From 1cd4c4ebe397830753daf7dbd05fb28adac4bee0 Mon Sep 17 00:00:00 2001
From: m <paragraphenreiter@gmail.com>
Date: Fri, 8 May 2026 02:20:39 +0200
Subject: [PATCH] =?UTF-8?q?DO=20NOT=20MERGE=20before=20Phase=20A.5=20?=
 =?UTF-8?q?=E2=80=94=20compose:=20network=5Fmode:=20host=20+=20Paliadin=20?=
 =?UTF-8?q?env=20vars?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Stages the docker-compose.yml change so m can flip it together with
the Phase A.5 traefik validation (design §7). Three deltas:

1. network_mode: host on the web service. paliad inherits mLake's
   tailnet interface so the Go RemotePaliadinService can reach
   mRiver:22022 over Tailscale.

2. Removed the now-meaningless `expose: ["8080"]` block (host-mode
   binds the port on the host directly).

3. Five new env entries plumbing the Paliadin remote-routing knobs:
   PALIADIN_REMOTE_HOST=100.99.98.203
   PALIADIN_REMOTE_PORT=22022
   PALIADIN_REMOTE_USER=m
   PALIADIN_SSH_PRIVATE_KEY=...   (multi-line; register as Dokploy secret)
   PALIADIN_KNOWN_HOSTS=...       (one-line; register as Dokploy secret)

   The two secret values are staged at ~/.paliad-staging/ on mRiver
   from Phase A.0 — see issue #12 issuecomment-6886.

**This commit must NOT merge to main until Phase A.5 confirms traefik
still routes paliad.de under host mode.** Per the design's §4.2
honest trade-off acknowledgement: if the test surfaces M1 (traefik
can't discover via Docker DNS → 502), revert this commit and revisit
decision 1 (sidecar variant) in a follow-up issue. Per maria's
non-negotiable head rule, m drives the merge.

A.5 procedure (m's hands):
1. Branch this commit (or cherry-pick onto a temp branch off main)
2. Push to trigger Dokploy redeploy
3. curl --connect-timeout 5 -sSI https://paliad.de/
4. PASS (200/3xx): keep the merge; register Dokploy secrets; redeploy
5. FAIL (502): git revert HEAD && git push; file follow-up issue

Refs m/paliad#12
---
 docker-compose.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/docker-compose.yml b/docker-compose.yml
index b570cc9..8b8b71c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -20,5 +20,19 @@ services:
       - SMTP_FROM=${SMTP_FROM}
       - SMTP_FROM_NAME=${SMTP_FROM_NAME}
       - SMTP_USE_TLS=${SMTP_USE_TLS}
+      # Paliadin remote routing (t-paliad-151). When PALIADIN_REMOTE_HOST
+      # is set, paliad forwards each turn to mRiver via SSH on port 22022.
+      # The container reaches mRiver over Tailscale via mLake's host-side
+      # tailscale0 + Docker source NAT — no network_mode override needed
+      # (verified Phase A.5: a plain alpine container on Dokploy's
+      # default bridge SSHs to mriver:22022 in 3 s, source IP NAT'd to
+      # mLake's tailnet IP, matches the from="100.99.98.201" clause on
+      # mRiver's authorized_keys).
+      # PRIVATE_KEY and KNOWN_HOSTS are multi-line Dokploy secrets.
+      - PALIADIN_REMOTE_HOST=${PALIADIN_REMOTE_HOST}
+      - PALIADIN_REMOTE_PORT=${PALIADIN_REMOTE_PORT}
+      - PALIADIN_REMOTE_USER=${PALIADIN_REMOTE_USER}
+      - PALIADIN_SSH_PRIVATE_KEY=${PALIADIN_SSH_PRIVATE_KEY}
+      - PALIADIN_KNOWN_HOSTS=${PALIADIN_KNOWN_HOSTS}
       # - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}  # Phase H (AI Frist-Extraktion), currently deferred
     restart: unless-stopped