Gruppo:
Priorità:
graph TD
subgraph INTERNET["Internet pubblico"]
USER(["Utente"])
BOT(["Telegram Bot"])
end
subgraph OCI["Oracle Cloud Security List"]
OCI_FW["porte aperte: 22 / 80 / 443 / 8000 / 41641"]
end
subgraph TS["Tailscale VPN 100.125.202.46"]
TS_NODE(["Client VPN"])
end
subgraph SERVER["Server 89.168.19.62"]
UFW["UFW Firewall"]
subgraph PROXY["Nginx aaPanel - Reverse Proxy"]
NGINX["Nginx
:80 / 10.0.0.248:443"]
end
subgraph PUB["Servizi pubblici - rete web"]
N8N["n8n
:5678"]
JESSI["jessi
:8083"]
VOGHERA["servizi-voghera
:8082"]
OPENCLAW_GW["OpenClaw gateway
:18789 systemd"]
DASHBOARD["Dashboard
:8084"]
end
subgraph KONG_SVC["API Gateway :8000"]
KONG["Kong 3.7.1
:8000 proxy / :8001 admin"]
PYTHON["python-test
:8080"]
end
subgraph TS_ONLY["Solo Tailscale - non su internet"]
AAPANEL["aaPanel
:7822"]
PORTAINER["Portainer
:9000"]
PHPMYADMIN["phpMyAdmin
:888"]
POSTGRES["PostgreSQL
:5432"]
MYSQL["MySQL
:3306"]
end
end
USER -->|"HTTPS :443"| OCI_FW
USER -->|"HTTP :8000"| OCI_FW
BOT -->|"Telegram API"| OPENCLAW_GW
OCI_FW --> UFW
UFW -->|":80/:443"| NGINX
UFW -->|":8000"| KONG
NGINX --> N8N
NGINX --> JESSI
NGINX --> VOGHERA
NGINX --> OPENCLAW_GW
NGINX --> DASHBOARD
KONG --> PYTHON
TS_NODE -->|"VPN :7822"| AAPANEL
TS_NODE -->|"VPN :9000"| PORTAINER
TS_NODE -->|"VPN :888"| PHPMYADMIN
TS_NODE -->|"Serve :443"| OPENCLAW_GW
PYTHON --> POSTGRES
N8N --> POSTGRES
graph LR
subgraph HOST["Host Ubuntu 20.04 ARM64"]
subgraph NET_WEB["rete: web"]
C_N8N["n8n-docker-n8n-1
127.0.0.1:5678"]
C_JESSI["jessi-jessi-1
127.0.0.1:8083"]
C_VOGHERA["servizi-voghera-web-1
127.0.0.1:8082"]
C_DASHBOARD["dashboard-web
127.0.0.1:8084"]
end
subgraph NET_WP["rete: webpanel"]
C_KONG["webpanel-kong
0.0.0.0:8000 / 127.0.0.1:8001"]
C_KONGDB["kong-db
interno"]
C_POSTGRES["webpanel-postgres
127.0.0.1:5432"]
C_PORTAINER["webpanel-portainer
127.0.0.1:9000"]
C_PYTHON["webpanel-python-test
127.0.0.1:8081"]
end
subgraph SYSTEMD["systemd - bare-metal"]
S_NGINX["Nginx aaPanel
:80 / 10.0.0.248:443"]
S_OPENCLAW["openclaw-gateway
127.0.0.1:18789"]
S_MYSQL["MySQL 8.0
127.0.0.1:3306"]
S_AAPANEL["aaPanel
100.125.202.46:7822"]
S_TAILSCALE["Tailscale
100.125.202.46"]
end
VOL_N8N[("n8n_data
NON eliminare")]
VOL_KONG[("kong_db_data")]
end
C_N8N --- VOL_N8N
C_KONG --> C_KONGDB
C_KONGDB --- VOL_KONG
C_KONG --> C_PYTHON
S_NGINX --> C_N8N
S_NGINX --> C_JESSI
S_NGINX --> C_VOGHERA
S_NGINX --> C_DASHBOARD
S_NGINX --> S_OPENCLAW
S_TAILSCALE --> S_OPENCLAW
graph TD
subgraph INFRA["Infrastruttura base"]
TAILSCALE["Tailscale
VPN mesh"]
NGINX["Nginx aaPanel
reverse proxy + SSL"]
UFW["UFW
firewall"]
LETSENCRYPT["Let's Encrypt
SSL auto-rinnovo"]
end
subgraph DATA["Storage e database"]
MYSQL["MySQL 8.0
aaPanel DB"]
POSTGRES["PostgreSQL
app DB"]
BACKUP["Backup MySQL
cron 03:00"]
end
subgraph APPS["Applicazioni"]
N8N["n8n
workflow automation"]
JESSI["jessi
sito statico"]
VOGHERA["servizi-voghera
sito statico"]
DASHBOARD["Dashboard
monitoraggio"]
PYTHON["python-test
FastAPI REST"]
end
subgraph GW["API Layer"]
KONG["Kong 3.7.1
API Gateway + rate-limit"]
end
subgraph AI["AI e Automazione"]
OPENCLAW["OpenClaw
gpt-5.2 Telegram bot"]
TELEGRAM["@mardecopas_bot
Telegram"]
end
subgraph MON["Monitoring"]
CRON["cron 5min
check-status.py"]
PORTAINER["Portainer
Docker UI"]
end
UFW --> NGINX
LETSENCRYPT --> NGINX
NGINX --> N8N
NGINX --> JESSI
NGINX --> VOGHERA
NGINX --> OPENCLAW
NGINX --> DASHBOARD
KONG --> PYTHON
PYTHON --> POSTGRES
N8N --> POSTGRES
MYSQL --> BACKUP
OPENCLAW --> TELEGRAM
TAILSCALE --> PORTAINER
TAILSCALE --> OPENCLAW
CRON --> DASHBOARD
PORTAINER --> POSTGRES
PORTAINER --> KONG
PORTAINER --> N8N