RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Replace ASCII diagrams with mermaid in docs

Browse source 
Convert remaining ASCII art diagrams to mermaid syntax:
- monitoring.md: stack overview diagram
- networking.md: Tailscale mesh diagram + DNS request flow

architecture.md already used mermaid, no changes needed.

PESO-123
This commit is contained in:
Rasmus Wejlgaard 2026-04-03 09:47:33 +00:00
parent 8a4a95b596
commit 76dbf43076
2 changed files with 43 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
docs/monitoring.md
View file

@ -2,27 +2,15 @@
## Stack Overview ## Stack Overview
``` ```mermaid
┌─────────────────────────────────────────────────┐ graph TD
│ london-a │ subgraph "london-a (FreeBSD)"
│ (FreeBSD) │ Prometheus[":9090 Prometheus"] -->|query| Grafana[":3000 Grafana"]
│ │ end
│ ┌────────────┐ ┌──────────┐ │
│ │ Prometheus │────────►│ Grafana │ │ Prometheus -->|scrape over Tailscale| NE["node_exporter<br/>(all hosts) :9100"]
│ │ :9090 │ query │ :3000 │ │ Prometheus -->|scrape over Tailscale| SE["smartctl_exporter<br/>(london-b) :9633"]
│ └─────┬──────┘ └──────────┘ │ Prometheus -->|scrape over Tailscale| PE["plex_exporter<br/>(london-b)"]
│ │ scrape │
└────────┼────────────────────────────────────────┘
│ Tailscale
┌─────┼──────────────────────────────────┐
│ │ │
│ ▼ ▼ ▼ │
│ node_exporter smartctl plex │
│ (all hosts) exporter exporter │
│ (london-b) (london-b) │
└────────────────────────────────────────┘
``` ```
Both Prometheus and Grafana are accessible via: Both Prometheus and Grafana are accessible via:

67
docs/networking.md
View file

@ -25,20 +25,29 @@ All inter-server communication uses Tailscale IPs:
### Mesh Diagram ### Mesh Diagram
``` ```mermaid
helsinki-a ◄──────────────────────────► london-b graph TD
▲ ▲ ▲ ▲ HEL["helsinki-a"] <--> LB["london-b"]
│ │ │ │ HEL <--> LA["london-a"]
│ └──────────► london-a ◄──────────┘ │ HEL <--> NA["nuremberg-a"]
│ ▲ │ LB <--> LA
│ │ │ LB <--> CA["copenhagen-a"]
▼ │ ▼ LA <--> CA
nuremberg-a copenhagen-a ◄────► copenhagen-c CA <--> CC["copenhagen-c"]
NA <--> CA
HEL <--> CA
HEL <--> CC
LB <--> CC
NA <--> LB
NA <--> CC
NA <--> LA
LA <--> CC
Every node can reach every other node directly. style CC stroke-dasharray: 5 5
Connections shown are illustrative — the mesh is fully connected.
``` ```
> Every node can reach every other node directly. The mesh is fully connected.
## Physical Networking ## Physical Networking
### London ### London
@ -75,28 +84,20 @@ The domain is registered on Hover.com with nameservers pointed to Cloudflare.
### How a request reaches a service ### How a request reaches a service
``` ```mermaid
1. Browser requests radarr.pez.sh graph TD
Browser["1. Browser requests radarr.pez.sh"] --> CF
2. Cloudflare resolves DNS (proxied record → Cloudflare IP) CF["2. Cloudflare resolves DNS<br/>(proxied record)"] --> TLS
TLS["3. Cloudflare terminates TLS,<br/>forwards to helsinki-a"] --> Caddy
3. Cloudflare terminates external TLS, forwards to helsinki-a Caddy["4. Caddy receives request"] --> AuthCheck{"5. Requires auth?"}
4. Caddy on helsinki-a receives the request AuthCheck -->|YES| Authelia["forward_auth → Authelia<br/>(localhost:9091)"]
AuthCheck -->|NO| Proxy
5. Caddy checks: does this subdomain require auth?
Authelia -->|Authenticated| Proxy["6. Reverse-proxy to backend<br/>over Tailscale<br/>(e.g. london-b:7878)"]
├── YES: forward_auth to Authelia (localhost:9091) Authelia -->|Not authenticated| Redirect["Redirect to auth.pez.sh"]
│ │
│ ├── Authenticated → proceed to step 6 Proxy --> Response["7. Response flows back:<br/>backend → Caddy → Cloudflare → browser"]
│ └── Not authenticated → redirect to auth.pez.sh
└── NO: proceed to step 6
6. Caddy reverse-proxies to the backend over Tailscale
(e.g., london-b:7878 for Radarr)
7. Response flows back: backend → Caddy → Cloudflare → browser
``` ```
### Public Subdomains ### Public Subdomains