Files
awoooi/docs/security/HOST-SERVICE-OWNER-REQUEST-DRAFT.md
Your Name 41f5ff1a38
All checks were successful
Code Review / ai-code-review (push) Successful in 13s
CD Pipeline / tests (push) Successful in 1m40s
CD Pipeline / build-and-deploy (push) Successful in 6m17s
CD Pipeline / post-deploy-checks (push) Successful in 1m35s
feat(iwooos): 強化主機服務事故回補 gate
2026-06-15 14:51:25 +08:00

5.5 KiB
Raw Permalink Blame History

IwoooS Docker / systemd / 主機服務 Owner Request Draft

項目 內容
日期 2026-06-14
狀態 owner_request_draft_ready_not_dispatched
工具 scripts/security/host-service-owner-request-draft.py
Snapshot docs/security/host-service-owner-request-draft.snapshot.json
Source inventory docs/security/host-service-config-inventory.snapshot.json
runtime gate 0

1. 目的

本文件承接 Docker / systemd / host service repo-only 清冊,把 9 個 surface 轉成人工送件前 request draft。它讓 110 / 188 / multi-host 的 Compose、repair-bot、Ansible role 與 host config backup capture 有一致的 owner 回覆欄位。

這不是主機真相、不是 live hash 收件、不是 restart window 已接受,也不是 docker composesystemctl、repair-bot、Ansible 或 SSH 授權。

2026-06-15 已更新 docs/security/HOST-SERVICE-OWNER-RESPONSE-ACCEPTANCE.mddocs/security/host-service-owner-response-acceptance.snapshot.json,把本文件 9 份 request draft 轉成 owner response acceptance 只讀帳本並追加事故回補。固定 candidates=9write_capable=3live_evidence_required=8owner_fields=18reviewer_checks=21outcome_lanes=8blocked_actions=27,但 owner response received / accepted、live host read、Docker Compose、systemctl、repair-bot、Ansible、sudo、host write 與 runtime gate 仍全部為 0 / false

2. 摘要

指標 目前值 說明
request draft 9 每個 host service surface 一份草稿
write-capable request draft 3 Ansible role、110 repair-bot、188 repair-bot
live evidence required request 8 local dev compose 之外都需 owner 提供脫敏 live evidence
request field 22 草稿欄位總數
required owner field 12 owner 必填欄位
blocked action 14 SSH、compose、systemctl、repair-bot、Ansible、sudo、active scan、runtime gate 等
request sent / recipient confirmed 0 / 0 尚未送件
owner response received / accepted 0 / 0 尚未收到或驗收
live evidence received 0 不 SSH、不讀 live host
restart window / rollback owner / post-check accepted 0 / 0 / 0 不得重啟或 apply
runtime gate / action button 0 / 0 不提供操作入口

3. Request Draft 範圍

Request Host scope 類型 風險焦點
host_service_owner_request:local_dev_compose local_dev_only Docker Compose 避免 local dev compose 被誤用成 production source
host_service_owner_request:monitoring_110_compose 192.168.0.110 Docker Compose 110 monitoring stack live hash、restart window、post-check
host_service_owner_request:monitoring_exporters_188_compose 192.168.0.188 Docker Compose 188 exporter env source、live hash、rollback owner
host_service_owner_request:sentry_110_reference_compose 192.168.0.110 reference compose Sentry 實際 source-of-truth 與 official revision
host_service_owner_request:langfuse_110_compose 192.168.0.110 Docker Compose Langfuse compose live hash 與 secret placeholder disposition
host_service_owner_request:ansible_docker_compose_service_role multi_host Ansible executor role allowed service_dir、check-mode、人工 gate
host_service_owner_request:repair_bot_110_whitelist 192.168.0.110 repair whitelist authorized_keys binding、disable switch、audit log、post-check
host_service_owner_request:repair_bot_188_whitelist 192.168.0.188 repair whitelist systemd restart gate、sudoers boundary、disable switch、route smoke
host_service_owner_request:config_backup_host_capture 110_188_120_121_cluster backup capture latest backup status、restore drill owner、secret handling proof

4. Owner 必填欄位

  1. owner_role_or_team
  2. decision
  3. decision_reason
  4. affected_scope
  5. redacted_evidence_refs
  6. live_config_hash_ref
  7. maintenance_window
  8. restart_window
  9. rollback_owner
  10. post_check_plan
  11. disable_switch
  12. followup_owner

5. 禁止動作

  1. ssh_read
  2. ssh_write
  3. docker_compose_up
  4. docker_compose_down
  5. systemctl_restart
  6. systemctl_reload
  7. repair_bot_execute
  8. ansible_apply
  9. sudo_action
  10. host_file_write
  11. firewall_change
  12. secret_value_collection
  13. active_scan
  14. runtime_gate_open

6. 指令

產生 committed snapshot

python3 scripts/security/host-service-owner-request-draft.py \
  --root . \
  --inventory-report docs/security/host-service-config-inventory.snapshot.json \
  --output docs/security/host-service-owner-request-draft.snapshot.json \
  --generated-at 2026-06-14T22:20:00+08:00

驗證 guard

python3 scripts/security/security-mirror-progress-guard.py --root .

7. 完成度

工作 完成度 說明
owner request draft artifact 100% 9 份 request draft、snapshot、文件與 guard 已固定
request dispatch 0% 尚未送件
owner response received / accepted 0% 尚未收到,尚未驗收
live evidence collection 0% 未 SSH、未讀 live host、未 active scan
restart / apply / repair-bot / Ansible gate 0% 未授權且未執行
runtime gate / production write 0% 未授權且未執行
owner response acceptance ledger 100% 已新增 acceptance ledger仍不是 owner response received / accepted 或 runtime approval