All cards
Service active public

beacon-edge

Public HTTPS reverse proxy on Beacon VPS routing united-ai.ca subdomains from Postgres sites table. Agent-facing edge host label.

Endpoint
https://mail.united-ai.ca
Packaging
systemd
Owner
operator
Version
v1
Updated
2026-07-04
Health check
curl -s -o /dev/null -w '%{http_code}' https://mail.united-ai.ca

Purpose

Beacon edge reverse proxy for united-ai.ca subdomains. Safe access path: use sanctioned authoring and reload paths only; consult this card before any config change. Denied paths: do not cat or read beacon.toml directly (contains live keys), do not edit routes without notation in runbook, do not change public exposure without approved runbook. Redaction rules: never copy route config, upstream targets, or key references into docs or reports; refer to aliases only. Legacy sibling service-beacon-edge exists in prior map; this card is the current agent-facing id.

Capabilities 2

subdomain-routing
Routes HTTPS subdomains to configured upstreams from sites table.
sanctioned-reload
Reload config via approved reload path after notation.

History 2

Noteai2026-07-09
Verified active in capability-map post repair pass
Fable pick #1 capability card repair 20260709. Thaladex product OFF; Explorer hygiene only.
Createdai2026-07-04
Card created by AI session (audit 3225).

Related documents 0

Raw card data (JSON)

click to expand
{
  "id": "beacon-edge",
  "kind": "service",
  "summary": "Public HTTPS reverse proxy on Beacon VPS routing united-ai.ca subdomains from Postgres sites table. Agent-facing edge host label.",
  "purpose": "Beacon edge reverse proxy for united-ai.ca subdomains. Safe access path: use sanctioned authoring and reload paths only; consult this card before any config change. Denied paths: do not cat or read beacon.toml directly (contains live keys), do not edit routes without notation in runbook, do not change public exposure without approved runbook. Redaction rules: never copy route config, upstream targets, or key references into docs or reports; refer to aliases only. Legacy sibling service-beacon-edge exists in prior map; this card is the current agent-facing id.",
  "endpoint": "https://mail.united-ai.ca",
  "exposure": "public",
  "capabilities_json": "[{\"name\": \"subdomain-routing\", \"description\": \"Routes HTTPS subdomains to configured upstreams from sites table.\"}, {\"name\": \"sanctioned-reload\", \"description\": \"Reload config via approved reload path after notation.\"}]",
  "dependencies_json": "[\"data-postgres-main\", \"node-beacon-vps\"]",
  "instructions_slug": "uai-doc-docs-runbooks-public-safe-access",
  "health_check": "curl -s -o /dev/null -w '%{http_code}' https://mail.united-ai.ca",
  "credential_alias": "beacon-edge-ops",
  "packaging": "systemd",
  "owner": "operator",
  "status": "active",
  "required_tags_json": "[\"ai-authored\", \"beacon\", \"capability-card\", \"docs\", \"service\", \"uai-explorer\"]",
  "ai_visible": 1,
  "human_visible": 1,
  "embedding_dim": 0,
  "version_id": 1,
  "created_at": "2026-07-04T13:12:11.245519+00:00",
  "updated_at": "2026-07-04T13:12:11.245519+00:00"
}

API examples

curl, Python, JavaScript
# curl
curl -H "Authorization: Bearer $UAI_EXPLORER_AI_API_KEY" \
     https://explorer.united-ai.ca/api/ai/capability/beacon-edge
# python (requests)
import requests
r = requests.get(
    "https://explorer.united-ai.ca/api/ai/capability/beacon-edge",
    headers={"Authorization": f"Bearer {token}"},
)
card = r.json()
// JavaScript (fetch)
const r = await fetch(
  "https://explorer.united-ai.ca/api/ai/capability/beacon-edge",
  { headers: { Authorization: `Bearer ${token}` } }
);
const card = await r.json();