farhoodlabs/devcontainer
8
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 39 Wiki Activity
Files
32e87254d2b8ea48a9d8bb0679a01bafc8818aa5
devcontainer/memory/MEMORY.md
T
Chris Farhood dfc0a3c1e3 catchup
2026-02-19 19:55:05 -05:00

1.2 KiB
Raw Blame History

Antigravity Dev Container - Session Notes

Key Architecture Facts

  • Image: ghcr.io/cpfarhood/devcontainer:latest (repo name is devcontainer, not antigravity)
  • imagePullPolicy: Always in statefulset (set during initial deployment debugging)
  • Service must NOT be headless (clusterIP: None) — Cilium gateway can't route to headless services
  • SECURE_CONNECTION=0 — TLS is terminated at the gateway, not the app
  • Container user is user (UID 1000) — baseimage-gui runs startapp.sh as app user, sudo is not available
  • HTTPRoute is managed by Authentik outpost, not in kustomization

Cluster Patterns

  • External gateway: external in gateway-system, handles *.farh.net on port 443 HTTPS only
  • Hostnames must be exactly *.farh.net (not *.subdomain.farh.net) to match gateway listener
  • Authentik outpost Terraform lives in ../kubernetes/terraform/authentik-*-proxy/
  • Outpost config uses external gateway for public apps, internal for internal apps

Common Gotchas

  • baseimage-gui creates user dynamically — don't hardcode usernames in scripts, use numeric UID/GID
  • chown /home fails (PVC root not owned by container) — only chown subdirectories
  • sudo not available in startapp.sh — script already runs as correct user
Reference in New Issue View Git Blame Copy Permalink