This web infrastructure is deployed inside a multi-container, fully automated Docker environment managed via docker-compose. It separates core networking routines into functional containerized blocks.
Both containers bypass Docker's standard virtual bridge network loops and run directly on the host subsystem. This ensures seamless cross-container routing on native ports 80 and 443.
Acts as a secure perimeter interface. It maps local static directories into memory, manages standard security rules, points queries to Let's Encrypt validation maps, and enforces modern HTTPS traffic redirection.
Runs a daemon process checking certificate conditions every 12 hours. Upon identifying an expiration target under 30 days, it runs a background request cycle and explicitly hot-reloads the active web server without taking down connections.