From b8182e86edef963b64366a553e6f0f1cdba6466e Mon Sep 17 00:00:00 2001
From: jester <admin@zerolaghub.com>
Date: Sun, 15 Mar 2026 18:33:05 +0000
Subject: [PATCH] Update code-server port to 6000, add Traefik/Cloudflare
 routing section

---
 DEV_CONTAINER_SPEC.md | 42 ++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 40 insertions(+), 2 deletions(-)

diff --git a/DEV_CONTAINER_SPEC.md b/DEV_CONTAINER_SPEC.md
index 441ec9e..8e92bde 100644
--- a/DEV_CONTAINER_SPEC.md
+++ b/DEV_CONTAINER_SPEC.md
@@ -257,9 +257,11 @@ Installed to:
 Launched as:
 
 ```bash
-code-server --bind-addr 0.0.0.0:8080 /home/dev/workspace
+code-server --bind-addr 0.0.0.0:6000 /home/dev/workspace
 ```
 
+Port: `6000`
+
 **Current blocker:** artifact currently contains source repository, not a compiled release. Artifact server must provide a runnable release archive with the following layout:
 
 ```
@@ -271,6 +273,42 @@ code-server/
 
 ---
 
+## Code Server Routing
+
+Code-server is exposed via Traefik + Cloudflare. No SRV records needed — this is standard HTTPS routed by hostname.
+
+```
+browser
+  ↓
+Cloudflare (*.dev.zerolaghub.com wildcard)
+  ↓
+Traefik (zlh-zpack-proxy, routes by hostname)
+  ↓
+container_ip:6000
+```
+
+Technitium A record: `dev-<vmid>.dev.zerolaghub.com` → Traefik proxy IP
+
+Traefik dynamic file config example:
+
+```yaml
+http:
+  routers:
+    dev-6049-codeserver:
+      rule: "Host(`dev-6049.dev.zerolaghub.com`)"
+      service: dev-6049-codeserver
+      tls: {}
+  services:
+    dev-6049-codeserver:
+      loadBalancer:
+        servers:
+          - url: "http://<container_ip>:6000"
+```
+
+The API writes this dynamic config file when a dev container with code-server is provisioned and removes it on deletion. No Traefik restart required.
+
+---
+
 ## Security Model
 
 Dev containers are isolated LXC containers.
@@ -307,4 +345,4 @@ Security controls:
 
 ## Summary
 
-Developer containers in ZeroLagHub provide isolated development environments with multiple runtime support, artifact-driven installs, optional browser IDE, and consistent reproducible provisioning.
+Developer containers in ZeroLagHub provide isolated development environments with multiple runtime support, artifact-driven installs, optional browser IDE on port 6000, and consistent reproducible provisioning.