sjat/boma

History

sjat 64f1e821d8 docs(review): 2026-06-14 repo audit — M4a doc drift + Traefik→Caddy lag 11 safe auto-fixes (docs/comments only): reverse_proxy meta stale DNS-01 description, base/playbooks/scripts/terraform/public_dns README build-state, CAPABILITIES reverse-proxy Traefik→Caddy, README ADR list → 024, TF cax11→cx23 stamps, public_dns wildcard DNS-01→HTTP-01 comment. 29 open findings reported. make lint green. No stale-deferred (ADR-011 open questions still open). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>		2026-06-14 18:37:54 +02:00
..
environments	docs(review): 2026-06-14 repo audit — M4a doc drift + Traefik→Caddy lag	2026-06-14 18:37:54 +02:00
modules	docs(review): 2026-06-14 repo audit — M4a doc drift + Traefik→Caddy lag	2026-06-14 18:37:54 +02:00
README.md	docs(review): 2026-06-14 repo audit — M4a doc drift + Traefik→Caddy lag	2026-06-14 18:37:54 +02:00

README.md

terraform/

Infrastructure provisioning. Terraform owns VM existence only — creating and destroying Proxmox VMs. It writes no DNS records and configures nothing inside a VM; Ansible owns all of that.

modules/proxmox_vm/ — reusable VM module (Proxmox only).
modules/hetzner_vm/ — reusable VM module (Hetzner Cloud: server + firewall + SSH key + cloud-init).
environments/{staging,production}/ — separate state per environment (Proxmox). Add a VM by editing local.vms in that env's main.tf, then make tf-plan → tf-apply → tf-inventory. Not yet terraform inited.
environments/offsite/ — the off-site Hetzner host (askari); the one applied environment. Use make tf-* TF_ENV=offsite and tf-inventory-offsite.

Rationale: ADR-006. Handoff to Ansible: ADR-009. Secrets via TF_VAR_* only — never in .tfvars. See STATUS.md for what is provisioned.