Commit graph

3 commits

Author SHA1 Message Date
sjat
29b4d8fea5 runbook: swap flossfw wg1 peer public key on operator onboarding
One-command vault edit (replace flossfw.public_key) + wireguard-server
redeploy + verify handshake, for when the TaPPaaS operator sends their
WireGuard public key.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-28 13:57:53 +02:00
sjat
f11e6e12a4 docs: runbook for publishing services on mf01
How to publish HTTP services as <svc>.mf01.makerfloss.eu (VPS-terminated
TLS, wg1 inner hop, mf01 internal Traefik). Built + verified 2026-06-09.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-09 18:02:09 +02:00
sjat
9ff12700ae Initial troubleshooting workspace: access, network map, runbooks
Scaffold for troubleshooting MakerFLOSS hosts at the makerspace.
Reference + thin runbooks model — authoritative data stays in the
source repos (AnsibleBaobabV4, MakerFLOSS_Mikrotik, MakerFLOSS).

- access.md: reach paths for mamba-on-LAN and fisi-tunneling-in
  (netbird on-demand, VPS bastion, ProxyJump via kuku->mamba),
  with the isolation rule.
- network-map.md: subnet pointers + open question on makerspace
  addressing (10.2.30/172.17.3/10.0.0).
- runbooks/switch-crs310.md: CRS310 connectivity + lockout recovery.
- incidents/: dated log scaffold.
- CLAUDE.md: operating rules for this repo.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-09 13:24:26 +02:00