niklas/amduat-api
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
amduat-api/ops/asl-auth-host-image-1.md
Carl Niklas Rydberg 74efedf62c Rework ops specs
2026-01-17 09:21:47 +01:00

2.6 KiB
Raw Blame History

ASL/AUTH-HOST-IMAGE/1 - Bootable Image and Overlay Layout

Status: Draft Owner: Architecture Version: 0.1.0 SoT: No Last Updated: 2026-01-17 Tags: [ops, authority, image]

Document ID: ASL/AUTH-HOST-IMAGE/1 Layer: O2I - Authority host image profile

Depends on (normative):

  • ASL/AUTH-HOST/1
  • ENC-ASL-AUTH-HOST/1

Informative references:

  • ASL/AUTH-HOST-CONFIG/1

0. Conventions

The key words MUST, MUST NOT, REQUIRED, SHOULD, and MAY are to be interpreted as in RFC 2119.

1. Purpose and Scope

This document defines a bootable, offline authority host image. It specifies base system requirements, overlay layout, and the boot workflow used to initialize authority operations.

2. Base Image Requirements

The base OS MUST:

  • Boot in offline mode by default
  • Include minimal POSIX tooling
  • Disable network services unless explicitly enabled

3. Overlay Layout

/overlay/
├── bin/
│   ├── asl-auth-host
│   ├── asl-rescue
│   └── init-asl-host.sh
├── etc/
│   └── asl-auth-host/
│       ├── config.yaml
│       └── policy.hash
├── var/
│   ├── lib/
│   │   └── asl/
│   │       ├── common/
│   │       ├── personal/
│   │       └── pools/
│   └── log/
│       └── asl-auth-host.log
└── usr/
    └── local/
        └── bin/
            └── asl-admin

The overlay MUST be merged into the ISO root at build time.

4. ISO Root Layout (Runtime)

/iso_root/
├── bin/
├── etc/
│   └── asl-auth-host/
├── var/
│   ├── lib/
│   │   └── asl/
│   └── log/
└── usr/local/bin/

5. Boot Workflow

  1. Boot offline image.
  2. Run init-asl-host.sh to mount storage pools and apply config.
  3. Initialize or open domain stores per config.
  4. Start the authority host service.
  5. Enforce witness authority (DAM) before general userspace services start.

6. Persistence Strategy

Writable storage MUST be mounted separately from the read-only system image. Examples:

  • ZFS datasets mounted under /var/lib/asl
  • External disk mounted at /mnt and bound to /var/lib/asl

7. Build Pipeline (Informative)

A typical pipeline:

  1. Create minimal root via debootstrap or equivalent.
  2. Merge overlay into ISO root.
  3. Optionally wrap build steps with asl-capture to record build provenance.
  4. Add bootloader config.
  5. Build ISO with xorriso or equivalent tool.

8. Versioning

Backward-incompatible image changes MUST bump the major version.