Erich Blume
1de5492d6c
Replace the Cloudflare Tunnel plan with a Fly.io reverse proxy architecture that tunnels back to indri over Tailscale. Covers: - Full architecture with nginx proxy cache + rate limiting - One-time setup vs per-service steps - Fly.io container (Dockerfile, fly.toml, nginx.conf, start.sh) - Pulumi IaC for Tailscale auth key + DNS CNAMEs - Forgejo CI workflow for automated deploys - Security model, DDoS considerations, break-glass shutoff - Mise tasks: fly-deploy, fly-setup, fly-shutoff Also fix docs-check-links to handle in-page anchor links ([[#Heading]]) and cross-file anchors ([[file#Heading]]). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
93 B
93 B
Add how-to guide for exposing services publicly via Fly.io reverse proxy + Tailscale tunnel.