Erich Blume
254b93096a
## Summary - Create `docs/reference/` section with 24 technical reference cards - Services (16): alloy, argocd, borgmatic, 1password, forgejo, grafana, jellyfin, kiwix, loki, miniflux, navidrome, postgresql, prometheus, teslamate, transmission, zot - Infrastructure (3): hosts, tailscale, routing - Kubernetes (2): cluster, apps - Storage (2): sifaka, backups - Update README to mark Phase 2 as complete - Add towncrier changelog fragment ## Deployment and Testing - [ ] Build docs locally to verify wiki-links resolve - [ ] Deploy via ArgoCD and verify at docs.ops.eblu.me/reference/ 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/88
2.6 KiB
2.6 KiB
| title | tags | ||
|---|---|---|---|
| Service Routing |
|
Service Routing
Services are accessible via two DNS domains with different reachability.
DNS Domains
| Domain | Proxy | Reachable From |
|---|---|---|
*.ops.eblu.me |
Caddy on indri | k8s pods, docker containers, tailnet clients |
*.tail8d86e.ts.net |
Tailscale MagicDNS | Tailnet clients only |
Use *.ops.eblu.me for services that need pod-to-service communication.
Caddy Services (*.ops.eblu.me)
DNS points to indri's Tailscale IP (100.98.163.89). TLS via Let's Encrypt (ACME DNS-01 with Gandi).
| Service | URL | Description |
|---|---|---|
| Homepage | https://go.ops.eblu.me | Service dashboard |
| [[services/forgejo | Forgejo]] | https://forge.ops.eblu.me |
| [[services/zot | Zot]] | https://registry.ops.eblu.me |
| [[services/grafana | Grafana]] | https://grafana.ops.eblu.me |
| [[services/argocd | ArgoCD]] | https://argocd.ops.eblu.me |
| [[services/prometheus | Prometheus]] | https://prometheus.ops.eblu.me |
| [[services/loki | Loki]] | https://loki.ops.eblu.me |
| [[services/miniflux | Miniflux]] | https://feed.ops.eblu.me |
| [[services/kiwix | Kiwix]] | https://kiwix.ops.eblu.me |
| [[services/transmission | Transmission]] | https://torrent.ops.eblu.me |
| [[services/teslamate | TeslaMate]] | https://tesla.ops.eblu.me |
| [[services/navidrome | Navidrome]] | https://dj.ops.eblu.me |
| [[services/jellyfin | Jellyfin]] | https://jellyfin.ops.eblu.me |
| [[services/postgresql | PostgreSQL]] | pg.ops.eblu.me:5432 |
| [[storage/sifaka | Sifaka]] | https://nas.ops.eblu.me |
Tailscale-Only Services
| Service | URL | Description |
|---|---|---|
| Kubernetes | https://k8s.tail8d86e.ts.net | Minikube API |
Port Map (Indri)
| Port | Service | Protocol | Binding | Notes |
|---|---|---|---|---|
| 443 | Caddy | HTTPS | 0.0.0.0 | Reverse proxy |
| 2222 | Caddy L4 | TCP | 0.0.0.0 | SSH proxy to Forgejo |
| 5432 | Caddy L4 | TCP | 0.0.0.0 | PostgreSQL proxy |
| 2200 | Forgejo SSH | TCP | localhost | Built-in SSH server |
| 3001 | Forgejo | HTTP | localhost | Web UI |
| 5050 | Zot | HTTP | localhost | Registry API |
| 8096 | Jellyfin | HTTP | localhost | Media server |
| 44491 | K8s API | HTTPS | 0.0.0.0 | Minikube API server |
Related
- infrastructure/tailscale - ACL configuration
- infrastructure/indri - Where services run