4ee1b66e23
Source vault password from Vaultwarden via rbw; nest vault structure
...
Master vault password is fetched from Vaultwarden via the rbw agent
(scripts/vault-pass-client.sh, wired as vault_password_file) instead of a
plaintext .vault_pass. Vault secrets use a nested vault.<service>.<key> map.
Encrypted vault.yml files are excluded from lint. Includes the host rename in
Makefile and STATUS.md.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-30 18:16:35 +02:00
2dfa8ca9d6
Harden lint setup and clean inventory placeholders
...
- Pin pre-commit ansible-lint hook to ansible-core==2.17.* (was floating, crashed)
- Add pre-commit to requirements.txt
- Align .yamllint with ansible-lint (comments-indentation off, octal rules on)
- Rewrite inventory placeholders to lint-clean empty-group form
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-30 14:56:16 +02:00
19d93d32dc
Add project orientation and contributor docs
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-30 14:10:01 +02:00
9a8181ef18
Add Terraform VM-provisioning skeleton
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-30 14:10:01 +02:00
fe4228fb38
Add architecture decision records and runbooks
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-30 14:10:01 +02:00
3f1d7eb128
Add core Ansible scaffold, tooling, and pre-commit guards
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-30 14:10:01 +02:00