From d1fd73e7ed834a84d56ec536991769d2440caf92 Mon Sep 17 00:00:00 2001 From: Bernd Worsch Date: Sun, 22 Mar 2026 00:36:56 +0000 Subject: [PATCH] =?UTF-8?q?chore(workplan):=20NK-WP-0003-T08=20blocked=20?= =?UTF-8?q?=E2=80=94=20DNS=20records=20+=20Go=20missing?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Claude Sonnet 4.6 --- ...-0003-keycape-privacyidea-cluster-deployment.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/workplans/NK-WP-0003-keycape-privacyidea-cluster-deployment.md b/workplans/NK-WP-0003-keycape-privacyidea-cluster-deployment.md index 2762c07..7381590 100644 --- a/workplans/NK-WP-0003-keycape-privacyidea-cluster-deployment.md +++ b/workplans/NK-WP-0003-keycape-privacyidea-cluster-deployment.md @@ -248,9 +248,21 @@ Verify: OIDC discovery endpoint reachable at ```task id: NK-WP-0003-T08 -status: todo +status: blocked priority: high state_hub_task_id: "0fba3392-c916-43fd-a2c1-24ce39481043" +note: Blocked 2026-03-22 — two prerequisites missing: + 1. DNS records: kc/auth/pink/lldap.coulomb.social have NO A records. Cloudflare + DNS must be updated (no API token in repo). Once DNS propagates ACME challenges + will resolve and certs will be issued automatically. + Records needed: kc → 92.205.130.254, auth → 92.205.130.254, pink → 92.205.130.254 + lldap → 92.205.130.254 (all proxied=false / DNS-only in Cloudflare for HTTP-01) + 2. Go not installed on CoulombCore — `go test ./tests/...` fails with "go: not found". + Install: wget https://go.dev/dl/go1.22.5.linux-amd64.tar.gz && sudo tar -C /usr/local -xzf go1.22.5.linux-amd64.tar.gz + Partial validation already done (2026-03-22): + - OIDC discovery: http://localhost:18080/.well-known/openid-configuration ✓ (via port-forward) + - /healthz: {"status":"ok","version":"0.1.0"} ✓ + - All 4 services 1/1 Running ✓ ``` Prove the full auth flow works: