Status: Proposal — not implemented. Builds on the fabric proposal (read that first).
A way to expose specific fabric workloads publicly. The edge is just a Capsule with a public IP running a capsuled-managed Caddy whose config is regenerated from an edge_routes table — no new daemon, protocol, or third-party tunnel. TLS terminated at the edge (Let's Encrypt default, DNS-01, or manual certs); backends receive plaintext over the already-encrypted fabric. Supports direct-DNS, behind-cloud-LB, and behind-CDN models; HA via multiple edge capsules. Invariant: a workload is public only if an explicit edge_route references it.
📄 Full proposal: https://github.com/Project-Capsule/capsule/blob/main/docs/edge.md
Status: Proposal — not implemented. Builds on the fabric proposal (read that first).
A way to expose specific fabric workloads publicly. The edge is just a Capsule with a public IP running a capsuled-managed Caddy whose config is regenerated from an
edge_routestable — no new daemon, protocol, or third-party tunnel. TLS terminated at the edge (Let's Encrypt default, DNS-01, or manual certs); backends receive plaintext over the already-encrypted fabric. Supports direct-DNS, behind-cloud-LB, and behind-CDN models; HA via multiple edge capsules. Invariant: a workload is public only if an explicitedge_routereferences it.📄 Full proposal: https://github.com/Project-Capsule/capsule/blob/main/docs/edge.md