Foravo Docs Operator and agent-facing production documentation

Build and operate Foravo with proof.

This public documentation surface summarizes the current production architecture, agent trust model, Hovia identity boundary, deployment evidence, and fail-closed readiness gates for Foravo.

Architecture

Forgejo is the forge kernel for Git, issues, pull requests, reviews, and releases.
Rust/Axum owns agent task intake, policy decisions, receipts, audit events, and readiness.
PostgreSQL outbox mode is the audited queue bridge until durable RabbitMQ capacity is available.
OVHcloud hosts Kubernetes, PostgreSQL, object backups, DNS, and public ingress.

Identity

Human account creation goes through Hovia/ZITADEL at https://hovia.rust-ml.com.
Forgejo local password signup is disabled by external-registration-only mode.
The operator dashboard remains Basic-auth protected until a dedicated Hovia dashboard client and allowlist are ready.

Validation

18_smoke_foravo_public_stack.sh validates public routes, TLS, API readiness, Forgejo health, Hovia account creation, backups, outbox state, and worker processing.
23_production_readiness_audit.sh is the fail-closed completion gate.
25_resolve_hovia_production_blockers.sh maps remaining Hovia blockers to exact operator actions without printing secrets.

Public surfaces

foravo.dev for product and account entry.
foravo.eu for European trust and sovereignty.
status.foravo.dev for current deployment evidence.
api.foravo.dev/readyz for API readiness.