Skip to main content

Services

NeXuS consists of 11 microservices, 4 databases, and supporting infrastructure. Each service is an independent Docker container with its own build context.

Public Services

These services are exposed via Traefik with automatic HTTPS:

ServiceContainerPortURLPurpose
Frontendnexus-frontend3000nexus.sebhosting.comNext.js web application
API Gatewaynexus-api4000api.sebhosting.comREST API, Docker stats, DNS proxy
Auth Servicenexus-auth6000auth.sebhosting.comJWT authentication, user management
CMS Servicenexus-cms7000cms.sebhosting.comHeadless content management
CDN Servicenexus-cdn7001cdn.sebhosting.comStatic asset delivery
Cache Servicenexus-cache7002cache.sebhosting.comDistributed caching (Redis + Memcached)
WAF Servicenexus-waf7003waf.sebhosting.comWeb application firewall
AI Gatewaynexus-ai5000ai-gateway.sebhosting.comClaude API integration
MCP Servernexus-mcp5001mcp.sebhosting.comClaude MCP tool server
Grafananexus-grafana3000grafana.sebhosting.comMetrics visualization

Databases (Internal Only)

Databases run exclusively on the nexus-internal network with no public access:

DatabaseContainerPortPurpose
PostgreSQL 16nexus-postgres5432Users, refresh tokens, relational data
MongoDB 7nexus-mongodb27017CMS documents
Redis 7nexus-redis6379Session store, caching, pub/sub
Memcachednexus-memcached11211High-performance object cache

Monitoring

ServiceContainerPortPurpose
Prometheusnexus-prometheus9090Metrics collection (internal only)

Service Details

Frontend (nexus-frontend)

  • Stack: Next.js 16, React 19, TypeScript, Tailwind CSS
  • Features: Dashboard, DNS management, service monitoring, Grafana embed, MCP status
  • Auth: JWT access tokens + httpOnly refresh cookies
  • Plan system: Feature gating based on Basic/Pro/Enterprise tiers

API Gateway (nexus-api)

  • Stack: Express.js, TypeScript
  • Endpoints: /health, /status, /stats, /stats/logs/:name, /dns/*
  • Responsibilities: Docker container stats, Cloudflare DNS proxy, health aggregation
  • Dependencies: PostgreSQL, Redis, MongoDB

Auth Service (nexus-auth)

  • Stack: Express.js, bcryptjs, jsonwebtoken, PostgreSQL
  • Endpoints: /auth/register, /auth/login, /auth/refresh, /auth/me, /auth/logout
  • Security: Rate limiting (20 req/15min), bcrypt cost factor 12, JWT token rotation
  • First user automatically gets admin role

CMS Service (nexus-cms)

  • Stack: Express.js, MongoDB
  • Endpoints: /health, /status
  • Purpose: Headless content management for dynamic content

CDN Service (nexus-cdn)

  • Stack: Express.js
  • Endpoints: /health, /status
  • Purpose: Static asset delivery and optimization

Cache Service (nexus-cache)

  • Stack: Express.js, Redis, Memcached
  • Endpoints: /health, /status
  • Dependencies: Redis (primary), Memcached (secondary)
  • Purpose: Multi-tier distributed caching

WAF Service (nexus-waf)

  • Stack: Express.js
  • Endpoints: /health, /status
  • Purpose: Web application firewall rules and request filtering

AI Gateway (nexus-ai)

  • Stack: Express.js
  • Endpoints: /health, /status
  • Purpose: Proxy and rate-limit requests to Claude API

MCP Server (nexus-mcp)

  • Stack: Express.js, @modelcontextprotocol/sdk
  • Endpoints: POST /mcp, /health
  • Auth: Cloudflare Service Token validation
  • Tools: 8 tools across containers, services, and logs modules
  • Transport: StreamableHTTPServerTransport with JSON response mode

Grafana (nexus-grafana)

  • Image: grafana/grafana:latest
  • Auth: Admin password via GRAFANA_PASSWORD env var
  • Data source: Prometheus at nexus-prometheus:9090
  • Dashboards: Container resources, API metrics, database performance, cache hit rates