CONTRACT_004 offsite target (ADR-004 'second self-hosted location'). @pulumi/minio program (modeled on olsicloud4 modules/minio): bucket 'olsitec-foundation' + scoped IAM user/policy + service account on minio.wob.olsitec.de:19000. Verified: scoped SA can put/list/delete in its bucket, DENIED cross-bucket. Admin creds + scoped creds via ENV/state only (gitignored), never committed. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
34 lines
2.3 KiB
Text
34 lines
2.3 KiB
Text
--- 2026-06-30T16:17:52Z ---
|
|
HOST: mac-studio -> docker:ssh://andiolsi@192.168.1.2 (crunchy01)
|
|
CWD: /Users/andiolsi/work/olsitec-foundation/foundation/bootstrap
|
|
REPO: olsitec-foundation BRANCH: master ENVIRONMENT: validation(ephemeral)
|
|
CMD: pulumi up --yes (create foundation-net only) then inspect then pulumi destroy --yes
|
|
EXIT: RUNNING
|
|
NOTE: T03 precursor live validation — prove Docker-over-SSH provider creates foundation-net on crunchy01; ephemeral, destroyed immediately, nothing persisted (per user constraint).
|
|
---
|
|
--- 2026-06-30T16:18:39Z UPDATE ---
|
|
CMD: (above) pulumi up/inspect/destroy — foundation-net on crunchy01
|
|
EXIT: 0 — created (subnet 172.30.0.0/24, bridge, attachable, verified) then destroyed clean; nothing persisted.
|
|
---
|
|
--- 2026-06-30T16:51:46Z ---
|
|
HOST: mac-studio -> hetzner-api (eu-central/nbg1-dc3)
|
|
CWD: /Users/andiolsi/work/olsitec-foundation/foundation/provision PROJECT: foundation-provision STACK: foundation-test
|
|
ENVIRONMENT: test(throwaway)
|
|
CMD: pulumi up --yes (HetznerDeployment cx22 + firewall + docker cloud-init)
|
|
EXIT: RUNNING
|
|
NOTE: Phase-0 provision of throwaway foundation TEST VM via vendored @olsitec/pulumi-hetzner. ~14 hcloud resources. Billable (~EUR0.007/hr). Destroyable via 'pulumi destroy' in provision/.
|
|
---
|
|
--- 2026-06-30T16:51:49Z UPDATE ---
|
|
EXIT: 0 — see outputs (publicIp). VM provisioning; docker installs via cloud-init (~1-2 min).
|
|
---
|
|
--- 2026-06-30T16:54:41Z UPDATE ---
|
|
EXIT: 0 — VM created (cx23, nbg1-dc3). publicIp in outputs. Docker installing via cloud-init.
|
|
---
|
|
--- 2026-06-30T16:57:30Z UPDATE ---
|
|
EXIT: 0 — test VM foundation-test @ 91.98.117.152 (cx23, nbg1-dc3), SSH:222, Docker 29.6.1 verified.
|
|
NOTE: docker-over-SSH provider path needs SSH_PRIVATE_KEY_PATH=~/.ssh/foundation-test_ed25519 + FOUNDATION_DOCKER_HOST=ssh://root@91.98.117.152:222. DESTROY: cd provision && pulumi destroy (stack foundation-test).
|
|
---
|
|
--- 2026-06-30T18:13:36Z --- CMD: pulumi up (cx33/hel1-dc2 replace) EXIT: RUNNING
|
|
--- 2026-06-30T18:32:52Z --- HOST: mac->minio.wob.olsitec.de:19000 CMD: pulumi up (olsitec-foundation bucket + scoped SA) EXIT: RUNNING NOTE: offsite backup target setup
|
|
--- 2026-06-30T18:32:54Z UPDATE --- EXIT: 0 — bucket+scoped SA created on home MinIO
|
|
--- 2026-06-30T18:34:55Z UPDATE --- EXIT: 0 — olsitec-foundation bucket + scoped SA verified (put/list/delete OK, cross-bucket DENIED).
|