RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Replace ASCII diagrams with mermaid in docs

Browse source 
Convert remaining ASCII art diagrams to mermaid syntax:
- monitoring.md: stack overview diagram
- networking.md: Tailscale mesh diagram + DNS request flow

architecture.md already used mermaid, no changes needed.

PESO-123
This commit is contained in:
Rasmus Wejlgaard 2026-04-03 09:47:33 +00:00
parent 8a4a95b596
commit 76dbf43076
2 changed files with 43 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
docs/monitoring.md
View file

@ -2,27 +2,15 @@
## Stack Overview
```
┌─────────────────────────────────────────────────┐
│ london-a │
│ (FreeBSD) │
│ │
│ ┌────────────┐ ┌──────────┐ │
│ │ Prometheus │────────►│ Grafana │ │
│ │ :9090 │ query │ :3000 │ │
│ └─────┬──────┘ └──────────┘ │
│ │ scrape │
└────────┼────────────────────────────────────────┘
│ Tailscale
┌─────┼──────────────────────────────────┐
│ │ │
│ ▼ ▼ ▼ │
│ node_exporter smartctl plex │
│ (all hosts) exporter exporter │
│ (london-b) (london-b) │
└────────────────────────────────────────┘
```mermaid
graph TD
subgraph "london-a (FreeBSD)"
Prometheus[":9090 Prometheus"] -->|query| Grafana[":3000 Grafana"]
end
Prometheus -->|scrape over Tailscale| NE["node_exporter<br/>(all hosts) :9100"]
Prometheus -->|scrape over Tailscale| SE["smartctl_exporter<br/>(london-b) :9633"]
Prometheus -->|scrape over Tailscale| PE["plex_exporter<br/>(london-b)"]
```
Both Prometheus and Grafana are accessible via:

67
docs/networking.md
View file

@ -25,20 +25,29 @@ All inter-server communication uses Tailscale IPs:
### Mesh Diagram
```
helsinki-a ◄──────────────────────────► london-b
▲ ▲ ▲ ▲
│ │ │ │
│ └──────────► london-a ◄──────────┘ │
│ ▲ │
│ │ │
▼ │ ▼
nuremberg-a copenhagen-a ◄────► copenhagen-c
```mermaid
graph TD
HEL["helsinki-a"] <--> LB["london-b"]
HEL <--> LA["london-a"]
HEL <--> NA["nuremberg-a"]
LB <--> LA
LB <--> CA["copenhagen-a"]
LA <--> CA
CA <--> CC["copenhagen-c"]
NA <--> CA
HEL <--> CA
HEL <--> CC
LB <--> CC
NA <--> LB
NA <--> CC
NA <--> LA
LA <--> CC
Every node can reach every other node directly.
Connections shown are illustrative — the mesh is fully connected.
style CC stroke-dasharray: 5 5
```
> Every node can reach every other node directly. The mesh is fully connected.
## Physical Networking
### London
@ -75,28 +84,20 @@ The domain is registered on Hover.com with nameservers pointed to Cloudflare.
### How a request reaches a service
```
1. Browser requests radarr.pez.sh
2. Cloudflare resolves DNS (proxied record → Cloudflare IP)
3. Cloudflare terminates external TLS, forwards to helsinki-a
4. Caddy on helsinki-a receives the request
5. Caddy checks: does this subdomain require auth?
├── YES: forward_auth to Authelia (localhost:9091)
│ │
│ ├── Authenticated → proceed to step 6
│ └── Not authenticated → redirect to auth.pez.sh
└── NO: proceed to step 6
6. Caddy reverse-proxies to the backend over Tailscale
(e.g., london-b:7878 for Radarr)
7. Response flows back: backend → Caddy → Cloudflare → browser
```mermaid
graph TD
Browser["1. Browser requests radarr.pez.sh"] --> CF
CF["2. Cloudflare resolves DNS<br/>(proxied record)"] --> TLS
TLS["3. Cloudflare terminates TLS,<br/>forwards to helsinki-a"] --> Caddy
Caddy["4. Caddy receives request"] --> AuthCheck{"5. Requires auth?"}
AuthCheck -->|YES| Authelia["forward_auth → Authelia<br/>(localhost:9091)"]
AuthCheck -->|NO| Proxy
Authelia -->|Authenticated| Proxy["6. Reverse-proxy to backend<br/>over Tailscale<br/>(e.g. london-b:7878)"]
Authelia -->|Not authenticated| Redirect["Redirect to auth.pez.sh"]
Proxy --> Response["7. Response flows back:<br/>backend → Caddy → Cloudflare → browser"]
```
### Public Subdomains