m/paliad
1
0
Fork 0
Code Issues 146 Pull Requests 8 Actions 1 Packages Projects Releases Wiki Activity

Revert "Merge: t-paliad-151 Phase A.5 — compose network_mode: host + Paliadin env-var plumbing. Lifts the DO-NOT-MERGE-before-A.5 gate from da971a7. Dokploy secrets PALIADIN_SSH_PRIVATE_KEY + PALIADIN_KNOWN_HOSTS already registered on mlake (validated SSH key roundtrip via ssh-keygen -y); single-line vars PALIADIN_REMOTE_HOST=100.99.98.203 / PORT=22022 / USER=m also staged. Next deploy is the M1-vs-M2 traefik gate (design §4.2): if paliad.de returns 200/3xx after redeploy, traefik routes under host mode (M2) and the route ships; if 502, revert this merge and revisit decision 1."

Browse Source 
This reverts commit a80652a085, reversing
changes made to f820aa8316.
This commit is contained in:
m
2026-05-08 02:39:36 +02:00
parent a80652a085
commit 82faa3d8bd
1 changed files with 2 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
docker-compose.yml
View File

@@ -1,14 +1,8 @@
services: services:
web: web:
build: . build: .
# network_mode: host so paliad inherits mLake's tailscale0 interface expose:
# and can reach mRiver (100.99.98.203) for the Paliadin remote route - "8080"
# (t-paliad-151). With host mode, `expose` is meaningless — paliad
# listens on host port 8080 directly. traefik routing under host mode
# is gated by Phase A.5 (see docs/design-paliadin-tailscale-ssh-2026
# -05-07.md §4.2 + §7); if that test fails, revert this commit and
# revisit decision 1.
network_mode: host
environment: environment:
- PORT=8080 - PORT=8080
- SUPABASE_URL=${SUPABASE_URL} - SUPABASE_URL=${SUPABASE_URL}
@@ -26,16 +20,5 @@ services:
- SMTP_FROM=${SMTP_FROM} - SMTP_FROM=${SMTP_FROM}
- SMTP_FROM_NAME=${SMTP_FROM_NAME} - SMTP_FROM_NAME=${SMTP_FROM_NAME}
- SMTP_USE_TLS=${SMTP_USE_TLS} - SMTP_USE_TLS=${SMTP_USE_TLS}
# Paliadin remote routing (t-paliad-151). When PALIADIN_REMOTE_HOST
# is set, paliad forwards each turn to mRiver via SSH on port 22022
# (Tailscale-SSH bypass, see design §4.5). Without these vars,
# paliad falls back to local tmux (or DisabledPaliadinService).
# The PRIVATE_KEY and KNOWN_HOSTS values are multi-line — register
# them in Dokploy as secret env vars, not in plain compose text.
- PALIADIN_REMOTE_HOST=${PALIADIN_REMOTE_HOST}
- PALIADIN_REMOTE_PORT=${PALIADIN_REMOTE_PORT}
- PALIADIN_REMOTE_USER=${PALIADIN_REMOTE_USER}
- PALIADIN_SSH_PRIVATE_KEY=${PALIADIN_SSH_PRIVATE_KEY}
- PALIADIN_KNOWN_HOSTS=${PALIADIN_KNOWN_HOSTS}
# - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY} # Phase H (AI Frist-Extraktion), currently deferred # - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY} # Phase H (AI Frist-Extraktion), currently deferred
restart: unless-stopped restart: unless-stopped