jester/zlh-grind
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

Update DEV_CONTAINER_SPEC — code-server operational, routing model, agent status fields, actual process shape

Browse Source
This commit is contained in:
jester 2026-03-15 22:02:04 +00:00
parent eaf8294f5c
commit 7455d966a1
1 changed files with 56 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
DEV_CONTAINER_SPEC.md
View File

@ -27,6 +27,7 @@ Provisioning flow:
5. Agent installs runtime from artifact server 5. Agent installs runtime from artifact server
6. Agent optionally installs addons 6. Agent optionally installs addons
7. Agent marks container ready 7. Agent marks container ready
8. API applies dev routing if code-server is enabled
High-level architecture: High-level architecture:
@ -40,6 +41,14 @@ zlh-agent
Artifact Server Artifact Server
``` ```
If `enable_code_server=true`, the API additionally performs:
- Cloudflare DNS record creation
- Technitium DNS record creation
- Traefik dynamic config write on `zlh-zpack-proxy`
This routing path is additive and does not modify the game publish flow.
--- ---
## Dev Provisioning Payload ## Dev Provisioning Payload
@ -254,58 +263,67 @@ Installed to:
/opt/zlh/services/code-server /opt/zlh/services/code-server
``` ```
Launched as: Launch behavior:
- process runs inside the container
- binds to `0.0.0.0:6000`
- workspace root is `/home/dev/workspace`
- current auth mode observed in runtime is password-based
Observed process shape:
```bash ```bash
code-server --bind-addr 0.0.0.0:6000 /home/dev/workspace /opt/zlh/services/code-server/lib/node /opt/zlh/services/code-server \
``` --bind-addr 0.0.0.0:6000 \
--auth password \
Port: `6000` /home/dev/workspace
**Current blocker:** artifact currently contains source repository, not a compiled release. Artifact server must provide a runnable release archive with the following layout:
```
code-server/
bin/code-server
lib/
node_modules/
``` ```
--- ---
## Code Server Routing ## Dev Routing
Code-server is exposed via Traefik + Cloudflare. No SRV records needed — this is standard HTTPS routed by hostname. When code-server is enabled, the API creates a dev-only routing path.
Current implementation:
- creates Technitium A record for `dev-<vmid>.<domain>`
- creates Cloudflare A record for `dev-<vmid>.<domain>`
- writes Traefik dynamic config on the proxy VM via SSH service account `zlh`
- dynamic file path: `/etc/traefik/dynamic/dev-<vmid>.yml`
Current backend target model:
``` ```
browser Host(`dev-<vmid>.<domain>`)
→ Traefik (websecure)
Cloudflare (*.dev.zerolaghub.com wildcard) → http://<container-ip>:6000
Traefik (zlh-zpack-proxy, routes by hostname)
container_ip:6000
``` ```
Technitium A record: `dev-<vmid>.dev.zerolaghub.com` → Traefik proxy IP Status: routing generation is implemented, but external browser access remains under active validation.
Traefik dynamic file config example: ---
```yaml ## Agent Status Model
http:
routers:
dev-6049-codeserver:
rule: "Host(`dev-6049.dev.zerolaghub.com`)"
service: dev-6049-codeserver
tls: {}
services:
dev-6049-codeserver:
loadBalancer:
servers:
- url: "http://<container_ip>:6000"
```
The API writes this dynamic config file when a dev container with code-server is provisioned and removes it on deletion. No Traefik restart required. Status delivery model is unchanged:
- API polls agent `/status`
- agent does not push state to API
Status content now includes dev/container fields:
- `workspaceRoot`
- `serverRoot`
- `runtimeInstallPath`
- `runtimeInstalled`
- `devProvisioned`
- `devReadyAt`
- `codeServerInstalled`
- `codeServerRunning`
- `lastCrashClassification`
The API now exposes this polled state back to the frontend through a server status endpoint so console and host-state UI can update correctly.
--- ---