From 3a0f062f37417e41b10b805520451bcd981c890f Mon Sep 17 00:00:00 2001 From: sjat Date: Sun, 28 Jun 2026 10:59:46 +0200 Subject: [PATCH] slides: fix TaPPaaS deck overflow + stray tag Shrink global font and tighten spacing so dense slides fit; split the phasing slide into VPS-edge (1-3) and internal/later (4-5). Remove a stray line that leaked into the source. Verified all 13 slides fit via per-slide PNG render. Co-Authored-By: Claude Opus 4.8 (1M context) --- .../2026-06-28-tappaas-vps-publishing.md | 42 ++++++++++++------- 1 file changed, 28 insertions(+), 14 deletions(-) diff --git a/docs/presentations/2026-06-28-tappaas-vps-publishing.md b/docs/presentations/2026-06-28-tappaas-vps-publishing.md index b4eaa8c..776dac5 100644 --- a/docs/presentations/2026-06-28-tappaas-vps-publishing.md +++ b/docs/presentations/2026-06-28-tappaas-vps-publishing.md @@ -6,12 +6,20 @@ paginate: true --- # Routing TaPPaaS through the VPS @@ -120,17 +128,24 @@ After this, **new services need zero VPS change** — exposure is decided at Cad --- -## Phasing — five verifiable steps +## Phasing — VPS edge (steps 1–3) -1. **Tunnel** — FLOSSFirewall up as `wg1` peer; ping `10.13.0.1 ↔ 10.13.0.9`. +1. **Tunnel** — FLOSSFirewall up as `wg1` peer; ping + `10.13.0.1 ↔ 10.13.0.9`. 2. **Caddy backend** — from the VPS, - `curl -H 'Host: .tappaas.makerfloss.eu' http://10.13.0.9:80`. + `curl -H 'Host: …tappaas…' 10.13.0.9:80`. 3. **VPS edge** — add cert + route + DNS; off-site - `curl https://.tappaas.makerfloss.eu` with a valid cert. -4. **Internal DNS** — add `*.tappaas` override; a cluster node resolves to - Caddy's local IP and gets Caddy's own cert. -5. **(Later)** makerspace LAN view — conditional-forward + firewall pinhole on - the OrangeMakers router. + `curl https://.tappaas.makerfloss.eu` returns a valid cert. + +--- + +## Phasing — internal & later (steps 4–5) + +4. **Internal DNS** — add the `*.tappaas` override on the FLOSSFirewall; a + cluster node resolves to Caddy's local IP and gets Caddy's own cert (no + VPS round-trip). +5. **(Later)** makerspace LAN view — conditional-forward + firewall pinhole + on the OrangeMakers router. --- @@ -167,4 +182,3 @@ After this, **new services need zero VPS change** — exposure is decided at Cad and execute phases 1–4. _Design: `MakerFLOSS_Troubleshooting/docs/superpowers/specs/2026-06-28-tappaas-vps-publishing-design.md`_ -