All-in-one runtime repo for ComBox. This repository contains only runtime config and orchestration.

• combox-edge-nginx reverse proxy + TLS (self-signed by default)
• combox-edge-anubis-* browser-only anti-scraper protection
• postgres, valkey, minio
• combox-backend API
• combox-app-vue frontend

• Copy .env.example to .env and change secrets (AUTH_*, BOT_TOKEN_PEPPER, POSTGRES_PASSWORD, MINIO_ROOT_PASSWORD).
• Service-specific templates are in env/ if you want to see the full list per service.

Prereqs:

• Docker Desktop (WSL2 backend recommended)

Run:

cd ComBox
docker compose --env-file .env up -d

Stop:

docker compose --env-file .env down

Docker:

cd ComBox
docker compose --env-file .env up -d

Podman:

cd ComBox
podman compose --env-file .env up -d

Docker Desktop:

cd ComBox
docker compose --env-file .env up -d

Colima (docker context):

colima start
cd ComBox
docker compose --env-file .env up -d

This repo includes an oci-containers config for NixOS: nix/containers.nix.

Assumptions:

• Runtime files are in /srv/combox (this repo contents).
• Environment is in /etc/combox.env (use .env.example as a base).

Example NixOS configuration snippet:

{ ... }:
{
  virtualisation.podman.enable = true;
  imports = [ /srv/combox/nix/containers.nix ];
}

Apply:

sudo nixos-rebuild switch

• Default config disables upstream TLS verification (EDGE_UPSTREAM_TLS_VERIFY=off) to avoid mTLS complexity in a one-repo quick start.
• If you enable upstream TLS, you must provide certificates and update edge nginx settings.
  • In compose, you will also need to mount mtls/ and set EDGE_UPSTREAM_TLS_* vars.

• App: https://app.localhost/
• API: https://api.localhost/
• Tools (admin): https://localhost:9443/

Ernela - Developer;
D7TUN6 - Idea, Developer