Pvdify Architecture
Four-plane architecture on a single Virtuozzo VPS.
Plane Model
┌─────────────────────────────────────────────────────────────────┐
│ EDGE PLANE (Cloudflare) │
│ DNS · TLS · WAF · Tunnels │
└──────────────────────────────┬──────────────────────────────────┘
┌───────────────────────┼───────────────────────┐
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│ MARKETING │ │ APP RUNTIME │ │ CONTROL │
│ (WHM/cPanel) │ │ (Podman+systemd)│ │ (Pvdify) │
│ Ports 80/443 │ │ Ports 3000+ │ │ Port 9443 │
│ 47 accounts │ │ App containers │ │ pvdifyd API │
└─────────────────┘ └─────────────────┘ └─────────────────┘
Plane Details
Edge Plane (Cloudflare)
| Capability | Implementation |
|---|
| DNS | 49 zones managed via flarectl (cf) |
| TLS | Full (strict) mode, origin certs |
| WAF | Managed rulesets, rate limiting |
| Tunnels | cloudflared for app ingress |
| Pages | Static site hosting (Forge docs) |
| Access | Zero Trust authentication |
CLI: cf (flarectl), cfw (wrangler), cloudflared
Marketing Plane (WHM/cPanel)
| Capability | Implementation |
|---|
| Web Server | LiteSpeed Enterprise |
| Accounts | 47 cPanel accounts |
| Databases | MariaDB 10.6 |
| PHP | 8.1, 8.2, 8.3 |
| WordPress | MainWP fleet (46 sites) |
| Email | Exim + Dovecot |
CLI: whmapi1, uapi, wp (WP-CLI), mwp (MainWP)
App Runtime Plane (Podman + systemd)
| Capability | Implementation |
|---|
| Runtime | Podman 4.9.4 (rootless) |
| Orchestration | systemd user units |
| Networking | Host ports 3000+ |
| Ingress | Cloudflare Tunnel |
| Registry | GitHub Container Registry |
Constraints:
- No Docker daemon (Podman only)
- No swap memory (strict resource limits)
- External CI builds only (no builds on VPS)
- Image-based deploys (no git push builds)
Control Plane (Pvdify)
| Component | Description |
|---|
| pvdifyd | Go daemon, API on port 9443 |
| pvdify | Go CLI, Heroku-style commands |
| gh pvdify | GitHub CLI extension |
| Admin UI | Svelte SPA at pvdify.win |
Dedicated IP: One of 199.167.201.52, .202.209, or .203.234
Current Deployment Status
| Component | Status | Notes |
|---|
| WHM/cPanel | ✅ Active | 47 accounts, LiteSpeed |
| Podman | ✅ Active | PostHog (data.philoveracity.com), browserless |
| pvdifyd | ✅ Active | Go daemon on port 9443, serves Admin UI |
| pvdify CLI | ⏳ Planned | Go CLI (to build) |
| cloudflared | ✅ Active | Tunnels: pvdify (pvdify.win), wirebot (wirebot.chat) |
| Cloudflare Pages | ✅ Active | Forge deployed |
| Cloudflare Access | ✅ Active | Forge protected |
Core Constraints
| Constraint | Implication |
|---|
| Single Virtuozzo VPS | All planes share one host |
| WHM/cPanel permanent | Never replaced, authoritative for marketing |
| Podman (rootless) | Container runtime, no Docker daemon |
| No swap memory | Hard memory limits, strict resource discipline |
| Kernel 3.10 | Some Go binaries need container wrapping |
| Cloudflare controls DNS/TLS | No origin TLS management |
| External CI only | No builds on VPS, image-based deploys |
Resource Allocation
| Resource | Total | Marketing | App Runtime | Control |
|---|
| RAM | 14 GB | ~4 GB | ~6 GB | ~500 MB |
| Disk | 350 GB | ~100 GB | ~50 GB | ~1 GB |
| IPs | 5 | 1 (shared) | 1-3 (apps) | 1 (dedicated) |
VPS IP Inventory
| IP | Assignment |
|---|
| 199.167.200.52 | Main/Shared (WHM default) |
| 199.167.201.52 | Available |
| 199.167.202.209 | Available |
| 199.167.203.234 | Available |
| 67.222.9.109 | thedream (dedicated) |
See Pvdify Control Plane for API, CLI, and Admin UI documentation.
