Erich Blume
1de5492d6c
Replace the Cloudflare Tunnel plan with a Fly.io reverse proxy architecture that tunnels back to indri over Tailscale. Covers: - Full architecture with nginx proxy cache + rate limiting - One-time setup vs per-service steps - Fly.io container (Dockerfile, fly.toml, nginx.conf, start.sh) - Pulumi IaC for Tailscale auth key + DNS CNAMEs - Forgejo CI workflow for automated deploys - Security model, DDoS considerations, break-glass shutoff - Mise tasks: fly-deploy, fly-setup, fly-shutoff Also fix docs-check-links to handle in-page anchor links ([[#Heading]]) and cross-file anchors ([[file#Heading]]). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1.3 KiB
1.3 KiB
| title | tags | |
|---|---|---|
| How-To |
|
How-To Guides
Task-oriented instructions for common BlumeOps operations. These guides assume you already understand the basic concepts - see tutorials if you're learning.
Deployment
| Guide | Description |
|---|---|
| deploy-k8s-service | Deploy a new service to Kubernetes via ArgoCD |
| add-ansible-role | Add a new Ansible role for indri services |
Configuration
| Guide | Description |
|---|---|
| update-tailscale-acls | Update Tailscale access control policies |
| gandi-operations | Manage DNS records and cycle the Gandi API token |
| use-pypi-proxy | Configure pip and publish packages to devpi |
| expose-service-publicly | Expose a service to the public internet via Fly.io + Tailscale |
Documentation
| Guide | Description |
|---|---|
| update-documentation | Publish docs via build-blumeops workflow |
Knowledge Base
| Guide | Description |
|---|---|
| review-documentation | Periodically review and maintain documentation |
Operations
| Guide | Description |
|---|---|
| restart-indri | Safely shut down and restart indri |
| troubleshooting | Diagnose and fix common issues |