coulomb/railiance-infra
0
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity
1,978 Commits 1 Branch 0 Tags
main
Commit Graph

5 Commits

Author SHA1 Message Date
tegwick
703c57d91c chore(rename): railiance-hosts → railiance-infra 
Update all operational references to reflect the new repo name per
ADR-003 (OAS S1 Infrastructure Substrate). Historical text in ADRs
and state-hub-inbox files preserved as-is. Gitea remote URL updated
locally (Gitea repo rename is a manual step).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-10 00:34:18 +01:00
tegwick
15bb2978cc feat(tunnel): add make tunnel target; complete WP-0001 
- Add `make tunnel` to Makefile: reads first host from
  inventory/servers.yaml and opens a reverse SSH tunnel
  forwarding local state-hub (port 8000) to the remote host
- Mark T02 done and close WP-0001 (all tasks complete)
- WP-0002 T01/T02 task IDs backfilled by consistency checker

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 19:53:10 +01:00
tegwick
b32dfd4f5a docs: add verification guide, close WP-0002 
- docs/verification.md: explains spec/server-baseline.yaml, goss/baseline.yaml,
  make verify workflow, assertion mapping table, and how to add new checks
- docs/convergence.md: replace manual spot-check snippet with make verify reference
- workplans/RAIL-HO-WP-0002: mark completed (all tasks done, workstream closed)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 19:37:10 +01:00
tegwick
8f5799553e feat: implement WP-0002 — Goss test suite, verify playbook, and ADR-002 
- goss/baseline.yaml: assertions for all spec/server-baseline.yaml items
  (packages, services, SSH config, UFW rules, admin user, fail2ban, HISTCONTROL)
- goss/vars/baseline-vars.yaml: parameterised ports and paths
- ansible/roles/goss/: installs Goss binary (v0.4.9), deploys tests,
  runs assertions in TAP format, fetches report to reports/
- ansible/playbooks/verify.yaml: playbook wrapping the goss role
- Makefile: add 'make verify' target; update 'make status' with hint
- docs/adr/ADR-002: formal repo boundary — railiance-hosts vs railiance-bootstrap
- workplans/RAIL-HO-WP-0002: registered workstream 8fed53c2, T03–T06 done

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 12:38:48 +01:00
Bernd Worsch
2be5de2a3a feat: add server baseline spec, status command, and test suite workplan 
- Fix duplicate `converge` Makefile target (was causing warnings)
- Fix `make status` SSH hardening check (use grep on sshd_config instead
  of sshd -T which fails without hostkeys)
- Add `make status` target with connectivity, UFW, fail2ban, SSH checks
- Add spec/server-baseline.yaml — authoritative target-state spec for
  all managed nodes (firewall, SSH, services, packages, users)
- Add workplan RAIL-HO-WP-0002 for Goss test suite and repo boundary ADR

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 11:10:27 +00:00