domus-docs Audit & Refresh

Summary

Full audit of the domus-docs aggregator hub to identify outdated material, verify domus-antora-ui integration, and clean up stale references from infrastructure changes (VyOS replaced pfSense 2026-03-07) and the UI migration from supplemental-ui/ to the standalone domus-antora-ui repo.

Commit: b733530 on domus-docs main

UI Bundle Verdict

domus-antora-ui is correctly integrated across all three playbooks:

Playbook UI Source Method

antora-playbook-local.yml

~/domus-antora-ui/build/ui-bundle.zip

Filesystem path

antora-playbook-ci.yml

GitHub Releases URL

HTTPS download

antora-playbook.yml (prod)

ui.domusdigitalis.dev/ui-bundle.zip

Cloudflare Access auth (via build.sh)

No supplemental-ui/ directory exists in domus-docs. All styling (7 themes, focus mode, code enhancements) comes from domus-antora-ui.

Changes Executed

16 Files Modified

File Changes

docs/antora.yml

component-count 16→15, renamed pfsense-ipvyos-vip

packet-analysis-roadmap.adoc

Updated 10.50.1.110.50.1.1 (2 occurrences)

antora-playbook-local.yml

Removed domus-gabriel-docs entry

antora-playbook-ci.yml

Removed domus-gabriel-docs entry

antora-ecosystem.d2

Removed gabriel node from diagram

antora-troubleshooting.adoc

Fixed prj-ise-home-linuxise-linux, added siem-ops, o11y, windows-ops

deployment.adoc

Expanded token repos 6→15, webhooks 5→14, rewrote build.sh example

CONTRIBUTING.adoc

supplemental-ui → domus-antora-ui note, pfSense → VyOS HA

README.adoc

Full rewrite: 15 components, 1100+ pages, triple playbook, correct structure

hub-spoke-architecture.d2

supplemental-uidomus-antora-ui, pfSense → VyOS in netapi label

hub-spoke-architecture.svg

Regenerated from updated D2 source

dual-pki-architecture.d2

pfSense DNS API → BIND DNS API

letsencrypt-automation-flow.d2

All pfSense references → BIND DNS (node IDs, labels, legend, connections)

network-automation-architecture.d2

pfSense REST API → VyOS HA HTTPS API

CLAUDE.md (root)

Removed supplemental-ui from Key Files table

.claude/CLAUDE.md

Updated project structure and UI description

Key Decisions

gabriel removal

domus-gabriel-docs removed from all playbooks — it’s a separate project for the user’s son, not part of the domus ecosystem.

pfSense → BIND DNS

In PKI/Let’s Encrypt diagrams, DNS-01 challenge target changed from pfSense DNS API to BIND DNS API (VyOS doesn’t provide a DNS API — BIND handles DNS).

pfSense → VyOS

In network automation and netapi diagrams, pfSense REST API changed to VyOS HA HTTPS API.

Attribute rename

pfsense-ipvyos-vip in docs/antora.yml with downstream references updated.

Build Verification

Build completed with zero warnings from domus-docs changes.

Pre-existing warnings from other repos (not caused by this work):

  • domus-captures/…​/SESSION-domus-docs-refactor-2026-04-04.adoc — list item index numbering (this file, now fixed)

  • domus-captures/…​/security/index.adoc — broken xref to secrets-ops::index.adoc (should be secrets-infrastructure::)

Issues Found During Audit

What Was Outdated

  • README.adoc — Listed 5 components/230 pages (actual: 15/1100+), referenced nonexistent supplemental-ui/ directory

  • deployment.adoc — Token requirements listed 6 repos, webhooks listed 5 (actual: 14 content repos)

  • antora-troubleshooting.adoc — Wrong component name (prj-ise-home-linux instead of ise-linux), missing 3 components

  • antora.ymlcomponent-count: '16' (should be 15), pfsense-ip attribute name stale

  • 4 D2 diagrams — Still referenced pfSense (replaced 2026-03-07) and supplemental-ui (migrated to domus-antora-ui)

  • CONTRIBUTING.adoc — Referenced supplemental-ui/ and "pfSense firewall"

What Was Current

  • All 10 roadmap files — properly maintained

  • Navigation (nav.adoc) — all 54 entries valid

  • index.adoc landing page — accurate component listing and page counts

  • Cross-component xref syntax — correct throughout

  • No hardcoded infrastructure values in published pages

  • No remaining "certmgr" references (properly migrated to Vault)