Initial commit: Cloudflare infrastructure with WAF Intelligence

- Complete Cloudflare Terraform configuration (DNS, WAF, tunnels, access)
- WAF Intelligence MCP server with threat analysis and ML classification
- GitOps automation with PR workflows and drift detection
- Observatory monitoring stack with Prometheus/Grafana
- IDE operator rules for governed development
- Security playbooks and compliance frameworks
- Autonomous remediation and state reconciliation

systemd/tunnel-rotation.timer

@@ -0,0 +1,15 @@
+[Unit]
+Description=Weekly Cloudflare Tunnel Rotation Timer
+Documentation=https://vaultmesh.org/docs/cloudflare-binding
+
+[Timer]
+# Run weekly on Sunday at 03:00 UTC
+OnCalendar=Sun *-*-* 03:00:00 UTC
+Persistent=true
+RandomizedDelaySec=1800
+
+# Accuracy
+AccuracySec=1min
+
+[Install]
+WantedBy=timers.target