vm-ops/README.md

ops

Single source of operational truth: everything here must be understandable, rebuildable, and revocable.

Non-negotiables

• Authority boundary: critical actions originate from op-core-vm.
• No plaintext secrets in Git: vault/ contains encrypted artifacts only; 20-identity/keys/public/ is public keys only.
• Naming is reality: everything is named <role>-<scope>-<id>.
• Nuke test: if losing it causes panic, reduce scope or remove it.

Quick links

• vm-control — fleet control plane
• vm-cc — continuous compliance
• vm-cloudflare — Layer0 + edge
• vm-ledger — ledger
• vm-contracts — schemas
• vm-mcp — governance/tools
• vm-core — engine
• vm-skills — skills

Read first

• 00-doctrine/operator-charter.md
• 00-doctrine/personal-operating-doctrine.md

Layout

• 00-doctrine/ – the law (stable, rarely changed)
• 10-inventory/ – what exists (hosts, networks, services)
• 20-identity/ – roles, policies, leases, public keys
• 30-infra/ – infrastructure as code + config management
• 40-apps/ – application-specific ops (deploy, config, lifecycle)
• 50-runbooks/ – executable procedures (panic day, provision, incident, decom)
• 60-backups/ – backup manifests + restore proofs
• 70-audits/ – checklists + reports
• 80-automation/ – scripts and containers that make the above repeatable
• 90-scratch/ – disposable working area (not source of truth)
• vault/ – encrypted-only artifacts (safe to leak without keys)

What does not belong here

Meaning-bearing material (books, media, personal archives) stays in cold storage, not ops/.