System URLs and Access Reference¶
This document provides a comprehensive list of all User Interfaces (UIs) and service consoles across the Portugal Odyssey platform environments.
Environment: Development (Local)¶
Hostnames use a hyphenated scheme (<service>-dev.portugalodyssey.pt) — distinct from qual/prod, which use a nested wildcard. The asymmetry is intentional: dev runs entirely on a developer's workstation with self-signed certs issued per-hostname by Traefik, so it doesn't justify the Cloudflare DNS-01 wildcard ceremony qual + prod need. Per-service blocks live in infrastructure/compose/development.yml; rule wiring in infrastructure/traefik/dynamic-dev.yml (Riff #42, resolved 2026-05-17).
These URLs assume you have mapped the domain names to 127.0.0.1 in your /etc/hosts file or are accessing them via localhost ports.
| Service | URL | Default Credentials |
|---|---|---|
| Main Website | https://dev.portugalodyssey.pt | N/A |
| Partner Console | https://partner-console-dev.portugalodyssey.pt | User account in Keycloak |
| Admin Console | https://admin-console-dev.portugalodyssey.pt | Admin account in Keycloak |
| Strapi CMS | https://cms-dev.portugalodyssey.pt/admin | admin / dev-admin-jwt-secret (or check .env.dev) |
| Keycloak Console | https://sso-dev.portugalodyssey.pt | admin / devpassword (check .env.dev) |
| API Gateway | https://api-dev.portugalodyssey.pt | N/A |
| Traefik Dashboard | http://localhost:8080 | admin / password |
| RabbitMQ Management | http://localhost:15672 | admin / devpassword |
| MinIO Console | http://localhost:9001 | minioaccess / miniosecret |
| MailHog | http://localhost:8025 | N/A |
Environment: Qualification (Remote VPS)¶
Server IP: 31.97.159.7
Hostnames use a nested scheme under the *.qual.portugalodyssey.pt wildcard
(prod symmetry: drop the qual. segment). All TLS certs come from a single
Let's Encrypt wildcard issued via Cloudflare DNS-01.
| Service | URL | Default Credentials |
|---|---|---|
| Main Website | https://qual.portugalodyssey.pt | N/A |
| Partner Console | https://partner.qual.portugalodyssey.pt | Keycloak account |
| Admin Console | https://admin.qual.portugalodyssey.pt | Keycloak Admin |
| API Gateway | https://api.qual.portugalodyssey.pt | N/A |
| Strapi CMS | https://cms.qual.portugalodyssey.pt/admin | See .env.qual on VPS |
| Keycloak Console | https://sso.qual.portugalodyssey.pt | admin / See .env.qual (KEYCLOAK_ADMIN_PASSWORD_QUAL) |
| AI Service (MCP) | https://ai.qual.portugalodyssey.pt/api/v1/mcp | X-API-Key header (MCP_API_KEYS_QUAL) |
| Notification (Socket.IO) | wss://notification.qual.portugalodyssey.pt/notifications |
Keycloak JWT |
| File Service (uploads) | https://files.qual.portugalodyssey.pt |
Keycloak JWT |
| Traefik Dashboard | http://31.97.159.7:8080 | admin / password |
Mail (Mailcow self-hosted; live since 2026-05-12 — see ADR-009):
| Service | URL | Default Credentials |
|---|---|---|
| Mail admin (Mailcow) | https://mail-admin.portugalodyssey.pt | admin / See .env.qual on VPS (MAILCOW_ADMIN_PASSWORD_QUAL) |
| Webmail (SOGo) | https://webmail.portugalodyssey.pt | Mailbox credentials (per-user) |
| Autoconfig / Autodiscover | autoconfig.portugalodyssey.pt + autodiscover.portugalodyssey.pt |
Used by mail clients (Apple Mail, Outlook) — no human login |
| IMAP (SSL) | mx.portugalodyssey.pt:993 |
Mailbox credentials |
| SMTP submission (STARTTLS) | mx.portugalodyssey.pt:587 |
Mailbox credentials |
| Inbound MX | mx.portugalodyssey.pt:25 |
N/A (receiving server) |
Shared infra (qual + prod): - RabbitMQ Management — https://rabbitmq.portugalodyssey.pt (basic auth) - MinIO Console — https://s3-console.portugalodyssey.pt (basic auth)
Note: shared infra public routes are slated for de-publication (operator tools accessed via SSH tunnel only). Pending follow-up commit + manual Traefik recreate.
Environment: Production (Remote VPS)¶
Server IP: 31.97.159.7
| Service | URL | Default Credentials |
|---|---|---|
| Main Website | https://portugalodyssey.pt | N/A |
| Strapi CMS | https://cms.portugalodyssey.pt/admin | See .env.prod on VPS |
| Keycloak Console | https://sso.portugalodyssey.pt | admin / See .env.prod (KEYCLOAK_ADMIN_PASSWORD) |
| RabbitMQ Management | https://rabbitmq.portugalodyssey.pt | admin / See .env.shared on VPS |
| MinIO Console | https://s3-console.portugalodyssey.pt | minioadmin / See .env.shared on VPS |
How to retrieve secrets from Remote VPS¶
If you need to retrieve actual passwords from the Qualification or Production environments, you can use the Makefile's remote execution capabilities:
1. View Qualification Secrets¶
2. View Production Secrets¶
3. View Shared Infrastructure Secrets¶
4. Traefik Basic Auth¶
The Traefik dashboard and some infrastructure services use basic authentication defined in infrastructure/config/traefik/dynamic/middleware.yml.
- Default User: admin
- Default Password: password (hashed as $apr1$H6uskkkW$IgXLP6ewe.w.7.uD.p0k.1)
Deployment Note¶
Infrastructure services (RabbitMQ, MinIO, Grafana, Traefik) are shared between Qualification and Production environments on the same VPS instance.