Sebastian Krüger
145273c35c
Removed the global `--entrypoints.web-secure.http.tls.options=default@file` configuration from proxy/compose.yaml that was causing "unknown TLS options" errors during Traefik startup. The issue occurred because Traefik attempted to apply TLS options to all routers before the file provider finished loading security.yaml, creating a race condition. Services now use Let's Encrypt certificates without explicit TLS options at the entrypoint level. The TLS security settings (minimum TLS 1.2, strong cipher suites, etc.) remain defined in proxy/dynamic/security.yaml and can be applied to individual services via their router configurations if needed. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
___ ___ ___ ___ ___ ___
/\ \ /\ \ /\__\ /\ \ /\ \ /\__\
/::\ \ /::\ \ /:/ / /::\ \ /::\ \ /:| _|_
/::\:\__\ /::\:\__\ /:/__/ /:/\:\__\ /:/\:\__\ /::|/\__\
\/\::/ / \/\::/ / \:\ \ \:\ \/__/ \:\/:/ / \/|::/ /
/:/ / /:/ / \:\__\ \:\__\ \::/ / |:/ /
\/__/ \/__/ \/__/ \/__/ \/__/ \/__/
⚡ THE FALCON ⚡
Captain Valknar's Legendary Starship
🌌 SHIP'S LOG
STARDATE: 2025.10.26 LOCATION: Deep Space, Uncharted Territories STATUS: Captain currently engaged in... diplomatic relations with alien civilizations SYSTEMS: All green, automated deployment active
"The Falcon doesn't just traverse the stars — it commands them." — Captain Valknar, moments before jumping to hyperspace
🛸 VESSEL SPECIFICATIONS
The Falcon is a state-of-the-art containerized starship, powered by Docker's quantum drive engines and orchestrated through the legendary Arty navigation system.
🎯 CORE SYSTEMS
| System | Purpose | Access Point |
|---|---|---|
| SEXY | Advanced alien encounter database | sexy.pivoine.art |
| AWSM | Intergalactic discovery catalog | awesome.pivoine.art |
| TRACK | Mission analytics & telemetry | umami.pivoine.art |
| GOTIFY | Subspace communication relay | gotify.pivoine.art |
| SCRAPY | Web scraping reconnaissance cluster | scrapy.pivoine.art |
| N8N | Automated workflow command center | n8n.pivoine.art |
| STASH | Universal file management portal | stash.pivoine.art |
| LINKS | Interstellar bookmark archive | links.pivoine.art |
| VAULT | Encrypted password vault | vault.pivoine.art |
| JOPLIN | Note-taking server & sync hub | joplin.pivoine.art |
| VERT | Universal file format converter | vert.pivoine.art |
| RESTIC | Automated backup vault system | restic.pivoine.art |
| PROXY | Shield control dashboard | proxy.pivoine.art |
| VPN | Cloaking device network | vpn.pivoine.art |
⚙️ INFRASTRUCTURE
┌─────────────────────────────────────────────────┐
│ 🛡️ TRAEFIK SHIELD GENERATOR (Proxy) │
│ ├─ Auto-SSL via Let's Encrypt Reactor │
│ ├─ HTTP → HTTPS Phase Shifters │
│ ├─ Load Balancer Stabilizers │
│ ├─ Dashboard Command Center │
│ └─ Sablier Dynamic Scaling Plugin │
├─────────────────────────────────────────────────┤
│ 💾 POSTGRESQL 16 DATA CORE │
│ ├─ Directus Sector Database │
│ ├─ Umami Analytics Vault │
│ ├─ n8n Workflow Engine Database │
│ ├─ Linkwarden Bookmark Archive │
│ └─ Joplin Note-taking Server Database │
├─────────────────────────────────────────────────┤
│ ⚡ REDIS CACHE HYPERDRIVE │
│ └─ Warp-speed data acceleration │
├─────────────────────────────────────────────────┤
│ 🔐 BACKREST BACKUP VAULT (Restic) │
│ ├─ Automated volume snapshots │
│ ├─ Incremental backup engine │
│ └─ HiDrive remote repository │
└─────────────────────────────────────────────────┘
🚀 LAUNCH SEQUENCE
Prerequisites
- Docker Engine v20+ installed
- Docker Compose v2.20+ installed
- Arty navigation system (
npm install -g artyorpnpm add -g arty) - Clearance level: Captain
🔧 Initialize Ship Systems
# Create the ship's neural network
arty net/create
# Launch all systems
arty up
# Monitor system status
arty ps
# Access ship's logs (real-time)
arty logs
📡 Individual System Control
# Power down specific systems
arty down
# Restart malfunctioning modules
arty restart
# Pull latest system updates from the mothership
arty pull
# Diagnostic report
arty config
💫 NAVIGATION COMMANDS
Database Operations (SEXY Mission)
# Create database backup before alien encounter
arty db/dump
# Restore database after timeline anomaly
arty db/import
# Export exotic alien artifacts (uploads)
arty uploads/export
# Import artifacts to new timeline
arty uploads/import
Deployment & Sync
# Synchronize .env to remote starbase
arty env/sync
Backup Operations (RESTIC System)
# Access backup web interface
# URL: https://restic.pivoine.art
# Username: valknar
# Password: Set on first access
# View backup status
docker logs restic_app | grep scheduled
# Manually trigger backup for a specific plan
docker exec restic_app /backrest backup --plan postgres-backup
# List all snapshots in repository
docker exec restic_app restic -r /repos snapshots
# Restore from backup (via web UI recommended)
# Navigate to restic.pivoine.art → Browse snapshots → Restore files
Automated Backup Schedule:
- Daily backups: 2 AM - 8 AM (staggered by service)
- Weekly maintenance: Sundays at 2 AM (prune) and 3 AM (check)
- All volumes backed up to:
/mnt/hidrive/users/valknar/Backup
🌠 SHIP ARCHITECTURE
THE FALCON (falcon_network)
│
├─ 🎯 CORE SERVICES
│ ├─ PostgreSQL 16 [Port 5432] → Data Vault
│ └─ Redis 7 [Internal] → Cache Drive
│
├─ 🛡️ SECURITY LAYER
│ ├─ Traefik [80/443] → Shield Generator
│ ├─ Traefik Dashboard [proxy.pivoine.art] → Control Center
│ └─ Sablier [Internal] → Scale-to-Zero Engine
│
├─ 🚀 APPLICATIONS
│ ├─ Directus API [sexy.pivoine.art/api]
│ ├─ SvelteKit Frontend [sexy.pivoine.art]
│ ├─ Awesome Catalog [awesome.pivoine.art]
│ ├─ Umami Analytics [umami.pivoine.art]
│ ├─ Gotify Messenger [gotify.pivoine.art]
│ ├─ Scrapyd Cluster [scrapy.pivoine.art]
│ ├─ n8n Workflows [n8n.pivoine.art]
│ ├─ Filestash Files [stash.pivoine.art]
│ ├─ Linkwarden Marks [links.pivoine.art]
│ ├─ Vaultwarden Vault [vault.pivoine.art]
│ ├─ Joplin Sync Server [joplin.pivoine.art]
│ ├─ Vert Converter [vert.pivoine.art]
│ ├─ Backrest Backups [restic.pivoine.art]
│ └─ WireGuard VPN [vpn.pivoine.art]
│
└─ 💾 STORAGE VOLUMES
├─ postgres_data → Critical mission data
├─ directus_uploads → Alien encounter evidence
├─ directus_bundle → Custom modules
├─ awesome_data → Discovery catalog
├─ scrapyd_data → Web scraping archives
├─ scrapy_code → Spider project code
├─ n8n_data → Workflow configurations
├─ filestash_data → File manager state
├─ linkwarden_data → Bookmark archives
├─ meili_data → Search index database
├─ vaultwarden_data → Encrypted password vault
├─ joplin_data → Note-taking server data
├─ backrest_data → Backup system state
├─ backrest_config → Backup configurations
└─ letsencrypt_data → Shield certificates
🎨 TECHNOLOGY STACK
⚠️ PROTOCOLS & SECURITY
🔐 ENCRYPTION STANDARD
├─ All transmissions encrypted via HTTPS
├─ Let's Encrypt quantum certificates
├─ TLS 1.2+ with strong cipher suites only
├─ HSTS enabled (1-year, preload ready)
└─ SNI strict mode enforced
🛡️ SECURITY HEADERS
├─ X-Frame-Options: SAMEORIGIN
├─ X-XSS-Protection enabled
├─ Content-Type-Options: nosniff
├─ Referrer-Policy configured
└─ Permissions-Policy restrictions
🔒 ACCESS CONTROL
├─ Admin credentials in .env vault
├─ Database authentication: scram-sha-256
├─ HTTP Basic Auth on sensitive endpoints
├─ Rate limiting available (100 req/s)
└─ VPN cloaking device enabled
💾 BACKUP PROTOCOL
├─ Automated daily backups (2-8 AM)
├─ 11 backup plans covering all volumes
├─ Retention: 7 daily, 4 weekly, 3-12 monthly
├─ Encrypted restic repositories
├─ Weekly maintenance (prune & integrity check)
├─ Web UI for monitoring & restore
└─ HiDrive remote storage
📊 MISSION STATUS
╔════════════════════════════════════════╗
║ SHIP'S VITAL SIGNS ║
╠════════════════════════════════════════╣
║ ✅ Core Systems → OPERATIONAL ║
║ ✅ Shield Generator → ONLINE ║
║ ✅ Database Vault → SECURED ║
║ ✅ Cache Drive → OPTIMIZED ║
║ ✅ Backup System → AUTOMATED ║
║ 🌟 Captain Status → ON ADVENTURE ║
╚════════════════════════════════════════╝
Next Backup: Tomorrow 2:00 AM (postgres-backup)
Backup Target: /mnt/hidrive/users/valknar/Backup
Repository Status: Initialized & Ready
👽 CAPTAIN'S NOTES
Currently out exploring the cosmos and making friends with alien species. You know how it is — one minute you're charting a nebula, the next you're at an intergalactic party.
If systems malfunction, check the logs. If things are really bad, I left a backup captain AI (it's called documentation).
Stay shiny, crew. Valknar out.
📡 TRANSMISSION CHANNELS
- 🌐 Flagship: pivoine.art
- 📧 Subspace Mail: valknar@pivoine.art
- 🚀 Mission Control: sexy.pivoine.art
- 📊 Analytics Bay: umami.pivoine.art
╔═══════════════════════════════════════════════════════════╗
║ ║
║ "In space, no one can hear you `docker compose up`" ║
║ ║
║ — Captain Valknar, The Falcon ║
║ ║
╚═══════════════════════════════════════════════════════════╝
THE FALCON • Fastest ship in the Docker registry • EST. 2025