diff --git a/docs/decisions/005-bootstrapping.md b/docs/decisions/005-bootstrapping.md index 646c709..71188f6 100644 --- a/docs/decisions/005-bootstrapping.md +++ b/docs/decisions/005-bootstrapping.md @@ -51,11 +51,12 @@ for the end-to-end commands and `docs/runbooks/new-host.md` for the full procedu ## Control node bootstrapping The control node is a special case — it runs Terraform and Ansible, so it cannot -be created by the Terraform it hosts (chicken-and-egg). It is the one documented -exception to Terraform-owned VM existence (see ADR-009). The control node requires: +be created by the Terraform it hosts (chicken-and-egg). It is `ubongo`, a dedicated +**physical** machine outside the cluster, and the one documented exception to +Terraform-owned VM existence (see ADR-009 and ADR-015). The control node requires: -1. Manual VM provisioning — clone this cloud-init template by hand (Proxmox UI or - `qm clone`), since Terraform is not yet available to do it +1. Manual OS provisioning — install Debian 13 on the physical box by hand (it is not + a Proxmox guest, so there is no template to clone) 2. Manual setup of the Ansible environment: ```bash git clone ~/ansible @@ -68,9 +69,10 @@ exception to Terraform-owned VM existence (see ADR-009). The control node requir ``` 3. After that, the control node can manage all other hosts normally -The control node itself is listed in `inventories/production/hosts.yml` under -a `control` group and can be managed for baseline config (SSH, firewall, updates) -but not for the `docker_host` role (it does not run services). +`ubongo` is listed in `inventories/production/hosts.yml` under the `control` group +and can be managed for baseline config (SSH, firewall, updates) but not for the +`docker_host` role (it does not run services). Hardware target and recovery model +are in ADR-015. ## Decision