Engineering¶
This repository documents the applications and infrastructure that the organization runs today, and is the staging ground for planning their resilience, disaster recovery, and move from hobby/trial to professional-grade operation.
📖 Read this as a documentation site: the same content is rendered as a searchable, Mermaid-diagram-friendly site at
https://docs.projecteidos.com(gated by Microsoft 365 sign-in via Authentik — no GitLab login required). The site rebuilds automatically when this repo is updated. Setup detail:mkdocs.yml+Dockerfile; deployment is tracked under RM-041 in the roadmap.Estate at a glance: 32 services across 4 owned domains, hosted on 3 VPSes + 5 Oracle Autonomous Databases in 2 OCI tenancies (EIDOSDev1 + ORA448Global), both
uk-london-1. Domains + Microsoft 365 at GoDaddy. No other clouds, no other VPS providers. See overview/landscape.md for the engineering one-pager.
How to read this repo¶
Two audiences. Two reading paths.
Leadership / executive readers — start here:
- 🎯 overview/executive-summary.md — comprehensive briefing: estate, costs, self-hosting savings, top risks, plan, continuity & access (operate without Vishnu present), decisions needed
- overview/landscape.md — quick estate one-pager (engineering-aware view)
- overview/phase-2-roadmap.md — full 40-action improvement plan with verification steps
- infra/known-issues.md — ⚠ active operational risks register (37 entries)
- overview/risk-heatmap.md — what's most exposed, ranked
- overview/domains.md — every domain we own, who runs it, when it expires
- overview/external-saas.md — third-party services the business depends on
Engineering / operations readers — start here (bottom-up):
- infra/cloud-accounts.md — OCI tenancies + GoDaddy
- infra/servers.md — 3 VPSes + 5 ADBs
- infra/network.md — WireGuard + Tailscale + reachability map
- infra/proxies.md — every URL → proxy → backend
- infra/tls.md — Let's Encrypt via Caddy strategy
- infra/backups.md — what's backed up, what isn't
- infra/known-issues.md — ⚠ active operational risks
- infra/runbooks/ — 🚨 recovery procedures (Caddy-down, O1-lost, Vault-sealed)
- overview/shared-infra.md — logical dependency map between apps
- overview/domain-map.md — apps grouped by domain
- Sections 4 (Hosting), 9 (Maturity), and 10 (Risks) in each app doc
Glossary: glossary.md — plain-language decoder for every technical term used in this repo.
How docs are written¶
- Each app has its own file under
apps/. - Off-the-shelf apps follow
apps/_template.md. Custom-built apps followapps/_template-custom.md, which begins with an interview block. - Two markers flag gaps that still need real-world verification:
[CONFIRM]— claim made from public knowledge or naming inference; please verify.[INFO NEEDED]— gap; please supply.- Run
grep -rn '\[CONFIRM\]\|\[INFO NEEDED\]' apps/ overview/to find them.
App index¶
Customer / revenue-facing¶
| # | App | URL |
|---|---|---|
| 01 | Parallax | parallax.projecteidos.com |
| 02 | TnE Connect — Fourway tenant | fourway.tneconnect.app |
| 03 | TnE Connect — Eidos Global tenant | eidos-global.tneconnect.app |
| 04 | CRM UK | crm.eidos-global.com |
| 05 | CRM IN | in.crm.eidos-global.com |
| 06 | CRM TnE Connect | crm.tneconnect.app |
| 07 | Teams Bot | bot.projecteidos.com |
| 08 | APEX UR | apex-ur.projecteidos.com |
| 09 | APEX1 PE | apex1.projecteidos.com |
| 10 | APEX2 PE | apex2.projecteidos.com |
| 11 | PE WordPress | projecteidos.com |
| 12 | EIDOS Global WordPress | eidos-global.com |
| 13 | TnE Connect WordPress | tneconnect.app |
Shared infrastructure¶
| # | App | URL |
|---|---|---|
| 14 | Authentik | auth.448.global |
| 15 | Vault | vault.448.global |
| 16 | GitLab | git.projecteidos.com |
| 17 | MinIO | s3.448.global |
| 18 | Dokploy | platform.projecteidos.com |
| 19 | Portainer | portainer.448.global |
| 20 | Wireguard | wg.448.global |
| 21 | Beszel | monitor.448.global |
| 22 | Watchtower | (no URL) |
| 23 | Gotify | notify.448.global |
Internal tools¶
| # | App | URL |
|---|---|---|
| 24 | Coder | coder.448.global |
| 25 | n8n | n8n.448.global |
| 26 | Open WebUI | ai.448.global |
| 27 | Draw.io | draw.448.global |
| 28 | IT Tools | tools.448.global |
| 29 | PE Tube | videos.448.global |
| 30 | APEX1 448 | apex1.448.global |
| 31 | APEX2 448 | apex2.448.global |
| 32 | SQLcl Container | (no URL) |
Domains at a glance¶
projecteidos.com— public product + corporateeidos-global.com— corporate / CRMtneconnect.app— workforce product448.global— internal/shared infrastructure estate
See overview/domain-map.md for the full grouping.
Phase 1 → Phase 2¶
This repo's Phase 1 is documentation. Once the gaps in each app doc are filled, Phase 2 uses overview/risk-heatmap.md to drive the resilience / DR / professional-grade upgrade roadmap.