mirror of https://github.com/complexcaresolutions/cms.c2sgmbh.git synced 2026-03-17 23:14:12 +00:00

Martin Porwoll 9f7a9ad558 docs: update infrastructure, project status, and frontend docs

Add Multi-Server Orchestration (Phase 1-8) to all docs:
- INFRASTRUCTURE.md: Hetzner 1/2 production servers, SSH infrastructure,
  payload-contracts, deployment workflows, port-forwarding
- PROJECT_STATUS.md: Orchestration changelog, production URLs, SSH commands
- FRONTEND.md: payload-contracts usage, CI/CD pipelines, staging/production
  deploy, work order system, ESLint config, updated tenant IDs

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-15 22:49:38 +00:00

17 KiB

Raw Blame History

Infrastruktur Dokumentation

Letzte Aktualisierung: 15. Februar 2026

Gesamtübersicht

┌─────────────────────────────────────────────────────────────────────────────────────┐
│                           INFRASTRUKTUR ÜBERSICHT                                  │
│                                                                                     │
│  INTERNET                                                                          │
│      │                                                                             │
│      │  Vodafone Business                                                          │
│      │  5 öffentliche IPs                                                          │
│      │                                                                             │
│      ▼                                                                             │
│  ┌─────────────────────────────────────────────────────────────────────────────┐   │
│  │  UBIQUITI DREAM MACHINE PRO SE                                              │   │
│  │                                                                              │   │
│  │  37.24.237.178  │ Internetzugang                                            │   │
│  │  37.24.237.179  │ cloud.complexcaresolutions.de → 10.10.179.100             │   │
│  │  37.24.237.180  │ zh3.de (Nginx PM) → 10.10.180.100                         │   │
│  │  37.24.237.181  │ porwoll.tech (Caddy) → 10.10.181.99                       │   │
│  │                 │ :2204 → sv-frontend (10.10.181.104:22) [GitHub Actions]    │   │
│  │  37.24.237.182  │ FREI (Reserve)                                            │   │
│  │                                                                              │   │
│  └──────────────────────────────────┬──────────────────────────────────────────┘   │
│                                                                                     │
│  CLOUDFLARE (Proxy)                                                                │
│  ├── zh3.de + Subdomains → 37.24.237.180                                          │
│  ├── porwoll.tech + *.porwoll.tech → 37.24.237.181                                │
│  └── porwoll.org (intern DNS only)                                                │
│                                                                                     │
│  HETZNER (Extern)                                                                  │
│  ├── 78.46.87.137   (Hetzner 1) — blogwoman.de, ccs.de, zweitmeinu.ng            │
│  ├── 94.130.141.114 (Hetzner 2) — porwoll.de, caroline-porwoll.*                  │
│  └── 162.55.85.18   (Hetzner 3) — CMS + Analytics (Payload Prod)                  │
│                                                                                     │
└─────────────────────────────────────────────────────────────────────────────────────┘

Server-Übersicht

Server	IP	Verwaltung	Zweck	Sites
sv-payload	10.10.181.100	LXC (Proxmox)	CMS Development	pl.porwoll.tech
sv-frontend	10.10.181.104	LXC (Proxmox)	Frontend Development	*-dev.porwoll.tech
Hetzner 1	78.46.87.137	Plesk	Frontend Production	blogwoman.de, ccs.de, zweitmeinu.ng
Hetzner 2	94.130.141.114	Plesk	Frontend Production	porwoll.de, caroline-porwoll.*
Hetzner 3	162.55.85.18	Manuell (SSH)	CMS + Analytics Prod	cms.c2sgmbh.de, analytics.c2sgmbh.de

Öffentliche IP-Adressen

IP	Verwendung	Ziel (intern)
37.24.237.178	Internetzugang (Default)	-
37.24.237.179	cloud.complexcaresolutions.de	10.10.179.100 (Nextcloud)
37.24.237.180	zh3.de (via Cloudflare)	10.10.180.100 (Nginx PM)
37.24.237.181	porwoll.tech (Cloudflare)	10.10.181.99 (Caddy)
37.24.237.181:2204	GitHub Actions SSH Deploy	10.10.181.104:22 (sv-frontend)
37.24.237.182	FREI (Reserve)	-

VLANs

VLAN	Name	Subnetz	Zweck
40	c2s-prd	10.10.40.0/24	Produktion
90	c2s-mgt	10.10.90.0/24	Management (Proxmox)
179	c2s-179	10.10.179.0/24	Cloud Services
180	c2s-180	10.10.180.0/24	Web Services (zh3.de)
181	c2s-181	10.10.181.0/24	Development (porwoll.tech)

VLAN 181 - Development (porwoll.tech)

ID	Hostname	IP	Service	Status
699	sv-caddy	10.10.181.99	Caddy Reverse Proxy	✅ Running
700	sv-payload	10.10.181.100	Payload CMS Dev	✅ Running
701	sv-postgres	10.10.181.101	PostgreSQL 17 + Redis Commander	✅ Running
702	sv-dev-payload	10.10.181.102	Payload Test	⏸️ Stopped
703	sv-analytics	10.10.181.103	Umami Analytics	✅ Running
704	sv-frontend	10.10.181.104	Frontend Dev (9 Projekte)	✅ Running

sv-frontend (LXC 704) - Frontend Development

SSH: ssh frontend@10.10.181.104

Software Stack

Node.js 22.x
pnpm
Next.js 16.2.0-canary.41
Claude Code 2.1.37
Codex CLI (aktuell)
Gemini CLI (aktuell)

Projekte & Ports

Port	Service	Repository	Staging URL	Production
3000	frontend-porwoll	frontend.porwoll.de	porwoll-dev.porwoll.tech	porwoll.de ✅
3001	frontend-blogwoman	frontend.blogwoman.de	blogwoman-dev.porwoll.tech	blogwoman.de ✅
3002	frontend-caroline-com	frontend.caroline-porwoll.com	caroline-com-dev.porwoll.tech	-
3003	frontend-caroline-de	frontend.caroline-porwoll.de	caroline-de-dev.porwoll.tech	-
3004	frontend-ccs	frontend.complexcaresolutions.de	ccs-dev.porwoll.tech	-
3005	frontend-gunshin	frontend.gunshin.de	gunshin-dev.porwoll.tech	-
3006	frontend-sensual	frontend.sensualmoment.de	sensual-dev.porwoll.tech	-
3007	frontend-zweitmeinu	frontend.zweitmeinu.ng	zweitmeinu-dev.porwoll.tech	-
3008	frontend-zytoskandal	frontend.zytoskandal.de	zytoskandal-dev.porwoll.tech	-

Service-Verwaltung

# Service starten
systemctl start frontend-porwoll

# Service stoppen
systemctl stop frontend-porwoll

# Alle Status
systemctl status frontend-*

sv-caddy (LXC 699) - Reverse Proxy

IP: 10.10.181.99
Software: Caddy 2.9.x + Cloudflare DNS Plugin
SSL: Wildcard *.porwoll.tech via Let's Encrypt DNS-Challenge
Config: /etc/caddy/Caddyfile

Routing

URL	Backend
pl.porwoll.tech	10.10.181.100:3000
redis.porwoll.tech	10.10.181.101:8081
umami.porwoll.tech	10.10.181.103:3000
*-dev.porwoll.tech	10.10.181.104:300x

SSH-Infrastruktur

Verbindungen von sv-payload

Ziel	Host-Alias	User	Key	Zweck
sv-frontend (10.10.181.104)	`sv-frontend`	frontend	`~/.ssh/frontend_deploy`	Entwicklung, Work Orders
Hetzner 1 (78.46.87.137)	`hetzner1`	root	`~/.ssh/plesk_deploy`	Production Troubleshooting
Hetzner 2 (94.130.141.114)	`hetzner2`	root	`~/.ssh/plesk_deploy`	Production Troubleshooting

SSH-Config (`/home/payload/.ssh/config`)

Host sv-frontend frontend
    HostName 10.10.181.104
    User frontend
    IdentityFile ~/.ssh/frontend_deploy
    IdentitiesOnly yes

Host hetzner1 plesk1
    HostName 78.46.87.137
    User root
    IdentityFile ~/.ssh/plesk_deploy
    IdentitiesOnly yes
    StrictHostKeyChecking accept-new

Host hetzner2 plesk2
    HostName 94.130.141.114
    User root
    IdentityFile ~/.ssh/plesk_deploy
    IdentitiesOnly yes
    StrictHostKeyChecking accept-new

Port-Forwarding (GitHub Actions → sv-frontend)

GitHub Actions kann sv-frontend nicht direkt erreichen (internes Netz). Lösung: UDM Pro SE Port-Forward.

GitHub Actions → 37.24.237.181:2204 → UDM Pro SE → 10.10.181.104:22 (sv-frontend)

Die SSH-Credentials sind als Repository-Secrets gespeichert (SSH_HOST, SSH_PORT, SSH_USER, SSH_PRIVATE_KEY).

GitHub Organisation: complexcaresolutions

Repository	Beschreibung	Visibility	Production
cms.c2sgmbh	Payload CMS Backend	Internal	cms.c2sgmbh.de
payload-contracts	Shared Types + API Client	Internal	—
frontend.porwoll.de	porwoll.de Frontend	Internal	porwoll.de ✅
frontend.blogwoman.de	blogwoman.de Frontend	Internal	blogwoman.de ✅
frontend.caroline-porwoll.com	caroline-porwoll.com Frontend	Internal	-
frontend.caroline-porwoll.de	caroline-porwoll.de Frontend	Internal	-
frontend.complexcaresolutions.de	CCS Website Frontend	Internal	-
frontend.gunshin.de	gunshin.de Frontend	Internal	-
frontend.sensualmoment.de	sensualmoment.de Frontend	Internal	-
frontend.zweitmeinu.ng	zweitmeinu.ng Frontend	Internal	-
frontend.zytoskandal.de	zytoskandal.de Frontend	Internal	-

payload-contracts

Shared TypeScript-Package (@c2s/payload-contracts) als Git-Dependency für alle Frontends.

CMS (payload-cms)                    Contracts (payload-contracts)        Frontends
━━━━━━━━━━━━━━━━                    ━━━━━━━━━━━━━━━━━━━━━━━━━━━         ━━━━━━━━━
payload-types.ts ──extract-types──→  src/types/payload-types.ts
                                     src/types/collections.ts    ←────  import { Page, Post }
                                     src/api-client/             ←────  import { createPayloadClient }
                                     src/blocks/registry.tsx     ←────  import { createBlockRenderer }

Hetzner 1 - Frontend Production (blogwoman.de)

IP: 78.46.87.137
Verwaltung: Plesk
SSH: ssh hetzner1 (von sv-payload)
Web-Server: nginx-only + Phusion Passenger 6.1.0
Node.js: 22.x

Sites

Domain	Status	Repository	Deploy
blogwoman.de	✅ Live	frontend.blogwoman.de	GitHub Webhook → Plesk Git Pull
complexcaresolutions.de	⏸️ Geplant	frontend.complexcaresolutions.de	-
zweitmeinu.ng	⏸️ Geplant	frontend.zweitmeinu.ng	-

Deployment

Methode: Plesk Git-Integration mit GitHub Webhook
Webhook: complexcaresolutions.de:8443 (SSL-Cert ist für diese Domain)
Branch: main (Push → Auto-Pull → Passenger Restart)
Document Root: /var/www/vhosts/blogwoman.de/httpdocs/

Konfiguration (nginx-only)

Plesk muss auf nginx-only (nicht nginx→Apache) konfiguriert sein, da Apache ErrorDocument-Directives Next.js 404-Handling stören und Redirect-Loops verursachen.

Hetzner 2 - Frontend Production (porwoll.de)

IP: 94.130.141.114
Verwaltung: Plesk
SSH: ssh hetzner2 (von sv-payload)
Web-Server: nginx-only + Phusion Passenger 6.1.0
Node.js: 22.x

Sites

Domain	Status	Repository	Deploy
porwoll.de	✅ Live	frontend.porwoll.de	GitHub Webhook → Plesk Git Pull
caroline-porwoll.com	⏸️ Geplant	frontend.caroline-porwoll.com	-
caroline-porwoll.de	⏸️ Geplant	frontend.caroline-porwoll.de	-

Deployment

Methode: Plesk Git-Integration mit GitHub Webhook
Branch: main (Push → Auto-Pull → Passenger Restart)
Document Root: /var/www/vhosts/porwoll.de/httpdocs/

Hetzner 3 - CMS + Analytics Production

IP: 162.55.85.18
Domain: cms.c2sgmbh.de
User: payload
SSH: ssh payload@162.55.85.18

Software

Payload CMS 3.76.1
Next.js 16.2.0-canary.41
React 19.2.3
PostgreSQL 17
Redis
Umami Analytics

Services

Service	User	Port	URL	Status
PostgreSQL 17	postgres	5432	localhost	✅ Läuft
Payload CMS	payload	3001	https://cms.c2sgmbh.de	✅ Läuft
Umami Analytics	umami	3000	https://analytics.c2sgmbh.de	✅ Läuft
Redis Cache	redis	6379	localhost (auth: REDIS_PASSWORD, policy: noeviction)	✅ Läuft
Nginx	root	80/443	Reverse Proxy	✅ Läuft

Deploy

~/deploy.sh

Deployment-Workflow

CMS (Payload)

sv-payload (develop) → GitHub CI → sv-payload (main) → Hetzner 3 (deploy.sh)

Frontends

sv-frontend (develop)                GitHub                   Plesk (Hetzner 1/2)
━━━━━━━━━━━━━━━━━━━━                ━━━━━━                   ━━━━━━━━━━━━━━━━━━━

1. Entwicklung                       CI: Lint + Build
   (Claude Code)         ──push──→   ✅ auf develop
                                         │
2. Staging-Test                          │
   (*-dev.porwoll.tech)                  │
                                         │
3. Merge develop → main  ──push──→   CI: Lint + Build
                                     ✅ auf main
                                         │
                                     Webhook ─────────→  4. Plesk Git Pull
                                                         5. pnpm install
                                                         6. pnpm build
                                                         7. Passenger Restart
                                                         8. Site live ✅

Staging-Deploy (GitHub Actions)

Push auf develop → GitHub Actions → SSH via Port-Forward → pnpm install && pnpm build auf sv-frontend.

Work-Order-Workflow (neue Blocks/Collections)

sv-payload                              sv-frontend
━━━━━━━━━━                              ━━━━━━━━━━━
1. CMS Block/Collection ändern
2. pnpm payload generate:types
3. cd ~/payload-contracts && pnpm extract
4. ./scripts/create-work-order.sh "Titel"
5. git commit && git push
                                         6. git pull (payload-contracts)
                                         7. Claude Code mit Work Order starten
                                         8. Block implementieren
                                         9. pnpm build (Verify)
                                        10. git commit && git push
11. Ergebnis verifizieren
12. Work Order → completed/ verschieben

URLs Übersicht

Development (porwoll.tech)

Service	URL
Portal	https://porwoll.tech
Payload CMS	https://pl.porwoll.tech
Redis Commander	https://redis.porwoll.tech
Umami Analytics	https://umami.porwoll.tech
Frontend porwoll.de	https://porwoll-dev.porwoll.tech
(8 weitere)	https://*-dev.porwoll.tech

Production (Hetzner)

Service	URL	Server
Payload Admin	https://cms.c2sgmbh.de/admin	Hetzner 3
Payload API	https://cms.c2sgmbh.de/api	Hetzner 3
Umami Analytics	https://analytics.c2sgmbh.de	Hetzner 3
blogwoman.de	https://blogwoman.de	Hetzner 1
porwoll.de	https://porwoll.de	Hetzner 2

Quick Reference

# --- Development ---
ssh frontend@10.10.181.104          # sv-frontend
ssh root@10.10.181.99               # sv-caddy
systemctl reload caddy              # Caddy Caddyfile neu laden

# --- CMS Production ---
ssh payload@162.55.85.18            # Hetzner 3
pm2 logs payload                    # CMS Logs

# --- Frontend Production ---
ssh hetzner1                        # Hetzner 1 (blogwoman.de)
ssh hetzner2                        # Hetzner 2 (porwoll.de)

# Git-Status auf Production prüfen
ssh hetzner1 "cd /var/www/vhosts/blogwoman.de/httpdocs && git log --oneline -3"
ssh hetzner2 "cd /var/www/vhosts/porwoll.de/httpdocs && git log --oneline -3"

# Passenger-Status
ssh hetzner1 "passenger-status"
ssh hetzner2 "passenger-status"

# --- Work Orders ---
cd ~/payload-contracts
./scripts/create-work-order.sh "Titel" --extract
./scripts/execute-work-order.sh work-orders/YYYY-MM-DD-slug.md

Dokumentation: Martin Porwoll | Complex Care Solutions GmbH | 15.02.2026

17 KiB Raw Blame History

Infrastruktur Dokumentation

Gesamtübersicht

Server-Übersicht

Öffentliche IP-Adressen

VLANs

VLAN 181 - Development (porwoll.tech)

sv-frontend (LXC 704) - Frontend Development

Software Stack

Projekte & Ports

Service-Verwaltung

sv-caddy (LXC 699) - Reverse Proxy

Routing

SSH-Infrastruktur

Verbindungen von sv-payload

SSH-Config (/home/payload/.ssh/config)

Port-Forwarding (GitHub Actions → sv-frontend)

GitHub Organisation: complexcaresolutions

payload-contracts

Hetzner 1 - Frontend Production (blogwoman.de)

Sites

Deployment

Konfiguration (nginx-only)

Hetzner 2 - Frontend Production (porwoll.de)

Sites

Deployment

Hetzner 3 - CMS + Analytics Production

Software

Services

Deploy

Deployment-Workflow

CMS (Payload)

Frontends

Staging-Deploy (GitHub Actions)

Work-Order-Workflow (neue Blocks/Collections)

URLs Übersicht

Development (porwoll.tech)

Production (Hetzner)

Quick Reference

17 KiB

Raw Blame History

SSH-Config (`/home/payload/.ssh/config`)