max / makenotwork
1 file changed,
+57 insertions,
-0 deletions
| @@ -0,0 +1,57 @@ | |||
| 1 | + | # SSH Access to Production Server | |
| 2 | + | ||
| 3 | + | ## Hosts | |
| 4 | + | ||
| 5 | + | | Host | Tailscale IP | Public IP | Role | | |
| 6 | + | |------|-------------|-----------|------| | |
| 7 | + | | Hetzner (prod) | `100.120.174.96` | `5.78.144.244` | Production server | | |
| 8 | + | | Astra (dev/test) | `100.106.221.39` | — | Build host, CI runner | | |
| 9 | + | ||
| 10 | + | ## Admin SSH (Hetzner) | |
| 11 | + | ||
| 12 | + | Regular sshd listens on **port 2200**, bound to the Tailscale interface only. | |
| 13 | + | Tailscale SSH is also active, allowing passwordless access for Tailscale-authenticated users. | |
| 14 | + | ||
| 15 | + | **Via Tailscale SSH (preferred):** | |
| 16 | + | ```bash | |
| 17 | + | ssh root@100.120.174.96 | |
| 18 | + | ``` | |
| 19 | + | ||
| 20 | + | **Via regular sshd (if Tailscale SSH is off):** | |
| 21 | + | ```bash | |
| 22 | + | ssh -p 2200 deploy@100.120.174.96 | |
| 23 | + | ``` | |
| 24 | + | Requires your public key in `~deploy/.ssh/authorized_keys` on the server. | |
| 25 | + | ||
| 26 | + | **Note:** The `max` user does not exist on the server. Use `root` (Tailscale SSH) or `deploy` (regular sshd). | |
| 27 | + | ||
| 28 | + | ## Git SSH (mnw-cli) | |
| 29 | + | ||
| 30 | + | mnw-cli runs on **port 22** on the public IP. This is for git operations and the CLI TUI, not admin access. | |
| 31 | + | ||
| 32 | + | ```bash | |
| 33 | + | # ~/.ssh/config entry | |
| 34 | + | Host mnw | |
| 35 | + | HostName 5.78.144.244 | |
| 36 | + | User git | |
| 37 | + | ``` | |
| 38 | + | ||
| 39 | + | ## Service Locations | |
| 40 | + | ||
| 41 | + | | Service | Path | | |
| 42 | + | |---------|------| | |
| 43 | + | | App binary | `/opt/makenotwork/makenotwork` | | |
| 44 | + | | Admin binary | `/opt/makenotwork/mnw-admin` | | |
| 45 | + | | Environment | `/opt/makenotwork/.env` | | |
| 46 | + | | Static files | `/opt/makenotwork/static/` | | |
| 47 | + | | Caddy config | `/etc/caddy/Caddyfile` | | |
| 48 | + | | Systemd unit | `/etc/systemd/system/makenotwork.service` | | |
| 49 | + | | DB backups | `/opt/makenotwork/backups/` | | |
| 50 | + | | Logs | `journalctl -u makenotwork` | | |
| 51 | + | ||
| 52 | + | ## Astra | |
| 53 | + | ||
| 54 | + | Tailscale SSH only: | |
| 55 | + | ```bash | |
| 56 | + | ssh root@100.106.221.39 | |
| 57 | + | ``` |