Infra enablers
Use this section when you need the shared infra mental model that enables many systems:
- identity and authentication,
- network access (VPN),
- name resolution (DNS),
- trust (TLS/certificates),
- service endpoints (HTTP ingress, DB endpoints, storage endpoints),
- and a high-level topology snapshot (public vs private).
For the architecture entry points, start at Architecture.
Enablers
Section titled “Enablers” Identity & authentication Who you are: SSO/MFA, identities, tokens/sessions (no inventories here).
Network access (VPN) Where you can reach: LAN/VPN boundaries and operator access paths.
DNS Name resolution + reachability model (internal vs public, split-horizon).
TLS & certificates Trust model for HTTPS and database connectivity.
Reverse proxy HTTP(S) ingress and audience boundaries (public vs internal).
DB endpoints Stable database endpoints (`*.db.lef`) separated from backend routing.
Storage endpoints Shared storage entry points: S3 (default) and SFTP (controlled transfer).
Topology snapshot
Section titled “Topology snapshot”- Identity (IdP): Microsoft Entra ID is the default for SSO/MFA when available.
- Private network: core infrastructure runs in the EVEO private cloud (including EVEO DBaaS) and is protected behind SSL‑VPN.
- Public services: some workloads live on public platforms such as Hostinger (websites) and SaaS providers.
- Access model: public traffic is limited to HTTP(S); admin and operator access is generally VPN-only.
Choose your path
Section titled “Choose your path”| Area | Use this when… |
|---|---|
| Access | You need VPN/SSO context or to understand traffic flow. |
| Services | You’re starting from a service name/URL and need entry points. |
| Environments | You want the environment bundle view (GUI → middleware → DB). |
| Servers | You need “where to log in” and what runs where. |
| Proxy & routing | You’re tracing HTTP(S) routing (vhosts/upstreams). |
| Databases | You’re working on DB endpoints, connectivity, or ops. |
| Certificates | You’re working on TLS trust, renewal, or certificate troubleshooting. |
| Middleware (runtimes) | You’re mapping upstreams to app runtimes/containers. |
| Infra services | You need shared infra services (what/why/entry points). |
| Operate & Troubleshoot | You want runbooks, monitoring, and operational procedures. |
| Troubleshooting | You want symptom-based entry points (DNS/VPN/TLS/proxy/DB). |