1.3 KiB
1.3 KiB
Data Model: VPS Migration
Host
- Fields: name, role (primary/secondary), publicIp, vpnEndpoint, services[], proxyMappings[], firewallRuleSet
- Rules: Exactly one primary host for reverse proxying.
Service
- Fields: name, enabled, runsOnHost, proxyEnabled, domains[]
- Rules: Services remain on host server; proxyEnabled true on VPS for all enabled services.
ProxyMapping
- Fields: domain, targetService, tlsRequired
- Rules: domain must be unique across mappings; domain must match service definitions.
FirewallRuleSet
- Fields: sourceFile (iptables), rules[], appliedHost
- Rules: Ruleset must be applied as-is; no translation allowed.
VPNPeer
- Fields: name, publicKeyRef, allowedIps[]
- Rules: allowedIps must be unique across peers; publicKeyRef must resolve via secrets system.
VPNInterface
- Fields: addressRanges[], listenPort, privateKeyRef
- Rules: privateKeyRef stored in secrets system; listenPort exposed on VPS.
ServiceUser
- Fields: username, group, authorizedKeys[]
- Rules: deploy uses ed25519_deploy.pub; lidarr-reports uses ed25519_lidarr-reports.pub.
MigrationChecklistItem
- Fields: task, verificationStep, status
- Rules: each migration task must have a verification step.