Architecture
Dreambau runs as a multi-service self-hosted platform on Kubernetes (k3s) in namespace wcr.
Core Layers
- Edge: Traefik ingress + TLS certificates
- Identity and access: service-level auth today, planned centralized SSO
- Application services: Cap, NocoDB, n8n, Novu, Invoice, and others
- Data services: MySQL, PostgreSQL, MongoDB, Redis, object storage
- Automation: cronjobs for backups, certificate guard, schedulers
Traffic Flow
- User reaches
*.dreambau.com. - Traefik routes request to matching service.
- TLS certs are managed through cert-manager.
- App connects to its backing data service over cluster networking.
Infrastructure Principles
- Isolated service manifests per software
- Shared ops scripts for installation and status checks
- Persistent volumes for data durability
- Strong preference for reproducible deployments