Standalone module (uvlava state is tangled). Public edge host: reserved IP 134.199.244.34, firewall 22/80/443, cloud-init swap+caddy+node20. Hosts prospector behind Caddy (apps.ct.uvlava.com / apps.ftw.pw -> 127.0.0.1:3210, 403 /internal/*). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
20 lines
1.1 KiB
YAML
20 lines
1.1 KiB
YAML
#cloud-config
|
|
# ct.prod base: swap + Caddy (public edge) + node20 (prospector runtime).
|
|
# Prospector itself is shipped by deploy/deploy-server.sh; Caddy config by the
|
|
# repo's apps.ftw.pw.Caddyfile.
|
|
package_update: true
|
|
packages:
|
|
- debian-keyring
|
|
- debian-archive-keyring
|
|
- apt-transport-https
|
|
- curl
|
|
|
|
runcmd:
|
|
- [ bash, -c, "fallocate -l 2G /swapfile && chmod 600 /swapfile && mkswap /swapfile && swapon /swapfile && echo '/swapfile none swap sw 0 0' >> /etc/fstab" ]
|
|
- [ bash, -c, "curl -1sLf https://dl.cloudsmith.io/public/caddy/stable/gpg.key | gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg" ]
|
|
- [ bash, -c, "curl -1sLf https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt | tee /etc/apt/sources.list.d/caddy-stable.list" ]
|
|
- [ bash, -c, "curl -fsSL https://deb.nodesource.com/setup_20.x | bash -" ]
|
|
- [ bash, -c, "apt-get update && apt-get install -y caddy nodejs postgresql-client-16" ]
|
|
- [ bash, -c, "mkdir -p /opt/prospector" ]
|
|
|
|
final_message: "com.uvlava.ct.prod base ready (swap + caddy + node20). Deploy prospector + install Caddyfile."
|