coulomb/railiance-apps
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a1a1016b84305870e9970635b25d6f86aa7ceb61
railiance-apps/workplans/RAILIANCE-WP-0007-reuse-surface-hub-on-railiance01.md

3.4 KiB
Raw Blame History

id, type, title, domain, repo, status, owner, topic_slug, created, updated, state_hub_workstream_id
id type title domain repo status owner topic_slug created updated state_hub_workstream_id
RAILIANCE-WP-0007 workplan Deploy reuse-surface federation service on railiance01 railiance railiance-apps finished codex railiance 2026-06-15 2026-06-15 7da18dd8-76b9-4a70-b9d7-de541afc65c0

Deploy reuse-surface federation service on railiance01

Companion to reuse-surface REUSE-WP-0011. Own the S5 Helm release, ingress, and operator targets for the federation service on production cluster node railiance01 (92.205.130.254).

Goal

Expose the helix_forge federation API at https://reuse.coulomb.social so repos can register capability index URLs via reuse-surface hub without per-machine sources.yaml maintenance.

Gitea repo: coulomb/reuse-surface
OCI image: gitea.coulomb.social/coulomb/reuse-surface:<tag>

DNS evidence

reuse.coulomb.social A → 92.205.62.239 (operator confirmed 2026-06-15). Ingress host configured in charts/reuse-surface/values.yaml.

Upstream dependency

Upstream Workplan Required artifact
Service + image reuse-surface REUSE-WP-0011 Image gitea.coulomb.social/coulomb/reuse-surface:<tag>, reuse-surface serve, /health

Do not deploy until REUSE-WP-0011-T04 publishes a buildable image.

Placement

Follow the inter-hub pattern:

  • charts/reuse-surface/ — Helm chart (Deployment, Service, Ingress, PVC)
  • helm/reuse-surface-values.yaml — non-secret overrides (image tag)
  • Secret reuse-surface-env with REUSE_SURFACE_TOKEN
  • Makefile targets: reuse-dry-run, reuse-deploy, reuse-status, reuse-logs
  • Namespace: reuse

Safety contract

  • Do not commit decrypted SOPS values or REUSE_SURFACE_TOKEN.
  • Pin image tags in helm/reuse-surface-values.yaml.
  • PVC at /data for SQLite (reuse.db) and fetch cache.

Scaffold Helm Chart For reuse-surface

id: RAILIANCE-WP-0007-T01
status: done
priority: high
state_hub_task_id: "d296f037-67a3-4b49-a773-6ebc2b252f3d"

Create charts/reuse-surface/ with Deployment (reuse-surface serve), Service, PVC, Ingress, probes on /health.

Add Values, Secret Template, And Makefile Targets

id: RAILIANCE-WP-0007-T02
status: done
priority: high
state_hub_task_id: "5050e2fb-b60c-4519-9168-81a6073fb4a2"

Add helm/reuse-surface-values.yaml, document Secret reuse-surface-env, and Makefile reuse-* targets.

Configure Ingress For reuse.coulomb.social

id: RAILIANCE-WP-0007-T03
status: done
priority: medium
state_hub_task_id: "80dc308a-02e8-453c-a20a-d6f634b7ce12"

Ingress enabled in chart values:

  • ingress.host: reuse.coulomb.social
  • cert-manager.io/cluster-issuer: letsencrypt-prod
  • Traefik annotations matching inter-hub

DNS A record live: reuse.coulomb.social → 92.205.62.239.

Deploy Release To railiance01

id: RAILIANCE-WP-0007-T04
status: done
priority: medium
state_hub_task_id: "14049fd1-3319-4a76-8b48-c4228a7939f7"

Helm revision 3 (image cb7a6e4). Pod Running; /health and /v1/federated verified. TLS pending DNS A → 92.205.130.254.

Post-Deploy Verification And Runbook

id: RAILIANCE-WP-0007-T05
status: done
priority: low
state_hub_task_id: "30b08789-4eb7-4182-87d1-8e464fc968d1"

Runbook docs/reuse-surface-on-railiance01.md updated with deploy evidence, token retrieval, and TLS/DNS operator note. Smoke checks pass via ingress resolve; public TLS awaits DNS A → 92.205.130.254.

Reference in New Issue View Git Blame Copy Permalink