homelab-docs/manifest.md

# 🛡️ My Cloud Hub: Architecture & Operations

## 🌐 Global Architecture
* **Compute:** Linode 2GB Shared Instance (Chicago/us-ord)
* **OS:** Ubuntu 22.04 LTS
* **Ingress:** Cloudflare Zero Trust (Tunnels) with MFA/WARP
* **Backups:** Nightly (2:00 AM) to Linode Object Storage (S3) via `rclone`

## 🖥️ System Specs & Tuning
* **RAM:** 2GB (Shared)
* **Swap:** 1.5GB Total 
  * Partition: /dev/sdb (512MB default)
  * File: /swapfile (1GB manual)
* **Swappiness:** Default (60)

## 🏗️ Docker Network Topology
| Network | Driver | Purpose |
| :--- | :--- | :--- |
| `web_gateway` | bridge (ext) | External traffic from Cloudflare to containers |
| `db_network` | bridge (ext) | Private traffic between Apps and Postgres |

## 📦 Service Inventory
| Service | URL | Directory | Database |
| :--- | :--- | :--- | :--- |
| **Dashboard** | `home.davisdre.com` | `/opt/docker/dashboard` | Static (Nginx) |
| **Gitea** | `git.davisdre.com` | `/opt/docker/gitea` | `gitea` (Postgres) |
| **Gitea-Act_runner** | *Internal Only* | `/opt/docker/gitea` | None |
| **Linkwarden** | `links.davisdre.com` | `/opt/docker/linkwarden` | `linkwarden` (Postgres) |
| **FreshRSS** | `news.davisdre.com` | `/opt/docker/freshrss` | `freshrss` (Postgres) |
| **Memos** | `memos.davisdre.com` | `/opt/docker/memos` | `memos` (Postgres) |
| **Surmai** | `travel.davisdre.com` | `/opt/docker/surmai` | Internal SQLite |
| **Postgres** | *Internal Only* | `/opt/docker/global-db` | **Universal DB** |
| **cloudflared** | *Tunnel Only* | `/opt/docker/cloudflared` | None |

---

## 🛠️ Standard Operating Procedures (SOPs)

### 1. Updating the Dashboard
1.  Modify `index.html` on local PC.
2.  `git add . && git commit -m "update" && git push`
3.  On Linode, run: `updatedash` (alias for `/opt/docker/dashboard/update-dash.sh`)

### 2. Adding a New App (Postgres-backed)
Run these commands to provision the DB before deploying the container:

```bash
# 1. Update global-db/compose.yaml environment list first
# 2. Manually provision the DB (Live Instance)
docker exec -it global_postgres psql -U postgres -c "CREATE DATABASE app_name;"
docker exec -it global_postgres psql -U postgres -c "CREATE USER app_name WITH PASSWORD 'my-custom-password';"
docker exec -it global_postgres psql -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE app_name TO app_name;"
docker exec -it global_postgres psql -U postgres -c "ALTER DATABASE app_name OWNER TO app_name;"