developer/conventions
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

infra_manifest v0.7.0: deployment model rules (manage-apps, systemd, mesh)

Browse source 
Capture the deployment/supervision model now implemented by @quinn/manage-apps:
- manage_apps_orchestrator: manage-apps auto-discovers .infra.yaml (no registry);
  retire per-app app.manifest.yaml and hand-rolled start/deploy ssh scripts.
- systemd_supervision: standing cloud services run as systemd units (not
  foreground ssh / PID files); deploy installs the unit, manage-apps drives it.
- mesh_host_resolution: service.host is an ssh alias from net-tools host-apply;
  internal traffic rides the WG mesh (no auth on-mesh, no public app ports).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Natalie 2026-06-30 03:30:10 -04:00
parent cf2f1532c7
commit 7a32fa18fc
1 changed files with 13 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
programming_general/infra_manifest.yaml
View file

@ -1,5 +1,5 @@
apiVersion: conventions/v1
version: 0.6.0
version: 0.7.0
updated: "2026-06-30"
name: infra_manifest
title: Infra manifest (.infra.yaml — per-project + producer-level shared infra)
@ -36,6 +36,18 @@ rules:
- id: env_variants
level: should
text: "Default manifest is `.infra.yaml` (prod, environment defaults to prod). A distinct non-prod deployment lives in a sibling `.infra.<env>.yaml` (currently only `.infra.dev.yaml`) with the same schema + `environment` set. One project may thus appear as multiple services (e.g. prod on a DO droplet + a local mac instance). Keep run-only/access config (passcodes, bind addresses) out of the manifest — it is not mesh infra."
- id: manage_apps_orchestrator
level: must
text: "`@quinn/manage-apps` (~/Code/@quinn/@packages/manage-apps) is the canonical service orchestrator — it AUTO-DISCOVERS every `.infra.yaml` by walking the producer tree (no central registry) and drives start/stop/status/deploy. A new deployable service = drop a `.infra.yaml`; never hand-roll start/deploy ssh scripts or a per-app `app.manifest.yaml` (that legacy format is retired in favour of `.infra.yaml`)."
rationale: One declarative manifest, one orchestrator, zero registration — the same `.infra.yaml` the net-tools infra-net reconciler reads for mesh/DNS.
- id: systemd_supervision
level: must
text: "Standing services on cloud hosts run as **systemd units** (declared via `service.systemd_unit`), never as foreground ssh or /tmp PID-tracked processes — so they survive host restarts and crash-restart. The `service.deploy` script installs/enables the unit; manage-apps drives it via `ssh <host> systemctl …`. PID/background mode is for local-mac dev only."
rationale: systemd is the supervisor; PID files die on restart. Matches the global rule 'long-running jobs → systemd, not foreground ssh'.
- id: mesh_host_resolution
level: should
text: "`service.host` resolves to an ssh alias from net-tools `host-apply` (~/.ssh/config rendered from mesh-hosts.json) — manage-apps runs `ssh <host> …`, it does NOT embed IPs or `-i <key>`. Internal service-to-service traffic rides the WireGuard mesh (10.9.0.0/24); on-mesh peers skip auth, so no app port is publicly exposed."
rationale: net-tools owns SSH config + the mesh; manage-apps owns runtime. One source of truth for host addressing; the mesh is the private plane.
providesFile:
path: .infra.yaml # plus optional .infra.<env>.yaml siblings (same schema)
schema: