Advance forge NBC worker and Ethereum full nodes

2026-04-03 02:01:34 -07:00 · 2026-04-03 02:01:34 -07:00 · 3402f7dab2
commit 3402f7dab2
parent 7d84510eac
17 changed files with 3066 additions and 414 deletions
--- a/evolution/proposals/ECP-0103-mullvad-philadelphia-egress-for-forge-nbc-philadelphia.md
+++ b/evolution/proposals/ECP-0103-mullvad-philadelphia-egress-for-forge-nbc-philadelphia.md
@ -0,0 +1,24 @@
+# ECP-0103: Mullvad Philadelphia Egress for Forge NBC Philadelphia
+
+## Why
+
+The forge-side NBC worker is currently dependent on a reverse-tunneled proxy for US egress.
+That is enough to prove the geo-boundary, but it is the wrong long-term operator shape for `NBC Sports Philadelphia`.
+
+## Decision
+
+1. Enable the Mullvad daemon on `ecp-forge`.
+2. Keep the Mullvad account number out of committed Nix configuration; log in operationally from founder-provided material.
+3. Use a Philadelphia Mullvad relay for `NBC Sports Philadelphia` work on forge.
+4. Start the forge NBC publish worker after the Mullvad daemon is available.
+
+## Consequences
+
+- Forge NBC egress becomes self-contained instead of depending on a local reverse proxy.
+- The account credential stays operational-only rather than being copied into repo config.
+- Relay choice remains runtime-controlled, so it can be swapped if a specific Philadelphia host degrades.
+
+## Rejected Alternatives
+
+- Keep relying on the reverse-tunneled local proxy: rejected because it couples forge origin to a founder workstation.
+- Commit the Mullvad account number into NixOS config: rejected because it expands secret exposure for no benefit.