diff --git a/docs/ROADMAP.md b/docs/ROADMAP.md index b7682f3..3b1f416 100644 --- a/docs/ROADMAP.md +++ b/docs/ROADMAP.md @@ -57,13 +57,21 @@ records **managed as code (IaC)**, not hand-edited in a panel. Cloudflare is never touched again. - **IaC approach:** follow boma's grain — internal DNS is already Ansible-rendered and Terraform owns *no* DNS (CLAUDE.md), so **public DNS is Ansible-managed too** (Gandi - LiveDNS via an Ansible module). Exact module/role shape is M1's spec decision. + LiveDNS via an Ansible module — exact module pinned in M1's spec, verified per ADR-014). +- **Naming scheme (decided):** three tiers — `.boma.baobab.band` (infra, + internal-only) · `.baobab.band` (home/cluster services, split-horizon) · + `.askari.baobab.band` (off-site/VPS, public). **`nyumbani` dropped.** Home + services are **mesh/LAN-only by default** (no public record; reached over LAN or the + NetBird mesh), with public Gandi records only for deliberate exceptions. The NetBird + mesh carries the `baobab.band` match-domain to road-warriors (resolver = dns1/dns2 over + `wt0`); a `*.baobab.band` ACME **DNS-01** wildcard cert (Gandi API) gives even + unexposed services real TLS. Resolves TODO 4 and review finding O12. - **Care:** the live record `forgejo.nyumbani.baobab.band` (the git `origin` / Forgejo - remote) must not break during the cutover. -- **Records as a new/updated ADR:** amends ADR-007's "served by external DNS (Cloudflare - or equivalent)" line to "Gandi LiveDNS, managed as code." -- **Maps to:** ADR-007 (network/DNS), TODO 4 (split-horizon FQDN — decide w/ or w/o - `nyumbani` here or defer). + remote, :7577) becomes `forgejo.baobab.band` — cutover must update the remote + CI + without breaking pushes. +- **Records as a new/updated ADR:** amends ADR-007 — public DNS provider → Gandi LiveDNS + managed as code; the three-tier naming scheme; `nyumbani` removed; mesh/LAN-only default. +- **Maps to:** ADR-007 (network/DNS), ADR-016 (mesh DNS), TODO 4 (**resolved here**). ### M2 · `askari` provisioned + under Ansible