foundation/bootstrap
Andreas Niemann 1792fd9f89 feat(bootstrap): rustfs S3 data-plane + buckets/service account (T04)
foundation-rustfs (rustfs/rustfs digest-pinned) on foundation-net, internal only
(9000/9001 unpublished); named volume foundation-rustfs-data with retainOnDelete.
The four buckets (forgejo-packages/-artifacts/-lfs, foundation-backups) and a
scoped service account with generated keys (CONTRACT_002 rustfs slice) are
provisioned post-boot by an idempotent, readiness-gated remote.Command using a
throwaway mc container (ADR-007). RustFS speaks enough MinIO admin API for
`svcacct add`; `mc ready` is unreliable so readiness gates on `mc ls`; the mc
image's busybox lacks grep so existence checks use a shell `case`. Pins the
IMAGE_MC tool image in VERSIONS.

Live on cx33 Helsinki: 4 buckets present, service key registered, put/get
roundtrip OK, no published ports. Acceptance T04 met.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-30 21:19:53 +02:00
..
components feat(bootstrap): rustfs S3 data-plane + buckets/service account (T04) 2026-06-30 21:19:53 +02:00
lib feat(bootstrap): postgres data-plane + remote helper (T03) 2026-06-30 21:10:34 +02:00
config.ts feat(bootstrap): real olsitec.net config + DNS records (steps 1+2) 2026-06-30 20:47:30 +02:00
index.ts feat(bootstrap): rustfs S3 data-plane + buckets/service account (T04) 2026-06-30 21:19:53 +02:00
package.json feat(bootstrap): postgres data-plane + remote helper (T03) 2026-06-30 21:10:34 +02:00
Pulumi.foundation.yaml feat(bootstrap): real olsitec.net config + DNS records (steps 1+2) 2026-06-30 20:47:30 +02:00
Pulumi.yaml feat(bootstrap): Bun-workspace skeleton + typed config + vendored modules — T02 2026-06-30 18:06:21 +02:00
run.sh feat(bootstrap): real olsitec.net config + DNS records (steps 1+2) 2026-06-30 20:47:30 +02:00
tsconfig.json feat(bootstrap): postgres data-plane + remote helper (T03) 2026-06-30 21:10:34 +02:00