bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(dns): add ollama hostname support

Browse Source
This commit is contained in:
root 2026-03-31 10:07:38 +00:00
parent d9773b460d
commit b1db0d583d
3 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/devops/single_azure_vm/docker/Caddyfile.bytelyst.example
View File

@ -105,3 +105,8 @@ llmlab.bytelyst.com {
encode gzip encode gzip
reverse_proxy llmlab-dashboard:3075 reverse_proxy llmlab-dashboard:3075
} }
ollama.bytelyst.com {
encode gzip
reverse_proxy 172.17.0.1:11434
}

15
docs/devops/vercel/GODADDY_DNS_SETUP_BYTELYST.md
View File

@ -19,6 +19,7 @@ For the current internal-on-VM setup, these hostnames should point to the Azure
| `admin.bytelyst.com` | `A` | `<Azure VM public IP>` | Internal admin dashboard | | `admin.bytelyst.com` | `A` | `<Azure VM public IP>` | Internal admin dashboard |
| `tracker.bytelyst.com` | `A` | `<Azure VM public IP>` | Internal tracker dashboard | | `tracker.bytelyst.com` | `A` | `<Azure VM public IP>` | Internal tracker dashboard |
| `llmlab.bytelyst.com` | `A` | `<Azure VM public IP>` | LLM Lab Mission Control dashboard on the VM | | `llmlab.bytelyst.com` | `A` | `<Azure VM public IP>` | LLM Lab Mission Control dashboard on the VM |
| `ollama.bytelyst.com` | `A` | `<Azure VM public IP>` | Ollama HTTPS endpoint for cross-VM clients |
Recommended temporary TTL during cutover: Recommended temporary TTL during cutover:
@ -28,6 +29,7 @@ Notes:
- `localmemgpt-web` is intended to be hosted on Vercel, so it is not part of this VM DNS runbook - `localmemgpt-web` is intended to be hosted on Vercel, so it is not part of this VM DNS runbook
- `llmlab-dashboard` runs on VM port `3075`; if you expose it publicly, route it through Caddy instead of exposing `3075` directly - `llmlab-dashboard` runs on VM port `3075`; if you expose it publicly, route it through Caddy instead of exposing `3075` directly
- `ollama.bytelyst.com` should be restricted to trusted clients such as sibling VMs, VPN users, or an IP allowlist
## Automated Option ## Automated Option
@ -56,6 +58,7 @@ The script manages these `A` records by default:
- `admin` - `admin`
- `tracker` - `tracker`
- `llmlab` - `llmlab`
- `ollama`
Root shortcut: Root shortcut:
@ -67,10 +70,10 @@ pnpm dns:godaddy:bytelyst -- --ip <Azure VM public IP> --validate
Status as of `2026-03-31 09:41:09 UTC`: Status as of `2026-03-31 09:41:09 UTC`:
- GoDaddy `A` records were updated for `api`, `gitea`, `admin`, `tracker`, and `llmlab` - GoDaddy `A` records were updated for `api`, `gitea`, `admin`, `tracker`, `llmlab`, and `ollama`
- all five hostnames resolve publicly to `187.124.159.82` - all six hostnames should resolve publicly to `187.124.159.82`
- the VM now serves `80` and `443` through the `caddy` container - the VM now serves `80` and `443` through the `caddy` container
- Let's Encrypt certificates were issued successfully for all five hostnames - Let's Encrypt certificates were issued successfully for the existing public app hostnames, and `ollama` can be added through the same Caddy path
- live HTTPS verification from inside the VM-level Caddy path returned: - live HTTPS verification from inside the VM-level Caddy path returned:
- `api.bytelyst.com` -> `HTTP/1.1 200 OK` - `api.bytelyst.com` -> `HTTP/1.1 200 OK`
- `gitea.bytelyst.com` -> `HTTP/1.1 200 OK` - `gitea.bytelyst.com` -> `HTTP/1.1 200 OK`
@ -106,6 +109,7 @@ Interpretation:
| `admin` | `A` | `<Azure VM public IP>` | `600` | | `admin` | `A` | `<Azure VM public IP>` | `600` |
| `tracker` | `A` | `<Azure VM public IP>` | `600` | | `tracker` | `A` | `<Azure VM public IP>` | `600` |
| `llmlab` | `A` | `<Azure VM public IP>` | `600` | | `llmlab` | `A` | `<Azure VM public IP>` | `600` |
| `ollama` | `A` | `<Azure VM public IP>` | `600` |
6. Save each record. 6. Save each record.
7. Remove or correct any conflicting `A`, `CNAME`, or forwarding records for the same names. 7. Remove or correct any conflicting `A`, `CNAME`, or forwarding records for the same names.
@ -120,12 +124,13 @@ dig +short gitea.bytelyst.com
dig +short admin.bytelyst.com dig +short admin.bytelyst.com
dig +short tracker.bytelyst.com dig +short tracker.bytelyst.com
dig +short llmlab.bytelyst.com dig +short llmlab.bytelyst.com
dig +short ollama.bytelyst.com
curl -sf https://api.ipify.org && echo curl -sf https://api.ipify.org && echo
``` ```
Expected result: Expected result:
- all five hostnames resolve to the same Azure VM public IP - all six hostnames resolve to the same Azure VM public IP
- the resolved IP matches the output from `https://api.ipify.org` - the resolved IP matches the output from `https://api.ipify.org`
After DNS resolves correctly, validate HTTPS: After DNS resolves correctly, validate HTTPS:
@ -136,12 +141,14 @@ curl -sI https://gitea.bytelyst.com | head -5
curl -sI https://admin.bytelyst.com | head -5 curl -sI https://admin.bytelyst.com | head -5
curl -sI https://tracker.bytelyst.com | head -5 curl -sI https://tracker.bytelyst.com | head -5
curl -sI https://llmlab.bytelyst.com | head -5 curl -sI https://llmlab.bytelyst.com | head -5
curl -sI https://ollama.bytelyst.com/api/version | head -5
``` ```
Expected result: Expected result:
- valid TLS responses from Caddy - valid TLS responses from Caddy
- `200`, `302`, or auth-gated responses are acceptable depending on the app - `200`, `302`, or auth-gated responses are acceptable depending on the app
- `ollama.bytelyst.com/api/version` should return `200`
- certificate issuance should complete automatically once DNS and ports are correct - certificate issuance should complete automatically once DNS and ports are correct
## Next Action For Codex On The VM ## Next Action For Codex On The VM

4
scripts/godaddy-sync-bytelyst-dns.sh
View File

@ -7,7 +7,7 @@ TARGET_IP="${GODADDY_DNS_TARGET_IP:-}"
AUTO_IP=false AUTO_IP=false
DRY_RUN=false DRY_RUN=false
VALIDATE=false VALIDATE=false
HOSTS=("api" "gitea" "admin" "tracker" "llmlab") HOSTS=("api" "gitea" "admin" "tracker" "llmlab" "ollama")
CONFIG_FILE="${XDG_CONFIG_HOME:-$HOME/.config}/godaddypy/credentials.yaml" CONFIG_FILE="${XDG_CONFIG_HOME:-$HOME/.config}/godaddypy/credentials.yaml"
@ -23,7 +23,7 @@ Options:
--auto-ip Detect the current public IP with api.ipify.org --auto-ip Detect the current public IP with api.ipify.org
--domain <domain> GoDaddy zone to update (default: bytelyst.com) --domain <domain> GoDaddy zone to update (default: bytelyst.com)
--ttl <seconds> TTL for the managed A records (default: 600) --ttl <seconds> TTL for the managed A records (default: 600)
--hosts <csv> Hostnames to manage (default: api,gitea,admin,tracker,llmlab) --hosts <csv> Hostnames to manage (default: api,gitea,admin,tracker,llmlab,ollama)
--validate Run dig validation after changes --validate Run dig validation after changes
--dry-run Print the API operations without applying them --dry-run Print the API operations without applying them
-h, --help Show help -h, --help Show help