tegwick
4381a079a2
- tools/cmd/railiance-backup: pg_dump + config snapshot, age-encrypted, uploaded to Nextcloud file drop via curl PUT. Daily cron target. - tools/cmd/railiance-preflight: pre-migration safety gate — checks backup freshness, all repos clean/pushed, age key present. - bin/railiance: added backup and preflight subcommands. - DECISIONS.md: decision log (D1 ingress Nginx+Traefik, D2 Nextcloud backup). - .gitignore: exclude *backup-dropoff-link* files (contain upload tokens). - CLAUDE.md: state hub session protocol update. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
22 lines
794 B
Markdown
22 lines
794 B
Markdown
# Decision Log
|
|
|
|
_Auto-generated by the Custodian State Hub._
|
|
|
|
## D1 — Ingress controller: Traefik (K3s default) vs Nginx for ThreePhoenix
|
|
|
|
**Date:** 2026-02-25
|
|
**Decided by:** Tegwick
|
|
|
|
I want to go with C and separate concerns. Nginx for external SSL will need security and functional updates on a completly different schedule to Traefik canary and production workload splitting. The second area of implementation is more complicated, volatile and will need time to settle.
|
|
|
|
---
|
|
|
|
## D2 — Durable offsite backup destination for single-server safety net
|
|
|
|
**Date:** 2026-02-25
|
|
**Decided by:** Tegwick
|
|
|
|
We will use cloud storage the backup should be encypted to be safe regardless of the location and provider and for starters I will provide a nextcloud upload space as a backend.
|
|
|
|
---
|