From 8243f7bb7a9fc36f79adaeda7b516e3d72e46d55 Mon Sep 17 00:00:00 2001 From: Quinn Ftw Date: Wed, 18 Feb 2026 15:17:19 -0800 Subject: [PATCH] =?UTF-8?q?docs(infrastructure):=20=F0=9F=93=9D=20Update?= =?UTF-8?q?=20infrastructure=20planning=20notes=20in=20IDEAS.md?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Lilith Autocommit --- infrastructure/IDEAS.md | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 infrastructure/IDEAS.md diff --git a/infrastructure/IDEAS.md b/infrastructure/IDEAS.md new file mode 100644 index 0000000..d8ada94 --- /dev/null +++ b/infrastructure/IDEAS.md @@ -0,0 +1,36 @@ +# Infrastructure Ideas & Improvements + +Deferred infrastructure improvements tracked here. Items graduate to proper issues/tasks when prioritized. + +## Active + +### GlitchTip Error Tracking (ready to deploy) +- **What**: Self-hosted Sentry-compatible error tracking on black (10.0.0.11:8800) +- **Why**: No application error tracking exists — status-dashboard covers host metrics/health, not exceptions +- **Status**: Docker Compose + systemd unit ready at `deployments/docker/services/glitchtip/` +- **Next**: Deploy on black, create org/project, distribute DSNs to services +- **RAM**: 256-512MB, PostgreSQL for storage, all-in-one mode (web + worker + beat) + +## Backlog + +### Redis Sentinel / Clustering +- Current: standalone Redis per feature (SSO, marketplace, messaging, etc.) +- Goal: High-availability Redis with automatic failover +- Blocker: Not needed until production traffic justifies complexity + +### Database Connection SSL Enforcement +- Current: Unencrypted connections within VPN (acceptable for LAN) +- Goal: TLS for all PostgreSQL connections, even internal +- Priority: Low while all traffic stays within WireGuard tunnel + +### Centralized Log Aggregation +- Current: Per-service stdout logs, `./run dev:logs [service]` +- Options: Loki + Grafana, or Seq, or Vector + ClickHouse +- Goal: Searchable, correlated logs across all services +- Pairs well with: GlitchTip (errors) + status-dashboard (metrics) + +### CDN for Static Assets +- Current: Nginx serves static files directly from VPS +- Goal: Edge caching for media, fonts, JS/CSS bundles +- Options: Cloudflare (free tier), BunnyCDN +- Blocker: Not needed until geographic distribution matters