325 lines
11 KiB
XML
325 lines
11 KiB
XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
|
<svg
|
|
width="1600"
|
|
height="820"
|
|
viewBox="0 0 1600 820"
|
|
version="1.1"
|
|
id="svg36"
|
|
sodipodi:docname="archicratie-web-edition-edge-routing-verbatim.svg"
|
|
inkscape:version="1.3-alpha (95f74fb, 2023-03-31)"
|
|
inkscape:export-filename="out/archicratie-web-edition-edge-routing-verbatim.png"
|
|
inkscape:export-xdpi="96"
|
|
inkscape:export-ydpi="96"
|
|
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
|
|
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
|
|
xmlns="http://www.w3.org/2000/svg"
|
|
xmlns:svg="http://www.w3.org/2000/svg">
|
|
<sodipodi:namedview
|
|
id="namedview36"
|
|
pagecolor="#ffffff"
|
|
bordercolor="#000000"
|
|
borderopacity="0.25"
|
|
inkscape:showpageshadow="2"
|
|
inkscape:pageopacity="0.0"
|
|
inkscape:pagecheckerboard="0"
|
|
inkscape:deskcolor="#d1d1d1"
|
|
inkscape:zoom="0.82625"
|
|
inkscape:cx="665.65809"
|
|
inkscape:cy="354.00908"
|
|
inkscape:window-width="1472"
|
|
inkscape:window-height="1022"
|
|
inkscape:window-x="234"
|
|
inkscape:window-y="30"
|
|
inkscape:window-maximized="0"
|
|
inkscape:current-layer="svg36" />
|
|
<defs
|
|
id="defs1">
|
|
<marker
|
|
id="arrow"
|
|
viewBox="0 0 10 10"
|
|
refX="9.5"
|
|
refY="5"
|
|
markerWidth="8"
|
|
markerHeight="8"
|
|
orient="auto-start-reverse">
|
|
<path
|
|
d="M 0 0 L 10 5 L 0 10 z"
|
|
fill="#222"
|
|
id="path1" />
|
|
</marker>
|
|
<style
|
|
id="style1">
|
|
.title { font: 700 22px sans-serif; fill:#111; }
|
|
.small { font: 12px sans-serif; fill:#111; }
|
|
.h2 { font: 700 16px sans-serif; fill:#111; }
|
|
.txt { font: 13px sans-serif; fill:#111; }
|
|
.mono { font: 12px ui-monospace, SFMono-Regular, Menlo, monospace; fill:#111; }
|
|
.zone { fill:#f3f3f3; stroke:#111; stroke-width:2; }
|
|
.box { fill:#fafafa; stroke:#222; stroke-width:1.5; }
|
|
.note { fill:#fff; stroke:#666; stroke-width:1.2; }
|
|
.line { stroke:#222; stroke-width:2; fill:none; marker-end:url(#arrow); }
|
|
.dash { stroke:#222; stroke-width:2; fill:none; stroke-dasharray:7 6; marker-end:url(#arrow); }
|
|
</style>
|
|
</defs>
|
|
<text
|
|
x="40"
|
|
y="45"
|
|
class="title"
|
|
id="text1">Edge Traefik (verbatim) — routers Host(...) + middlewares + services</text>
|
|
<text
|
|
x="40"
|
|
y="75"
|
|
class="small"
|
|
id="text2">Source : /volume2/docker/edge/config/dynamic/10-core.yml + 20-archicratie-backend.yml + 21-archicratie-staging.yml + 30-lldap-ui.yml</text>
|
|
<rect
|
|
x="35"
|
|
y="110"
|
|
width="1530"
|
|
height="670"
|
|
rx="18"
|
|
class="zone"
|
|
id="rect2" />
|
|
<text
|
|
x="60"
|
|
y="145"
|
|
class="h2"
|
|
id="text3">Traefik : entryPoint web = :18080 — provider file (dynamic/) watch=true</text>
|
|
<!-- Middlewares -->
|
|
<rect
|
|
x="60"
|
|
y="185"
|
|
width="601.60364"
|
|
height="196.36914"
|
|
rx="12"
|
|
class="box"
|
|
id="rect3" />
|
|
<text
|
|
x="80"
|
|
y="215"
|
|
class="h2"
|
|
id="text4">Middlewares (10-core.yml)</text>
|
|
<text
|
|
x="80"
|
|
y="242"
|
|
class="txt"
|
|
id="text5">sanitize-remote : purge Remote-* + force X-Forwarded-Proto/Port</text>
|
|
<text
|
|
x="80"
|
|
y="264"
|
|
class="txt"
|
|
id="text6">authelia : forwardAuth → <tspan
|
|
class="mono"
|
|
id="tspan5">http://127.0.0.1:9091/api/authz/forward-auth</tspan></text>
|
|
<text
|
|
x="80"
|
|
y="286"
|
|
class="txt"
|
|
id="text7">chain-auth : [sanitize-remote, authelia]</text>
|
|
<!-- Routers -->
|
|
<rect
|
|
x="60"
|
|
y="415"
|
|
width="823.08624"
|
|
height="205.02269"
|
|
rx="12"
|
|
class="box"
|
|
id="rect7" />
|
|
<text
|
|
x="80"
|
|
y="445"
|
|
class="h2"
|
|
id="text8">Routers</text>
|
|
<text
|
|
x="80"
|
|
y="472"
|
|
class="mono"
|
|
id="text9">archicratie</text>
|
|
<text
|
|
x="200"
|
|
y="472"
|
|
class="txt"
|
|
id="text10">Host(archicratie.trans-hands.synology.me) + chain-auth → service archicratie_web</text>
|
|
<text
|
|
x="80"
|
|
y="498"
|
|
class="mono"
|
|
id="text11">archicratie-authinfo</text>
|
|
<text
|
|
x="290"
|
|
y="498"
|
|
class="txt"
|
|
id="text12">Host(archicratie…) PathPrefix(/_auth/whoami) + chain-auth → whoami</text>
|
|
<text
|
|
x="80"
|
|
y="524"
|
|
class="mono"
|
|
id="text13">gitea</text>
|
|
<text
|
|
x="200"
|
|
y="524"
|
|
class="txt"
|
|
id="text14">Host(gitea.archicratie.trans-hands.synology.me) + sanitize-remote → gitea_web</text>
|
|
<text
|
|
x="80"
|
|
y="550"
|
|
class="mono"
|
|
id="text15">archicratie-staging</text>
|
|
<text
|
|
x="290"
|
|
y="550"
|
|
class="txt"
|
|
id="text16">Host(staging.archicratie.trans-hands.synology.me) + chain-auth → archicratie_blue</text>
|
|
<text
|
|
x="80"
|
|
y="576"
|
|
class="mono"
|
|
id="text17">lldap-ui</text>
|
|
<text
|
|
x="200"
|
|
y="576"
|
|
class="txt"
|
|
id="text18">Host(lldap.archicratie.trans-hands.synology.me) + chain-auth → lldap_ui</text>
|
|
<rect
|
|
x="925.50684"
|
|
y="181.36914"
|
|
width="614.49316"
|
|
height="553.63086"
|
|
rx="12"
|
|
class="box"
|
|
id="rect18" />
|
|
<text
|
|
x="985"
|
|
y="215"
|
|
class="h2"
|
|
id="text19"
|
|
style="font-style:normal;font-variant:normal;font-weight:700;font-stretch:normal;font-size:16px;line-height:normal;font-family:sans-serif">Services (loadBalancer → url)</text>
|
|
<text
|
|
x="985"
|
|
y="250"
|
|
class="mono"
|
|
id="text20"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:ui-monospace, SFMono-Regular, Menlo, monospace">whoami</text>
|
|
<text
|
|
x="1120"
|
|
y="250"
|
|
class="txt"
|
|
id="text21"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13px;line-height:normal;font-family:sans-serif">→ <tspan
|
|
class="mono"
|
|
id="tspan20"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:ui-monospace, SFMono-Regular, Menlo, monospace">http://127.0.0.1:18081</tspan> (edge-whoami)</text>
|
|
<text
|
|
x="985"
|
|
y="285"
|
|
class="mono"
|
|
id="text22"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:ui-monospace, SFMono-Regular, Menlo, monospace">gitea_web</text>
|
|
<text
|
|
x="1120"
|
|
y="285"
|
|
class="txt"
|
|
id="text23"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13px;line-height:normal;font-family:sans-serif">→ <tspan
|
|
class="mono"
|
|
id="tspan22"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:ui-monospace, SFMono-Regular, Menlo, monospace">http://127.0.0.1:3000</tspan> (Gitea)</text>
|
|
<text
|
|
x="985"
|
|
y="320"
|
|
class="mono"
|
|
id="text24"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:ui-monospace, SFMono-Regular, Menlo, monospace">archicratie_web</text>
|
|
<text
|
|
x="1120"
|
|
y="320"
|
|
class="txt"
|
|
id="text25"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13px;line-height:normal;font-family:sans-serif">→ défini par <tspan
|
|
class="mono"
|
|
id="tspan24"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:ui-monospace, SFMono-Regular, Menlo, monospace">20-archicratie-backend.yml</tspan></text>
|
|
<text
|
|
x="1140"
|
|
y="345"
|
|
class="txt"
|
|
id="text26"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13px;line-height:normal;font-family:sans-serif">• actuel : <tspan
|
|
class="mono"
|
|
id="tspan25"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:ui-monospace, SFMono-Regular, Menlo, monospace">http://127.0.0.1:8082</tspan> (green)</text>
|
|
<text
|
|
x="985"
|
|
y="390"
|
|
class="mono"
|
|
id="text27"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:ui-monospace, SFMono-Regular, Menlo, monospace">archicratie_blue</text>
|
|
<text
|
|
x="1170"
|
|
y="390"
|
|
class="txt"
|
|
id="text28"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13px;line-height:normal;font-family:sans-serif">→ <tspan
|
|
class="mono"
|
|
id="tspan27"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:ui-monospace, SFMono-Regular, Menlo, monospace">http://127.0.0.1:8081</tspan> (staging)</text>
|
|
<text
|
|
x="985"
|
|
y="435"
|
|
class="mono"
|
|
id="text29"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:ui-monospace, SFMono-Regular, Menlo, monospace">lldap_ui</text>
|
|
<text
|
|
x="1120"
|
|
y="435"
|
|
class="txt"
|
|
id="text30"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13px;line-height:normal;font-family:sans-serif">→ <tspan
|
|
class="mono"
|
|
id="tspan29"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:ui-monospace, SFMono-Regular, Menlo, monospace">http://127.0.0.1:17170</tspan> (LLDAP UI)</text>
|
|
<rect
|
|
x="954.1377"
|
|
y="493.94855"
|
|
width="560.8623"
|
|
height="216.05144"
|
|
rx="12"
|
|
class="note"
|
|
id="rect30" />
|
|
<text
|
|
x="975"
|
|
y="530"
|
|
class="h2"
|
|
id="text31"
|
|
style="font-style:normal;font-variant:normal;font-weight:700;font-stretch:normal;font-size:16px;line-height:normal;font-family:sans-serif">Interprétation debug (safe)</text>
|
|
<text
|
|
x="975"
|
|
y="555"
|
|
class="txt"
|
|
id="text32"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13px;line-height:normal;font-family:sans-serif">• Si tu testes sans Host header sur :18080 → 404 (normal)</text>
|
|
<text
|
|
x="975"
|
|
y="577"
|
|
class="txt"
|
|
id="text33"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13px;line-height:normal;font-family:sans-serif">• Si archicratie → 302 auth.* : Authelia forward-auth OK</text>
|
|
<text
|
|
x="975"
|
|
y="599"
|
|
class="txt"
|
|
id="text34"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13px;line-height:normal;font-family:sans-serif">• Si /_auth/whoami → 302 auth.* : gate OK (non-auth)</text>
|
|
<text
|
|
x="975"
|
|
y="621"
|
|
class="txt"
|
|
id="text35"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13px;line-height:normal;font-family:sans-serif">• Pour basculer blue/green : modifier 20-archicratie-backend.yml (8081 ↔ 8082)</text>
|
|
<text
|
|
x="975"
|
|
y="643"
|
|
class="small"
|
|
id="text36"
|
|
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:sans-serif">But : une seule cible active (évite load-balance non déterministe).</text>
|
|
</svg>
|