foundation/documentation
Andreas Niemann 2e11fd2448 docs(adr): ADR-007 — control-plane ops via remote.Command (docker-exec over SSH)
Internal service ports (Postgres 5432, Vault 8200, RustFS 9000) are not
published off-host (CONTRACT_003), so the operator's Pulumi process cannot
reach them to run init/role/bucket/admin steps. Adopt @pulumi/command
remote.Command over the existing SSH path, acting through `docker exec`, for
every in-VM control-plane operation in Wave 2: idempotent, readiness-gated,
secrets passed on stdin (never inlined — the provider echoes the command on
error; D2). The vendored fetch()-based VaultInitialization is kept for
Layer-1, not used by the egg; the olsitec-core init→capture→unseal pattern is
reused, only the mechanism adapts to the remote VM.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-30 21:10:34 +02:00
..
_templates chore: scaffold olsitec-foundation mono-repo 2026-06-30 17:10:46 +02:00
agents feat(bootstrap): Bun-workspace skeleton + typed config + vendored modules — T02 2026-06-30 18:06:21 +02:00
command-log feat(bootstrap): real olsitec.net config + DNS records (steps 1+2) 2026-06-30 20:47:30 +02:00
contracts feat(bootstrap): real olsitec.net config + DNS records (steps 1+2) 2026-06-30 20:47:30 +02:00
decisions docs(adr): ADR-007 — control-plane ops via remote.Command (docker-exec over SSH) 2026-06-30 21:10:34 +02:00
knowledge_base chore: scaffold olsitec-foundation mono-repo 2026-06-30 17:10:46 +02:00
planning chore: scaffold olsitec-foundation mono-repo 2026-06-30 17:10:46 +02:00
retrospectives chore: scaffold olsitec-foundation mono-repo 2026-06-30 17:10:46 +02:00
sessions docs(session): SESSION_2026-06-30_001 — state + Wave 2 handoff 2026-06-30 20:48:35 +02:00
000_baseline.md chore: scaffold olsitec-foundation mono-repo 2026-06-30 17:10:46 +02:00
000_TOPOLOGY.md chore: scaffold olsitec-foundation mono-repo 2026-06-30 17:10:46 +02:00