eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/docs/reference/infrastructure/routing.md
Erich Blume ce1f696bd8 Add Reference section with 24 technical reference cards 
Phase 2 of documentation restructuring. Creates docs/reference/ with:

Services (16):
- alloy, argocd, borgmatic, 1password, forgejo, grafana
- jellyfin, kiwix, loki, miniflux, navidrome, postgresql
- prometheus, teslamate, transmission, zot

Infrastructure (3):
- hosts - Device inventory
- tailscale - ACLs, groups, tags
- routing - DNS domains and port mappings

Kubernetes (2):
- cluster - Minikube specs
- apps - ArgoCD application registry

Storage (2):
- sifaka - Synology NAS configuration
- backups - Backup policy

All cards use wiki-links for cross-referencing and include YAML
frontmatter with title and tags for Quartz.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-03 13:22:19 -08:00

79 lines
3 KiB
Markdown
Raw Blame History

---
title: Service Routing
tags:
- infrastructure
- network
---
# Service Routing
Services are accessible via two DNS domains with different reachability.
## DNS Domains
| Domain | Proxy | Reachable From |
|--------|-------|----------------|
| `*.ops.eblu.me` | Caddy on indri | k8s pods, docker containers, tailnet clients |
| `*.tail8d86e.ts.net` | Tailscale MagicDNS | Tailnet clients only |
**Use `*.ops.eblu.me`** for services that need pod-to-service communication.
## Caddy Services (`*.ops.eblu.me`)
DNS points to indri's Tailscale IP (100.98.163.89). TLS via Let's Encrypt (ACME DNS-01 with Gandi).
| Service | URL | Description |
|---------|-----|-------------|
| Homepage | https://go.ops.eblu.me | Service dashboard |
| [[services/forgejo\|Forgejo]] | https://forge.ops.eblu.me | Git hosting (SSH: 2222) |
| [[services/zot\|Zot]] | https://registry.ops.eblu.me | Container registry |
| [[services/grafana\|Grafana]] | https://grafana.ops.eblu.me | Dashboards |
| [[services/argocd\|ArgoCD]] | https://argocd.ops.eblu.me | GitOps CD |
| [[services/prometheus\|Prometheus]] | https://prometheus.ops.eblu.me | Metrics |
| [[services/loki\|Loki]] | https://loki.ops.eblu.me | Logs |
| [[services/miniflux\|Miniflux]] | https://feed.ops.eblu.me | RSS reader |
| [[services/kiwix\|Kiwix]] | https://kiwix.ops.eblu.me | Offline Wikipedia |
| [[services/transmission\|Transmission]] | https://torrent.ops.eblu.me | BitTorrent |
| [[services/teslamate\|TeslaMate]] | https://tesla.ops.eblu.me | Tesla logger |
| [[services/navidrome\|Navidrome]] | https://dj.ops.eblu.me | Music streaming |
| [[services/jellyfin\|Jellyfin]] | https://jellyfin.ops.eblu.me | Media server |
| [[services/postgresql\|PostgreSQL]] | pg.ops.eblu.me:5432 | Database |
| [[storage/sifaka\|Sifaka]] | https://nas.ops.eblu.me | NAS dashboard |
## Tailscale-Only Services
| Service | URL | Description |
|---------|-----|-------------|
| Kubernetes | https://k8s.tail8d86e.ts.net | Minikube API |
## Port Map (Indri)
| Port | Service | Protocol | Binding | Notes |
|------|---------|----------|---------|-------|
| 443 | Caddy | HTTPS | 0.0.0.0 | Reverse proxy |
| 2222 | Caddy L4 | TCP | 0.0.0.0 | SSH proxy to Forgejo |
| 5432 | Caddy L4 | TCP | 0.0.0.0 | PostgreSQL proxy |
| 2200 | Forgejo SSH | TCP | localhost | Built-in SSH server |
| 3001 | Forgejo | HTTP | localhost | Web UI |
| 5050 | Zot | HTTP | localhost | Registry API |
| 8096 | Jellyfin | HTTP | localhost | Media server |
| 44491 | K8s API | HTTPS | 0.0.0.0 | Minikube API server |
## Adding New Services
### Indri Services (via Caddy)
1. Host service on localhost
2. Add to `ansible/roles/caddy/defaults/main.yml`
3. Run `mise run provision-indri -- --tags caddy`
### K8s Services (via Tailscale Ingress)
1. Create manifests in `argocd/manifests/<service>/`
2. Add ArgoCD Application in `argocd/apps/`
3. Add Tailscale Ingress annotation
4. Add Caddy proxy entry
5. Sync via ArgoCD
## Related
- [[infrastructure/tailscale\|Tailscale]] - ACL configuration
- [[infrastructure/hosts\|Hosts]] - Where services run
Reference in a new issue View git blame Copy permalink