sjat/boma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
boma/docs
History
sjat 4933186d31 docs(friction): task-3 integration-gate findings (dnsmasq, nftables, hostname) 
Documents three blockers found while developing the askari_inputonly
integration-test profile:

1. inet filter default-deny silently blocks libvirt dnsmasq DHCP: nftables
   multi-table independence means ip filter LIBVIRT_INP accept does NOT
   prevent inet filter drop. Diagnosed via strace; fixed with a drop-in.

2. libvirt leaseshelper PID-file: virPidFileReleasePath unlinks the file after
   every call; nobody cannot recreate in /run/. Fix: suid root C wrapper.

3. cloud-init rejects underscores in local-hostname → skips network-config
   → no DHCP. Fix: sanitize with replace("_", "-") in meta-data hostname.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19 19:16:45 +02:00
..
access docs(access): correct ADR-021 governance (runbook+gate, not scaffold) 2026-06-09 17:52:24 +02:00
backup docs(backup): add BACKUP.md template + backup__* contract (ADR-022) 2026-06-10 11:20:01 +02:00
decisions fix: address final whole-branch review findings 2026-06-18 21:52:28 +02:00
hardware docs: wire ADR-025 into testing/control-host/risks/status/capacity 2026-06-18 12:51:22 +02:00
reviews docs(review): 2026-06-14 repo audit — M4a doc drift + Traefik→Caddy lag 2026-06-14 18:37:54 +02:00
runbooks docs(runbook): netbird-client mesh-drop / DNS troubleshooting 2026-06-18 22:30:41 +02:00
security docs(adr/security): record claude NOPASSWD sudo model (ADR-015 amend + R7) 2026-06-18 21:39:20 +02:00
superpowers docs(plan): mesh-hardening redesign — askari implementation plan 2026-06-19 16:32:27 +02:00
testing docs(kaizen): bind-mount gotcha + consume 7 signals into the ledger (2026-06-17) 2026-06-17 17:50:17 +02:00
CAPABILITIES.md docs: reconcile 2026-06-14 review findings (O1-O7,O18,O22) 2026-06-14 19:06:33 +02:00
FRICTION.md docs(friction): task-3 integration-gate findings (dnsmasq, nftables, hostname) 2026-06-19 19:16:45 +02:00
README.md docs: reconcile lower-severity review findings (O9-O24) 2026-06-14 19:31:40 +02:00
ROADMAP.md docs(status): mesh-hardening 2/3 — ubongo reboot-validated 2026-06-19 16:25:19 +02:00
TODO.md docs(todo): add note on ubongo↔cluster network topology question 2026-06-19 19:15:18 +02:00

README.md

docs/

Project documentation.

  • decisions/ — Architecture Decision Records (ADRs): the "why" behind the design. Numbered from 001; each records context, the decision, and what was ruled out.
  • runbooks/ — step-by-step operational procedures (add a host, add a role, rotate secrets).
  • security/ — security baseline, accepted-risk register, per-service checklist + template (ADR-002/004).
  • testing/ — testing methodology artifacts + the VERIFY.md template (ADR-008/017).
  • access/ — operational-access doctrine + the ACCESS.md template (ADR-021).
  • backup/ — backup doctrine + the BACKUP.md template (ADR-022).
  • hardware/ — capacity reference + /capacity-review output (ADR-012).
  • reviews//review-repo audit trail.
  • CAPABILITIES.md / ROADMAP.md / TODO.md / FRICTION.md — what boma does, the build order, the backlog, and recurring-friction notes.

For what is actually built vs only designed, see STATUS.md at the repo root — the ADRs describe intent, not necessarily current reality.