What if the Solar System view could surface every smart deployable in real time without exposing our local Postgres indexer to the public internet? That question drove this sprint to wire EVE Frontier’s smart assemblies directly into the map experience. The answer combined Dockerized services, a Cloudflared tunnel, and a FastAPI wrapper that respects the project’s zero-trust posture.
Earlier phases of the Solar System initiative focused on rendering fidelity—dynamic icon grouping, cinematic camera transitions, and halo coloring for tribal ownership (Solar System View: A Three-Day Journey). To translate assembly data into that scene, we had to bridge the gap between a developer-only Postgres database and Cloudflare Pages. The new tunnel-backed Assembly API is the connective tissue, complementing the broader Dual Database Pipeline while reusing data from our Smart Assemblies Expansion.
Why Solar System View Needed Local Data
EVE Frontier players rely on smart assemblies—portable refineries, totems, and relay structures—to project power inside a system. In earlier builds, the Solar System view showed celestial bodies but no deployables. We needed:
- Accurate coordinates sourced from our Primordium-backed Postgres indexer.
- Live tribe ownership, status, and deployable types for each assembly.
- A delivery mechanism that wouldn’t expose the indexer or require a production database migration.
The local indexer already supported these requirements, but we lacked a secure path to route the data to Pages. That is where Cloudflared became the frontier between private infrastructure and the public web.
Designing the Tunnelled Architecture
The approved architecture keeps the Postgres database sealed behind Docker networks while projecting a single HTTP endpoint to Cloudflare:
| Layer | Technology | Purpose |
|---|---|---|
| Frontend | React + Three.js | Requests assemblies via /api/assemblies?systemId=XXX and renders markers. |
| Cloudflare Worker | Pages Worker | Acts as proxy, caches results for five minutes, and preserves usage telemetry patterns. |
| Cloudflared Tunnel | cloudflare/cloudflared | Publishes assemblies.ef-map.com through tunnel ID fb7322e0-ea87-47f2-9a38-92c12b5875b9. |
| Assembly API | FastAPI + Uvicorn | Queries Postgres, transforms coordinates, returns structure metadata. |
| Data Source | Postgres (Primordium indexer) | Stores smart_assembly, smart_deployable, and tribe ownership tables. |
Cloudflared will happily connect without ingress rules, silently returning 503 errors. Mounting tools/assembly-api/config.yml into the container and restarting the tunnel was the linchpin. The troubleshooting guide now calls this out with before/after log snippets.
Dockerizing the Assembly API
We containerized the API and tunnel together inside tools/assembly-api/docker-compose.yml for reliable repeatability:
tools/win/start_assembly_api.ps1 orchestrates the entire stack—checks Docker Desktop, builds the FastAPI image, ensures the pg-indexer-reader_indexer-network exists, and blocks until /health returns {"status":"healthy"}.
Tokens live only in tools/assembly-api/.env. The script regenerates fresh credentials via cloudflared tunnel token if the file is missing, aligning with the incident response workflow that later saved us during the GitGuardian alert.
docker logs ef-cloudflared-tunnel --tail 20 became the canary. Successful runs show four active edge connections; any mention of “No ingress rules were defined” triggers a redeploy.
Transforming Coordinates for Solar View
The Assembly API does more than proxy SQL rows. It transforms universe-frame coordinates into the solar-frame orientation introduced when we shipped the bandwidth-optimized loading flow and refined starfield backgrounds. The FastAPI layer:
- Loads star center data from
solar_system_dbso values align with ourgetTransformedPositionhelper. - Applies the Y/Z axis swap fix documented in the 2025‑11‑10 decision log entry.
- Bundles tribe metadata so the renderer can color Lagrange point sprites immediately.
With the data normalized, the frontend simply consumes structured JSON and renders orbit-aligned billboards without additional math.
Operational Workflow and Testing
Shipping the tunnel wasn’t just about code—it required reliable operator scripts and quality gates:
- Start and Stop:
start_assembly_api.ps1andstop_assembly_api.ps1wrapdocker composeso non-coders can restart services safely. - Preview Deployments:
wrangler pages deploy dist --project-name ef-map --branch feature-solar-system-assemblprovided a preview endpoint at/api/assembliesfor smoke tests. - End-to-End Smoke: Loading Solitude systems in EVE Frontier Map now paints occupied Lagrange point sprites instantly, matching the counts surfaced in the Assemblies panel.
Bundling Cloudflared with the API keeps operators from juggling separate Windows services. It also made the later token rotation fix surgical—we regenerated credentials without touching container images or Compose files.
Results and What Comes Next
Integrating the tunnel accelerated gameplay insight for every EVE Frontier pilot:
- An average system call returns 40–60 assemblies in under 300 ms thanks to Postgres indexes.
- FastAPI responses include tribe and status data, unlocking richer visuals in Solar System view and upcoming overlay features.
- All traffic runs through Cloudflare, so Pages telemetry and rate limiting remain intact without exposing Postgres.
Next on the roadmap is to reuse the same tunnel for admin tools and to expand metrics coverage, pairing this article with the incident response retrospective on secret hygiene.
Related Posts
- Smart Assemblies Expansion: Tracking Portable Structures, Totems, and Tribal Markers – How we broadened the assembly dataset that now powers Solar System view.
- Solar System View: A Three-Day Journey from Concept to Production – Rendering and interaction groundwork that the tunnel now feeds.
- Dual Database Pipeline: Preparing for EVE Frontier Universe Updates – The documentation that keeps local Postgres snapshots reproducible.
- Reducing Cloud Costs by 93%: A Cloudflare KV Optimization Story – Earlier lessons on balancing performance with infrastructure cost.