Network Requirements

For users of the managed SPG99 platform, the network requirements are quite simple: the public entry points of the platform must be reachable externally.

What usually needs to be opened

For PostgreSQL connections

• pg.spg99.ru:5432 over TCP

For Console, API, and web entry points

• console.spg99.ru:443
• provisioner.spg99.ru:443
• if needed, grafana.spg99.ru:443

If you have a separate test environment

In that case, open exactly the hostnames specified in your DSN or invitation. The user principle remains the same: use the public environment addresses, not the platform’s internal service addresses.

What to account for in a corporate network

If you have a strict firewall, proxy, or TLS inspection:

• allow outbound connections to Gateway on 5432/TCP;
• allow outbound HTTPS to the Control Plane and Console;
• remember that aggressive TLS inspection can break certificate validation;
• for strict verify-full, check the CA chain and hostname in advance.

Useful practical settings

For applications and drivers, it is reasonable to have:

• sslmode=require at minimum;
• a connect_timeout that is not too small, so it does not cut off cold start;
• retry at the connection level.

The main rule is very simple:

connect only to the platform’s public domains and do not try to use internal worker or storage-service addresses.