# ops

Infrastructure-as-code repo for reproducible VPS edge + homelab deployment.

## Layout

- `bootstrap/` host bootstrap scripts
- `edge/caddy/` VPS edge reverse proxy stack
- `stacks/` app stack modules
- `backups/` backup + restore scripts
- `secrets/` encrypted secret placeholders and guidance
- `docs/` architecture and restore runbooks

## Quick Start

1. Fill `secrets/*.age` with encrypted values.
2. Update domain/IP placeholders in `edge/caddy/Caddyfile`.
3. Copy `.env.example` files to `.env` per stack.
4. Run bootstrap scripts on target hosts.

## Ops Repo Source Strategy

When the ops repo lives on self-hosted Gitea, bootstrap should not depend on one source.

- Primary source: self-hosted Gitea URL (`OPS_REPO_PRIMARY_URL`)
- Optional mirror source: secondary git host (`OPS_REPO_FALLBACK_URL`)
- Last-resort source: local bundle file (`OPS_BUNDLE_PATH`, default `/srv/backups/ops/latest/ops.bundle`)

The bootstrap scripts automatically try those in that order.

Current default primary URL is `https://git.sketchferret.com/sketchferret/ops.git`.

## Retention Policy

- Keep all backup files for 7 days (daily recovery points).
- From day 8 to day 365, keep one backup per ISO week per folder.
- Keep files under any `latest/` folder (for bootstrap fallback pointers).