documentation/infrastruktur/INFRASTRUCTURE.md

# Infrastruktur-Dokumentation

*Dokumentation: Martin Porwoll | Complex Care Solutions GmbH | 29.12.2025*

---

## Gesamtübersicht

```
┌─────────────────────────────────────────────────────────────────────────────────────┐
│                              GESAMTARCHITEKTUR                                      │
│                                                                                     │
│  LOKAL (Proxmox VLAN 181)                                                          │
│  ├── sv-caddy     (10.10.181.99)  - Caddy Reverse Proxy                           │
│  ├── sv-payload   (10.10.181.100) - Payload CMS Dev                               │
│  ├── sv-postgres  (10.10.181.101) - PostgreSQL 17 + Redis Commander               │
│  ├── sv-analytics (10.10.181.103) - Umami Analytics                               │
│  └── sv-frontend  (10.10.181.104) - 9 Frontend-Projekte                           │
│                                                                                     │
│  HETZNER (Extern)                                                                  │
│  ├── 78.46.87.137   (Hetzner 1 - zweitmeinu.ng)                                   │
│  ├── 94.130.141.114 (Hetzner 2 - Porwoll)                                         │
│  └── 162.55.85.18   (Hetzner 3 - Payload Prod)                                    │
│                                                                                     │
└─────────────────────────────────────────────────────────────────────────────────────┘
```

---

## Öffentliche IP-Adressen

| IP | Verwendung | Ziel (intern) |
|----|------------|---------------|
| 37.24.237.178 | Internetzugang (Default) | - |
| 37.24.237.179 | cloud.complexcaresolutions.de | 10.10.179.100 (Nextcloud) |
| 37.24.237.180 | zh3.de (via Cloudflare) | 10.10.180.100 (Nginx PM) |
| 37.24.237.181 | porwoll.tech (Cloudflare) | 10.10.181.99 (Caddy) |
| 37.24.237.182 | FREI (Reserve) | - |

---

## VLANs

| VLAN | Name | Subnetz | Zweck |
|------|------|---------|-------|
| 40 | c2s-prd | 10.10.40.0/24 | Produktion |
| 90 | c2s-mgt | 10.10.90.0/24 | Management (Proxmox) |
| 179 | c2s-179 | 10.10.179.0/24 | Cloud Services |
| 180 | c2s-180 | 10.10.180.0/24 | Web Services (zh3.de) |
| 181 | c2s-181 | 10.10.181.0/24 | Development (porwoll.tech) |

---

## VLAN 181 - Development (porwoll.tech)

| ID | Hostname | IP | Service | Status |
|----|----------|-----|---------|--------|
| 699 | sv-caddy | 10.10.181.99 | Caddy Reverse Proxy | ✅ Running |
| 700 | sv-payload | 10.10.181.100 | Payload CMS Dev | ✅ Running |
| 701 | sv-postgres | 10.10.181.101 | PostgreSQL 17 + Redis Commander | ✅ Running |
| 702 | sv-dev-payload | 10.10.181.102 | Payload Test | ⏸️ Stopped |
| 703 | sv-analytics | 10.10.181.103 | Umami Analytics | ✅ Running |
| 704 | sv-frontend | 10.10.181.104 | Frontend Dev (9 Projekte) | ✅ Running |

---

## sv-frontend (LXC 704) - Frontend Development

**SSH:** `ssh frontend@10.10.181.104`

### Software Stack
- Node.js 22.x
- pnpm
- Next.js 15.5.9
- Claude Code (aktuell)
- Codex CLI (aktuell)
- Gemini CLI (aktuell)

### Projekte & Ports

| Port | Service | Repository | URL |
|------|---------|------------|-----|
| 3000 | frontend-porwoll | frontend.porwoll.de | porwoll-dev.porwoll.tech |
| 3001 | frontend-blogwoman | frontend.blogwoman.de | blogwoman-dev.porwoll.tech |
| 3002 | frontend-caroline-com | frontend.caroline-porwoll.com | caroline-com-dev.porwoll.tech |
| 3003 | frontend-caroline-de | frontend.caroline-porwoll.de | caroline-de-dev.porwoll.tech |
| 3004 | frontend-ccs | frontend.complexcaresolutions.de | ccs-dev.porwoll.tech |
| 3005 | frontend-gunshin | frontend.gunshin.de | gunshin-dev.porwoll.tech |
| 3006 | frontend-sensual | frontend.sensualmoment.de | sensual-dev.porwoll.tech |
| 3007 | frontend-zweitmeinu | frontend.zweitmeinu.ng | zweitmeinu-dev.porwoll.tech |
| 3008 | frontend-zytoskandal | frontend.zytoskandal.de | zytoskandal-dev.porwoll.tech |

### Service-Verwaltung

```bash
# Service starten
systemctl start frontend-porwoll

# Service stoppen
systemctl stop frontend-porwoll

# Alle Status
systemctl status frontend-*
```

---

## sv-caddy (LXC 699) - Reverse Proxy

- **IP:** 10.10.181.99
- **Software:** Caddy 2.9.x + Cloudflare DNS Plugin
- **SSL:** Wildcard *.porwoll.tech via Let's Encrypt DNS-Challenge
- **Config:** `/etc/caddy/Caddyfile`

### Routing

| URL | Backend |
|-----|--------|
| pl.porwoll.tech | 10.10.181.100:3000 |
| redis.porwoll.tech | 10.10.181.101:8081 |
| umami.porwoll.tech | 10.10.181.103:3000 |
| *-dev.porwoll.tech | 10.10.181.104:300x |

---

## GitHub Organisation: complexcaresolutions

| Repository | Beschreibung | Visibility |
|------------|--------------|------------|
| cms.c2sgmbh | Payload CMS Backend | Internal |
| frontend.porwoll.de | porwoll.de Frontend | Internal |
| frontend.blogwoman.de | blogwoman.de Frontend | Internal |
| frontend.caroline-porwoll.com | caroline-porwoll.com Frontend | Internal |
| frontend.caroline-porwoll.de | caroline-porwoll.de Frontend | Internal |
| frontend.complexcaresolutions.de | CCS Website Frontend | Internal |
| frontend.gunshin.de | gunshin.de Frontend | Internal |
| frontend.sensualmoment.de | sensualmoment.de Frontend | Internal |
| frontend.zweitmeinu.ng | zweitmeinu.ng Frontend | Internal |
| frontend.zytoskandal.de | zytoskandal.de Frontend | Internal |
| payload-contracts | Shared TypeScript Types & API Client | Internal |
| documentation | Zentrale Dokumentation | Internal |

---

## Hetzner 3 - Payload Production

- **IP:** 162.55.85.18
- **Domain:** cms.c2sgmbh.de
- **User:** payload
- **SSH:** `ssh payload@162.55.85.18`

### Software
- Payload CMS 3.69.0
- Next.js 15.5.9
- React 19.2.3
- PostgreSQL 17
- Redis
- Umami Analytics

### Services

| Service | User | Port | URL | Status |
|---------|------|------|-----|--------|
| PostgreSQL 17 | postgres | 5432 | localhost | ✅ Läuft |
| Payload CMS | payload | 3001 | https://cms.c2sgmbh.de | ✅ Läuft |
| Umami Analytics | umami | 3000 | https://analytics.c2sgmbh.de | ✅ Läuft |
| Redis Cache | redis | 6379 | localhost | ✅ Läuft |
| Nginx | root | 80/443 | Reverse Proxy | ✅ Läuft |

### Deploy
```bash
~/deploy.sh
```

---

## Development Workflow

```
DEVELOPMENT          STAGING              PRODUCTION
sv-frontend    →     sv-payload     →     Hetzner 03
porwoll.tech         pl.porwoll.tech      cms.c2sgmbh.de
                     develop branch       main branch
```

**AI Tools:** Claude Code, Codex CLI, Gemini CLI, VS Code Remote-SSH

---

## URLs Übersicht

### Development (porwoll.tech)

| Service | URL |
|---------|-----|
| Portal | https://porwoll.tech |
| Payload CMS | https://pl.porwoll.tech |
| Redis Commander | https://redis.porwoll.tech |
| Umami Analytics | https://umami.porwoll.tech |
| Frontend porwoll.de | https://porwoll-dev.porwoll.tech |
| (8 weitere) | https://*-dev.porwoll.tech |

### Production (Hetzner)

| Service | URL |
|---------|-----|
| Payload Admin | https://cms.c2sgmbh.de/admin |
| Payload API | https://cms.c2sgmbh.de/api |
| Umami Analytics | https://analytics.c2sgmbh.de |

---

## Quick Reference

```bash
# Frontend-Server
ssh frontend@10.10.181.104

# Hetzner 3 Production
ssh payload@162.55.85.18

# Caddy neu laden
ssh root@10.10.181.99 "systemctl reload caddy"

# Frontend Service starten
systemctl start frontend-porwoll
```

---

*Dokumentation: Martin Porwoll | Complex Care Solutions GmbH | 29.12.2025*