# On-prem signed delivery

Banks and regulated buyers run Edge inside their perimeter. The container never reaches out to GitHub or any third party except the LLM gateway the bank operates.

## Delivery chain

```mermaid
flowchart LR
    Build[edge-app CI<br/>release.yml] -->|push| GHCR[(GHCR<br/>vX.Y.Z signed)]
    GHCR -->|pull + verify| Mirror[Mirror node<br/>edge-infra]
    Mirror -->|re-tag| BankReg[(Bank internal registry)]
    BankReg -->|deploy| Pod[Edge pod<br/>on-prem]
    Pod -->|HTTPS| BankLLM[Bank LLM gateway]
```

## Step-by-step (operator)

### 1. Confirm provenance

```bash
# Verify SBOM and provenance are attached
docker buildx imagetools inspect ghcr.io/nkap360-dev/edge-app:vX.Y.Z
```

### 2. Pull into mirror

```bash
crane copy \
  ghcr.io/nkap360-dev/edge-app:vX.Y.Z \
  registry.bank.internal/genai/edge-app:vX.Y.Z
```

### 3. Verify SBOM

```bash
gh release download vX.Y.Z \
  --repo NKAP360-dev/edge-app \
  --pattern 'sbom-*.json'

grype sbom:./sbom-vX.Y.Z.json --fail-on high
```

### 4. Deploy

K8s manifest, Compose file, or VM systemd unit — choice of the operator. Examples in [`edge-infra/dev/`](https://github.com/NKAP360-dev/edge-infra/tree/main/dev).

### 5. Wire secrets

Required environment variables — mounted from the bank's Vault, never baked into the image:

```bash
# LLM gateway (cert-auth example)
AI_HUB_BASE_URL=https://ai.internal.bank/v1
AI_HUB_TENANT_ID=...
CLIENT_CERT_PFX_PATH=/secrets/ai-hub.pfx
PFX_SECRET=<read from Vault>

# PocketBase admin
POCKETBASE_ADMIN_EMAIL=...
POCKETBASE_ADMIN_PASSWORD=<read from Vault>

# JWT signing
JWT_SECRET=<read from Vault>
```

### 6. Health check

```bash
curl https://edge.internal.bank/health
# { "status": "ok", "version": "vX.Y.Z", "uptime_s": 42 }
```

## What does not leave the perimeter

| Surface                    | Direction             | Allowed?                 |
| -------------------------- | --------------------- | ------------------------ |
| Outbound to GHCR           | from mirror node only | Yes (one-time pull)      |
| Outbound to LLM gateway    | from edge pod         | Yes (allowlist)          |
| Outbound to GitHub         | from edge pod         | **No**                   |
| Outbound to Langfuse cloud | from edge pod         | **No** (use self-hosted) |
| Outbound to telemetry/CDN  | from edge pod         | **No**                   |

## Self-hosted Langfuse

If observability is required:

```bash
# from edge-infra/observability/langfuse/
docker compose up -d
```

Then set on the Edge pod:

```bash
LANGFUSE_HOST=http://langfuse.internal:3000
LANGFUSE_PUBLIC_KEY=...
LANGFUSE_SECRET_KEY=...
```

## Air-gapped variant

For fully air-gapped sites:

1. Pull the OCI image and SBOM on a bridge host.
2. `docker save` to a tarball.
3. Carry into the air-gapped network.
4. `docker load`, push to local registry.
5. Verify SBOM with `grype --offline`.

See [Operations / Backup & recovery](/operations/backup-recovery.md) for the data side.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.edge.nyami.fr/deployment/on-prem.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.