2d62317ada
RAIL-HO-WP-0005-T10: tier-2 key-cape image pilot complete
...
Records successful key-cape Forgejo migration, image CI workflow, and
railiance01 registry pull; tiers 0-2 of migration ladder now satisfied.
2026-07-04 10:26:28 +02:00
67b259f6dc
Adapt RAIL-HO-WP-0005 for production Forgejo and staged repo ladder
...
Reflects live railiance01 deploy, cancels isolated probe T03 in favor of
in-production pilots, marks T08/T10 progress (forgejo-actions-probe,
glas-harness), and documents tier 0-3 migration sequencing before state-hub.
2026-07-04 01:02:42 +02:00
6b0ededee2
ADR-004: Forgejo in-cluster Actions runner on railiance01
...
Decides long-lived runner Deployment with DinD sidecar; updates
RAIL-HO-WP-0005 runner model decision.
2026-07-03 22:29:28 +02:00
2ad38b4a1a
docs: start Forgejo migration inventory
2026-06-04 01:34:33 +02:00
2d7e0101bc
feat(infra): UFW k3s routing + full deploy runbook
...
- base role: allow UFW routing direction (required for k3s flannel
pod networking to function across nodes)
- docs/deploy-stack.md: full S1→S5 ordered deploy runbook with
pre-conditions checklist and layer-by-layer steps
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-27 02:28:51 +01:00
a680fb51af
feat(adr): add ADR-003 (5-repo OAS stack); supersede ADR-002
...
ADR-003 formalises the 5-repo structure aligned with OAS Stack S1-S5:
railiance-infra, railiance-cluster, railiance-platform,
railiance-enablement, railiance-apps. Defines boundary rule, pre-condition
chain, and content relocation table. ADR-002 marked superseded.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-10 00:27:18 +01:00
b32dfd4f5a
docs: add verification guide, close WP-0002
...
- docs/verification.md: explains spec/server-baseline.yaml, goss/baseline.yaml,
make verify workflow, assertion mapping table, and how to add new checks
- docs/convergence.md: replace manual spot-check snippet with make verify reference
- workplans/RAIL-HO-WP-0002: mark completed (all tasks done, workstream closed)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-09 19:37:10 +01:00
8f5799553e
feat: implement WP-0002 — Goss test suite, verify playbook, and ADR-002
...
- goss/baseline.yaml: assertions for all spec/server-baseline.yaml items
(packages, services, SSH config, UFW rules, admin user, fail2ban, HISTCONTROL)
- goss/vars/baseline-vars.yaml: parameterised ports and paths
- ansible/roles/goss/: installs Goss binary (v0.4.9), deploys tests,
runs assertions in TAP format, fetches report to reports/
- ansible/playbooks/verify.yaml: playbook wrapping the goss role
- Makefile: add 'make verify' target; update 'make status' with hint
- docs/adr/ADR-002: formal repo boundary — railiance-hosts vs railiance-bootstrap
- workplans/RAIL-HO-WP-0002: registered workstream 8fed53c2, T03–T06 done
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-09 12:38:48 +01:00
492f605895
docs: establishing baseline security and tools
2025-09-14 04:10:57 +02:00
26d2854c07
docs: added fast path documentation
2025-09-14 01:08:26 +02:00
389c20478f
docs: add documentation for provisioning a server
2025-09-14 00:57:26 +02:00
75af105f6c
docs: added documentation about setting up ssh-access
2025-09-14 00:47:41 +02:00
1192a0cece
docs: added secrets handling digest
2025-09-13 22:52:18 +02:00
59bc9bbcf4
docs: improved masterkey setup documentation
2025-09-13 22:48:15 +02:00
31f30373a0
docs: add documentation about secret key generation
2025-09-13 20:47:24 +02:00