foundation/bootstrap
Andreas Niemann 6edba60612 feat(bootstrap): postgres data-plane + remote helper (T03)
foundation-postgres (postgres:17, digest-pinned in VERSIONS) on foundation-net,
internal only (5432 unpublished); named volume foundation-postgres-data with
retainOnDelete. The forgejo login role + database are created post-boot by an
idempotent, readiness-gated remote.Command (ADR-007), since 5432 isn't reachable
from the operator. Adds the generator half of credentials.ts (@pulumi/random →
CONTRACT_002 postgres keys) and lib/remote.ts (vmConnection over the VM SSH path).

Live on cx33 Helsinki: container healthy, role 'forgejo' + db 'forgejo' present,
no published ports. Acceptance T03 met.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-30 21:10:34 +02:00
..
components feat(bootstrap): postgres data-plane + remote helper (T03) 2026-06-30 21:10:34 +02:00
lib feat(bootstrap): postgres data-plane + remote helper (T03) 2026-06-30 21:10:34 +02:00
config.ts feat(bootstrap): real olsitec.net config + DNS records (steps 1+2) 2026-06-30 20:47:30 +02:00
index.ts feat(bootstrap): postgres data-plane + remote helper (T03) 2026-06-30 21:10:34 +02:00
package.json feat(bootstrap): postgres data-plane + remote helper (T03) 2026-06-30 21:10:34 +02:00
Pulumi.foundation.yaml feat(bootstrap): real olsitec.net config + DNS records (steps 1+2) 2026-06-30 20:47:30 +02:00
Pulumi.yaml feat(bootstrap): Bun-workspace skeleton + typed config + vendored modules — T02 2026-06-30 18:06:21 +02:00
run.sh feat(bootstrap): real olsitec.net config + DNS records (steps 1+2) 2026-06-30 20:47:30 +02:00
tsconfig.json feat(bootstrap): postgres data-plane + remote helper (T03) 2026-06-30 21:10:34 +02:00