- Deploy PowerDNS on k3s with SQLite backend
- Add DNS ports 53 UDP/TCP to security group
- Configure zones for superviber.com, muffinlabs.ai, letemcook.com,
appbasecamp.com, thanksforborrowing.com
- Add deploy-powerdns.sh standalone deployment script
- Document in RFC 0003
Glue records updated at GoDaddy to point ns1/ns2 to 3.218.167.115.
DNS verified working via Google DNS (8.8.8.8).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
HelmChart values schema changed in newer Traefik versions causing
installation failures. Replaced with direct Deployment + RBAC manifests
which work reliably with Traefik v3.2.
Also adds SSH public key variable for admin access.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Use lowercase terraform template vars in user-data.sh
- Increase S3 lifecycle transition to 30 days (STANDARD_IA minimum)
- Increase expiration to 60 days
Infrastructure successfully deployed:
- Instance: i-06e1198106d251a0e
- Elastic IP: 54.82.131.189
- Backup bucket: hearth-backups-181640953119
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Decision from 12-expert alignment dialogue on single-user scale.
Implements Option E with modifications:
- t4g.small spot instance (~$5/mo)
- k3s with Traefik for ingress + Let's Encrypt TLS
- SQLite database for Forgejo
- S3 backups with 30-day lifecycle
- EBS gp3 20GB encrypted
- Admin SSH on port 2222, Git SSH on port 22
Total cost: ~$7.50/month
Includes:
- terraform/minimal/ - full terraform configuration
- terraform/bootstrap/ - state backend (already applied)
- docs/spikes/0001-single-user-scale.md - decision documentation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
