Core Concepts

Infrastructure

Shared infrastructure services that support your deployments.

Infrastructure services are shared system components that support multiple deployments. These include the reverse proxy, databases, caching, and SSL certificate management.

What is Infrastructure?

Unlike regular deployments that represent individual applications, infrastructure services are shared resources used by many deployments. For example:

  • Nginx — Routes traffic to all your deployments
  • MySQL/PostgreSQL — Provides databases for multiple applications
  • Redis — Shared caching layer
  • Certbot — Manages SSL certificates for all domains

Infrastructure Types

Nginx (Reverse Proxy)

Nginx acts as the entry point for all web traffic, routing requests to the appropriate deployment based on domain names. 

# Example virtual host configuration (auto-generated)
server {
    listen 80;
    server_name blog.example.com;

    location / {
        proxy_pass http://my-wordpress:80;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

Features:

  • Automatic virtual host configuration
  • SSL termination
  • Load balancing (if configured)
  • HTTP to HTTPS redirection

Databases

Shared database servers that can host databases for multiple deployments:

Database Default Port Use Case
MySQL 3306 General purpose, WordPress, Laravel
MariaDB 3306 MySQL-compatible, drop-in replacement
PostgreSQL 5432 Advanced features, Django, Rails

Database management features:

  • Create and delete databases
  • Manage database users
  • Grant and revoke privileges
  • Execute SQL queries
  • Browse table data

Redis

In-memory data store for caching, sessions, and message queuing:

  • Session storage for web applications
  • Cache layer for database queries
  • Queue backend for background jobs

Certbot

Automates SSL certificate management using Let's Encrypt:

  • Request certificates for new domains
  • Automatic certificate renewal
  • Support for HTTP-01 and DNS-01 validation
  • Staging mode for testing

Managed vs External

Infrastructure services can be either managed by FlatRun or external:

Managed Infrastructure

FlatRun creates and controls the container. You can start, stop, and restart these services through the UI or API. 

infrastructure:
  database:
    enabled: true
    type: mysql
    # Container will be created and managed by FlatRun

External Infrastructure

The service exists outside FlatRun's control (existing container, cloud service, or separate server). FlatRun connects to it but doesn't manage its lifecycle. 

infrastructure:
  database:
    enabled: true
    type: mysql
    host: db.example.com  # External database
    port: 3306

Docker Networks

Infrastructure services use dedicated Docker networks to communicate with deployments:

Network Purpose
proxy Connects deployments to Nginx for external access
database Connects deployments to shared database services

Deployments join these networks to access infrastructure services: 

services:
  app:
    image: myapp
    networks:
      - default
      - proxy     # For web access via Nginx
      - database  # For database access

networks:
  proxy:
    external: true
  database:
    external: true

Managing Infrastructure

View Infrastructure Status

curl -X GET "http://localhost:8090/api/infrastructure" \
  -H "Authorization: Bearer $TOKEN"

Start/Stop Infrastructure

# Start
curl -X POST "http://localhost:8090/api/infrastructure/nginx/start" \
  -H "Authorization: Bearer $TOKEN"

# Stop
curl -X POST "http://localhost:8090/api/infrastructure/nginx/stop" \
  -H "Authorization: Bearer $TOKEN"

# Restart
curl -X POST "http://localhost:8090/api/infrastructure/nginx/restart" \
  -H "Authorization: Bearer $TOKEN"

View Logs

curl -X GET "http://localhost:8090/api/infrastructure/nginx/logs" \
  -H "Authorization: Bearer $TOKEN"

Configuration

Configure infrastructure services in your agent config:

infrastructure:
  default_proxy_network: proxy
  default_database_network: database

  database:
    enabled: true
    type: mysql
    container: flatrun-mysql
    root_user: root
    root_password: ${MYSQL_ROOT_PASSWORD}

  redis:
    enabled: true
    container: flatrun-redis
    port: 6379

Best Practices

  • Secure credentials — Use strong passwords for database root users
  • Network isolation — Only connect services to networks they need
  • Regular backups — Back up database volumes regularly
  • Monitor resources — Watch memory and CPU usage of infrastructure services
  • Update regularly — Keep infrastructure images updated for security patches

Related Topics

Reverse Proxy Configure Nginx integration Database Config Set up shared databases