# Ops Hub Service Catalog Now View

<!-- generated by ops/render_service_inventory.py; edit ops/service-inventory.yml instead -->

Source: `ops/service-inventory.yml`
Inventory last reviewed: `2026-06-05`

This is the repo-native first view for `CUST-WP-0047`. It exists so an
operator can answer what is running where before the full standalone
`ops-hub` application is available.

## Summary

| Metric | Count |
|---|---:|
| Environments | 4 |
| Hosts | 3 |
| Clusters | 3 |
| Services | 8 |
| Services: observed_ok | 2 |
| Services: unknown | 6 |

## Service Catalog

| Service | Where | Owner | Endpoint | Health | Data | Access | Top Gap |
|---|---|---|---|---|---|---|---|
| Gitea (gitea) | CoulombCore<br>type: k3s; cluster: coulombcore-k3s; namespace: default | railiance-apps | https://gitea.coulomb.social/v2/<br>Expected: status 401, OCI registry auth challenge | unknown<br>2026-05-16: Inventory draft records Helm release gitea, namespace default, app version 1.25.4, NodePort 32166, and registry auth challenge. | database:gitea-db<br>pvc:default/gitea-shared-storage | k8s: unknown (coulombcore-k3s/default) | Package token and push/pull verification need current evidence. |
| Gitea Database (gitea-database) | CoulombCore<br>type: k3s; cluster: coulombcore-k3s; namespace: databases | railiance-platform | - | unknown<br>2026-05-16: /home/worsch/helix-forge/wiki/OpsHubInventory.md | - | k8s: unknown (coulombcore-k3s/databases) | Backup and restore evidence not recorded in ops inventory. |
| Gitea Shared Storage (gitea-shared-storage) | CoulombCore<br>type: k3s; cluster: coulombcore-k3s; namespace: default | railiance-platform<br>railiance-apps | - | unknown<br>2026-05-16: /home/worsch/helix-forge/wiki/OpsHubInventory.md | - | k8s: unknown (coulombcore-k3s/default/pvc/gitea-shared-storage) | Package blob backup and restore evidence not confirmed. |
| State Hub (state-hub) | Local Workstation<br>type: local-process; host: local-workstation; ports: 8000 | state-hub<br>the-custodian | http://127.0.0.1:8000/state/health<br>Expected: status 200, health response | observed_ok<br>2026-06-05: State Hub accepted inbox, task, and progress API calls. | postgresql:state-hub | http: observed_ok (http://127.0.0.1:8000) | Future cluster deployment readiness still needs ops evidence. |
| Inter-Hub (inter-hub) | ThreePhoenix Production<br>type: external; public_endpoint: https://hub.coulomb.social | inter-hub | https://hub.coulomb.social/api/v2/openapi.json<br>Expected: status 200, OpenAPI document | unknown<br>2026-05-16: /home/worsch/helix-forge/wiki/OpsHubInventory.md | - | https: unknown (https://hub.coulomb.social) | ops-hub bootstrap requires authenticated UI flow or deployment-side migration. |
| activity-core (activity-core) | Railiance01<br>type: k3s; cluster: railiance01-k3s; namespace: activity-core | activity-core<br>the-custodian | activity-core API health endpoint<br>Expected: status 200, healthy DB and Temporal status | observed_ok<br>2026-05-23: API health, worker rollout, Temporal CLI schedule listing, and State Hub bridge were verified. | postgresql:activity-core<br>temporal:activity-core<br>nats:railiance01 | k8s: observed_ok (railiance01-k3s/activity-core) | Add explicit ops inventory probes and evidence events. |
| Ops Bridge (ops-bridge) | Local Workstation<br>type: bridge; host: local-workstation | ops-bridge | - | unknown<br>2026-05-16: Bridge is useful for connected-server visibility but is not itself the service catalog. | - | ssh-tunnel: unknown (connected remote servers) | Emit reachability evidence into ops-hub instead of relying on bridge state as inventory. |
| Haskell Build Agent (haskell-build-agent) | Local Workstation<br>type: systemd; host: haskell-build-vm | the-custodian | http://127.0.0.1:18000<br>Expected: VM can reach State Hub through SSH forward | unknown<br>undated: Build agent is a systemd service and registers with State Hub on boot. | - | ssh: unknown (local workstation reverse tunnel port 12222) | Current tunnel and capability registration need live evidence in ops-hub. |

## Open Operating Gaps

### Gitea (`gitea`)

- Package token and push/pull verification need current evidence.
- Backup and restore evidence for database and shared storage not recorded in ops inventory.

### Gitea Database (`gitea-database`)

- Backup and restore evidence not recorded in ops inventory.

### Gitea Shared Storage (`gitea-shared-storage`)

- Package blob backup and restore evidence not confirmed.

### State Hub (`state-hub`)

- Future cluster deployment readiness still needs ops evidence.

### Inter-Hub (`inter-hub`)

- ops-hub bootstrap requires authenticated UI flow or deployment-side migration.

### activity-core (`activity-core`)

- Add explicit ops inventory probes and evidence events.

### Ops Bridge (`ops-bridge`)

- Emit reachability evidence into ops-hub instead of relying on bridge state as inventory.

### Haskell Build Agent (`haskell-build-agent`)

- Current tunnel and capability registration need live evidence in ops-hub.

## Next Evidence Events

- `ops-service-observed` for each runtime object confirmed by a probe.
- `ops-endpoint-verified` for HTTP, HTTPS, tunnel, or cluster endpoints.
- `ops-access-path-checked` for non-secret access path checks.
- `ops-backup-verified` where backup and restore evidence exists.
- `ops-inventory-drift` when observed state differs from this inventory.