vaultsovereign/test
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1583890199ba7bf5688e0f63e1e46cee63f93f61
test/VaultMesh_Catalog_v1/pages/page2-node-topology.md
Vault Sovereign 1583890199 Initial commit - combined iTerm2 scripts 
Contains:
- 1m-brag
- tem
- VaultMesh_Catalog_v1
- VAULTMESH-ETERNAL-PATTERN

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-28 03:58:39 +00:00

77 lines
4.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
Page Title: VaultMesh Node Topology (Canon v1)
Summary: VaultMesh spans four primary tiers—Forge, Mine, Gate, and Lab—with mobile endpoints riding on top. The BRICK hypervisor anchors the virtualization layer, while v1-nl-gate acts as the outer gate. The result is a flexible topology where code forges on nexus-0, lands in GitLab on gate-vm, and manifests on shield-vm and lab nodes.
Key Findings:
- Clear separation between Forge (nexus-0), Core Mesh (gate-vm on brick), Edge Gate (v1-nl-gate), and Lab HV (ephemeral).
- BRICK hypervisor hosts the critical core VMs: debian-golden (template), gate-vm (mesh-core-01), shield-vm (shield-01).
- Tailscale tailnet binds everything together with MagicDNS and per-node hostnames.
- v1-nl-gate is ready to act as external ingress or exit node for future services.
- Node roles are stable but designed to evolve; lab nodes are intentionally ephemeral.
Components:
- Forge Tier: nexus-0 (BlackArch) and optional kali-forge.
- Mine Tier: gamma, beta, brick, w3 primary physical infra.
- Gate Tier: v1-nl-gate (cloud gate), gate-vm on brick (core stack).
- VM Tier: debian-golden (golden image), gate-vm (core services), shield-vm (OffSec/TEM).
- Lab Tier: lab-mesh-01, lab-agent-01, lab-chaos-01, phoenix-01.
Node Inventory:
FORGE NODES:
| Node | Hostname | OS | Role |
|-----------|---------------------------|-----------|----------------------|
| nexus-0 | 100.67.39.1 (Tailscale) | BlackArch | Primary forge (dev) |
| kali-forge| (Tailscale IP) | Kali | Secondary OffSec lab |
MINE NODES Primary Infrastructure:
| Node | Hostname | OS | Role |
|--------|---------------------------|-------------|-------------------|
| gamma | gamma.story-ule.ts.net | Arch Linux | Home primary |
| beta | beta.story-ule.ts.net | Arch Linux | Backup node |
| brick | brick.story-ule.ts.net | Debian | Dell server, HV |
| w3 | w3.story-ule.ts.net | Raspbian | Raspberry Pi node |
GATE NODES Edge / Exit:
| Node | Hostname | OS | Role |
|------------|-------------------------------|--------|-----------------------------|
| v1-nl-gate | v1-nl-gate.story-ule.ts.net | Debian | Netherlands external gate |
| gate-vm | gate-vm.story-ule.ts.net | Debian | mesh-core-01 (core stack) |
VM NODES On brick (libvirt/KVM):
| Node | Hostname | OS | Role |
|---------------|---------------------------------|--------|-------------------------------|
| debian-golden | debian-golden.story-ule.ts.net | Debian | Golden image / template |
| gate-vm | gate-vm.story-ule.ts.net | Debian | Core services (GitLab, etc.) |
| shield-vm | shield-vm.story-ule.ts.net | Debian | Shield / TEM / machine vault |
LAB NODES Experimental (Lab HV):
| Node | Hostname | Role |
|--------------|---------------------|----------------------------------|
| lab-mesh-01 | lab-mesh-01 | Multi-node mesh tests |
| lab-agent-01 | lab-agent-01 | Agent/orchestration experiments |
| lab-chaos-01 | lab-chaos-01 | Chaos/failure drills |
| phoenix-01 | phoenix-01 | Phoenix/PSI prototypes |
MOBILE NODES:
| Node | Hostname | OS | Port |
|-------------|-------------------------------|---------------|-------|
| shield | shield.story-ule.ts.net | Android/Termux| 22 |
| bank-mobile | bank-mobile.story-ule.ts.net | iOS | 8022 |
LAN Fallbacks:
| Node | LAN IP |
|-------|----------------|
| gamma | 192.168.0.191 |
| brick | 192.168.0.119 |
| beta | 192.168.0.236 |
Security Notes:
- Forge, Mine, Gate, and Lab communicate primarily via Tailscale; LAN is a fallback.
- VMs are isolated on libvirt NAT (192.168.122.x), with SSH + Tailscale as ingress.
- v1-nl-gate can be used as WireGuard / exit node for privacy routing.
Dependencies:
- Tailscale on all nodes (physical and virtual as required).
- libvirt/QEMU on brick for VM lifecycle.
- SSH with per-node ed25519 keys.
Reference in New Issue View Git Blame Copy Permalink