coulomb/railiance-apps
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
77aa0d76f55cadb78e9f31c57f94918d1ef94807
railiance-apps/docs/reuse-surface-on-railiance01.md
tegwick 77aa0d76f5 Finish RAILIANCE-WP-0007: reuse-surface hub deployed on railiance01 
Helm revision 3 with image cb7a6e4. Runbook updated with TLS/DNS operator
guidance and smoke-check commands.
2026-06-15 10:15:36 +02:00

2.4 KiB
Raw Blame History

reuse-surface on railiance01

Federation service deployment for https://reuse.coulomb.social.

Companion workplans: RAILIANCE-WP-0007 (Helm release), REUSE-WP-0011 (service + CLI).

DNS and TLS

Record Target Notes
reuse.coulomb.social A 92.205.130.254 Cluster Traefik ingress (same as hub.coulomb.social)

Let's Encrypt HTTP-01 requires traffic to reach this cluster. An earlier A record to 92.205.62.239 does not satisfy the challenge until DNS propagates to the ingress IP.

dig +short reuse.coulomb.social A
kubectl get certificate -n reuse

Until certificate/reuse-surface-tls is Ready, smoke checks from a workstation:

curl -k --resolve reuse.coulomb.social:443:92.205.130.254 https://reuse.coulomb.social/health
kubectl port-forward -n reuse svc/reuse-surface 18001:8000
export REUSE_SURFACE_URL=http://127.0.0.1:18001

Release surface

Item Value
Namespace reuse
Helm release reuse
Chart charts/reuse-surface
Values helm/reuse-surface-values.yaml
Image gitea.coulomb.social/coulomb/reuse-surface:<tag>
Secret reuse-surface-env (REUSE_SURFACE_TOKEN)

Deploy

# 1. Pin image tag in helm/reuse-surface-values.yaml
# 2. Create secret (example — use SOPS handoff in production)
kubectl create namespace reuse --dry-run=client -o yaml | kubectl apply -f -
kubectl create secret generic reuse-surface-env \
  --namespace reuse \
  --from-literal=REUSE_SURFACE_TOKEN='<token>' \
  --dry-run=client -o yaml | kubectl apply -f -

make reuse-dry-run
make reuse-deploy
make reuse-status

Smoke checks

curl -k --resolve reuse.coulomb.social:443:92.205.130.254 https://reuse.coulomb.social/health

export REUSE_SURFACE_TOKEN=$(kubectl get secret reuse-surface-env -n reuse \
  -o jsonpath='{.data.REUSE_SURFACE_TOKEN}' | base64 -d)
export REUSE_SURFACE_URL=https://reuse.coulomb.social   # after TLS Ready
reuse-surface hub status
reuse-surface hub list
curl -fsS "$REUSE_SURFACE_URL/v1/federated" | jq '.capabilities | length'

Deployed image tag: see helm/reuse-surface-values.yaml (currently cb7a6e4). Dogfood: reuse-surface repo registered; federated index returns 12 capabilities.

Operations

make reuse-logs
make reuse-status

Image promotion: build from coulomb/reuse-surface, push to Gitea OCI, update helm/reuse-surface-values.yaml image.tag, make reuse-deploy.

Reference in New Issue View Git Blame Copy Permalink