Merge main and fix CodeQL security findings

- Resolve merge conflict in README.md nav links
- Fix information exposure via exceptions in agent.py (return generic
  error messages instead of str(e) in / and /chat endpoints)
- Remove unused imports (json, sys) in verify.py

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: h4x3rotab

README.md

@@ -9,7 +9,7 @@
 
 **Example applications for [dstack](https://github.com/Dstack-TEE/dstack) - Deploy containerized apps to TEEs with end-to-end security in minutes**
 
-[Getting Started](#getting-started) • [Confidential AI](#confidential-ai) • [Tutorials](#tutorials) • [Use Cases](#use-cases) • [Core Patterns](#core-patterns) • [Dev Tools](#dev-scaffolding) • [Starter Packs](#starter-packs)
+[Getting Started](#getting-started) • [Confidential AI](#confidential-ai) • [Tutorials](#tutorials) • [Use Cases](#use-cases) • [Core Patterns](#core-patterns) • [Infrastructure](#infrastructure) • [Dev Tools](#dev-scaffolding) • [Starter Packs](#starter-packs) • [Other Use Cases](#other-use-cases)
 
 </div>
 
@@ -159,6 +159,16 @@ Development and debugging tools. **Not for production.**
 
 ---
 
+## Infrastructure
+
+Run infrastructure services inside TEEs.
+
+| Example | Description |
+|---------|-------------|
+| [k3s](./k3s) | Single-node k3s cluster in a TEE with wildcard HTTPS and remote kubectl |
+
+---
+
 ## Tech Demos
 
 Interesting demonstrations.

confidential-ai/agents/agent.py

@@ -140,8 +140,8 @@ def index():
                 "app_id": info.app_id,
             }
         )
-    except Exception as e:
-        return jsonify({"status": "running", "error": str(e)})
+    except Exception:
+        return jsonify({"status": "running", "error": "Failed to retrieve agent info"})
 
 
 @app.route("/attestation")
@@ -169,8 +169,8 @@ def chat():
                 "wallet": get_account().address,
             }
         )
-    except Exception as e:
-        return jsonify({"error": str(e)}), 500
+    except Exception:
+        return jsonify({"error": "Failed to process chat request"}), 500
 
 
 @app.route("/sign", methods=["POST"])

confidential-ai/inference/verify.py

@@ -10,8 +10,6 @@
 
 import argparse
 import hashlib
-import json
-import sys
 
 import requests
 

custom-domain/dstack-ingress/Dockerfile

@@ -1,4 +1,8 @@
-FROM nginx@sha256:b6653fca400812e81569f9be762ae315db685bc30b12ddcdc8616c63a227d3ca
+FROM haproxy@sha256:49a0a0d6f0b8b7e59c233b06eefab1564f2c8d64f673554d368fd7d2ab4b2c2d
+
+# haproxy image runs as non-root (uid 99) by default; we need root for
+# certbot, DNS management, and writing to /etc/haproxy/certs.
+USER root
 
 RUN --mount=type=bind,source=pinned-packages.txt,target=/tmp/pinned-packages.txt,ro \
     set -e; \
@@ -26,15 +30,17 @@ RUN --mount=type=bind,source=pinned-packages.txt,target=/tmp/pinned-packages.txt
         python3.11-venv \
         curl \
         jq \
-        coreutils && \
+        coreutils \
+        mini-httpd && \
         rm -rf /var/lib/apt/lists/* /var/log/* /var/cache/ldconfig/aux-cache
 
 RUN mkdir -p \
     /etc/letsencrypt \
     /var/www/certbot \
-    /usr/share/nginx/html \
-    /etc/nginx/conf.d \
-    /var/log/nginx
+    /etc/haproxy/certs \
+    /var/run/haproxy \
+    /var/lib/haproxy \
+    /evidences
 
 # Install scripts with deterministic permissions via bind mount
 RUN --mount=type=bind,source=scripts,target=/tmp/scripts,ro \
@@ -58,7 +64,8 @@ RUN --mount=type=bind,source=scripts,target=/tmp/scripts,ro \
 
 ENV PATH="/scripts:$PATH"
 ENV PYTHONPATH="/scripts"
+ENV PYTHONUNBUFFERED=1
 COPY --chmod=666 .GIT_REV /etc/
 
 ENTRYPOINT ["/scripts/entrypoint.sh"]
-CMD ["nginx", "-g", "daemon off;"]
+CMD ["haproxy", "-W", "-f", "/etc/haproxy/haproxy.cfg"]