diff --git a/DEV_CONTAINER_SPEC.md b/DEV_CONTAINER_SPEC.md index 441ec9e..8e92bde 100644 --- a/DEV_CONTAINER_SPEC.md +++ b/DEV_CONTAINER_SPEC.md @@ -257,9 +257,11 @@ Installed to: Launched as: ```bash -code-server --bind-addr 0.0.0.0:8080 /home/dev/workspace +code-server --bind-addr 0.0.0.0:6000 /home/dev/workspace ``` +Port: `6000` + **Current blocker:** artifact currently contains source repository, not a compiled release. Artifact server must provide a runnable release archive with the following layout: ``` @@ -271,6 +273,42 @@ code-server/ --- +## Code Server Routing + +Code-server is exposed via Traefik + Cloudflare. No SRV records needed — this is standard HTTPS routed by hostname. + +``` +browser + ↓ +Cloudflare (*.dev.zerolaghub.com wildcard) + ↓ +Traefik (zlh-zpack-proxy, routes by hostname) + ↓ +container_ip:6000 +``` + +Technitium A record: `dev-.dev.zerolaghub.com` → Traefik proxy IP + +Traefik dynamic file config example: + +```yaml +http: + routers: + dev-6049-codeserver: + rule: "Host(`dev-6049.dev.zerolaghub.com`)" + service: dev-6049-codeserver + tls: {} + services: + dev-6049-codeserver: + loadBalancer: + servers: + - url: "http://:6000" +``` + +The API writes this dynamic config file when a dev container with code-server is provisioned and removes it on deletion. No Traefik restart required. + +--- + ## Security Model Dev containers are isolated LXC containers. @@ -307,4 +345,4 @@ Security controls: ## Summary -Developer containers in ZeroLagHub provide isolated development environments with multiple runtime support, artifact-driven installs, optional browser IDE, and consistent reproducible provisioning. +Developer containers in ZeroLagHub provide isolated development environments with multiple runtime support, artifact-driven installs, optional browser IDE on port 6000, and consistent reproducible provisioning.