- Add --http-addr CLI flag for HTTP REST bind address
- Fix config env var parsing (FLAREDB_HTTP_ADDR wasn't working due to separator conflict)
- Add GET /api/v1/regions/{id} endpoint to view region info
- Add POST /api/v1/regions/{id}/add_peer endpoint for multi-peer region management
- Update NixOS module to use --http-addr 0.0.0.0 CLI flag instead of env var
This enables FlareDB region cluster formation with multiple peers.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- chainfire: Fix binary name (chainfire-server → chainfire)
- fiberlb: Use --grpc-addr instead of --port
- flaredb: Use --addr instead of --api-addr/--raft-addr
- flashdns: Add --grpc-addr and --dns-addr flags
- iam: Use --addr instead of --port/--data-dir
- k8shost: Add --iam-server-addr for dynamic IAM port connection
- lightningstor: Add --in-memory-metadata for ChainFire fallback
- plasmavmc: Add ChainFire service dependency and endpoint env var
- prismnet: Use --grpc-addr instead of --port
These fixes are required for T039 production deployment. The
plasmavmc change specifically fixes the ChainFire port mismatch
(was hardcoded 50051, now uses chainfire.port = 2379).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Includes all pending changes needed for nixos-anywhere:
- fiberlb: L7 policy, rule, certificate types
- deployer: New service for cluster management
- nix-nos: Generic network modules
- Various service updates and fixes
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove queue_config.max_retries option from observability.nix
- Option deprecated/removed in recent NixOS/Prometheus versions
- Found by nix eval audit (T039.S3 pre-deployment validation)
Error: services.prometheus.remoteWrite."[...]".queue_config.max_retries' does not exist
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Replace form_urlencoded with RFC 3986 compliant URI encoding
- Implement aws_uri_encode() matching AWS SigV4 spec exactly
- Unreserved chars (A-Z,a-z,0-9,-,_,.,~) not encoded
- All other chars percent-encoded with uppercase hex
- Preserve slashes in paths, encode in query params
- Normalize empty paths to '/' per AWS spec
- Fix test expectations (body hash, HMAC values)
- Add comprehensive SigV4 signature determinism test
This fixes the canonicalization mismatch that caused signature
validation failures in T047. Auth can now be enabled for production.
Refs: T058.S1
The nix/modules directory was untracked, causing flake evaluation to fail
when referencing ./nix/modules. This adds 9 service module definitions
created during T024 NixOS packaging.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
