B4L/buildfor_life_budget
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Regenerate deployment architecture diagram via beautiful-mermaid
Validate / validate (push) Successful in 30s
Details

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Alexander Grabowski
2026-04-16 16:42:08 +07:00
parent 5451a591ad
commit 639c261995
1 changed files with 26 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/deployment.md
+26 -7
View File
@@ -8,15 +8,34 @@ Self-hosted on a single Linux box (Proxmox LXC / VM / bare metal). Four layers,
4. **External reverse proxy** (off-box, e.g. at the network edge) — does TLS termination for the public hostname; forwards to LAN IP:8080 4. **External reverse proxy** (off-box, e.g. at the network edge) — does TLS termination for the public hostname; forwards to LAN IP:8080
``` ```
┌─ Internet ──→ TLS proxy ──┐ ┌────────────────┐ ┌─────────────────────┐ ┌──────────────────────┐ ┌────────────────┐
│ │ │ │ │
Tor peer ───┼─ onion ──→ tor daemon ──┤ │ Internet user ├────►│ External TLS proxy ├────►│ Internal Caddy :8080 ├────►│ Node app :3000 │
├──→ Caddy:8080 ──→ Node:3000 │ │ │ │
Yggdrasil peer ─┼─ ygg ──→ ygg IPv6 ── └────────────────┘ └─────────────────────┘ └──────────────────────┘ ────────────────┘
│ │
NetBird peer ──┼─ WG ──→ netbird IP ──┘
┌────────────────┐ ┌─────────────────────┐ │
│ │ │ │ │
│ Tor peer ├────►│ tor daemon (.onion) ├─────────────────┤
│ │ │ │ │
└────────────────┘ └─────────────────────┘ │
┌────────────────┐ ┌─────────────────────┐ │
│ │ │ │ │
│ Yggdrasil peer ├────►│ Yggdrasil IPv6 ├─────────────────┤
│ │ │ │ │
└────────────────┘ └─────────────────────┘ │
┌────────────────┐ ┌─────────────────────┐ │
│ │ │ │ │
│ NetBird peer ├────►│ NetBird IP ├─────────────────┘
│ │ │ │
└────────────────┘ └─────────────────────┘
``` ```
_Diagram rendered from a Mermaid source via [beautiful-mermaid](https://github.com/lukilabs/beautiful-mermaid)._
All non-TLS: the external proxy terminates TLS, Tor encrypts its own path, Yggdrasil/NetBird are encrypted overlays. Caddy and the node app speak plain HTTP. All non-TLS: the external proxy terminates TLS, Tor encrypts its own path, Yggdrasil/NetBird are encrypted overlays. Caddy and the node app speak plain HTTP.
--- ---