vaultsovereign/vm-cloudflare
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Initial commit: Cloudflare infrastructure with WAF Intelligence

Browse Source 
- Complete Cloudflare Terraform configuration (DNS, WAF, tunnels, access)
- WAF Intelligence MCP server with threat analysis and ML classification
- GitOps automation with PR workflows and drift detection
- Observatory monitoring stack with Prometheus/Grafana
- IDE operator rules for governed development
- Security playbooks and compliance frameworks
- Autonomous remediation and state reconciliation
This commit is contained in:
Vault Sovereign
2025-12-16 18:31:53 +00:00
commit 37a867c485
123 changed files with 25407 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

228
opencode.jsonc.backup Normal file
View File

@@ -0,0 +1,228 @@
{
"$schema": "https://opencode.ai/config.json",
"mcp": {
// Popular open-source MCP servers
// File system operations
"filesystem": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-filesystem"],
"environment": {
"HOME": "{env:HOME}"
},
"enabled": true
},
// Git operations
"git": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-git"],
"enabled": true
},
// GitHub integration
"github": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-github"],
"environment": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "{env:GITHUB_TOKEN}"
},
"enabled": true
},
// Postgres database
"postgres": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-postgres"],
"environment": {
"DATABASE_URL": "{env:DATABASE_URL}"
},
"enabled": false
},
// SQLite database
"sqlite": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-sqlite"],
"enabled": false
},
// Docker integration
"docker": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-docker"],
"enabled": false
},
// Web scraping
"web-scraper": {
"type": "local",
"command": ["npx", "-y", "web-scraper-mcp"],
"enabled": false
},
// Google Maps integration
"googlemaps": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-google-maps"],
"environment": {
"GOOGLE_MAPS_API_KEY": "{env:GOOGLE_MAPS_API_KEY}"
},
"enabled": false
},
// Slack integration
"slack": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-slack"],
"environment": {
"SLACK_BOT_TOKEN": "{env:SLACK_BOT_TOKEN}"
},
"enabled": false
},
// Memory/knowledge base
"memory": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-memory"],
"enabled": false
},
// AWS integration
"aws": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-aws"],
"environment": {
"AWS_ACCESS_KEY_ID": "{env:AWS_ACCESS_KEY_ID}",
"AWS_SECRET_ACCESS_KEY": "{env:AWS_SECRET_ACCESS_KEY}",
"AWS_REGION": "{env:AWS_REGION}"
},
"enabled": false
},
// Linear integration
"linear": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-linear"],
"environment": {
"LINEAR_API_KEY": "{env:LINEAR_API_KEY}"
},
"enabled": false
},
// Knowledge search via Context7
"context7": {
"type": "remote",
"url": "https://mcp.context7.com/mcp",
"headers": {
"CONTEXT7_API_KEY": "{env:CONTEXT7_API_KEY}"
},
"enabled": false
},
// GitHub code search via Grep
"gh_grep": {
"type": "remote",
"url": "https://mcp.grep.app",
"enabled": true
},
// WAF intelligence orchestrator
"waf_intel": {
"type": "local",
"command": ["python3", "waf_intel_mcp.py"],
"enabled": true,
"timeout": 300000
},
// GitLab integration
"gitlab": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-gitlab"],
"environment": {
"GITLAB_TOKEN": "{env:GITLAB_TOKEN}",
"GITLAB_URL": "{env:GITLAB_URL:https://gitlab.com}"
},
"enabled": false
},
// Cloudflare API integration
"cloudflare": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-cloudflare"],
"environment": {
"CLOUDFLARE_API_TOKEN": "{env:CLOUDFLARE_API_TOKEN}",
"CLOUDFLARE_ACCOUNT_ID": "{env:CLOUDFLARE_ACCOUNT_ID}"
},
"enabled": false
},
// Test server (remove in production)
"test_everything": {
"type": "local",
"command": ["npx", "-y", "@modelcontextprotocol/server-everything"],
"enabled": false
}
},
// Disable certain MCPs globally but enable per-agent if needed
"tools": {
// Only enable essential MCPs by default
"postgres": false,
"sqlite": false,
"docker": false,
"aws": false,
"slack": false,
"memory": false,
"googlemaps": false,
"linear": false,
"web-scraper": false,
"gitlab": false,
"cloudflare": false
},
// Agent-specific configurations
"agents": {
"cloudflare-ops": {
"description": "Manages Cloudflare infrastructure and GitOps",
"tools": {
"filesystem": true,
"git": true,
"github": true,
"gitlab": true,
"cloudflare": true,
"gh_grep": true,
"context7": false
}
},
"security-audit": {
"description": "Performs security analysis and compliance checks",
"tools": {
"filesystem": true,
"git": true,
"github": true,
"gitlab": true,
"cloudflare": true,
"gh_grep": true,
"waf_intel": true
}
},
"data-engineer": {
"description": "Works with databases and data processing",
"tools": {
"filesystem": true,
"git": true,
"gitlab": true,
"postgres": true,
"sqlite": true
}
}
},
"rules": [
"When working with Terraform and Cloudflare, use git to track changes and gh_grep to find examples",
"Always check GitHub for similar implementations before creating new ones",
"Use filesystem operations to examine project structure before making changes",
"When asked about compliance, use context7 to search documentation"
]
}