<!-- canonical: https://docs.axelabs.ai/ops/inventory -->
<!-- source: content/ops/inventory.mdx -->

---
title: 인프라 인벤토리
description: 모든 서비스 / 포트 / 파일 / launchd / 컨테이너 전체 목록.
---

# 인프라 인벤토리

## 포트 할당

[/Users/axe/CLAUDE.md](https://github.com/soohunkang/blueprint/blob/main/CLAUDE.md) 가 SSOT. 본 표는 후행 정리.

| 범위 | 프로젝트 |
|---|---|
| 31xx | Blueprint |
| 32xx | Cortex |
| 33xx | Artemis |
| 34xx | Distributa |
| 35xx | Kolon Discussion |
| 36xx | mysrt |
| 37xx | frame |
| 38xx | hive |
| 39xx | axelabs (회사 홈 + @axe/ui) + matrix (인프라 모니터링 MCP) |
| 31xx ~ | docs (3140 = axelabs-docs) |

### 전체 포트 테이블

| 서비스 | 포트 | 컨테이너 / 프로세스 | 관리 |
|---|---|---|---|
| Blueprint Next.js dev | 3100 | node | 수동 |
| Blueprint WebSocket | 3101 | node | 수동 |
| Blueprint Docker nginx | 3180 / 3143 | Docker | docker compose |
| Cortex Postgres 16 | 3200 | Docker `cortex-postgres` | docker compose |
| Cortex MCP blue | 3210 | Docker `cortex-mcp-blue` (alias `cortex-mcp` active) | docker compose |
| Cortex MCP green | 3211 | Docker `cortex-mcp-green` (passive) | docker compose (task 15) |
| Cortex proxy (Caddy blue/green selector) | 3212 | Docker `axe-cortex-proxy` | docker compose (task 15) |
| Cortex cloudflared (legacy, mysrt only) | 20241 | cloudflared | launchd `com.cortex.cloudflared` — D-cortex-7 후 cortex 라우트 제거, mysrt.axellc.com 만 서비스 |
| Artemis Qdrant | 6333 | Docker | docker compose |
| Artemis Caddy | 3380 / 3343 | Docker | docker compose |
| Distributa Next.js | 3400 | node | 수동 |
| Kolon Discussion | 3500 | node | 수동 |
| mysrt FastAPI | 3600 | uvicorn | launchd `com.mysrt.app` |
| frame Postgres 16 | 3700 | Docker `frame-postgres` | docker compose |
| frame MCP blue | 3710 | Docker `frame-mcp-blue` | docker compose |
| frame MCP green | 3711 | Docker `frame-mcp-green` | docker compose |
| frame proxy (Caddy blue/green selector) | 3712 | Docker `${CUSTOMER_PREFIX:-axe}-frame-proxy` (기본 `axe-frame-proxy`, 멀티커스터머 prefix 변수화) | docker compose |
| Blueprint Postgres 16 | 3120 | Docker `blueprint-postgres` | docker compose |
| Blueprint MCP blue | 3152 → 3000 | Docker `blueprint-mcp-blue` (alias `blueprint-mcp` active) | docker compose |
| Blueprint MCP green | 3153 → 3000 | Docker `blueprint-mcp-green` (passive) | docker compose |
| Blueprint MCP proxy (Caddy) | 3151 | Docker `axe-blueprint-mcp-proxy` | docker compose |

> blueprint-mcp blue/green 은 Microsoft Entra 토큰 + **Blueprint 플랫폼 토큰**(`axe login`, D-axe-idp-1) 둘 다 수용 — `environment:` 의 `BLUEPRINT_ISSUER=https://blueprint.axellc.com`(+ `BLUEPRINT_AUDIENCE`) 가 자체 OP 의 resource-server 신뢰를 켠다 (2026-06-04, [known-gaps](/ops/known-gaps#oidc-발행자가-자기-토큰을-401-issuer--resource-server)). 미설정 시 Entra 경로만.

| hive Postgres 16 | 3800 | Docker `hive-postgres` | docker compose |
| hive MCP blue | 3810 | Docker `hive-mcp-blue` | docker compose |
| hive MCP green | 3811 | Docker `hive-mcp-green` | docker compose |
| hive proxy (Caddy blue/green selector) | 3812 | Docker `axe-hive-proxy` | docker compose |
| axelabs-docs (이 문서) | 3140 | node | 수동 / launchd 검토 |
| axelabs (회사 홈 + @axe/ui 쇼케이스) | 3900 | Docker `axelabs` (Next.js standalone) | docker compose |
| matrix Postgres 16 | 3901 | Docker `matrix-postgres` | docker compose |
| matrix MCP blue | 3910 | Docker `matrix-mcp-blue` (alias `matrix-mcp` active) | docker compose |
| matrix MCP green | 3911 | Docker `matrix-mcp-green` (passive) | docker compose |
| matrix proxy (Caddy blue/green selector) | 3912 | Docker `axe-matrix-proxy` (127.0.0.1 bind) | docker compose |
| stream MCP (realchoice) | 8780 | Docker `stream-mcp` | docker compose |
| magnet MCP (realchoice) | 8770 | Docker `magnet-mcp` | docker compose |

## launchd 서비스 (자동 시작)

| 라벨 | 용도 | 빈도 |
|---|---|---|
| `com.cortex.cloudflared` | mysrt.axellc.com tunnel (legacy 명) — 추후 axe-tunnel Docker 로 이전 후 폐기 | always |
| `com.artemis.filings` | 공시 수집 | 매일 18:00 |
| `com.artemis.collectors` | WatchPath 트리거 | event |
| `com.mysrt.app` | mysrt (:3600) | always |
| `com.frame.token-rotation` | frame JWT 갱신 | 매 8h |
| `com.frame.integrity-check` | nightly 무결성 감사 | 매일 |
| `com.axe.backup.local` | local restic backup | 매일 03:00 KST |
| `com.axe.ring.push` | ring backup push | 매일 03:30 KST |
| `com.axe.restore-drill` | 분기별 restore drill | Jan/Apr/Jul/Oct 15 03:00 |
| `com.axe.console.rebuild` | 운영자 콘솔 rebuild | 매시 |
| `com.axe.health-check` | 인프라 health probe | 매분 |
| `com.axe.secret-check` | secret 만료 알림 | 매일 09:00 |
| `com.axe.operator-alert-notify` | Blueprint silent-drop L2 — `[OPERATOR-ALERT]` 마커 tail → macOS notification (D-bp-alert-1, 2026-05-22) | always (KeepAlive) |
| `com.axe.netheal` | 인터넷 자가치유 — WAN 끊김 시 DNS플러시→DHCP갱신→WiFi바운스 + ISP 인지 백오프 (D-matrix-4). `/usr/local/sbin/axe-netheal.sh`, 로그 `/var/log/axe-netheal.log` | always (KeepAlive) |

전체 list:

```bash
launchctl list | grep -E 'cortex|artemis|mysrt|frame|axe' | head -30
```

## Docker 컨테이너 (axe-macmini 기준)

```
axelabs-tunnel              cloudflared (axelabs.ai 트래픽)
axe-frame-proxy             Caddy (blue/green selector :3712)
frame-mcp-blue              FastMCP (:3710)
frame-mcp-green             FastMCP (:3711, passive)
frame-postgres              PostgreSQL 16 (:3700)
axe-hive-proxy              Caddy (blue/green selector :3812)
hive-mcp-blue               FastMCP (:3810)
hive-mcp-green              FastMCP (:3811, passive)
hive-postgres               PostgreSQL 16 (:3800)
axe-blueprint-mcp-proxy     Caddy (:3151, upstream alias `blueprint-mcp`)
blueprint-mcp-blue          FastMCP (:3000 internal, host :3152, alias `blueprint-mcp` active)
blueprint-mcp-green         FastMCP (:3000 internal, host :3153, passive)
blueprint-postgres          PostgreSQL 16 (:3120, Prisma schema)
axe-matrix-proxy            Caddy (:3912 → upstream alias `matrix-mcp`, 127.0.0.1 bind only)
matrix-mcp-blue             Rust/axum (:3910, alias `matrix-mcp` active, MCP + REST + collector)
matrix-mcp-green            Rust/axum (:3911, passive)
matrix-postgres             PostgreSQL 16 (:3901, ICU ko-KR)
axe-vaultwarden             Vaultwarden Timshel
axe-vault-caddy             Caddy (vault TLS termination :8222)
axe-caddy                   Caddy (admin.axelabs.ai)
artemis-*                   Artemis stack (별도 운영)
blueprint-app               Blueprint (axe customer 의 Next.js)
```

확인:
```bash
docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
```

## 핵심 파일

| 파일 | 역할 |
|---|---|
| `/Users/axe/.axe/customers.yaml` | 멀티테넌트 SSOT |
| `/Users/axe/.axe/bin/axe` | 운영자 CLI |
| `/Users/axe/CLAUDE.md` | 포트 / 도메인 / launchd 모음 |
| `/Users/axe/multi-tenant-platform-plan.md` | 플랫폼 마스터 plan |
| `/Users/axe/frame/DECISIONS.md` | D-ops 결정 기록 |
| `/Users/axe/.axe/state.yaml` | 현재 rollout phase |
| `/Users/axe/.axe/NEXT_SESSION.md` | 다음 세션 컨텍스트 |
| `/Users/axe/.axe/tunnels/axelabs/config.yml` | cloudflared ingress |
| `/Users/axe/.axe/vault/docker-compose.yml` | Vaultwarden |
| `/Users/axe/.axe/vault/.env` | Vaultwarden secrets |
| `/Users/axe/frame/.env.local` | frame env_file (vault-pulled, D-ops-17/18). docker-compose env_file 단일 출처 — `environment:` 블록은 literal config 만 |
| `/Users/axe/hive/.env.local` | hive env_file (vault-pulled). 동일 패턴 (D-ops-18) |
| `/Users/axe/blueprint/.env` | Blueprint env (vault-pulled). compose project_dir=`docker/` 라서 `docker/.env → ../.env` symlink 필요 (`bin/setup-env-symlink.sh`) |
| `/Users/axe/.axe/backups/local/` | restic Tier A repo |
| `/Users/axe/.axe/messages/` | 외부 송부 메시지 (realchoice 등) |

## Docker 네트워크

| 네트워크 | 용도 | 멤버 (예시) |
|---|---|---|
| `frame_default` | frame 컨테이너 격리 | postgres, frame-mcp-blue/green |
| `artemis_default` | 플랫폼 공유 | axelabs-tunnel, axe-caddy, blueprint-app, frame-mcp-blue/green (alias) |

확인:
```bash
docker network ls
docker network inspect artemis_default
```

## DNS Records (Cloudflare zone `axelabs.ai`)

| Type | Name | Content | Proxy |
|---|---|---|---|
| CNAME (Tunnel) | axe | `AXELABS-UUID.cfargotunnel.com` | ON |
| CNAME (Tunnel) | *.axe | `AXELABS-UUID.cfargotunnel.com` | ON (wildcard) |
| CNAME (Tunnel) | admin | `AXELABS-UUID.cfargotunnel.com` | ON |
| CNAME (Tunnel) | docs | `AXELABS-UUID.cfargotunnel.com` | ON |
| CNAME | www | axelabs.ai | ON |
| TXT | axe | `MS=ms10433167` (Microsoft 도메인 검증) | DNS only |

`AXELABS-UUID` = `d8efecdd-2c3f-42de-9925-501433e21394`. Cloudflare UI 가 `.cfargotunnel.com` suffix 를 인식해서 Type 컬럼에 `Tunnel` 로 표시.

## Microsoft Entra ID Apps (axe customer 기준)

| App | Client ID | 용도 |
|---|---|---|
| Frame MCP | 137fc0ef-eb9f-4903-acbc-1a748add349c | 회계 OAuth |
| Hive MCP | b7ead15d-2fea-4864-a5a8-b4b07d1629d4 | HR OAuth |
| Blueprint MCP | 482598f7-540c-462c-9dfd-b957651eb804 | Blueprint platform OAuth (D-bp-mcp-1) |
| axe-vaultwarden | 9d0dc49b-a251-45e1-9f10-74704af3c033 | Vault SSO |
| Blueprint Web | (별도) | Web UI 로그인 |

Application ID URI:
- Frame MCP: `https://axe.axelabs.ai/frame/mcp`
- Hive MCP: `https://axe.axelabs.ai/hive/mcp`
- Blueprint MCP: `https://axe.axelabs.ai/blueprint/mcp`
- Vaultwarden: (Microsoft 기본 `api://...`)

## Cloudflare Tunnel

| Tunnel | ID | 실행 |
|---|---|---|
| `axelabs` | `d8efecdd-2c3f-42de-9925-501433e21394` | Docker `axelabs-tunnel` (axelabs.ai 전체) |
| `cortex` | `35b42a0a-8ef8-467d-be90-2f46b3e0dbd0` | launchd `com.cortex.cloudflared` (cortex.axellc.com, mysrt.axellc.com) |
| `axe` | `846f512c-7a35-45f0-8cea-d41157318856` | 별도 운영 |
| (customer 측) | (별도) | (each customer macmini) |

확인 (host):
```bash
cloudflared tunnel list
```

## Vaultwarden Organizations

| Organization | 용도 |
|---|---|
| `axe` | 액스코퍼레이션 주식회사 platform (axec entity 가 운영 주체) |
| `realchoice` (예정) | realchoice customer |

Collections (per organization):
- `frame-jwt-&lt;entity&gt;` — 운영자 발급 토큰 보관 (현재 dormant, OAuth 사용 후)
- `frame-secrets` — client_id, client_secret 보관
- `infra-secrets` — backup password 등

## Backup repositories

| Tier | 위치 | Password |
|---|---|---|
| A (local) | `/Users/axe/.axe/backups/local/` | Keychain `axe.backup.restic.local` |
| B (ring) | `realchoice:/Users/realchoice/peer-backups/axe/` | Keychain |
| C (cold) | `/Volumes/axe-cold-{1,2,3}/restic-repo/` | 종이 메모 |

백업 대상 dump (`axe-backup`, 매일 03:00): frame · blueprint · hive · mysrt · **index** (`evidence_blob` = 죽은 딜 OneDrive/Blueprint 원본 삭제 후 SOLE 사본, [D-index-51](/ops/decisions)) + `.local/files/`. 상세 = [backup](/architecture/backup).

## 현재 customer 상태

SSOT = `/Users/axe/.axe/customers.yaml`. 본 표는 후행 정리. 빠른 확인: `axe customers list`.

### Customer 메타

| id | name | public_domain | entities | onboarded | 상태 |
|---|---|---|---|---|---|
| **axe** | AXE | `axe.axelabs.ai` | `axec` (액스코퍼레이션 주식회사) · `axev` (액스벤처스 주식회사) · `axep` (액스파트너스 유한책임회사, GP) · `axe_ia_001` (액스 투자조합 1호, KIP, GP=axev) | 2025-01-01 | **live** — 9 service in-house 가동, AXE 가 operator-of-record |
| **realchoice** | Realchoice | `realchoice.axelabs.ai` | `truvia` (트루비아 주식회사). customer 측 frame schema_name = `realchoice` (legacy_id, sovereignty 유지) | 2026-05-25 | **live (self-deploy)** — 5/5 endpoint LIVE, customer 측 자체 운영 (D-customer-sovereignty), AXE 측은 software supply + cloudflared catch-all 만 |

> `axe.entities` 의 한글 legal_name SoT = `customers.yaml` 의 `axe.entity_meta.(entity).legal_name` (2026-05-27 신설, `(entity)` = `axec` / `axev` / `axep` / `axe_ia_001`). frame DB 의 영문 `legal_name` (AX Capital LLC / AX Ventures LLC) 정정은 별 backlog `B-frame-entity-legal-name-i18n`. `axe_ia_001` 의 `entity_kind='kip'` (개인투자조합) 은 frame `shared.entity` CHECK constraint `['corporate','kip','kvf']` 의 fund tier.

### Customer × Service 매트릭스 (axe customer 가동 현황)

axe customer 의 서비스만 in-house. realchoice 는 customer self-deploy 라 AXE 측 가동 0. 각 service 의 가동 버전 + Docker container 상태 + path.

| Service | 버전 | 컨테이너 | path | 상태 |
|---|---|---|---|---|
| Blueprint | 0.1.0 | `blueprint-app` + `blueprint-mcp-blue/green` + `blueprint-postgres` + `axe-blueprint-mcp-proxy` | `/` (apex) + `/blueprint/mcp` | LIVE (5 컨테이너 healthy) |
| Frame | 0.1.0 | `frame-mcp-blue/green` + `frame-postgres` + `frame-worker` + `axe-frame-proxy` | `/frame` + `/frame/mcp` | LIVE (5 컨테이너 healthy) |
| Hive | 0.1.0 | `hive-mcp-blue/green` + `hive-postgres` + `axe-hive-proxy` | `/hive` + `/hive/mcp` | LIVE (4 컨테이너 healthy) |
| Matrix | 0.1.0 | `matrix-mcp-blue/green` + `matrix-postgres` + `axe-matrix-proxy` | `/matrix` + `/matrix/mcp` | LIVE (4 컨테이너 healthy, JWT enforced — [D-matrix-1](/ops/decisions)) |
| Cortex | 0.1.0 | `cortex-mcp-blue/green` + `cortex-postgres` + `axe-cortex-proxy` | `/cortex` + `/cortex/mcp` | ⚠ **degraded** — postgres healthy but mcp-blue/green Restarting (crash loop, task 15 진행 중 — [D-cortex-1..7](/ops/decisions)) |
| Vault | Timshel (axelabs-ai/vault axe.3) | `axe-vaultwarden` + `axe-vault-caddy` | `/vault` | LIVE (2 컨테이너 healthy) |
| Blurgram | (Rust) | `blurgram-api` + `blurgram-postgres` + `blurgram-redis` + `blurgram-tunnel` | `blurgram.com` (별 domain, AXE 운영) | LIVE (4 컨테이너 healthy — [D-ops-41](/ops/decisions)) |
| Stream | (Python) | — | — (customer realchoice 측에서 사용 예정, axe 측 가동 없음) | manifest only |
| Magnet | (Python) | — | — (customer realchoice 측에서 사용 예정, axe 측 가동 없음) | manifest only |

추가 컨테이너: `axelabs` (회사 홈 :3900) + `axelabs-docs` (이 문서 :3140) + `axelabs-tunnel` (cloudflared) — service 가 아닌 platform infrastructure.

### Customer × Service 매트릭스 (realchoice customer)

realchoice 는 **customer self-deploy** ([D-customer-sovereignty](/ops/known-gaps)) 모델 — AXE 측 컨테이너 0. AXE 책임 = (a) software supply (code/image), (b) 외부 노출 (DNS + cloudflared catch-all).

| Service | 상태 |
|---|---|
| Blueprint | customer self-deploy — `realchoice-macmini` 의 blueprint-app + mcp blue/green + postgres |
| Frame | customer self-deploy — frame-mcp-blue + frame-postgres + axe-frame-proxy (customer 측) |
| Hive | customer self-deploy — hive-postgres + hive-mcp-blue/green + axe-hive-proxy (customer 측) |
| Vault | customer self-deploy — vault-app (Timshel) + vault-caddy + vault-mcp + vault-cron |
| Ingress | customer self-deploy — axe-realchoice-ingress (host Caddy :8090) |
| Matrix / Cortex / Blurgram / Stream / Magnet | 미사용 (또는 customer 측 결정) |

빠른 검증: `curl https://realchoice.axelabs.ai/` → 200 (customer 측 정상 serve).

## 향후 추가 예정

| 항목 | Phase |
|---|---|
| index 서비스 | Phase 6 |
| 신규 customer onboarding (자동화 완성) | Phase 2 |
| OAuth proxy 재활성 (Anthropic Connector 개선 시) | D-ops-15 후속 |
| docs.axelabs.ai 배포 | 본 문서 작업 직후 |