Orchestrator Integration: VPS-Native Logic Monitor

System Context

The SERVER-MANAGER repository acts as the central, privileged orchestrator (The "God-Mode" Instance) for the VPS infrastructure. This document defines the integration boundaries and isolation rules between the local orchestrator and the remote VPS Containers.

Privilege Level

Instance	Privilege	Scope	Criticality
SERVER-MANAGER (Orchestrator)	Elevated	Full system access, all secrets, backup management	Critical
Antigravity IDE (Emergency)	Full	User-level filesystem and agent-specific tools	High
VPS Containers (Isolated)	Restricted	Specific container execution, isolated workspace	High

Orchestration Boundary Diagram

graph TD
    classDef Client fill:#f9f9f9,stroke:#333,stroke-width:2px;
    classDef Orchestrator fill:#e1d5e7,stroke:#9673a6,stroke-width:2px;
    classDef Remote fill:#dae8fc,stroke:#6c8ebf,stroke-width:2px;

    Developer[Developer Linux Host] -->|SSH Key: id_ed25519_antigravity| VPS[Strato VPS System]
    class Developer Client

    subgraph VPS [Strato VPS System]
        IDE[Antigravity IDE Container] -->|Emergency Notfallmodus| DockerEngine[Docker Engine / Compose]
        HostScripts[/opt/cfs-infra/ & /usr/local/bin/] -->|System Maintenance| DockerEngine
        class IDE,HostScripts Orchestrator
    end
    
    DockerEngine -->|Manages| WebUI[Open WebUI Container]
    DockerEngine -->|Manages| DBs[(MariaDB 10.11 Stack)]
    DockerEngine -->|Manages| Ollama[Ollama Container]
    class DockerEngine,WebUI,DBs,Ollama Remote

Bash Automation & Execution Framework

The orchestrator uses native Linux shell/bash environments as the primary execution environment:

• Shell Environment: POSIX/Bash-compliant scripting environments on Linux.
• Key Authentication: SSH keys (~/.ssh/id_ed25519_antigravity) with passphrase-less connections to host user accounts.
• Emergency mode (Notfallmodus): If local access is disrupted, all orchestration tasks can be executed inside the Antigravity IDE container, which has the repository checked out and tools pre-installed.
• Audit Logging: VPS activity is logged in /var/log/cfs-infra/ (if enabled) and Docker compose outputs.

Isolation Rules (Boundary Conditions)

To prevent privilege leakage from the orchestrator to the isolated agents:

1. Secret Isolation:
   • Secrets are NEVER passed directly to the Antigravity IDE container via environment variables.
   • All secret injections must occur during the Provisioning Phase of the SERVER-MANAGER and remain encrypted on the VPS.
2. Logic Monitoring:
   • Any script in workspaces/ that attempts to scale its own container privileges or modify the Docker daemon configuration must be flagged as a security risk.
3. Volume Isolation & Persistence:
   • No isolated container can mount the orchestrator's core persistence volume (/opt/cfs-infra/) with write access.
   • The Antigravity IDE is granted a dedicated persistence mount (/opt/antigravity/data/kasm-profile-persistent) managed via Direct Bind Mount.
   • Standardized UID 1000 (kasm-user) is used for all agent operations to maintain filesystem compatibility without privilege escalation.
4. Branch & Deployment Discipline:
   • Local SERVER-MANAGER: Changes are pushed directly to main.
   • No Cross-Repo Sync: SERVER-MANAGER documentation is independent and deployed directly via Github Actions or FTP to the production server.

Port Management

• Traefik (Entryway): Manages all public HTTPS entry points.
• Portainer (Management): Restricted to internal LAN or specific secure SSH tunnel.
• Antigravity (IDE): Exposed via Traefik with OIDC/Basic-Auth protection.

---

Note: This integration ensures that even if an isolated container is compromised, the "God-Mode" orchestrator remains protected.