sjat
64f1e821d8
11 safe auto-fixes (docs/comments only): reverse_proxy meta stale DNS-01 description, base/playbooks/scripts/terraform/public_dns README build-state, CAPABILITIES reverse-proxy Traefik→Caddy, README ADR list → 024, TF cax11→cx23 stamps, public_dns wildcard DNS-01→HTTP-01 comment. 29 open findings reported. make lint green. No stale-deferred (ADR-011 open questions still open). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
19 lines
1 KiB
Markdown
19 lines
1 KiB
Markdown
# playbooks/
|
|
|
|
Top-level orchestration playbooks. No inline vars — configuration comes from
|
|
`group_vars/` / `host_vars/` (see CLAUDE.md).
|
|
|
|
- `site.yml` — full standard state: applies `base` to all hosts and `docker_host`
|
|
to docker hosts. **Note:** `base` is only partially built (its `firewall` +
|
|
`hardening` concerns) and the cluster has no docker hosts yet, so this is
|
|
incomplete — see `STATUS.md`.
|
|
- `workstation.yml` — applies the `dev_env` role (interactive developer environment)
|
|
to the `control` group; built and applied to `ubongo` (see `STATUS.md`).
|
|
- `dns.yml` — manages the public DNS zone (wingu.me) at Gandi LiveDNS via the
|
|
`public_dns` role; runs from the control node against an external API.
|
|
- `offsite.yml` — off-site hosts (`askari`): `docker_host` (Docker engine) +
|
|
`reverse_proxy` (Caddy). NetBird coordinator appended in M4b.
|
|
- `bootstrap.yml` — first-run setup for a host that may not have Python yet;
|
|
self-contained (does not depend on the roles).
|
|
|
|
Run via `make check PLAYBOOK=<name>` then `make deploy PLAYBOOK=<name>`.
|