- apricot.yaml: Add explicit IP (10.0.0.13) and keyRef
- black.yaml: Remove woodpecker-ci from services list
Woodpecker CI removed in favor of Forgejo Actions (built-in).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Introduces unified host configuration abstraction:
- roles.yaml: Single source of truth for role-to-host mappings
- hosts.sh: Library for resolving hosts, IPs, and SSH config
- Supports role aliases and vault:// key references
Scripts can now use get_role_host()/get_role_ip() instead of
hardcoding IPs, enabling easier host migration.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add declarative infrastructure for self-hosted DevOps stack on black:
Reconciliation service (devops-stack.sh):
- Detects Docker installation and daemon status
- Auto-generates secrets on first deployment
- Syncs config from repo to remote
- Manages container lifecycle
- Staged deployment (Forgejo first, Woodpecker after OAuth)
Docker configuration:
- Forgejo with nginx proxy, postgres, runner
- Woodpecker CI with Forgejo OAuth integration
- Shared network for internal communication
Integration:
- Added to black host inventory
- rectify-deploy detects forgejo/woodpecker changes
- Convenience wrapper script (deploy-devops-stack.sh)
Also removes deprecated service-registry (replaced by status-dashboard).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add database init scripts for analytics, i18n, SEO, and truth-validation
services. Introduce kernel tuning reconciliation for production hosts.
Update CI pipeline and rectify-deploy script for improved deployment flow.
Extend host schema and configurations for VPS hosts.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add conversationAssistant feature to plum.yaml with full config
- Add conversation-assistant-agent to capabilities.services
- Update schema with conversationAssistant feature type
- Add macos, darwin, scutil to OS/family/hostname enums
The rectifier can now install/upgrade the conversation-assistant
macOS agent on Plum using the declarative manifest.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Move infrastructure tooling to dedicated repository, separate from codebase.
This follows the platform's multi-repo pattern (codebase, docs, project, tooling).
Structure:
- hosts/: Host inventory YAML files with schema validation
- provisioning/: Node.js reconciliation with verification/rollback
- reconciliation/: Bash reconciliation with verification/rollback
- docker/: Container configurations
- nginx/: Web server configs
- scripts/: Deployment and maintenance scripts
- service-registry/: Service discovery dashboard
- systemd/: Service unit files
Verification system implements "first step = last step" pattern:
- State hashing for quick comparison
- Pre-reconciliation snapshots for rollback
- Transaction semantics with file locking
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>