Architecture overview
System architecture
Internet → Hetzner Network (MAC-filtered)
→ br0 (bridge, MAC 10:7c:61:4f:28:62)
→ Host services (Docker Stack auf 46.4.96.105)
→ Traefik v3.0 (Reverse Proxy + CrowdSec + Let's Encrypt)
→ auth-service (SSO, ForwardAuth)
→ platform-api + platform-ui (Hosting Panel)
→ open-webui, ollama, whisper, piper-tts, libretranslate
→ ai-agent, status-page, searxng, qdrant
→ sip-agent, comm-hub (VoIP/WebRTC)
→ mariadb, redis, phpmyadmin
→ hosting-webserver, hosting-php84, hosting-sftp
→ hosting-postfix, hosting-dovecot, hosting-rspamd, hosting-roundcube
→ KVM VMs (geroutete Public IPs via br0)
→ ansitel (46.4.96.150) - Ansitel PBX
Directory
Production paths
| Path |
Purpose |
/etc/xynap/stack/docker-compose.yml |
Production Compose – all services |
/etc/xynap/traefik/ |
Traefik Config (dynamic routes, TLS) |
/etc/xynap/platform/ |
Platform Config (backend.env, infrastructure.json) |
/usr/local/xynap/platform/backend/ |
Platform API Source (FastAPI) |
/usr/local/xynap/platform/frontend/ |
Platform UI Source (Vue 3) |
/usr/local/xynap/comm-hub/ |
Communication Hub |
/usr/local/xynap/voicebot/ |
FreeSwitch + AI Brain |
/usr/local/xynap/auth-service/ |
SSO Auth-Service |
/var/lib/xynap/ |
Persistent data (customers, mail, backups) |
Home directory (/home/admin/)
| Path |
Purpose |
installer/ |
KVM Host Setup Scripts |
scripts/ |
Network Safety Tools, Utilities |
config/ |
Reference containers |
docs/ |
Documentation, Plaene |
domain-ctl/ |
PHP CLI fuer Hetzner DNS |
Application modules
The Platform API is modular:
Core modules (inapp/core/)
| Module |
Endpoints |
Description |
| auth |
30+ |
JWT, TOTP, OAuth2, Telegram 2FA |
| users |
8 |
User management, roles |
| customers |
6 |
Customer management |
| domains |
12 |
Domain-CRUD, DNS Records, Verify |
| dns provider |
7 |
Provider-CRUD, Test, Zones |
| billing |
4 |
Invoices, Plaene |
| tickets |
6 |
Support tickets |
| monitoring |
4 |
System health, container |
| backups |
7 |
Backpacks, triggers |
| s |
3 |
ACME, Traefik-Sync |
| notifications |
3 |
App/Email/Telegram |
| workflows |
8 |
Workflow engine |
| security |
4 |
CrowdSec Integration |
Feature modules (inapp/modules/)
| Module |
Endpoints |
Description |
| hosting |
9 |
Web hosting sites, Databases |
| email |
10 |
Mailboxes, Aliase, DKIM |
| sip |
15+ |
SIP Trunks, Extensions, Ring Groups |
| coder |
4 |
AI Coding Agent |