generated from coulomb/repo-seed
33 lines
926 B
YAML
33 lines
926 B
YAML
# Credential state — net-kingdom SSO/MFA stack
|
|
# Safe to commit. Contains no secrets. Updated by agent.
|
|
# schema_version: 2 = agent-driven model (NK-WP-0005)
|
|
# schema_version: 1 = human-as-operator model (NK-WP-0004, now retired)
|
|
|
|
schema_version: 2
|
|
agent_mode: true # NK-WP-0005: fully automated
|
|
|
|
# Phase tracking
|
|
age_key_present: true
|
|
secrets_generated: true
|
|
ops_bundle_created: false # age-encrypted bundle created
|
|
ops_bundle_location: null # path or storage hint
|
|
|
|
# Emergency bundle
|
|
emergency_bundle_delivered: false # human confirmed receipt
|
|
emergency_bundle_delivered_at: null
|
|
|
|
# Cluster injection (per-component)
|
|
secrets_applied:
|
|
postgres: true
|
|
lldap: true
|
|
authelia: true
|
|
privacyidea: true
|
|
keycape: false
|
|
|
|
# Post-apply bootstrap (agent-run when pod is Ready)
|
|
enckey_bootstrapped: true
|
|
pi_admin_created: true
|
|
|
|
# Derived: all true → bootstrap complete
|
|
bootstrap_complete: false
|