Skip to content
Nexomatic Docs

Architecture Overview

Nexomatic is built around three roles: Sources, the Hub, and Sinks. Understanding how they interact explains everything else in the platform.

flowchart LR A["Sources
(Webhooks, Schedules, EventGrid)"] B["Hub
(Queues and dispatches events)"] C["Sinks
(Windows, Linux, Kubernetes)"] A --> B --> C

Sources

Section titled “Sources”

A Source is anything that produces an event. Sources are stateless — they call the Hub to register an event and then their job is done.

Built-in sources include:

SourceHow it triggers
WebhookAn HTTP POST to a unique URL creates an event
SchedulerA cron expression fires an event on a schedule
Azure EventGridMessages from an Azure Event Grid topic become events

Every event carries a payload — an arbitrary JSON document that is passed to the sink when the task executes.

The Hub

Section titled “The Hub”

The Hub sits at the centre of the platform. It:

  • Accepts events from Sources and stores them in a queue
  • Tracks which Sink agents are connected and what they can handle
  • Dispatches queued events to available Sinks over a persistent, outbound-only connection
  • Receives task results from Sinks and stores logs and outcome data
  • Enforces rate limits and back-pressure when sinks are busy

Sink agents connect outbound from your network to the Hub. No inbound firewall rules are required on your side.

Sinks

Section titled “Sinks”

A Sink is an agent process running inside your infrastructure. It maintains a persistent outbound connection to the Hub and waits for tasks to be dispatched.

When a matching event arrives, the Hub sends a Task Request to an available Sink. The Sink:

  1. Resolves any secrets it needs (fetched securely from the Hub at runtime)
  2. Executes the configured code module
  3. Streams the result and logs back to the Hub

The Hub stores the result, updates the event state, and optionally triggers a follow-on event.

Sinks never receive inbound connections. Everything flows outbound from the Sink to the Hub.

Event Lifecycle

Section titled “Event Lifecycle”
stateDiagram-v2 direction LR [*] --> QUEUED : Source fires QUEUED --> RUNNING : Hub dispatches RUNNING --> SUCCESS RUNNING --> WARNING RUNNING --> ERROR SUCCESS --> QUEUED : follow-on event (optional) ERROR --> QUEUED : failure-handler event (optional)

Events stay in QUEUED state until a suitable Sink comes online. If no Sink is available, events accumulate safely and drain when connectivity is restored.

Roles

Section titled “Roles”
RoleAccess
AdminFull read/write access to all resources
ViewerRead-only access to all resources

Roles are assigned by an Admin in the User Management screen.