boma/docs
sjat 99ace3eb48 Add design spec for mesh VPN (NetBird self-hosted on askari)
Resolves ADR-015 deferred item #1: the mesh VPN is NetBird, self-hosted on
askari, replacing ADR-007's VLAN-99 OPNsense WireGuard. Agent-per-host
enrollment via base, embedded local-user IdP, coordinator off-site for
outage survival. Basis for ADR-016.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-05 10:58:35 +02:00
..
decisions ADR-012/hardware: add ubongo as physical control node 2026-06-05 09:43:09 +02:00
hardware ADR-012/hardware: add ubongo as physical control node 2026-06-05 09:43:09 +02:00
reviews review-repo: harden scanner, apply safe fixes, record first review 2026-05-30 19:10:58 +02:00
runbooks rotate-secrets: document offline vault break-glass for ubongo 2026-06-05 09:45:27 +02:00
security accepted-risks: reserve R3 mesh-VPN coordinator (pending choice) 2026-06-05 09:46:40 +02:00
superpowers Add design spec for mesh VPN (NetBird self-hosted on askari) 2026-06-05 10:58:35 +02:00
CAPABILITIES.md Renamed capabilities doc to capital letters to comform with other. 2026-06-05 09:36:55 +02:00
FRICTION.md FRICTION: default to subagent-driven execution, don't ask 2026-06-05 09:35:13 +02:00
README.md Add architecture decision records and runbooks 2026-05-30 14:10:01 +02:00
TODO.md Make the Claude Code toolchain reproducible (TODO 10.7) 2026-06-04 21:41:54 +02:00

docs/

Project documentation.

  • decisions/ — Architecture Decision Records (ADRs): the "why" behind the design. Numbered from 001; each records context, the decision, and what was ruled out.
  • runbooks/ — step-by-step operational procedures (add a host, add a role, rotate secrets).

For what is actually built vs only designed, see STATUS.md at the repo root — the ADRs describe intent, not necessarily current reality.