Initial commit - combined iTerm2 scripts
Contains: - 1m-brag - tem - VaultMesh_Catalog_v1 - VAULTMESH-ETERNAL-PATTERN 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Vault Sovereign
85
VaultMesh_Catalog_v1/pages/page9-forge-flow.md
Normal file
85
VaultMesh_Catalog_v1/pages/page9-forge-flow.md
Normal file
@@ -0,0 +1,85 @@
|
||||
Page Title: Forge Flow — From Phone to Shield
|
||||
Summary: The Forge Flow describes how code moves from the Sovereign's phone and forge node (nexus-0) through GitLab on gate-vm, into CI, and finally onto shield-vm and lab nodes. It is the canonical "path of sovereign code".
|
||||
|
||||
Key Findings:
|
||||
- Primary forge is nexus-0 (BlackArch), reachable via Tailscale from Android/laptop.
|
||||
- vaultmesh repo lives on nexus-0 under `/root/work/vaultmesh`.
|
||||
- Git remote points to GitLab on gate-vm (gitlab.mesh.local).
|
||||
- GitLab CI handles lint → test → build → deploy.
|
||||
- Production-like deployments land on shield-vm; experiments land on Lab HV nodes.
|
||||
|
||||
Forge Flow Diagram (Text):
|
||||
```text
|
||||
Android / Laptop
|
||||
↓ (Tailscale SSH)
|
||||
nexus-0 (BlackArch forge)
|
||||
↓ (git push)
|
||||
GitLab @ gate-vm (mesh-core-01)
|
||||
↓ (CI: lint → test → build)
|
||||
shield-vm (Shield / TEM) and Lab HV (phoenix-01, etc.)
|
||||
```
|
||||
|
||||
Steps:
|
||||
|
||||
1. Inception (Connect to Forge)
|
||||
- From Android or laptop:
|
||||
```bash
|
||||
ssh VaultSovereign@100.67.39.1 # nexus-0 via Tailscale
|
||||
tmux attach -t sovereign || tmux new -s sovereign
|
||||
```
|
||||
|
||||
2. Forge (Edit & Test)
|
||||
- On nexus-0:
|
||||
```bash
|
||||
cd /root/work/vaultmesh
|
||||
nvim .
|
||||
python3 -m pytest tests/ -v
|
||||
python3 cli/vm_cli.py guardian status
|
||||
python3 cli/vm_cli.py console sessions
|
||||
```
|
||||
|
||||
3. Transmit (Git Push to GitLab)
|
||||
```bash
|
||||
git add -A
|
||||
git commit -m "feat(guardian): improve anchor receipts"
|
||||
git push origin main # or feature branch
|
||||
```
|
||||
|
||||
4. Transform (GitLab CI on gate-vm)
|
||||
- .gitlab-ci.yml stages:
|
||||
- lint – style and basic checks.
|
||||
- test – pytest and CLI tests.
|
||||
- build – container/image build.
|
||||
- deploy – optional manual or automatic deployment.
|
||||
|
||||
5. Manifest (Deploy to Shield or Lab)
|
||||
- CI deploy job:
|
||||
- For main: deploy to shield-vm (production-like).
|
||||
- For lab branches: deploy to lab-mesh-01 / phoenix-01.
|
||||
- Manual deploy (fallback):
|
||||
```bash
|
||||
ssh shield-vm
|
||||
cd /opt/vaultmesh
|
||||
git pull
|
||||
sudo systemctl restart vaultmesh-mcp vaultmesh-tem
|
||||
```
|
||||
|
||||
6. Observe (Metrics & Proofs)
|
||||
- Grafana dashboards (gate-vm) for system and proof metrics.
|
||||
- Guardian CLI for roots and scrolls.
|
||||
- Lawchain/oracle dashboards for compliance view.
|
||||
|
||||
Infrastructure Roles in the Flow:
|
||||
- nexus-0 → live forge, fast iteration, experiments.
|
||||
- gate-vm → GitLab + CI + registry + observability.
|
||||
- shield-vm → OffSec/TEM node and primary runtime for security engines.
|
||||
- Lab HV → ephemeral experimentation environment.
|
||||
|
||||
Security Notes:
|
||||
- SSH access to nexus-0 and shield-vm uses per-node ed25519 keys.
|
||||
- GitLab access uses HTTPS with tokens or SSH keys.
|
||||
- Deploy stage should be limited to trusted runners/tags.
|
||||
|
||||
Linked Assets:
|
||||
- vaultmesh/.gitlab-ci.yml (CI pipeline).
|
||||
- VAULTMESH-INFRA-OVERVIEW style documents.
|
||||
Reference in New Issue
Block a user