[ezra] ADRs + Execution KT for Matrix/Conduit (#183, #166)

- Add 5 standalone ADRs in infra/matrix/docs/adr/ - Add EXECUTION_ARCHITECTURE_KT.md: exact path from DNS decision to fleet ops - Architecture proof and continuity preserved
2026-04-05 18:20:46 +00:00
parent f29991e3bf
commit 3e25474e56
7 changed files with 450 additions and 0 deletions
--- a/infra/matrix/docs/adr/ADR-004-caddy-reverse-proxy.md
+++ b/infra/matrix/docs/adr/ADR-004-caddy-reverse-proxy.md
@@ -0,0 +1,38 @@
+# ADR-004: Reverse Proxy Selection — Caddy
+
+**Status**: Accepted  
+**Date**: 2026-04-05  
+**Deciders**: Ezra (architect), Timmy Foundation  
+**Scope**: TLS termination and reverse proxy for Matrix/Conduit (#166, #183)
+
+---
+
+## Context
+
+Options for reverse proxy + TLS:
+- **Caddy** (auto-TLS, simple config)
+- **Traefik** (Docker-native, label-based)
+- **Nginx** (ubiquitous, more manual)
+
+## Decision
+
+Use **Caddy** as the dedicated reverse proxy for Matrix services.
+
+## Consequences
+
+| Positive | Negative |
+|----------|----------|
+| Automatic ACME/Let's Encrypt | Less community Matrix-specific examples |
+| Native `.well-known` + SRV support | New config language for ops team |
+| No Docker label magic required | |
+| Clean separation from existing Traefik | |
+
+## Implementation
+
+See:
+- `infra/matrix/caddy/Caddyfile`
+- `deploy/matrix/Caddyfile`
+
+## References
+
+- Issue: [#183](http://143.198.27.163:3000/Timmy_Foundation/timmy-config/issues/183)