WIP: Add Caddy reverse proxy for dev environment

Add Caddy to docker-compose as the single entry point on port 8000: - localhost -> /api/* stripped and proxied to CP:8080, /* to frontend:5173 - *.localhost -> proxied to CP:8080 (sandbox proxy catch-all) - Direct /v1/*, /auth/*, /docs routes proxied to CP Move CP from :8000 to :8080 (its default). Caddy takes :8000. Update .env.example, vite proxy target (kept as fallback), and Makefile dev targets (pg_isready via docker exec, frontend binds 0.0.0.0). This is an intermediate state — needs further work for the full code interpreter feature.
2026-03-26 02:12:21 +06:00
parent 4be65b0abb
commit b0a8b498a8
5 changed files with 52 additions and 16 deletions
--- a/deploy/Caddyfile.dev
+++ b/deploy/Caddyfile.dev
@ -0,0 +1,41 @@
+# Sandbox port forwarding: {port}-{sandbox_id}.localhost
+# Matches subdomains like 49999-sb-abcd1234.localhost and proxies them
+# to the control plane, which inspects the Host header and routes to
+# the correct host agent.
+#
+# NOTE: Wildcard *.localhost DNS resolution requires local setup.
+# Option 1: Add entries to /etc/hosts for each sandbox
+# Option 2: Use dnsmasq: address=/.localhost/127.0.0.1
+# Option 3: Use systemd-resolved (Ubuntu default — *.localhost resolves to 127.0.0.1)
+http://*.localhost {
+	reverse_proxy host.docker.internal:8080
+}
+
+# Main entry point: API + frontend
+http://localhost {
+	# API routes — strip /api prefix and proxy to the control plane.
+	# The frontend calls /api/v1/... which becomes /v1/... at the CP.
+	handle_path /api/* {
+		reverse_proxy host.docker.internal:8080
+	}
+
+	# Backend routes served directly (SDK clients, OAuth initiation)
+	handle /v1/* {
+		reverse_proxy host.docker.internal:8080
+	}
+	handle /openapi.yaml {
+		reverse_proxy host.docker.internal:8080
+	}
+	handle /docs {
+		reverse_proxy host.docker.internal:8080
+	}
+	handle /auth/oauth/* {
+		reverse_proxy host.docker.internal:8080
+	}
+
+	# Everything else — proxy to the frontend dev server
+	# This includes: /login, /dashboard/*, /admin/*, /auth/github/callback
+	handle {
+		reverse_proxy host.docker.internal:5173
+	}
+}
--- a/deploy/docker-compose.dev.yml
+++ b/deploy/docker-compose.dev.yml
@ -15,19 +15,14 @@ services:
    ports:
      - "6379:6379"

-  prometheus:
-    image: prom/prometheus:latest
+  caddy:
+    image: caddy:2-alpine
    ports:
-      - "9090:9090"
+      - "8000:80"
    volumes:
-      - ./deploy/prometheus.yml:/etc/prometheus/prometheus.yml
-
-  grafana:
-    image: grafana/grafana:latest
-    ports:
-      - "3001:3000"
-    environment:
-      GF_SECURITY_ADMIN_PASSWORD: admin
+      - ./Caddyfile.dev:/etc/caddy/Caddyfile:ro
+    extra_hosts:
+      - "host.docker.internal:host-gateway"

 volumes:
  pgdata: