SYSTEM STATUS: HYBRID ONLINE

>> ARCHITECTURE_UPGRADE_COMPLETE // VERSION_2025.12

01. Origin Story

We started with a single Oracle VPS ("The Death Star"). It was powerful but messy.

  • [x] Port Collisions (Port 80 War)
  • [x] Exposed IP Address
  • [x] Manual Backups
  • [x] Chaos

NOW: We have evolved into a Distributed Hybrid Cloud.

02. The Shield Strategy

Traffic no longer touches Oracle directly. It flows through Google.

graph LR User((Client 🌍)) -->|HTTPS| Shield(🛡️ Google Shield
35.209.125.99) Shield -->|Tailscale Tunnel| Oracle(🧠 Oracle VPS
100.76.112.21) subgraph "Oracle Services" Oracle --> Banda(Banda Live) Oracle --> Galeria(Galeria Live) Oracle --> Batuta(Batuta Hub) end style Shield fill:#4285F4,stroke:#333,color:white style Oracle fill:#F80000,stroke:#333,color:white style User fill:#00C853,stroke:#333,color:white

The "Doorman" Protocol:

  • 1. User knocks on Google's door (Public IP).
  • 2. Nginx checks the invitation (Domain Name).
  • 3. If valid, Nginx opens the secret tunnel to Oracle.
  • 4. Oracle serves the content without ever exposing its real IP.

03. Final Port Map

(See VPS_ECOSYSTEM.md)
Service Internal External
Batuta Live 8083 Proxied
Banda Live 8081 Proxied
Galeria Live 8085 Proxied
System Redis 6379 Internal
n8n 5678 Proxied

04. Cheat Codes (Commands)

Deploy New Service

# On Oracle:
cd ~/proyectos/new-app
/usr/local/bin/docker-compose-v2 up -d

Connect to Shield

# On Google Shield (NPM UI):
Host: myapp.35.209.125.99.nip.io
Forward IP: 100.76.112.21
Forward Port: [Your_Port]

05. Knowledge Base

All documentation is now centralized.

Recommendation: Use OBSIDIAN to view the `_central/docs/` folder.

It renders the Markdown links and Backlinks perfectly.

06. Mission Roadmap

> Initiating Phase 5...

> Loading Observability...

> Configuring Backups...


Next up: Connecting Uptime Kuma on Google to monitor Oracle via the private mesh.