# Sando topology config. # # Tiers run in declaration order. Each tier lists the gates that must pass to # unlock promotion *to* the next tier, the nodes it ships to, and the canary # policy for shipping within the tier. # # Day-one wiring: host (fw13, local) -> A (testnot.work) -> B (prod-1). C is # declared but not provisioned; adding the second prod node later is a config # edit (set provisioned = true, fill in [[tier.node]]). # # The first tier is "host" — it refers to whatever machine sandod runs on # (currently fw13). Renamed from the legacy "mm" name in Session 1 of # the sando bundle redesign. [repo] bare_path = "/srv/sando/mnw.git" branch = "main" [backup] # Source of the prod-backup clone used by migration_dry_run on the Sando host. # For localhost dev this can be a file:// path to a fixture dump. In prod we # pull directly from alpha-west-1 via a scoped `backup-puller` rrsync user. source = "ssh://backup-puller@alpha-west-1:2200/latest.sql.gz" local_path = "/srv/sando/backups/latest.sql.gz" # ---- host: fw13 local pre-staging gate ---- [[tier]] name = "host" provisioned = true canary = "sequential" gates = [ { kind = "cargo_test" }, { kind = "migration_dry_run" }, { kind = "boot_smoke" }, ] # Host is the daemon's own machine (fw13); no remote node row. # ---- A: testnot.work staging ---- [[tier]] name = "a" provisioned = true canary = "sequential" gates = [ { kind = "boot_smoke" }, { kind = "burn_in", hours = 48 }, ] [[tier.node]] name = "testnot-1" ssh_target = "deploy@testnot" # tailnet name; never the public IP / testnot.work hostname release_root = "/opt/mnw" service_name = "makenotwork.service" # ---- B: prod-1 ---- [[tier]] name = "b" provisioned = true canary = "sequential" gates = [ { kind = "boot_smoke" }, { kind = "manual_confirm" }, ] [[tier.node]] name = "prod-1" # Tailnet name; port 2200 supplied via /srv/sando/.ssh/config Host block. # Service user is "makenotwork" (pre-existing on prod), not "deploy" — chose # not to chown 885M of backups + redo postgres peer auth for a cosmetic rename. ssh_target = "makenotwork@alpha-west-1" release_root = "/opt/mnw" service_name = "makenotwork.service" # ---- C: prod-2 (declared, not yet provisioned) ---- [[tier]] name = "c" provisioned = false canary = "sequential" gates = [ { kind = "boot_smoke" }, ] # [[tier.node]] entries to be added when the second prod node ships.