{ "blocked_actions": [ "read_live_conf_over_ssh", "store_raw_live_conf", "store_full_rendered_diff_payload", "accept_unredacted_live_conf", "collect_secret_value", "accept_execution_request_inside_evidence", "mark_rendered_diff_accepted_without_owner_response", "mark_rendered_diff_accepted_without_reviewer_record", "run_nginx_test_from_diff_acceptance", "run_route_smoke_from_diff_acceptance", "nginx_reload_from_diff_acceptance", "dns_probe_from_diff_acceptance", "tls_probe_from_diff_acceptance", "certbot_renew_from_diff_acceptance", "modify_nginx_conf", "modify_dns_tls_config", "change_public_route", "change_admin_route", "change_websocket_route", "write_production_host", "open_runtime_gate", "add_action_button" ], "diff_acceptance_candidates": [ { "acceptance_fields": [ "diff_acceptance_id", "owner_response_acceptance_id", "diff_gate_id", "config_id", "control_tier", "host", "live_path", "redacted_live_conf_ref", "rendered_diff_ref", "rendered_diff_hash_ref", "diff_scope_summary", "affected_routes", "nginx_test_evidence_ref", "nginx_test_operator", "nginx_test_result", "route_smoke_matrix_ref", "route_smoke_result_ref", "tls_acme_impact_ref", "maintenance_window", "rollback_owner", "rollback_ref", "postcheck_evidence_ref", "reviewer_outcome", "followup_owner", "not_approval" ], "action_buttons_allowed": false, "affected_routes": [], "blocked_actions": [ "read_live_conf_over_ssh", "store_raw_live_conf", "store_full_rendered_diff_payload", "accept_unredacted_live_conf", "collect_secret_value", "accept_execution_request_inside_evidence", "mark_rendered_diff_accepted_without_owner_response", "mark_rendered_diff_accepted_without_reviewer_record", "run_nginx_test_from_diff_acceptance", "run_route_smoke_from_diff_acceptance", "nginx_reload_from_diff_acceptance", "dns_probe_from_diff_acceptance", "tls_probe_from_diff_acceptance", "certbot_renew_from_diff_acceptance", "modify_nginx_conf", "modify_dns_tls_config", "change_public_route", "change_admin_route", "change_websocket_route", "write_production_host", "open_runtime_gate", "add_action_button" ], "certbot_renew_authorized": false, "config_id": "host188_all_sites", "control_tier": "C0", "diff_acceptance_id": "public_gateway_rendered_diff_acceptance:host188_all_sites", "diff_gate_id": "public_gateway_rendered_diff_gate:host188_all_sites", "diff_scope_summary": "pending_owner_response_acceptance", "dns_tls_probe_authorized": false, "followup_owner": "pending_owner_response_acceptance", "host": "192.168.0.188", "live_path": "/etc/nginx/sites-enabled/all-sites.conf", "maintenance_window": "pending_owner_response_acceptance", "maintenance_window_accepted": false, "nginx_reload_authorized": false, "nginx_reload_executed": false, "nginx_test_authorized": false, "nginx_test_evidence_accepted": false, "nginx_test_evidence_received": false, "nginx_test_evidence_ref": null, "nginx_test_executed": false, "nginx_test_operator": "pending_runtime_owner", "nginx_test_result": "pending_owner_provided_readback", "not_approval": true, "outcome_lanes": [ "waiting_owner_response_acceptance", "waiting_rendered_diff_evidence", "quarantine_raw_conf_or_payload", "reject_secret_or_execution_request", "request_evidence_supplement", "ready_for_reviewer_acceptance", "accepted_for_runtime_gate_planning", "waiting_separate_runtime_approval" ], "owner_response_acceptance_id": "public_gateway_owner_response_acceptance:host188_all_sites", "owner_response_accepted": false, "postcheck_evidence_accepted": false, "postcheck_evidence_ref": null, "production_write_authorized": false, "redacted_export_accepted": false, "redacted_live_conf_ref": null, "rendered_diff_accepted": false, "rendered_diff_hash_ref": null, "rendered_diff_received": false, "rendered_diff_ref": null, "required_evidence_fields": [ "redacted_live_conf_ref", "rendered_diff_ref", "rendered_diff_hash_ref", "diff_scope_summary", "affected_routes", "nginx_test_evidence_ref", "nginx_test_result", "route_smoke_matrix_ref", "route_smoke_result_ref", "tls_acme_impact_ref", "maintenance_window", "rollback_owner", "rollback_ref", "postcheck_evidence_ref" ], "reviewer_checks": [ "owner_response_accepted_first", "redacted_live_conf_ref_only", "rendered_diff_ref_not_payload", "diff_scope_matches_config_id", "nginx_test_evidence_is_readback_only", "nginx_test_result_has_timestamp", "route_smoke_matrix_complete", "tls_acme_impact_separated", "secret_value_absent", "maintenance_window_present", "rollback_owner_and_ref_present", "postcheck_plan_present", "no_execution_request_embedded", "counts_transition_safe", "action_button_absent" ], "reviewer_outcome": "waiting_owner_response_acceptance", "rollback_owner": "pending_owner_response_acceptance", "rollback_owner_accepted": false, "rollback_ref": null, "route_smoke_authorized": false, "route_smoke_executed": false, "route_smoke_matrix_accepted": false, "route_smoke_matrix_received": false, "route_smoke_matrix_ref": null, "route_smoke_result_accepted": false, "route_smoke_result_received": false, "route_smoke_result_ref": null, "runtime_gate": false, "status": "waiting_owner_response_acceptance", "tls_acme_impact_accepted": false, "tls_acme_impact_ref": null }, { "acceptance_fields": [ "diff_acceptance_id", "owner_response_acceptance_id", "diff_gate_id", "config_id", "control_tier", "host", "live_path", "redacted_live_conf_ref", "rendered_diff_ref", "rendered_diff_hash_ref", "diff_scope_summary", "affected_routes", "nginx_test_evidence_ref", "nginx_test_operator", "nginx_test_result", "route_smoke_matrix_ref", "route_smoke_result_ref", "tls_acme_impact_ref", "maintenance_window", "rollback_owner", "rollback_ref", "postcheck_evidence_ref", "reviewer_outcome", "followup_owner", "not_approval" ], "action_buttons_allowed": false, "affected_routes": [], "blocked_actions": [ "read_live_conf_over_ssh", "store_raw_live_conf", "store_full_rendered_diff_payload", "accept_unredacted_live_conf", "collect_secret_value", "accept_execution_request_inside_evidence", "mark_rendered_diff_accepted_without_owner_response", "mark_rendered_diff_accepted_without_reviewer_record", "run_nginx_test_from_diff_acceptance", "run_route_smoke_from_diff_acceptance", "nginx_reload_from_diff_acceptance", "dns_probe_from_diff_acceptance", "tls_probe_from_diff_acceptance", "certbot_renew_from_diff_acceptance", "modify_nginx_conf", "modify_dns_tls_config", "change_public_route", "change_admin_route", "change_websocket_route", "write_production_host", "open_runtime_gate", "add_action_button" ], "certbot_renew_authorized": false, "config_id": "host188_internal_tools_https", "control_tier": "C0", "diff_acceptance_id": "public_gateway_rendered_diff_acceptance:host188_internal_tools_https", "diff_gate_id": "public_gateway_rendered_diff_gate:host188_internal_tools_https", "diff_scope_summary": "pending_owner_response_acceptance", "dns_tls_probe_authorized": false, "followup_owner": "pending_owner_response_acceptance", "host": "192.168.0.188", "live_path": "owner_confirmation_required", "maintenance_window": "pending_owner_response_acceptance", "maintenance_window_accepted": false, "nginx_reload_authorized": false, "nginx_reload_executed": false, "nginx_test_authorized": false, "nginx_test_evidence_accepted": false, "nginx_test_evidence_received": false, "nginx_test_evidence_ref": null, "nginx_test_executed": false, "nginx_test_operator": "pending_runtime_owner", "nginx_test_result": "pending_owner_provided_readback", "not_approval": true, "outcome_lanes": [ "waiting_owner_response_acceptance", "waiting_rendered_diff_evidence", "quarantine_raw_conf_or_payload", "reject_secret_or_execution_request", "request_evidence_supplement", "ready_for_reviewer_acceptance", "accepted_for_runtime_gate_planning", "waiting_separate_runtime_approval" ], "owner_response_acceptance_id": "public_gateway_owner_response_acceptance:host188_internal_tools_https", "owner_response_accepted": false, "postcheck_evidence_accepted": false, "postcheck_evidence_ref": null, "production_write_authorized": false, "redacted_export_accepted": false, "redacted_live_conf_ref": null, "rendered_diff_accepted": false, "rendered_diff_hash_ref": null, "rendered_diff_received": false, "rendered_diff_ref": null, "required_evidence_fields": [ "redacted_live_conf_ref", "rendered_diff_ref", "rendered_diff_hash_ref", "diff_scope_summary", "affected_routes", "nginx_test_evidence_ref", "nginx_test_result", "route_smoke_matrix_ref", "route_smoke_result_ref", "tls_acme_impact_ref", "maintenance_window", "rollback_owner", "rollback_ref", "postcheck_evidence_ref" ], "reviewer_checks": [ "owner_response_accepted_first", "redacted_live_conf_ref_only", "rendered_diff_ref_not_payload", "diff_scope_matches_config_id", "nginx_test_evidence_is_readback_only", "nginx_test_result_has_timestamp", "route_smoke_matrix_complete", "tls_acme_impact_separated", "secret_value_absent", "maintenance_window_present", "rollback_owner_and_ref_present", "postcheck_plan_present", "no_execution_request_embedded", "counts_transition_safe", "action_button_absent" ], "reviewer_outcome": "waiting_owner_response_acceptance", "rollback_owner": "pending_owner_response_acceptance", "rollback_owner_accepted": false, "rollback_ref": null, "route_smoke_authorized": false, "route_smoke_executed": false, "route_smoke_matrix_accepted": false, "route_smoke_matrix_received": false, "route_smoke_matrix_ref": null, "route_smoke_result_accepted": false, "route_smoke_result_received": false, "route_smoke_result_ref": null, "runtime_gate": false, "status": "waiting_owner_response_acceptance", "tls_acme_impact_accepted": false, "tls_acme_impact_ref": null }, { "acceptance_fields": [ "diff_acceptance_id", "owner_response_acceptance_id", "diff_gate_id", "config_id", "control_tier", "host", "live_path", "redacted_live_conf_ref", "rendered_diff_ref", "rendered_diff_hash_ref", "diff_scope_summary", "affected_routes", "nginx_test_evidence_ref", "nginx_test_operator", "nginx_test_result", "route_smoke_matrix_ref", "route_smoke_result_ref", "tls_acme_impact_ref", "maintenance_window", "rollback_owner", "rollback_ref", "postcheck_evidence_ref", "reviewer_outcome", "followup_owner", "not_approval" ], "action_buttons_allowed": false, "affected_routes": [], "blocked_actions": [ "read_live_conf_over_ssh", "store_raw_live_conf", "store_full_rendered_diff_payload", "accept_unredacted_live_conf", "collect_secret_value", "accept_execution_request_inside_evidence", "mark_rendered_diff_accepted_without_owner_response", "mark_rendered_diff_accepted_without_reviewer_record", "run_nginx_test_from_diff_acceptance", "run_route_smoke_from_diff_acceptance", "nginx_reload_from_diff_acceptance", "dns_probe_from_diff_acceptance", "tls_probe_from_diff_acceptance", "certbot_renew_from_diff_acceptance", "modify_nginx_conf", "modify_dns_tls_config", "change_public_route", "change_admin_route", "change_websocket_route", "write_production_host", "open_runtime_gate", "add_action_button" ], "certbot_renew_authorized": false, "config_id": "host110_ollama_proxy", "control_tier": "C1", "diff_acceptance_id": "public_gateway_rendered_diff_acceptance:host110_ollama_proxy", "diff_gate_id": "public_gateway_rendered_diff_gate:host110_ollama_proxy", "diff_scope_summary": "pending_owner_response_acceptance", "dns_tls_probe_authorized": false, "followup_owner": "pending_owner_response_acceptance", "host": "192.168.0.110", "live_path": "/etc/nginx/sites-enabled/110-ollama-proxy.conf", "maintenance_window": "pending_owner_response_acceptance", "maintenance_window_accepted": false, "nginx_reload_authorized": false, "nginx_reload_executed": false, "nginx_test_authorized": false, "nginx_test_evidence_accepted": false, "nginx_test_evidence_received": false, "nginx_test_evidence_ref": null, "nginx_test_executed": false, "nginx_test_operator": "pending_runtime_owner", "nginx_test_result": "pending_owner_provided_readback", "not_approval": true, "outcome_lanes": [ "waiting_owner_response_acceptance", "waiting_rendered_diff_evidence", "quarantine_raw_conf_or_payload", "reject_secret_or_execution_request", "request_evidence_supplement", "ready_for_reviewer_acceptance", "accepted_for_runtime_gate_planning", "waiting_separate_runtime_approval" ], "owner_response_acceptance_id": "public_gateway_owner_response_acceptance:host110_ollama_proxy", "owner_response_accepted": false, "postcheck_evidence_accepted": false, "postcheck_evidence_ref": null, "production_write_authorized": false, "redacted_export_accepted": false, "redacted_live_conf_ref": null, "rendered_diff_accepted": false, "rendered_diff_hash_ref": null, "rendered_diff_received": false, "rendered_diff_ref": null, "required_evidence_fields": [ "redacted_live_conf_ref", "rendered_diff_ref", "rendered_diff_hash_ref", "diff_scope_summary", "affected_routes", "nginx_test_evidence_ref", "nginx_test_result", "route_smoke_matrix_ref", "route_smoke_result_ref", "tls_acme_impact_ref", "maintenance_window", "rollback_owner", "rollback_ref", "postcheck_evidence_ref" ], "reviewer_checks": [ "owner_response_accepted_first", "redacted_live_conf_ref_only", "rendered_diff_ref_not_payload", "diff_scope_matches_config_id", "nginx_test_evidence_is_readback_only", "nginx_test_result_has_timestamp", "route_smoke_matrix_complete", "tls_acme_impact_separated", "secret_value_absent", "maintenance_window_present", "rollback_owner_and_ref_present", "postcheck_plan_present", "no_execution_request_embedded", "counts_transition_safe", "action_button_absent" ], "reviewer_outcome": "waiting_owner_response_acceptance", "rollback_owner": "pending_owner_response_acceptance", "rollback_owner_accepted": false, "rollback_ref": null, "route_smoke_authorized": false, "route_smoke_executed": false, "route_smoke_matrix_accepted": false, "route_smoke_matrix_received": false, "route_smoke_matrix_ref": null, "route_smoke_result_accepted": false, "route_smoke_result_received": false, "route_smoke_result_ref": null, "runtime_gate": false, "status": "waiting_owner_response_acceptance", "tls_acme_impact_accepted": false, "tls_acme_impact_ref": null } ], "diff_acceptance_fields": [ "diff_acceptance_id", "owner_response_acceptance_id", "diff_gate_id", "config_id", "control_tier", "host", "live_path", "redacted_live_conf_ref", "rendered_diff_ref", "rendered_diff_hash_ref", "diff_scope_summary", "affected_routes", "nginx_test_evidence_ref", "nginx_test_operator", "nginx_test_result", "route_smoke_matrix_ref", "route_smoke_result_ref", "tls_acme_impact_ref", "maintenance_window", "rollback_owner", "rollback_ref", "postcheck_evidence_ref", "reviewer_outcome", "followup_owner", "not_approval" ], "execution_boundaries": { "action_buttons_allowed": false, "certbot_renew_authorized": false, "dns_tls_probe_authorized": false, "nginx_reload_authorized": false, "nginx_reload_executed": false, "nginx_test_authorized": false, "nginx_test_executed": false, "not_authorization": true, "production_write_authorized": false, "read_live_conf_over_ssh": false, "rendered_diff_accepted": false, "route_smoke_authorized": false, "route_smoke_executed": false, "runtime_execution_authorized": false, "secret_value_collection_allowed": false, "store_full_rendered_diff_payload": false, "store_raw_live_conf": false }, "generated_at": "2026-06-14T23:58:00+08:00", "git_commit": "22876ee1", "next_steps": [ "等待 owner response accepted;未 accepted 前不得驗收 rendered diff evidence。", "收到 rendered diff / nginx test / route smoke evidence 後,先做 raw payload、secret、scope 與 route matrix 檢查。", "evidence accepted 也只能進 runtime gate planning;`nginx -t`、reload、route smoke、DNS / TLS probe 與 production write 仍需獨立人工批准。" ], "outcome_lanes": [ { "lane_id": "waiting_owner_response_acceptance", "meaning": "owner response 尚未 accepted,rendered diff evidence 不可驗收。" }, { "lane_id": "waiting_rendered_diff_evidence", "meaning": "等待 owner-provided rendered diff / nginx test / route smoke evidence ref。" }, { "lane_id": "quarantine_raw_conf_or_payload", "meaning": "收到 raw live conf、完整 diff payload 或不可保存內容時只能隔離。" }, { "lane_id": "reject_secret_or_execution_request", "meaning": "出現 secret value 或夾帶執行要求時直接拒收。" }, { "lane_id": "request_evidence_supplement", "meaning": "欄位不足、scope 不清或 route matrix 不完整時要求補件。" }, { "lane_id": "ready_for_reviewer_acceptance", "meaning": "metadata 合格後只進 reviewer acceptance,不自動執行。" }, { "lane_id": "accepted_for_runtime_gate_planning", "meaning": "即使 evidence accepted,也只可進下一層 runtime gate planning。" }, { "lane_id": "waiting_separate_runtime_approval", "meaning": "nginx -t、reload、route smoke、DNS / TLS probe 仍需獨立人工批准。" } ], "required_evidence_fields": [ "redacted_live_conf_ref", "rendered_diff_ref", "rendered_diff_hash_ref", "diff_scope_summary", "affected_routes", "nginx_test_evidence_ref", "nginx_test_result", "route_smoke_matrix_ref", "route_smoke_result_ref", "tls_acme_impact_ref", "maintenance_window", "rollback_owner", "rollback_ref", "postcheck_evidence_ref" ], "reviewer_checks": [ { "check_id": "owner_response_accepted_first", "instruction": "必須先有 owner response accepted record,否則不得驗收 rendered diff evidence。" }, { "check_id": "redacted_live_conf_ref_only", "instruction": "只能接受脫敏 live conf ref、hash 或 artifact pointer,不得收 raw conf。" }, { "check_id": "rendered_diff_ref_not_payload", "instruction": "rendered diff 必須是 ref / hash,不得把完整 diff payload 寫入 repo 或 LOGBOOK。" }, { "check_id": "diff_scope_matches_config_id", "instruction": "diff scope 必須對回 public gateway config_id 與 affected route 清冊。" }, { "check_id": "nginx_test_evidence_is_readback_only", "instruction": "nginx test evidence 只能是 owner 提供的 readback ref,不得由本工具執行 nginx -t。" }, { "check_id": "nginx_test_result_has_timestamp", "instruction": "nginx test result 需有時間、環境、操作者角色與結果摘要,但不得含 secret。" }, { "check_id": "route_smoke_matrix_complete", "instruction": "route smoke matrix 必須列 affected routes、預期 status、TLS / WebSocket / ACME checks。" }, { "check_id": "tls_acme_impact_separated", "instruction": "TLS / ACME 影響必須與 reload 決策分離,不能用 route smoke 取代 cert ownership。" }, { "check_id": "secret_value_absent", "instruction": "不得出現 token、cookie、private key、完整憑證內容或 secret derivative。" }, { "check_id": "maintenance_window_present", "instruction": "任何未來 runtime action 前都必須有維護窗口或明確禁止窗口。" }, { "check_id": "rollback_owner_and_ref_present", "instruction": "rollback owner 與 rollback ref 必須存在,且不可指向 raw secret。" }, { "check_id": "postcheck_plan_present", "instruction": "postcheck evidence ref 需描述 API、Web、WebSocket、ACME 或 affected route 的驗證結果。" }, { "check_id": "no_execution_request_embedded", "instruction": "payload 不得夾帶 reload、route change、DNS / TLS probe 或 certbot renew 要求。" }, { "check_id": "counts_transition_safe", "instruction": "只有 reviewer record 可更新 accepted / rejected;不得同時開 runtime gate。" }, { "check_id": "action_button_absent", "instruction": "前台與 AwoooP 只能顯示只讀狀態,不得新增執行按鈕。" } ], "schema_version": "public_gateway_rendered_diff_acceptance_v1", "source_owner_response_acceptance_schema_version": "public_gateway_owner_response_acceptance_v1", "source_owner_response_acceptance_status": "owner_response_acceptance_ledger_ready_no_runtime_action", "source_rendered_diff_gate_schema_version": "public_gateway_rendered_diff_gate_draft_v1", "source_rendered_diff_gate_status": "rendered_diff_gate_draft_ready_no_runtime_action", "status": "rendered_diff_acceptance_ledger_ready_no_runtime_action", "summary": { "action_button_count": 0, "blocked_action_count": 22, "c0_diff_acceptance_candidate_count": 2, "c1_diff_acceptance_candidate_count": 1, "certbot_renew_authorized_count": 0, "diff_acceptance_candidate_count": 3, "diff_acceptance_field_count": 25, "dns_tls_probe_authorized_count": 0, "maintenance_window_accepted_count": 0, "nginx_reload_authorized_count": 0, "nginx_reload_executed_count": 0, "nginx_test_authorized_count": 0, "nginx_test_evidence_accepted_count": 0, "nginx_test_evidence_received_count": 0, "nginx_test_executed_count": 0, "outcome_lane_count": 8, "owner_response_accepted_count": 0, "postcheck_evidence_accepted_count": 0, "redacted_export_accepted_count": 0, "rendered_diff_accepted_count": 0, "rendered_diff_received_count": 0, "required_evidence_field_count": 14, "reviewer_check_count": 15, "rollback_owner_accepted_count": 0, "route_smoke_authorized_count": 0, "route_smoke_executed_count": 0, "route_smoke_matrix_accepted_count": 0, "route_smoke_matrix_received_count": 0, "route_smoke_result_accepted_count": 0, "route_smoke_result_received_count": 0, "runtime_gate_count": 0, "source_diff_gate_candidate_count": 3, "source_owner_response_acceptance_candidate_count": 3, "tls_acme_impact_accepted_count": 0 } }