# Migration Sentinel — sample source blueprint
# ---------------------------------------------
# A blueprint describes one VM's runtime state. Migration Sentinel uses it to
# plan the migration, check compatibility, generate verification scripts and
# (after cutover) confirm the migrated VM still works.
#
# Edit the values below and re-upload. Every field marked "required" must be
# present; lists can be empty if nothing applies.

# --- Identity & host -------------------------------------------------------
hostname: web-server-01            # required — DNS or local name; must be unique
os_name: Ubuntu                    # required — e.g. Ubuntu, Debian, RHEL, Windows Server 2022
os_version: "22.04"                # required — quote the value; YAML treats 22.04 as a float otherwise

# --- Sizing ----------------------------------------------------------------
cpu_count: 2                       # required — vCPU count
ram_gb: 4.0                        # required — total RAM in GB (use a float)

# --- Running services ------------------------------------------------------
# `type` is one of: system_critical | middleware | application
services:
  - name: nginx
    state: running                 # running | stopped
    type: middleware
    display_name: NGINX HTTP server
    execution_path: /usr/sbin/nginx
    version: "1.24.0"
  - name: ssh
    state: running
    type: system_critical
    display_name: OpenSSH server
    execution_path: /usr/sbin/sshd
    version: null

# --- Inbound listeners (what this VM accepts) ------------------------------
inbound_listeners:
  - port: 80
    protocol: TCP
    process_name: nginx
    remote_host: null              # null for "accepts from anywhere"
    intent: HTTP public ingress
  - port: 443
    protocol: TCP
    process_name: nginx
    remote_host: null
    intent: HTTPS public ingress

# --- Outbound dependencies (what this VM calls out to) ---------------------
# Used by the wave planner to order migrations: targets must move first.
outbound_dependencies:
  - port: 5432
    protocol: TCP
    process_name: null
    remote_host: db.internal.lan   # FQDN or IP of the dependency
    intent: PostgreSQL database
  - port: 53
    protocol: UDP
    process_name: systemd-resolved
    remote_host: 10.0.0.10
    intent: Internal DNS

# --- Critical config files (integrity baseline) ----------------------------
# After cutover, Sentinel re-hashes these paths and fails the verification
# if any sha256 has changed unexpectedly.
config_files:
  - path: /etc/nginx/nginx.conf
    sha256_hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
    description: Main NGINX config
  - path: /etc/ssh/sshd_config
    sha256_hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
    description: SSH server config

# --- Disk usage snapshot (optional but used by the recommender) -----------
disk_utilization:
  - path: /
    total_gb: 50.0
    used_gb: 12.4
    free_gb: 37.6
    usage_percent: 24.8

# --- Free-form metadata ---------------------------------------------------
# Anything the agent should know: environment, owner team, compliance tags.
# The wave planner reads `environment` to put non-prod ahead of prod.
metadata:
  environment: prod                # prod | non-prod | dev | staging
  owner_team: platform
  business_unit: ecommerce
  cost_center: "CC-1042"