Transcribe backlog tasks into plan documents #151

Merged

eblume merged 3 commits from plan/backlog-to-plans into main 2026-02-11 11:47:23 -08:00

Conversation 0 Commits 3 Files changed 8 +943 -9

eblume commented 2026-02-11 11:47:09 -08:00

Owner

Copy link

Summary

• adopt-oidc-provider: Dex-based OIDC identity provider for SSO across services (status: Planning — service dependency/recovery design needed)
• harden-zot-registry: OIDC + API key auth and tag immutability for zot (depends on OIDC provider + Dagger CI)
• forgejo-actions-dashboard: Custom textfile Prometheus exporter + Grafana dashboard for Forgejo Actions CI metrics
• operationalize-reolink-camera: Cloud-free Frigate NVR with ONNX detection, NFS ring buffer recording to sifaka (depends on network segmentation)
• add-unifi-pulumi-stack: Expanded with NFS security motivation, BlumeOps Services subnet, IoT/appliance segregation, firewall rules

Test plan

• Pre-commit hooks pass (all 3 commits)
• docs-check-links passes
• docs-check-index passes
• docs-check-filenames passes

🤖 Generated with Claude Code

## Summary - **adopt-oidc-provider:** Dex-based OIDC identity provider for SSO across services (status: Planning — service dependency/recovery design needed) - **harden-zot-registry:** OIDC + API key auth and tag immutability for zot (depends on OIDC provider + Dagger CI) - **forgejo-actions-dashboard:** Custom textfile Prometheus exporter + Grafana dashboard for Forgejo Actions CI metrics - **operationalize-reolink-camera:** Cloud-free Frigate NVR with ONNX detection, NFS ring buffer recording to sifaka (depends on network segmentation) - **add-unifi-pulumi-stack:** Expanded with NFS security motivation, BlumeOps Services subnet, IoT/appliance segregation, firewall rules ## Test plan - [x] Pre-commit hooks pass (all 3 commits) - [x] `docs-check-links` passes - [x] `docs-check-index` passes - [x] `docs-check-filenames` passes 🤖 Generated with [Claude Code](https://claude.com/claude-code)

eblume added 3 commits 2026-02-11 11:47:09 -08:00

Add plans for OIDC provider, zot hardening, and network segmentation ... 2b73aa4b28

Transcribes backlog tasks into plan documents:
- adopt-oidc-provider: Dex-based OIDC IdP for SSO across services
- harden-zot-registry: OIDC + API key auth and tag immutability for zot
- Expands add-unifi-pulumi-stack with NFS security motivation, services
  subnet, appliance segregation, and firewall rules

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Add plan for Forgejo Actions Grafana dashboard ... d58fed6a9a

Custom textfile exporter on indri polls the Forgejo API for workflow
run status, durations, and queue depth. Follows the established
zot_metrics/borgmatic_metrics pattern.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Add plan for ReoLink camera with Frigate NVR ... 16b17ecad0

Cloud-free surveillance: ReoLink Elite Floodlight WiFi on IoT VLAN,
Frigate NVR in k8s with ONNX detection on M1, NFS recording to sifaka,
ring buffer retention, Prometheus metrics. Depends on network segmentation.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume merged commit 651fed8f1a into main 2026-02-11 11:47:23 -08:00

eblume referenced this pull request from a commit 2026-02-11 11:47:24 -08:00

Transcribe backlog tasks into plan documents (#151)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

eblume/blumeops!151

No description provided.