One runner (cf. @applications/prospector/run): services/deploy/status/logs/
restart over the services/ tree (each a dir with deploy.sh + compose.yml,
shipped to /opt/<svc>), plus a `tf` passthrough to terraform/do with the vault
token. Auto-discovers services; target from services/<svc>/.target else the
forge droplet; health from services/<svc>/.health. Fleet SSH uses a dedicated
known_hosts and self-heals a changed host key after a droplet rebuild.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The running ct-forge droplet (134.199.243.61 / lilith-forge) terminates TLS
with a HOST Caddy (/etc/caddy/Caddyfile, systemd) proxying to localhost ports —
it does NOT run a Caddy container or the cloud-init compose stack. Rework:
- compose.yml publishes 127.0.0.1:8090 (loopback) instead of joining an edge net
- deploy.sh appends the dns.ct vhost to /etc/caddy/Caddyfile, caddy-validates,
systemctl reload caddy; default target is the IP (forge.ct won't resolve until
DNSSEC is removed)
- revert the forge.yaml cloud-init edits (edge network + container vhost) that
assumed a Caddy container
- README documents the host-Caddy reality
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The always-on region-mobile surface is publicly "sales" (the node is still the
Prospector PWA internally). DNS host becomes sales.ct.uvlava.com; the joker.com
CNAME is sales.transquinnftw.com -> sales.ct.uvlava.com. Updated terraform
record, env grant, client examples, README, and tests (8 pass).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Reusable dyndns client for always-on, region-mobile nodes (the Prospector PWA
on lime): install-client.sh drops dyndns-update.sh + a systemd oneshot/timer
that self-reports the node public IP to dns.ct.uvlava.com on boot and every
5 min, so prospector.ct.uvlava.com tracks the node across region moves while
the node stays up. Token + host in /etc/dyndns-updater (0600).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
dns.ct.uvlava.com — Bun+Hono service backed by the DO DNS API that lets
region-mobile nodes repoint their own A record on relocation:
- live.ct.uvlava.com (per-show broadcast relay, ephemeral)
- prospector.ct.uvlava.com (always-on Prospector PWA, follows operator)
Token -> hostname allowlist auth (a node can only update its own record;
cannot touch forge.ct/npm.ct). dyndns2 /nic/update (Bearer or Basic) +
/healthz. Runs behind the ct-forge Caddy on a shared "edge" network.
- terraform: dns.ct A -> forge; live.ct/prospector.ct seeded with
ignore_changes=[value] (service owns the value at runtime)
- forge cloud-init: edge network + dns.ct vhost (declarative)
- deploy.sh: rsync/build/start + idempotent live Caddy vhost wiring
- 8 smoke tests pass (auth, allowlist, IP validation, good/nochg, basic-auth)
The transquinnftw.com pretty-names become static CNAMEs onto these at
joker.com (one-time, manual) so only the DO-controlled zone ever moves.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
