docs: Clean up documentation - remove stale content and fix inconsistencies

Comprehensive documentation cleanup to align with current implementation
and remove outdated/confusing content.

DELETED:
- SUMMARY.md - Historical migration document from Ansible EDA to Renovate
  (migration is complete, document no longer needed)

UPDATED README.md Variables Section:
- Split into "Terraform Variables" and "Vault-Stored Configuration" sections
- Removed 5 incorrectly documented variables that are actually stored in Vault:
  * renovate_platform, renovate_endpoint, renovate_token
  * renovate_git_author, renovate_username
- Added missing variable documentation:
  * dns_servers (list of DNS servers for hostname resolution)
  * vault_skip_tls_verify (skip TLS verification for Vault)
- Fixed log_level default value: "info" → "debug" (matches variables.tf)
- Added clear explanation that Vault keys are NOT Terraform variables
- Added reference to "Store Credentials in Vault" section

UPDATED QUICKSTART.md Troubleshooting:
- Added DNS resolution error troubleshooting section
- Documents ENOTFOUND errors and how to resolve them
- Provides diagnostic commands (dig @DNS_SERVER hostname)
- Shows how to configure dns_servers variable
- Explains hostname verification (git.bsdserver.nl vs gitea.bsdserver.nl)
- Provides alternative solution (use IP address instead of hostname)

These changes ensure documentation accurately reflects:
- Current implementation (Vault-based credential storage)
- All available configuration options (including dns_servers)
- Correct default values
- Clear separation between TF vars and Vault-stored config
- Complete troubleshooting guidance for common issues

QUICKSTART.md

@@ -143,6 +143,18 @@ docker exec renovate env | grep RENOVATE
 3. Verify all 5 required keys are in Vault (especially `renovate_username`)
 4. Ensure the endpoint URL ends with `/api/v1/`
 
+**❌ If you see DNS resolution errors (ENOTFOUND):**
+1. The container cannot resolve your Gitea hostname
+2. Check DNS resolution from Docker host:
+   ```bash
+   dig @192.168.2.2 git.bsdserver.nl
+   ```
+3. Configure DNS servers in your deployment:
+   - Add to `terraform.tfvars`: `dns_servers = ["192.168.2.2"]`
+   - Or set in pipeline: `TF_VAR_dns_servers='["192.168.2.2"]'`
+4. Verify the hostname is correct (e.g., `git.bsdserver.nl` not `gitea.bsdserver.nl`)
+5. Alternative: Use IP address in Vault endpoint instead of hostname
+
 ## Step 7: Add Renovate to a Test Repository
 
 1. Navigate to a test repository in Gitea

README.md

@@ -372,6 +372,10 @@ For repositories with Terraform code:
 
 ## Variables
 
+### Terraform Variables
+
+These variables are defined in `variables.tf` and can be set via `terraform.tfvars` or environment variables:
+
 | Variable | Description | Type | Default | Required |
 |----------|-------------|------|---------|----------|
 | `container_name` | Name of the Renovate container | `string` | `"renovate"` | No |
@@ -382,19 +386,30 @@ For repositories with Terraform code:
 | `domain` | Domain name for the application | `string` | `"bsdserver.lan"` | No |
 | `dns_name` | DNS name for the Renovate service | `string` | `null` (uses container_name) | No |
 | `create_cname_record` | Whether to create a DNS CNAME record | `bool` | `false` | No |
-| `renovate_platform` | Git platform to use (gitea, github, gitlab) | `string` | `"gitea"` | No |
+| `dns_servers` | List of DNS servers for hostname resolution | `list(string)` | `[]` (uses Docker default) | No |
-| `renovate_endpoint` | API endpoint for the git platform | `string` | - | Yes |
-| `renovate_token` | Personal access token for authentication | `string` | - | Yes |
-| `renovate_git_author` | Git author for Renovate commits | `string` | `"Renovate Bot <renovate-bot@example.com>"` | No |
-| `renovate_username` | Username of the Renovate bot account | `string` | `"renovate-bot"` | No |
 | `renovate_autodiscover` | Enable autodiscovery of repositories | `bool` | `true` | No |
-| `renovate_onboarding_config` | Onboarding configuration for Renovate | `string` | See variables.tf | No |
+| `renovate_onboarding_config` | Onboarding configuration for Renovate (JSON string) | `string` | See variables.tf | No |
 | `github_com_token` | GitHub.com token for fetching changelogs | `string` | `""` | No |
-| `log_level` | Log level for Renovate | `string` | `"info"` | No |
+| `log_level` | Log level for Renovate (debug, info, warn, error) | `string` | `"debug"` | No |
-| `extra_env_vars` | Additional environment variables | `list(string)` | `[]` | No |
+| `extra_env_vars` | Additional environment variables for the container | `list(string)` | `[]` | No |
 | `upload_config_file` | Upload a config.js file to the container | `bool` | `true` | No |
-| `role_id` | Vault AppRole Role ID | `string` | - | Yes |
+| `role_id` | Vault AppRole Role ID for authentication | `string` | - | Yes |
-| `secret_id` | Vault AppRole Secret ID | `string` | - | Yes |
+| `secret_id` | Vault AppRole Secret ID for authentication | `string` | - | Yes |
+| `vault_skip_tls_verify` | Skip TLS verification for Vault (self-signed certs) | `bool` | `true` | No |
+
+### Vault-Stored Configuration
+
+These values are **NOT** Terraform variables. They must be stored in HashiCorp Vault at path `secret/renovate`:
+
+| Vault Key | Description | Required |
+|-----------|-------------|----------|
+| `renovate_platform` | Git platform (must be "gitea") | Yes |
+| `renovate_endpoint` | Gitea API endpoint (e.g., `https://git.example.com/api/v1/`) | Yes |
+| `renovate_token` | Gitea Personal Access Token for the bot user | Yes |
+| `renovate_git_author` | Git commit author (e.g., `"Renovate Bot <bot@example.com>"`) | Yes |
+| `renovate_username` | Gitea username of the bot account (e.g., `"renovate-bot"`) | Yes |
+
+**See the "Store Credentials in Vault" section** in Gitea Bot Setup for complete instructions on storing these values.
 
 ## Outputs
 

SUMMARY.md

@@ -1,284 +0,0 @@
-# Module Transformation Summary
-
-## Overview
-
-Successfully transformed the `terraform-docker-renovate` module from an **Ansible Event-Driven Automation (EDA)** deployment to a **Renovate Bot** deployment for automated dependency management with Gitea integration.
-
-## Completion Status ✅
-
-All tasks have been completed successfully:
-
-- ✅ Cleaned up `.terraform`, `.terraform.lock.hcl`, and state files
-- ✅ Updated `main.tf` for Renovate container deployment
-- ✅ Updated `variables.tf` with Renovate-specific configuration
-- ✅ Created `config.js.tpl` template for Renovate configuration
-- ✅ Updated `outputs.tf` to reflect Renovate outputs
-- ✅ Updated `backend.tf` with new state file path
-- ✅ Created comprehensive README.md documentation
-- ✅ Removed old EDA documentation files
-- ✅ Created example configuration files
-- ✅ Created CHANGELOG.md and MIGRATION_GUIDE.md
-- ✅ Formatted all Terraform code
-
-## Files Modified
-
-### Core Terraform Files
-
-1. **main.tf**
-   - Changed from Ansible EDA to Renovate container
-   - Updated volumes: `renovate-config` and `renovate-cache`
-   - Updated environment variables for Renovate
-   - Removed Traefik labels (Renovate doesn't need web access)
-   - Added config.js template upload functionality
-
-2. **variables.tf**
-   - Replaced all EDA-specific variables
-   - Added Renovate platform configuration variables:
-     - `renovate_platform` (default: "gitea")
-     - `renovate_endpoint` (required)
-     - `renovate_token` (required, sensitive)
-     - `renovate_git_author`
-     - `renovate_username`
-     - `renovate_autodiscover`
-     - `renovate_onboarding_config`
-     - `github_com_token` (optional)
-     - `restart_policy`
-     - `upload_config_file`
-
-3. **outputs.tf**
-   - Updated to output Renovate-specific information
-   - Added `config_volume` and `cache_volume`
-   - Added `renovate_platform` and `renovate_endpoint`
-
-4. **backend.tf**
-   - Updated state file path from `home/docker/ansible-eda/ansible-eda.tfstate`
-   - To: `home/docker/renovate/renovate.tfstate`
-
-5. **terraform.tfvars**
-   - Added Gitea configuration variables
-   - Added placeholder for `renovate_token`
-   - Updated with Renovate-specific settings
-
-### Documentation Files
-
-6. **README.md** (18,755 bytes)
-   - Complete rewrite for Renovate deployment
-   - Added Gitea bot setup instructions
-   - Included repository configuration examples
-   - Added troubleshooting guide
-   - Included CI/CD integration examples
-   - Added SonarQube integration section
-   - Security best practices
-   - Comprehensive usage examples
-
-7. **CHANGELOG.md** (NEW)
-   - Documents version 2.0.0 breaking changes
-   - Lists all modifications
-   - Includes migration notes
-
-8. **MIGRATION_GUIDE.md** (NEW)
-   - Detailed migration instructions
-   - Variable mapping table
-   - Step-by-step migration procedures
-   - Rollback procedures
-   - Troubleshooting section
-
-9. **SUMMARY.md** (THIS FILE)
-   - Overview of all changes
-   - Quick reference guide
-
-### Configuration Files
-
-10. **files/config.js.tpl** (NEW)
-    - Renovate configuration template
-    - Uses Terraform variables for dynamic configuration
-    - Supports Gitea platform integration
-
-11. **files/example-renovate.json** (NEW)
-    - Example repository-level configuration
-    - Shows Docker, Terraform, and Ansible support
-    - Includes automerge rules and scheduling examples
-
-12. **files/example-gitea-workflow.yaml** (NEW)
-    - Gitea Actions workflow example
-    - Shows scheduled and manual trigger options
-    - Includes container restart and logging commands
-
-### Files Removed
-
-- ❌ `files/example-rulebook.yml` - Ansible EDA specific
-- ❌ `MIGRATION_SUMMARY.md` - Old documentation
-- ❌ `DECISION_POINTS.md` - Old documentation
-- ❌ `IMPLEMENTATION_PLAN.md` - Old documentation
-- ❌ `.terraform/` directory - Cleaned up
-- ❌ `.terraform.lock.hcl` - Cleaned up
-- ❌ All `.tfstate*` files - Cleaned up
-
-### Files Unchanged
-
-- ✓ `provider.tf` - No changes needed
-- ✓ `data.tf` - Still uses Traefik network (optional)
-- ✓ `.gitignore` - Still valid
-
-## Key Features Implemented
-
-### 1. Gitea Integration
-- Native Gitea platform support
-- Personal Access Token authentication
-- Autodiscovery of repositories
-- Proper bot user configuration
-
-### 2. Configuration Management
-- Template-based config.js generation
-- Support for environment variable configuration
-- Onboarding configuration
-- Repository-level customization
-
-### 3. CI/CD Integration
-- Gitea Actions workflow examples
-- Pipeline configuration examples
-- SonarQube integration support
-- Automated scheduling options
-
-### 4. Security
-- Sensitive variable handling
-- Token security
-- No privileged mode
-- Resource limits
-- Vault integration for DNS credentials
-
-### 5. Documentation
-- Comprehensive README with examples
-- Migration guide for existing users
-- Changelog with version history
-- Repository configuration examples
-- Troubleshooting guides
-
-## Required Configuration
-
-Before deploying, you must:
-
-1. **Create Renovate Bot User in Gitea**:
-   - Username: `renovate-bot`
-   - Email: `renovate-bot@bsdserver.nl`
-   - Full name: "Renovate Bot"
-
-2. **Generate Personal Access Token** with scopes:
-   - `repo` (Read and Write)
-   - `user` (Read)
-   - `issue` (Read and Write)
-   - `organization` (Read)
-
-3. **Update terraform.tfvars**:
-   ```hcl
-   renovate_endpoint   = "https://gitea.bsdserver.nl/api/v1/"
-   renovate_token      = "your-actual-token-here"
-   renovate_git_author = "Renovate Bot <renovate-bot@bsdserver.nl>"
-   renovate_username   = "renovate-bot"
-   ```
-
-4. **Initialize Terraform**:
-   ```bash
-   terraform init
-   terraform plan
-   terraform apply
-   ```
-
-## Next Steps
-
-1. **Deploy the Module**:
-   ```bash
-   cd /path/to/terraform-docker-renovate
-   terraform init
-   terraform plan
-   terraform apply
-   ```
-
-2. **Verify Deployment**:
-   ```bash
-   docker ps | grep renovate
-   docker logs renovate -f
-   ```
-
-3. **Configure Repositories**:
-   - Add `renovate.json` to each repository
-   - Use `files/example-renovate.json` as a template
-   - Enable autodiscovery or add bot as collaborator
-
-4. **Set Up Scheduling**:
-   - Configure cron job
-   - Or use Gitea Actions workflow
-   - See `files/example-gitea-workflow.yaml`
-
-5. **Monitor and Test**:
-   - Wait for Renovate to create onboarding PRs
-   - Review and merge onboarding PRs
-   - Monitor dependency update PRs
-
-## Additional Resources
-
-- **Module README**: Comprehensive documentation with examples
-- **Migration Guide**: Detailed migration instructions
-- **Changelog**: Version history and breaking changes
-- **Renovate Docs**: https://docs.renovatebot.com/
-- **Gitea Integration**: https://docs.renovatebot.com/modules/platform/gitea/
-
-## Architecture
-
-```
-                    Gitea Instance
-                          │
-                          │ API (v1)
-                          ▼
-            ┌─────────────────────────┐
-            │  Renovate Container     │
-            │  - Platform: gitea      │
-            │  - Autodiscover: true   │
-            │  - Scheduled runs       │
-            └──────────┬──────────────┘
-                       │
-                       ▼
-              ┌────────┴────────┐
-              │                 │
-    ┌─────────▼────┐  ┌────────▼─────┐
-    │ Config       │  │ Cache        │
-    │ Volume       │  │ Volume       │
-    └──────────────┘  └──────────────┘
-```
-
-## Summary Statistics
-
-- **Files Modified**: 5 core Terraform files
-- **Files Created**: 6 new files (docs + examples)
-- **Files Removed**: 7 old files
-- **Total Documentation**: ~30,000 words
-- **Code Quality**: Formatted and validated
-- **Breaking Changes**: Complete rewrite (v2.0.0)
-
-## Success Criteria ✅
-
-All objectives have been met:
-
-- ✅ Module repurposed for Renovate deployment
-- ✅ Gitea integration configured
-- ✅ Pipeline steps documented
-- ✅ SonarQube integration examples provided
-- ✅ All documentation updated
-- ✅ Old files cleaned up
-- ✅ Examples and templates created
-- ✅ Migration guide provided
-- ✅ Code formatted and ready for deployment
-
-## Notes
-
-- The module is ready for deployment after updating `renovate_token` in `terraform.tfvars`
-- State file path has changed - plan your migration accordingly
-- This is a breaking change (v2.0.0) - not backward compatible
-- Comprehensive documentation provided for all use cases
-- Examples included for Docker, Terraform, and Ansible repositories
-
----
-
-**Module Version**: 2.0.0
-**Transformation Date**: 2024-11-17
-**Status**: ✅ Complete and Ready for Deployment