LinumIQ/linumiq_net-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
02b4fe1fc0b63b13daab6ad5add292d1d64c9d62
linumiq_net-docker/dev
T
History
linumiq_net-user f313701e5e security updates
2026-05-31 10:18:50 +02:00
..
bandwidth-worker
security updates
2026-05-31 10:18:50 +02:00
frps
security updates
2026-05-31 10:18:50 +02:00
redis
security updates
2026-05-31 10:18:50 +02:00
stripe-stub
security updates
2026-05-31 10:18:50 +02:00
supabase
security updates
2026-05-31 10:18:50 +02:00
dev.sh
dev: add parallel dev environment under /docker/dev
2026-05-30 13:23:34 +02:00
README.md
dev: add parallel dev environment under /docker/dev
2026-05-30 13:23:34 +02:00
SERVER-ONLY.md
dev: document server-only pieces (authorizer + frps.toml)
2026-05-30 14:18:53 +02:00

README.md

Dev environment (/docker/dev)

A near-1:1 clone of the production remote-access stack, isolated on its own Docker network (dev_edge) and fronted by the same shared Caddy instance as production. Dev is manual-start (not started on boot) to save resources.

Hostnames

Purpose Production Dev
Dashboard app.linumiq.net app-dev.linumiq.net
Supabase API api.linumiq.net api-dev.linumiq.net
Tunnels *.linumiq.net *.dev.linumiq.net
Tunnel ingress linumiq.net:7000 linumiq.net:7001

Topology

  • All dev services run on the external dev_edge network with *-dev container names and their own internal supabase-dev_default network.
  • The shared Caddy is dual-homed on edge (prod) and dev_edge (dev) and routes the *-dev / *.dev hostnames to the dev upstreams.
  • On-demand TLS for every hostname is authorized by Caddy's single global ask endpoint (the prod check-subdomain edge function). It returns 200 for app-dev/api-dev, and for *.dev.linumiq.net it delegates to the dev authorizer (supabase-dev-edge-functions:9000), which checks the dev tunnels table. To reach it, the prod functions container is also attached to dev_edge.
  • Dev frps publishes 7001 (tunnel ingress); its dashboard/API (7500) and all Supabase/web ports stay internal.

Secrets & data (gitignored, never committed)

  • */.env, supabase/.env, redis/.env, stripe-stub/.env, bandwidth-worker/.env
  • frps/frps.toml (frps dashboard password)
  • .dev-secrets.env (generated record of all dev secrets)
  • supabase/volumes/ (edge functions, incl. dev check-subdomain)
  • web/ (its own git worktree on the dev branch of the web-app repo)
  • data dirs (redis/data, supabase/volumes/db/data, ...)

Dev secrets are independent of production and are generated fresh.

Start / stop

/docker/dev/dev.sh up      # build + start the whole dev stack
/docker/dev/dev.sh down    # stop the whole dev stack
/docker/dev/dev.sh ps      # status of dev containers

The dev database starts empty; apply migrations once after first up:

for m in /docker/dev/supabase/migrations/000*.sql; do
  docker exec -i supabase-dev-db psql -v ON_ERROR_STOP=1 -U postgres -d postgres < "$m"
done
Reference in New Issue View Git Blame Copy Permalink