eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/docs/how-to/how-to.md
Erich Blume 651fed8f1a Transcribe backlog tasks into plan documents (#151) 
## Summary
- **adopt-oidc-provider:** Dex-based OIDC identity provider for SSO across services (status: Planning — service dependency/recovery design needed)
- **harden-zot-registry:** OIDC + API key auth and tag immutability for zot (depends on OIDC provider + Dagger CI)
- **forgejo-actions-dashboard:** Custom textfile Prometheus exporter + Grafana dashboard for Forgejo Actions CI metrics
- **operationalize-reolink-camera:** Cloud-free Frigate NVR with ONNX detection, NFS ring buffer recording to sifaka (depends on network segmentation)
- **add-unifi-pulumi-stack:** Expanded with NFS security motivation, BlumeOps Services subnet, IoT/appliance segregation, firewall rules

## Test plan
- [x] Pre-commit hooks pass (all 3 commits)
- [x] `docs-check-links` passes
- [x] `docs-check-index` passes
- [x] `docs-check-filenames` passes

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/151
2026-02-11 11:47:23 -08:00

2.2 KiB
Raw Blame History

title tags
How-To
how-to

How-To Guides

Task-oriented instructions for common BlumeOps operations. These guides assume you already understand the basic concepts - see tutorials if you're learning.

Deployment

Guide Description
deploy-k8s-service Deploy a new service to Kubernetes via ArgoCD
add-ansible-role Add a new Ansible role for indri services

Configuration

Guide Description
update-tailscale-acls Update Tailscale access control policies
gandi-operations Manage DNS records and cycle the Gandi API token
use-pypi-proxy Configure pip and publish packages to devpi
expose-service-publicly Expose a service to the public internet via Fly.io + Tailscale

Documentation

Guide Description
update-documentation Publish docs via build-blumeops workflow

Knowledge Base

Guide Description
review-documentation Periodically review and maintain documentation

Operations

Guide Description
restart-indri Safely shut down and restart indri
manage-flyio-proxy Deploy, shutoff, and troubleshoot the public proxy
restore-1password-backup Recover 1Password credentials from borgmatic backup
troubleshooting Diagnose and fix common issues

Plans

Migration and transition plans for upcoming infrastructure changes.

Plan Description
plans Index of all plans
migrate-forgejo-from-brew Transition Forgejo from Homebrew to source-built binary
add-unifi-pulumi-stack Add Pulumi IaC for UniFi Express 7
adopt-dagger-ci Adopt Dagger as CI/CD build engine
upstream-fork-strategy Stacked-branch forking strategy for upstream projects
adopt-oidc-provider Deploy OIDC identity provider for SSO across services
harden-zot-registry Add authentication and tag immutability to zot registry
forgejo-actions-dashboard Grafana dashboard for Forgejo Actions CI metrics
operationalize-reolink-camera Cloud-free NVR with Frigate and ring buffer recording