACME storage
|
||||
|
||||
Usage
|
||||
|
||||
1. cp infra/env/development/common.env infra/env/development/common.env (adjust values)
|
||||
2. make bootstrap
|
||||
3. make proxy-up
|
||||
4. make app-up APP=nextcloud
|
||||
|
||||
Security
|
||||
|
||||
- Do not commit real secrets. Place them in local `.env` files or secret managers.
|
||||
- Optionally protect Traefik dashboard with basic auth via `TRAEFIK_BASIC_AUTH_USERS`.
|
||||
|
||||
Reference in New Issue
Block a user