senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Commit graph

  • a7fe2a5243 feat(ci): migrate workflows to .github/workflows for better compatibility main senke 2026-05-01 00:15:59 +0200
  • 8fc08935ab fix(ci): migrate .github/workflows to self-hosted runner + gate heavy workflows senke 2026-05-01 00:08:38 +0200
  • 3228d8495b fix(forgejo): all deploy jobs on [self-hosted, incus] (matches runner labels) senke 2026-04-30 23:41:28 +0200
  • 559cfbee3e refactor(web): zero out 3 ESLint warning buckets (storybook + react-refresh + non-null-assertion) senke 2026-04-30 23:30:22 +0200
  • 12a78616df refactor(web): zero out @typescript-eslint/no-unused-vars (134 → 0) senke 2026-04-30 23:05:32 +0200
  • b877e72264 feat(forgejo): expose workflow_dispatch — rename workflows.disabled → workflows senke 2026-04-30 23:03:45 +0200
  • b7857bbbe8 fix(bootstrap): verify-local secrets check uses list+jq + .env-shaped defaults senke 2026-04-30 22:50:49 +0200
  • f991dedc23 chore(ansible): add encrypted vault.yml — bootstrap secrets senke 2026-04-30 22:44:53 +0200
  • 112c64a22b feat(soft-launch): cohort tooling + email template + monitor + checklist senke 2026-04-30 22:38:12 +0200
  • 2a5bc11628 fix(scripts,docs): game-day prod safety guards + rabbitmq-down runbook senke 2026-04-30 22:32:05 +0200
  • e780fbcd18 docs(pentest): add send-package SOP + seed-test-accounts helper senke 2026-04-30 22:29:35 +0200
  • 05b1d81d30 fix(scripts): payment-e2e walkthrough safety guards (DRY_RUN + prod confirm) senke 2026-04-30 22:27:14 +0200
  • 6c644cff03 fix(haproxy): forgejo backend uses HTTPS re-encrypt + Host header on healthcheck senke 2026-04-30 16:31:29 +0200
  • 0bd3e563b2 fix(haproxy): incus proxy devices forward R720:80/443 → container senke 2026-04-30 16:27:37 +0200
  • d9896686bd fix(haproxy): runtime DNS resolution + init-addr none for absent backends senke 2026-04-30 16:17:39 +0200
  • c97e42996e fix(haproxy): use shipped selfsigned.pem (matches working role pattern) senke 2026-04-30 16:12:35 +0200
  • b6147549c9 fix(haproxy): pre-create cert dir + placeholder cert ; reorder ACL rules senke 2026-04-30 16:10:27 +0200
  • 7253f0cf10 fix(ansible): haproxy validate without -q so the error message reaches operator senke 2026-04-30 16:06:50 +0200
  • 385a8f0378 fix(ansible): add staging/prod meta-groups so group_vars/<env>.yml applies senke 2026-04-30 16:01:44 +0200
  • e97b91f010 fix(ansible): don't apply common role to haproxy container + gate ssh.yml on sshd senke 2026-04-30 15:57:16 +0200
  • c245b72e05 fix(ansible): symlink inventory/group_vars → ../group_vars so vars load senke 2026-04-30 15:48:12 +0200
  • c323d37c30 fix(web): flip HLS_STREAMING feature flag default to true senke 2026-04-30 15:45:01 +0200
  • bf24a5e3ce feat(infra): add coturn service + wire WEBRTC_TURN_* envs in compose senke 2026-04-30 15:44:12 +0200
  • 947630e38f fix(ansible): point community.general.incus connection at the R720 remote senke 2026-04-30 15:42:44 +0200
  • 6a54268476 fix(infra): wire AWS_S3_ENABLED + TRACK_STORAGE_BACKEND in prod/staging compose senke 2026-04-30 15:39:30 +0200
  • 5f6625cc56 fix(ansible): detect storage pool from forgejo's root device, not first listed senke 2026-04-30 15:34:50 +0200
  • 4298f0c26a fix(ansible): bootstrap_runner — add root disk to veza-{app,data} profiles senke 2026-04-30 15:32:00 +0200
  • a514f4986b ci(web): tighten ESLint --max-warnings to 1204 baseline (was 2000) senke 2026-04-30 15:25:15 +0200
  • dfc61e8408 refactor(stream): route audio/realtime effect-processing error through tracing senke 2026-04-30 15:23:43 +0200
  • 34a0547f78 chore(web): drop orval multi-status response wrapper from generated types senke 2026-04-30 15:21:05 +0200
  • e58bafde9c fix(bootstrap): runner-token auto-fetch falls back to manual prompt on failure senke 2026-04-30 15:20:06 +0200
  • a881be9dad fix(ansible): bootstrap_runner phase 3 uses incus exec from host (not community.general.incus) senke 2026-04-30 15:16:04 +0200
  • 3b33791660 refactor(bootstrap): everything via Ansible — no NOPASSWD, no SSH plumbing senke 2026-04-30 15:12:26 +0200
  • 44aa4e95be fix(bootstrap): network auto-detect tries no-sudo first then sudo -n senke 2026-04-30 15:02:35 +0200
  • b9445faacc fix(infra): rename veza-net → net-veza everywhere + drop redundant profile senke 2026-04-30 14:58:04 +0200
  • 7ca9c15514 fix(bootstrap): phase 5 auto-detects Incus network from forgejo container senke 2026-04-30 14:54:52 +0200
  • f615a50c42 fix(web): zero TS errors — complete orval migration on 4 settings/admin files senke 2026-04-30 14:49:57 +0200
  • 174c60ceb6 fix(backend): unblock handlers + elasticsearch test packages senke 2026-04-30 14:48:23 +0200
  • edfa315947 fix(ansible): inventory uses srv-102v alias + bootstrap phase 5 detects sudo senke 2026-04-30 14:39:39 +0200
  • e16b749d7f fix(ansible): drop removed community.general.yaml callback senke 2026-04-30 14:37:07 +0200
  • 3cb0646a87 fix(bootstrap): phase 5 installs ansible collections before running playbook senke 2026-04-30 14:32:22 +0200
  • f0ca669f99 fix(bootstrap): R2 — push incus binary from host instead of apt-installing senke 2026-04-30 14:27:06 +0200
  • 9d63e249fe fix(bootstrap): phase 3 secret-exists check + phase 4 scp+ssh -t for sudo prompt senke 2026-04-29 23:28:22 +0200
  • c570aac7a8 fix(bootstrap): Forgejo variable URL shape + skip-if-exists registry token senke 2026-04-29 23:16:50 +0200
  • a978051022 fix(bootstrap): phase 3 reachability uses /version (no auth) + registry token fallback senke 2026-04-29 23:11:44 +0200
  • 46954db96b feat(bootstrap): phase 2 auto-fills 11 vault secrets, prompts on the rest senke 2026-04-29 23:06:47 +0200
  • e004e18738 fix(bootstrap): handle workflows.disabled/ + self-signed Forgejo + better .env defaults senke 2026-04-29 23:01:05 +0200
  • 5e1e2bd720 ci(forgejo): disable broken workflows until prerequisites land senke 2026-04-29 22:46:17 +0200
  • cf38ff2b7d feat(bootstrap): two-host deploy-pipeline bootstrap with idempotent verify senke 2026-04-29 22:45:00 +0200
  • f026d925f3 fix(forgejo): gate deploy.yml — workflow_dispatch only until provisioning is done senke 2026-04-29 16:46:55 +0200
  • ab86ae80fa fix(ansible): playbooks/haproxy.yml — bootstrap the SHARED veza-haproxy senke 2026-04-29 16:34:38 +0200
  • 5153ab113d refactor(ansible): single edge HAProxy — multi-env + Forgejo + Talas senke 2026-04-29 16:32:49 +0200
  • da99044496 docs(release): soft launch beta framework + report (W6 Day 29) senke 2026-04-29 16:10:59 +0200
  • 4b1a401879 feat(ansible): TLS via dehydrated/Let's Encrypt + Forgejo on talas.group senke 2026-04-29 15:54:05 +0200
  • cb519ad1b1 docs(release): game day #2 prod session + v2.0.0-rc1 release notes (W6 Day 28) senke 2026-04-29 15:44:32 +0200
  • 2bf798af9c feat(release): real-money payment E2E walkthrough + report template (W6 Day 27) senke 2026-04-29 15:35:53 +0200
  • 3b2e928170 docs(release): GO/NO-GO checklist v2.0.0-public (W6 Day 26) senke 2026-04-29 15:12:26 +0200
  • 8fa4b75387 docs(security): external pentest scope brief 2026 (W5 Day 25) senke 2026-04-29 15:06:08 +0200
  • f9d00bbe4d fix(ansible): syntax-check fixes — dynamic groups + block/rescue at task level senke 2026-04-29 15:01:24 +0200
  • 594204fb86 feat(observability): blackbox exporter + 6 synthetic parcours + alert rules (W5 Day 24) senke 2026-04-29 14:54:11 +0200
  • 6de2923821 chore(ansible): inventory/staging.yml + prod.yml — fill in R720 phase-1 topology senke 2026-04-29 14:50:27 +0200
  • 22d09dcbbb docs: MIGRATIONS expand-contract section + RUNBOOK_ROLLBACK senke 2026-04-29 14:48:46 +0200
  • f4eb4732dd feat(observability): deploy alerts (4) + failed-color scanner script senke 2026-04-29 14:45:27 +0200
  • 172729bdff feat(forgejo): workflows/{cleanup-failed,rollback}.yml — manual recovery senke 2026-04-29 14:43:11 +0200
  • 8200eeba6e chore(ansible): recover group_vars files lost in parallel-commit shuffle senke 2026-04-29 14:41:14 +0200
  • 989d88236b feat(forgejo): workflows/deploy.yml — push:main → staging, tag:v* → prod senke 2026-04-29 14:39:25 +0200
  • 3a67763d6f feat(ansible): playbooks/{cleanup_failed,rollback}.yml — manual recovery paths senke 2026-04-29 14:36:40 +0200
  • 02ce938b3f feat(ansible): playbooks/deploy_app.yml — full blue/green sequence senke 2026-04-29 12:25:06 +0200
  • 257ea4b159 feat(ansible): playbooks/deploy_data.yml — idempotent data provisioning senke 2026-04-29 12:23:30 +0200
  • 9f5e9c9c38 feat(ansible): haproxy.cfg.j2 — add blue/green topology branch senke 2026-04-29 12:21:34 +0200
  • 4acbcc170a feat(ansible): roles/veza_haproxy_switch — atomic blue/green switch senke 2026-04-29 12:20:04 +0200
  • 70df301823 feat(reliability): game-day driver + 5 scenarios + W5 session template (W5 Day 22) senke 2026-04-29 12:19:18 +0200
  • 5759143e97 feat(ansible): veza_app — web component (nginx serves dist/) senke 2026-04-29 12:18:02 +0200
  • 3123f26fd4 feat(ansible): veza_app — stream component templates (env + systemd) senke 2026-04-29 12:16:58 +0200
  • 342d25b40f feat(ansible): veza_app — implement binary-kind tasks + backend templates senke 2026-04-29 12:15:59 +0200
  • fc0264e0da feat(ansible): scaffold roles/veza_app — generic component-deployer skeleton senke 2026-04-29 12:12:54 +0200
  • 55eeed495d feat(security): pre-flight pentest scripts + share-token enumeration fix + audit doc (W5 Day 21) senke 2026-04-29 12:10:06 +0200
  • 59be60e1c3 feat(perf): k6 mixed-scenarios load test + nightly workflow + baseline doc (W4 Day 20) senke 2026-04-29 11:44:06 +0200
  • a9541f517b feat(infra): haproxy sticky WS + backend_api multi-instance scaffold (W4 Day 19) senke 2026-04-29 11:32:48 +0200
  • 44349ec444 feat(search): faceted filters (genre/key/BPM/year) + FacetSidebar UI (W4 Day 18) senke 2026-04-29 10:33:35 +0200
  • d5152d89a2 feat(stream): HLS default on + marketplace 30s pre-listen + FLAC tier checkbox (W4 Day 17) senke 2026-04-29 09:56:02 +0200
  • 45c130c856 feat(pwa): tighten sw.js to roadmap strategy spec + version stamper (W4 Day 16) senke 2026-04-29 09:43:09 +0200
  • 66beb8ccb1 feat(infra): nginx_proxy_cache phase-1 edge cache fronting MinIO (W3+) senke 2026-04-28 15:58:14 +0200
  • 806bd77d09 feat(embed): /embed/track/:id widget + /oembed envelope + per-track OG tags (W3 Day 15) senke 2026-04-28 15:49:54 +0200
  • 49335322b5 feat(legal): DMCA notice handler + admin queue + 451 playback gate (W3 Day 14) senke 2026-04-28 15:39:33 +0200
  • 15e591305e feat(cdn): Bunny.net signed URLs + HLS cache headers + metric collision fix (W3 Day 13) senke 2026-04-28 14:07:20 +0200
  • d86815561c feat(infra): MinIO distributed EC:2 + migration script (W3 Day 12) senke 2026-04-28 13:46:42 +0200
  • a36d9b2d59 feat(redis): Sentinel HA + cache hit rate metrics (W3 Day 11) senke 2026-04-28 13:36:55 +0200
  • c78bf1b765 feat(observability): SLO burn-rate alerts + 7 runbook stubs (W2 Day 10) senke 2026-04-28 01:30:34 +0200
  • 84e92a75e2 feat(observability): OTel SDK + collector + Tempo + 4 hot path spans (W2 Day 9) senke 2026-04-28 01:15:11 +0200
  • bf31a91ae6 feat(infra): pgbackrest role + dr-drill + Prometheus backup alerts (W2 Day 8) senke 2026-04-28 00:51:00 +0200
  • ba6e8b4e0e feat(infra): pgbouncer role + pgbench load test (W2 Day 7) senke 2026-04-27 18:35:05 +0200
  • c941aba3d2 feat(infra): postgres_ha role + pg_auto_failover formation + RTO test (W2 Day 6) senke 2026-04-27 18:27:46 +0200
  • 65c20835c1 feat(infra): Ansible IaC scaffolding — common + incus_host roles (Day 5 v1.0.9) senke 2026-04-27 18:16:38 +0200
  • 33fcd7d1bd feat(branding): scaffold Logo component + Sumi icons + brand assets pipeline (Sprint 3) senke 2026-04-27 17:08:17 +0200
  • cb511afa6e refactor(design-system): finish Sprint 2 — light theme + 3 viz pigments canonized senke 2026-04-27 16:57:12 +0200
  • 17cafbaa71 fix(e2e): triage @critical batch 2 — chat WS proxy + FeedPage dette (Day 4) v1.0.9 senke 2026-04-27 16:55:15 +0200
  • 089ae5bd0a docs(origin): align brand identity with CHARTE_GRAPHIQUE_TALAS (Sprint 2 follow-up #4) senke 2026-04-27 16:48:37 +0200
  • b4710909c0 feat(eslint): forbid hardcoded hex colors in apps/web (Sprint 2 follow-up #3) senke 2026-04-27 16:44:58 +0200
  • f46d5ead6f refactor(web): migrate user-pref + storybook hex literals to tokens (Sprint 2 follow-up #2) senke 2026-04-27 16:42:35 +0200