summaryrefslogtreecommitdiffstats
path: root/doc/arch.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/arch.md')
-rw-r--r--doc/arch.md33
1 files changed, 21 insertions, 12 deletions
diff --git a/doc/arch.md b/doc/arch.md
index faac44e..4a5a0e1 100644
--- a/doc/arch.md
+++ b/doc/arch.md
@@ -1,7 +1,7 @@
# Architecture
-Intended to be deployed on OpenBSD.
+Intended to be deployed on OpenBSD with all processes running with minimal privileges.
- LAN
- shop.samanthony.xyz
@@ -9,27 +9,36 @@ Intended to be deployed on OpenBSD.
- Serves static HTML files
- Serves scripts (js/wasm) including htmx.js
- api.shop.samanthony.xyz
- - `buthapi` API server
+ - `buthd` API server
- Serves htmx fragments
- - Serves 9P {/cart, /checkout} to authenticated clients via websockets
- - auth.shop.samanthony.xyz
- - `buthauth` web authentication gateway
- - Client-facing HTTP interface to authfs
- - Handles registration and login forms
+ - Proxy between client HTTP and backend 9P servers
+ - Handles login forms: client↔authfs
+ - Handles cart and checkout endpoints: client↔shopfs
- authfs
- - `buthauthfs` daemon
+ - `buthauthfs` 9P file server daemon
- Persistent user database
- Stores password hashes
- Manages client sessions
- - Serves 9P to api and auth servers
- - relay
- - relayd(8)
+ - shopfs
+ - `buthshopfs` 9P file server daemon
+ - Inventory
+ - User shopping carts
+ - Checkout
+ - relayd(8)
- TLS proxy/gateway
- WAN
- Client web browser
- HTML renderer, js/wasm interpreter
- - Generates and stores its session ID (in a cookie)
+ - Generates and stores session cookies
The LAN could be either a single OpenBSD host, several vmd(8) VMs, or several machines in a VPN, e.g. Tailscale.
+An administrator can manage the site by mounting the `fs` daemons in a terminal's namespace with userspace plan9 utils.
+
![[arch.png]]
+
+## Notes
+
+Should `buthd` be monolithic, or should there be one http/9p gateway per 9p file server, multiplexed by relayd? should the htmx fragment serving/template rendering be broken out into its own process?
+
+Nice to minimize number of http servers (just httpd and buthd). Less sysadmin: relayd, permissions, init scripts.
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-15 21:49:27 +0000