eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/docs
History
Erich Blume a59ff04249 Review security-model.md (#153) 
## Summary
- Fix Ansible secret example: replaced incorrect `op item get --fields` with `op read` to match project convention
- Add new "Tailscale Operator Privileges" section documenting the operator's namespaced RBAC and OAuth client permissions
- Stamp `last-reviewed: 2026-02-11`

## Review Notes
First review of this doc (previously never reviewed). Verified:
- All wiki-links resolve
- ACL structure matches actual `pulumi/tailscale/policy.hujson`
- TruffleHog pre-commit config exists as documented
- Ansible `op read` pattern matches actual usage in playbooks/roles

Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/153
2026-02-11 12:16:32 -08:00
..
changelog.d Review security-model.md (#153) 2026-02-11 12:16:32 -08:00
explanation Review security-model.md (#153) 2026-02-11 12:16:32 -08:00
how-to Bump Fly.io proxy VM to 512MB, fix TruffleHog scanning (#152) 2026-02-11 12:03:51 -08:00
reference Add plan and reference card for UniFi Express 7 Pulumi stack (#145) 2026-02-10 15:36:13 -08:00
tutorials Add migration plan for Forgejo brew-to-source transition (#140) 2026-02-10 10:18:53 -08:00
index.md Add Fly.io public reverse proxy for docs.eblu.me (#120) 2026-02-08 02:36:19 -08:00
quartz.config.ts Move zk cards to docs/zk/ for documentation restructuring (#84) 2026-02-03 09:13:50 -08:00
quartz.layout.ts Move zk cards to docs/zk/ for documentation restructuring (#84) 2026-02-03 09:13:50 -08:00