mindboost/mindboost-infrastructure
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
feature/verify-email-autologin
mindboost-infrastructure/docs/infra.md

30 lines
900 B
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Infrastructure v2
Goals
- Modular stacks you can pick individually (Nextcloud, etc.)
- Unified reverse proxy (Traefik) with automatic TLS
- Clear env layering and gitignored secrets
- Simple Make targets for a smooth DX
Layout
- infra/core/traefik: Traefik compose + static/dynamic config
- infra/apps/<service>: Selfcontained compose stacks and .env.example
- infra/env/<env>/common.env: Shared environment defaults per environment
- infra/secrets: Local secret files (ignored)
- scripts/infra/bootstrap.sh: Creates proxy network and ACME storage
Usage
1. cp infra/env/development/common.env infra/env/development/common.env (adjust values)
2. make bootstrap
3. make proxy-up
4. make app-up APP=nextcloud
Security
- Do not commit real secrets. Place them in local `.env` files or secret managers.
- Optionally protect Traefik dashboard with basic auth via `TRAEFIK_BASIC_AUTH_USERS`.
Reference in New Issue View Git Blame Copy Permalink