3.3 KiB
3.3 KiB
reuse-surface on railiance01
Federation service deployment for https://reuse.coulomb.social.
Companion workplans: RAILIANCE-WP-0007 (Helm release), REUSE-WP-0011 (service + CLI).
Hosts and DNS
| Server | IP | Role |
|---|---|---|
| Railiance01 | 92.205.62.239 |
Production k3s — deploy here |
| CoulombCore | 92.205.130.254 |
Bootstrap / prerelease only |
| Record | Production target | Current public DNS (2026-06-15) |
|---|---|---|
reuse.coulomb.social A |
92.205.62.239 |
Propagated on 8.8.8.8 / 1.1.1.1; drop any AAAA/forwarding still pointing elsewhere |
hub.coulomb.social A |
92.205.62.239 (future) |
92.205.130.254 (CoulombCore bootstrap OK for now) |
Let's Encrypt HTTP-01 on Railiance01 requires the public A record to reach
92.205.62.239. Service is live on the production cluster; TLS waits on DNS.
dig +short reuse.coulomb.social A
KUBECONFIG=~/.kube/config-hosteurope kubectl get certificate -n reuse
Until DNS propagates and certificate/reuse-surface-tls is Ready:
curl -k --resolve reuse.coulomb.social:443:92.205.62.239 https://reuse.coulomb.social/health
KUBECONFIG=~/.kube/config-hosteurope kubectl port-forward -n reuse svc/reuse-surface 18001:8000
export REUSE_SURFACE_URL=http://127.0.0.1:18001
Release surface
| Item | Value |
|---|---|
| Namespace | reuse |
| Helm release | reuse |
| Chart | charts/reuse-surface |
| Values | helm/reuse-surface-values.yaml |
| Image | gitea.coulomb.social/coulomb/reuse-surface:<tag> |
| Secret | reuse-surface-env (REUSE_SURFACE_TOKEN) |
Deploy
# 1. Pin image tag in helm/reuse-surface-values.yaml
# 2. Create secret (example — use SOPS handoff in production)
kubectl create namespace reuse --dry-run=client -o yaml | kubectl apply -f -
kubectl create secret generic reuse-surface-env \
--namespace reuse \
--from-literal=REUSE_SURFACE_TOKEN='<token>' \
--dry-run=client -o yaml | kubectl apply -f -
# Production (Railiance01)
KUBECONFIG=~/.kube/config-hosteurope make reuse-deploy
KUBECONFIG=~/.kube/config-hosteurope make reuse-status
# Restore kubeconfig from the node if missing:
# ssh tegwick@92.205.62.239 'sudo cat /etc/rancher/k3s/k3s.yaml' \
# | sed 's|127.0.0.1|92.205.62.239|' > ~/.kube/config-hosteurope
Smoke checks
curl -k --resolve reuse.coulomb.social:443:92.205.62.239 https://reuse.coulomb.social/health
export REUSE_SURFACE_TOKEN=$(KUBECONFIG=~/.kube/config-hosteurope kubectl get secret reuse-surface-env -n reuse \
-o jsonpath='{.data.REUSE_SURFACE_TOKEN}' | base64 -d)
export REUSE_SURFACE_URL=https://reuse.coulomb.social # after DNS + TLS Ready
reuse-surface hub status
reuse-surface hub list
curl -fsS "$REUSE_SURFACE_URL/v1/federated" | jq '.capabilities | length'
Deployed image tag: see helm/reuse-surface-values.yaml (currently cb7a6e4).
Dogfood: reuse-surface repo registered; federated index returns 12 capabilities.
Operations
make reuse-logs
make reuse-status
Image promotion: build from coulomb/reuse-surface, push to Gitea OCI, update
helm/reuse-surface-values.yaml image.tag, then:
KUBECONFIG=~/.kube/config-hosteurope make reuse-deploy
Bootstrap copy on CoulombCore (92.205.130.254) was removed 2026-06-15 — use
config-hosteurope only.