uvlava/services/artifacts-stack/Caddyfile
Natalie c714025e22 infra(services): IaC the artifacts-host stack + producer-separate npm (verdaccio-ct/mc/quinn)
Captures the previously host-only /opt/services stack (3 forgejo + shared verdaccio
+ caddy) into version control, and splits npm to match the already-separated forges:
per-producer verdaccio-{ct,mc,quinn} with isolated storage, npm.<p> -> each (was
wrongly routed to the forgejo containers). ct owns @cocotte/@lilith; mc/quinn
read-proxy them from ct, publish own scopes locally. Includes configs + an apply +
package-migration runbook (host is shared multi-org — apply via ! / not auto-mode).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-07-01 08:02:22 -04:00

27 lines
697 B
Caddyfile

{
email quinn@cocotte.tech
}
# Forge (git + web) + pypi stay on each producer's Forgejo.
forge.ct.uvlava.com, pypi.ct.uvlava.com {
reverse_proxy forgejo-ct:3000
}
forge.mc.uvlava.com, pypi.mc.uvlava.com {
reverse_proxy forgejo-mc:3000
}
forge.quinn.uvlava.com, pypi.quinn.uvlava.com {
reverse_proxy forgejo-quinn:3000
}
# npm (Verdaccio) — producer-separated, own container + storage each.
# TLS-terminated here so publish/install use https://npm.<p>.uvlava.com/
# (no more bearer tokens over the plaintext :4873 IP).
npm.ct.uvlava.com {
reverse_proxy verdaccio-ct:4873
}
npm.mc.uvlava.com {
reverse_proxy verdaccio-mc:4873
}
npm.quinn.uvlava.com {
reverse_proxy verdaccio-quinn:4873
}