490f9d4a1d
Complete project rebrand for better positioning in the press freedom and digital security space. FieldWitness communicates both field deployment and evidence testimony — appropriate for the target audience of journalists, NGOs, and human rights organizations. Rename mapping: - soosef → fieldwitness (package, CLI, all imports) - soosef.stegasoo → fieldwitness.stego - soosef.verisoo → fieldwitness.attest - ~/.soosef/ → ~/.fwmetadata/ (innocuous data dir name) - SOOSEF_DATA_DIR → FIELDWITNESS_DATA_DIR - SoosefConfig → FieldWitnessConfig - SoosefError → FieldWitnessError Also includes: - License switch from MIT to GPL-3.0 - C2PA bridge module (Phase 0-2 MVP): cert.py, export.py, vendor_assertions.py - README repositioned to lead with provenance/federation, stego backgrounded - Threat model skeleton at docs/security/threat-model.md - Planning docs: docs/planning/c2pa-integration.md, docs/planning/gtm-feasibility.md Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
86 lines
2.0 KiB
YAML
86 lines
2.0 KiB
YAML
# FieldWitness Federation Relay — Lightweight attestation sync relay.
|
|
# Deploy on a VPS in a favorable jurisdiction for geographic redundancy.
|
|
# Stores only attestation records — zero knowledge of encryption keys.
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: fieldwitness-relay
|
|
namespace: fieldwitness
|
|
labels:
|
|
app.kubernetes.io/name: fieldwitness
|
|
app.kubernetes.io/component: relay
|
|
spec:
|
|
replicas: 1
|
|
strategy:
|
|
type: Recreate
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: fieldwitness
|
|
app.kubernetes.io/component: relay
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: fieldwitness
|
|
app.kubernetes.io/component: relay
|
|
spec:
|
|
securityContext:
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
fsGroup: 1000
|
|
containers:
|
|
- name: relay
|
|
image: fieldwitness-relay:latest
|
|
ports:
|
|
- containerPort: 8000
|
|
name: federation
|
|
env:
|
|
- name: FIELDWITNESS_DATA_DIR
|
|
value: /data
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data
|
|
resources:
|
|
requests:
|
|
memory: "256Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1Gi"
|
|
cpu: "1000m"
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: 8000
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 30
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: relay-data
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: relay-data
|
|
namespace: fieldwitness
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: 5Gi
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: fieldwitness-relay
|
|
namespace: fieldwitness
|
|
spec:
|
|
selector:
|
|
app.kubernetes.io/name: fieldwitness
|
|
app.kubernetes.io/component: relay
|
|
ports:
|
|
- name: federation
|
|
port: 8000
|
|
targetPort: 8000
|
|
type: ClusterIP
|