feat: backup + preflight commands, decisions log, gitignore update
- tools/cmd/railiance-backup: pg_dump + config snapshot, age-encrypted, uploaded to Nextcloud file drop via curl PUT. Daily cron target. - tools/cmd/railiance-preflight: pre-migration safety gate — checks backup freshness, all repos clean/pushed, age key present. - bin/railiance: added backup and preflight subcommands. - DECISIONS.md: decision log (D1 ingress Nginx+Traefik, D2 Nextcloud backup). - .gitignore: exclude *backup-dropoff-link* files (contain upload tokens). - CLAUDE.md: state hub session protocol update. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
eb8a6902b6
commit
4381a079a2
6 changed files with 200 additions and 2 deletions
21
DECISIONS.md
Normal file
21
DECISIONS.md
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
# Decision Log
|
||||
|
||||
_Auto-generated by the Custodian State Hub._
|
||||
|
||||
## D1 — Ingress controller: Traefik (K3s default) vs Nginx for ThreePhoenix
|
||||
|
||||
**Date:** 2026-02-25
|
||||
**Decided by:** Tegwick
|
||||
|
||||
I want to go with C and separate concerns. Nginx for external SSL will need security and functional updates on a completly different schedule to Traefik canary and production workload splitting. The second area of implementation is more complicated, volatile and will need time to settle.
|
||||
|
||||
---
|
||||
|
||||
## D2 — Durable offsite backup destination for single-server safety net
|
||||
|
||||
**Date:** 2026-02-25
|
||||
**Decided by:** Tegwick
|
||||
|
||||
We will use cloud storage the backup should be encypted to be safe regardless of the location and provider and for starters I will provide a nextcloud upload space as a backend.
|
||||
|
||||
---
|
||||
Loading…
Add table
Add a link
Reference in a new issue