Containerized development environment with enterprise-grade security
Playtopia Dev Lab is a comprehensive containerized development environment that enables rapid deployment of web services with enterprise-grade security, automatic SSL, and authentication. Built on Docker Compose with Traefik v3.0 and Authelia, it provides a production-ready infrastructure platform for hosting multiple applications under a unified domain.
| Component | Technology | Purpose |
|---|---|---|
| Reverse Proxy | Traefik v3.0 | SSL termination, routing, load balancing |
| Authentication | Authelia | Enterprise access control and session management |
| Container Platform | Docker Compose | Service orchestration and networking |
| Documentation | Hugo Static Site Generator | Project showcase and technical documentation |
| Development Environment | VS Code Server | Browser-based IDE with remote development |
| Infrastructure Management | Portainer | Docker container administration interface |
| SSL Certificates | Let’s Encrypt | Automatic HTTPS certificate generation and renewal |
networks:
services-network:
driver: bridge
ipam:
config:
- subnet: 172.25.0.0/16
# Standard service template
service-name:
build: ./service-directory
container_name: service-name
restart: unless-stopped
networks:
- services-network
labels:
- traefik.enable=true
- traefik.http.routers.service.rule=Host(`subdomain.playtopia.com.au`)
- traefik.http.routers.service.entrypoints=websecure
- traefik.http.routers.service.tls.certresolver=letsencrypt
- traefik.http.routers.service.middlewares=authelia-auth # Optional
traefik:
image: traefik:v3.0
container_name: traefik
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/traefik:/data
command:
- --providers.docker=true
- --certificatesresolvers.letsencrypt.acme.tlschallenge=true
- --certificatesresolvers.letsencrypt.acme.email=admin@playtopia.com.au
authelia:
image: authelia/authelia:latest
container_name: authelia
restart: unless-stopped
volumes:
- ./config/authelia:/config
environment:
- TZ=Australia/Sydney
hugo:
build: ./data/hugo
container_name: hugo
restart: unless-stopped
labels:
- traefik.http.routers.hugo.rule=Host(`playtopia.com.au`)
- traefik.http.routers.hugo.tls.certresolver=letsencrypt
/home/thrax/unified-services/service-name/
├── Dockerfile # nginx:alpine base image
├── nginx.conf # Web server configuration with security headers
└── public/ # Static web assets
├── index.html
├── css/main.css
├── js/app.js
└── assets/images/
FROM nginx:alpine
# Copy static files
COPY public/ /usr/share/nginx/html/
# Copy nginx configuration with security headers
COPY nginx.conf /etc/nginx/conf.d/default.conf
# Health check for container monitoring
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
CMD curl -f http://localhost/ || exit 1
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
server {
listen 80;
server_name _;
root /usr/share/nginx/html;
index index.html index.htm;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header X-XSS-Protection "1; mode=block" always;
# Gzip compression for performance
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types text/plain text/css text/xml text/javascript
application/javascript application/xml+rss application/json;
# SPA-friendly routing
location / {
try_files $uri $uri/ /index.html;
}
# Cache static assets for performance
location ~* \.(jpg|jpeg|png|gif|ico|css|js|woff|woff2|ttf|svg)$ {
expires 1y;
add_header Cache-Control "public, immutable";
access_log off;
}
# Security: deny access to sensitive files
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
}
# Example: Full-stack application with frontend/backend/database
application-frontend:
build: ./app/frontend
depends_on:
- application-backend
labels:
- traefik.http.routers.app.rule=Host(`app.playtopia.com.au`)
- traefik.http.routers.app.middlewares=authelia-auth
application-backend:
build: ./app/backend
depends_on:
- application-database
environment:
- DATABASE_URL=postgresql://user:pass@application-database:5432/db
application-database:
image: postgres:16-alpine
volumes:
- app_postgres_data:/var/lib/postgresql/data
| Service | URL | Technology Stack | Authentication | Purpose |
|---|---|---|---|---|
| Hugo Site | playtopia.com.au |
Hugo + Go templates | ❌ Public | Landing page and project showcase |
| VS Code Server | dev.playtopia.com.au |
code-server + Node.js | ✅ Family+ | Browser-based development environment |
| Portainer | portainer.playtopia.com.au |
Docker management UI | ✅ Admin | Container administration interface |
| Traefik Dashboard | traefik.playtopia.com.au |
Traefik v3.0 | ✅ Admin | Infrastructure monitoring and routing |
| Match’n Gacha | gacha.playtopia.com.au |
Phaser.js + HTML5 Canvas | ❌ Public | Mobile-optimized puzzle game |
| Elemedals | elemedals.playtopia.com.au |
HTML5 Canvas + JavaScript | ❌ Public | Elemental match-3 puzzle game |
| RhythmMech | rhythm.playtopia.com.au |
Phaser.js + Web Audio API | ❌ Public | Anime/mecha rhythm game |
| Regression Tester Pro | rtp.playtopia.com.au |
Next.js 14 + Node.js + PostgreSQL | ✅ Family+ | Testing management platform |
| MSR Generator | msr.playtopia.com.au |
React 18 + Node.js + PostgreSQL | ✅ Admin | Automated report generation |
| Tool | Access Level | Purpose |
|---|---|---|
| Authelia | Login Portal | Authentication and session management |
| Jellyfin | Public | Media streaming server |
| Admin Portals | Protected | Service-specific administration interfaces |
cd /home/thrax/unified-services
mkdir new-service && cd new-service
# Create standard structure
mkdir public
touch Dockerfile nginx.conf
echo '<!DOCTYPE html><html><head><title>New Service</title></head><body><h1>Hello World</h1></body></html>' > public/index.html
# Add to docker-compose.yml
new-service:
build: ./new-service
container_name: new-service
restart: unless-stopped
networks:
- services-network
labels:
- traefik.enable=true
- traefik.http.routers.newservice.rule=Host(`newservice.playtopia.com.au`)
- traefik.http.routers.newservice.entrypoints=websecure
- traefik.http.routers.newservice.tls.certresolver=letsencrypt
# Build and deploy
docker compose build new-service --no-cache
docker compose up -d new-service
# Verify deployment
curl -I https://newservice.playtopia.com.au
docker compose logs -f new-service
# Start all services
docker compose up -d
# Start specific service with rebuild
docker compose build service-name --no-cache && docker compose up -d service-name
# View service logs with follow
docker compose logs -f service-name
# Check service health status
docker compose ps
# Restart service
docker compose restart service-name
# Remove service and volumes
docker compose down service-name --volumes
# Check certificate generation logs
docker compose logs traefik | grep acme
# View current certificates
ls -la data/traefik/acme.json
# Force certificate renewal (if needed)
docker compose restart traefik
# View authentication logs
docker compose logs authelia
# Check user session status
docker compose exec authelia cat /config/users_database.yml
# Test authentication flow
curl -I https://auth.playtopia.com.au
Playtopia Dev Lab delivers production-grade infrastructure with:
Playtopia Dev Lab represents a complete containerized development platform that successfully combines enterprise-grade security, automatic operations, and developer productivity tools into a unified infrastructure solution capable of hosting complex multi-service applications with minimal operational overhead.