- Dockerfile: add openssh-client + autossh to edge image
- entrypoint-edge.sh: start autossh reverse tunnel before Caddy when
EDGE_TUNNEL_HOST is set; no-op when unset (local-only dev works unchanged)
- generators.sh: pass EDGE_TUNNEL_{HOST,USER,PORT,FQDN} env vars and
bind-mount secrets/tunnel_key into the edge service
Decommission steps for old host-level reverse-tunnel.service:
sudo systemctl disable --now reverse-tunnel.service
sudo rm /etc/systemd/system/reverse-tunnel.service
sudo systemctl daemon-reload
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Dockerfile: caddy:latest is Alpine, needs apk not apt-get. Add python3
which dispatcher.sh requires for JSON filtering since Apr 6.
dispatcher.sh: BusyBox mktemp does not support suffixes after XXXXXX
template. Remove .txt suffix.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Create docker/edge/Dockerfile with bash, jq, curl, git, docker-cli
- Create docker/edge/dispatcher.sh as placeholder no-op loop
- Update edge service to build from ./docker/edge instead of caddy:alpine image
- Mount Docker socket into edge container for dispatcher access
- Mount dispatcher.sh as read-only volume
