Captures the previously host-only /opt/services stack (3 forgejo + shared verdaccio
+ caddy) into version control, and splits npm to match the already-separated forges:
per-producer verdaccio-{ct,mc,quinn} with isolated storage, npm.<p> -> each (was
wrongly routed to the forgejo containers). ct owns @cocotte/@lilith; mc/quinn
read-proxy them from ct, publish own scopes locally. Includes configs + an apply +
package-migration runbook (host is shared multi-org — apply via ! / not auto-mode).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
27 lines
697 B
Caddyfile
27 lines
697 B
Caddyfile
{
|
|
email quinn@cocotte.tech
|
|
}
|
|
|
|
# Forge (git + web) + pypi stay on each producer's Forgejo.
|
|
forge.ct.uvlava.com, pypi.ct.uvlava.com {
|
|
reverse_proxy forgejo-ct:3000
|
|
}
|
|
forge.mc.uvlava.com, pypi.mc.uvlava.com {
|
|
reverse_proxy forgejo-mc:3000
|
|
}
|
|
forge.quinn.uvlava.com, pypi.quinn.uvlava.com {
|
|
reverse_proxy forgejo-quinn:3000
|
|
}
|
|
|
|
# npm (Verdaccio) — producer-separated, own container + storage each.
|
|
# TLS-terminated here so publish/install use https://npm.<p>.uvlava.com/
|
|
# (no more bearer tokens over the plaintext :4873 IP).
|
|
npm.ct.uvlava.com {
|
|
reverse_proxy verdaccio-ct:4873
|
|
}
|
|
npm.mc.uvlava.com {
|
|
reverse_proxy verdaccio-mc:4873
|
|
}
|
|
npm.quinn.uvlava.com {
|
|
reverse_proxy verdaccio-quinn:4873
|
|
}
|