coop/rose-ash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

host: go live — blog.rose-ash.com served by the SX host in the stack
Some checks failed
Test, Build, and Deploy / test-build-deploy (push) Failing after 15s
Details

Browse Source 
Promote lib/host into the docker stack behind blog.rose-ash.com (reusing a
down Quart subdomain). New compose service sx_host runs lib/host/serve.sh on
externalnet; Caddy reverse-proxies blog.rose-ash.com -> sx-dev-sx_host-1:8000.

hosts/ fix: http-listen bound inet_addr_loopback only, unreachable from other
containers. Add SX_HTTP_HOST env (default loopback for tests/local; stack sets
0.0.0.0) in sx_server.ml. serve.sh made container-friendly (SX_PROJECT_DIR).

Verified live through Cloudflare->Caddy: /health, /feed, relations reads serve
real JSON; / 404 (no root route yet). rose-ash.com untouched. Conformance
145/145 green with the rebuilt binary.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
giles
2026-06-19 17:57:38 +00:00
parent d917a5f92f
commit 014dd06d2b
4 changed files with 60 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
plans/host-on-sx.md
View File

@@ -133,8 +133,18 @@ lib/host/sxtp.sx subsystem APIs (feed/search/commerce/…
- [x] native `http-listen` ↔ Dream-app bridge (`lib/host/server.sx`:
`host/native-handler`/`host/serve`) + `lib/host/serve.sh` launcher. Serves
real HTTP on a host port — verified live (health/feed/relations reads + 404).
- [ ] promote into the docker stack + a Caddy subdomain (NOT `rose-ash.com` — that
is the legacy public site, untouched). Scope now includes `hosts/` + Caddy.
- [x] promote into the docker stack + a Caddy subdomain — **LIVE at
`https://blog.rose-ash.com`** (reusing a down Quart subdomain). New compose
service `sx_host` (`docker-compose.dev-sx-host.yml`, container
`sx-dev-sx_host-1`) runs `serve.sh` on `externalnet`; Caddy reverse-proxies
`blog.rose-ash.com``sx-dev-sx_host-1:8000`. Required a `hosts/` fix:
`http-listen` bound `inet_addr_loopback` only — added `SX_HTTP_HOST` env
(default loopback; stack sets `0.0.0.0`) in `sx_server.ml`, rebuilt this
worktree's binary. Verified: `/health`, `/feed`, relations reads serve real
JSON through Cloudflare→Caddy; `/` 404 (no root route yet). `rose-ash.com`
untouched. CAVEAT: `/root/caddy/Caddyfile` is an inode-pinned bind mount —
edited file shows a NEW inode the container can't see; loaded live via
`caddy reload` from a non-bind path. A caddy restart reconciles the bind.
- [ ] proxy-to-Quart fallback for un-migrated paths (strangler requirement before
a real subdomain fronts users).
- [ ] internal-HMAC middleware on `/internal/*` (service-to-service auth; protocol