boma/docs/superpowers/specs
sjat 02e1eb7449 docs(spec): design local VM integration testing on ubongo (2.4)
Throwaway KVM VMs on ubongo (libvirt, Approach A) that mirror a real host (real Docker, real reboot, real role apply) to catch the reboot/firewall/boot-order class Molecule cannot - the 2026-06-17 mesh-hardening incident. First profile: be askari; tiered certs (internal + le-staging built, le-prod-wildcard on-demand). Concrete build of ADR-008 Level 2/3; to be recorded as ADR-025.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-18 11:35:51 +02:00
..
2026-06-01-hardware-capacity-design.md Add hardware reference & capacity-evaluation design spec 2026-06-01 09:59:16 +02:00
2026-06-05-logging-log-integrity-design.md Add design spec for logging + log integrity (ship all to Loki) 2026-06-05 22:03:31 +02:00
2026-06-05-mesh-vpn-netbird-design.md Add design spec for mesh VPN (NetBird self-hosted on askari) 2026-06-05 10:58:35 +02:00
2026-06-05-service-ui-verification-design.md Add design spec for service-UI verification (ADR-008 Level 4) 2026-06-05 13:05:11 +02:00
2026-06-05-ubongo-control-host-design.md Add design spec for ubongo control/AI-worker host 2026-06-05 09:19:02 +02:00
2026-06-06-firewall-strategy-design.md docs(spec): firewall strategy design (TODO 3.5 → ADR-020) 2026-06-06 15:36:24 +02:00
2026-06-06-host-nftables-firewall-design.md docs(spec): host nftables firewall design (ADR-020 build #1) 2026-06-06 18:40:50 +02:00
2026-06-06-tagging-strategy-design.md docs(spec): tagging standard design (TODO 3.7/3.11 → ADR-019) 2026-06-06 09:15:44 +02:00
2026-06-09-operational-access-design.md docs(access): design operational-access doctrine (ADR-021) 2026-06-09 17:10:54 +02:00
2026-06-10-adr-structure-design.md docs(adr): add Proposed lifecycle state; mark ADR-011 Proposed 2026-06-10 14:48:55 +02:00
2026-06-10-backup-strategy-design.md docs(backup): final-review fixes — stateless BACKUP.md, dump-step wording, spec sync 2026-06-10 11:32:06 +02:00
2026-06-11-public-dns-gandi-migration-design.md docs(spec): note project (boma) vs domain (wingu.me) in the naming scheme 2026-06-14 09:47:13 +02:00
2026-06-14-askari-provisioning-design.md docs(spec): M2 — provision askari via Terraform + Hetzner Cloud 2026-06-14 10:12:10 +02:00
2026-06-14-base-ssh-fail2ban-m3-design.md docs(spec,plan): M3 — base ssh hardening + fail2ban 2026-06-14 16:38:38 +02:00
2026-06-14-kaizen-command-design.md docs(spec): /kaizen — kaizen-loop command (TODO 11) 2026-06-14 21:05:09 +02:00
2026-06-14-netbird-coordinator-m4-design.md docs(spec): M4 — NetBird coordinator on askari + Caddy reverse proxy 2026-06-14 17:19:21 +02:00
2026-06-17-m5-mesh-enrollment-design.md docs(spec): M5 mesh-enrollment design (reachability-only) 2026-06-17 15:44:13 +02:00
2026-06-17-mesh-hardening-askari-ssh-wt0-design.md docs(spec): mesh-hardening 1/3 — move askari SSH onto wt0 2026-06-17 20:15:12 +02:00
2026-06-18-local-vm-integration-testing-design.md docs(spec): design local VM integration testing on ubongo (2.4) 2026-06-18 11:35:51 +02:00