DocHub
DocHub/Infrastructure/Contabo Singapore Dev Server/Server Overview
Contabo Singapore VPS specs, purpose, services, and migration history from OVH5

Contabo Singapore Dev Server

The primary AI development server hosting 5 LXC containers, each running an independent Claude Code instance. Replaced OVH5 “main” (France) on 2026-03-04 for better regional connectivity.

Server Details

Item Value
Provider Contabo
Location Singapore
IP Address 62.72.47.64
SSH ssh ovh5 (ubuntu) or ssh contabo-sg (root)
vCPUs 12
RAM 48 GB
Storage 250 GB NVMe
OS Ubuntu 24.04 LTS

Services Running

Service Systemd Unit Port Purpose
nginx nginx.service 80, 443 Reverse proxy for dashboard, web terminals, news API
Claude Net claude-net.service 3500 Inter-instance messaging hub
Dashboard dashboard.service 3580 Monitoring dashboard (admin.ipnoelp.io)
Fast collector collect-dashboard.timer - Metrics every 30s
Slow collector collect-dashboard-slow.timer - Token/disk metrics every 5min
fail2ban fail2ban.service - SSH brute-force protection
LXC networking lxc-net.service - Bridge network for containers
ttyd (x5) ttyd-{container}.service 7681-7685 Web terminal per container

DNS Records (Cloudflare)

Domain Type Target Proxy
admin.ipnoelp.io A 62.72.47.64 Yes
term.ipnoelp.io A 62.72.47.64 Yes
chas.ipnoelp.io A 62.72.47.64 Yes
info.ipnoelp.io A 62.72.47.64 Yes
jaz.ipnoelp.io A 62.72.47.64 Yes
mgr.ipnoelp.io A 62.72.47.64 Yes
news.ipnoelp.com A 62.72.47.64 Yes
news.lifeonroatan.com A 62.72.47.64 Yes

Network Architecture

Internet
  |
  +-- Cloudflare (SSL termination, Access auth)
       |
       +-- nginx (:443, self-signed SSL, Cloudflare Full mode)
            |
            +-- /api/status    --> dashboard (127.0.0.1:3580)
            +-- /chasclaude/   --> ttyd (127.0.0.1:7681)
            +-- /infoclaude/   --> ttyd (127.0.0.1:7682)
            +-- /seanclaude/   --> ttyd (127.0.0.1:7683)
            +-- /jazclaude/    --> ttyd (127.0.0.1:7684)
            +-- /managerclaude/--> ttyd (127.0.0.1:7685)
       |
       +-- SSH (:22) --> host
       +-- SSH (:2211-2215) --> containers (via iptables DNAT)
       +-- Mosh UDP (:60011-60060) --> containers

Firewall (UFW + iptables)

UFW rules:

  • Allow: SSH (22), HTTP (80), HTTPS (443)
  • Allow: Container SSH ports (2211-2215)
  • Allow: Claude Net (3500)
  • Allow: Mosh UDP (60011-60060)
  • Default deny incoming

iptables NAT (in /etc/rc.local):

  • MASQUERADE on lxcbr0 for container internet access
  • DNAT ports 2211-2215 to container IPs 10.0.3.11-15:22
  • DNAT Mosh ranges to respective containers

Security

Layer Details
fail2ban 3 SSH retries, 24-hour ban
SSH Key-only auth, no root login, MaxAuthTries=3
UFW Default deny, explicit allowlist
Cloudflare Access Google OAuth (@omelasai.com) for web services
SSL Self-signed certs behind Cloudflare proxy (Full mode)

Migration History

Date Event
2026-03-04 Migrated from OVH5 “main” (15.204.90.153, France)
2026-03-04 DNS cutover completed, all services verified
2026-03-04 Web terminals (ttyd) deployed
Pending OVH5 “main” destruction (48h rollback window)

The migration used parallel rsync (6 streams, ~43 MB/s) to transfer ~36 GB of LXC container data. SSH host keys were transferred from OVH5 to prevent known_hosts warnings during DNS cutover.