vaultsovereign/vm-skills
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit: VaultMesh Skills collection

Browse Source 
Collection of operational skills for VaultMesh infrastructure including:
- backup-sovereign: Backup and recovery operations
- btc-anchor: Bitcoin anchoring
- cloudflare-tunnel-manager: Cloudflare tunnel management
- container-registry: Container registry operations
- disaster-recovery: Disaster recovery procedures
- dns-sovereign: DNS management
- eth-anchor: Ethereum anchoring
- gitea-bootstrap: Gitea setup and configuration
- hetzner-bootstrap: Hetzner server provisioning
- merkle-forest: Merkle tree operations
- node-hardening: Node security hardening
- operator-bootstrap: Operator initialization
- proof-verifier: Cryptographic proof verification
- rfc3161-anchor: RFC3161 timestamping
- secrets-vault: Secrets management

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
Vault Sovereign
2025-12-27 00:25:00 +00:00
commit eac77ef7b4
213 changed files with 11724 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
operator-bootstrap/scripts/30_gitops_plan.sh Executable file
View File

@@ -0,0 +1,73 @@
#!/usr/bin/env bash
set -euo pipefail
# === METADATA ===
SCRIPT_NAME="$(basename "$0")"
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
SKILL_ROOT="$(dirname "$SCRIPT_DIR")"
# === CONFIGURATION ===
: "${NODE_NAME:=node-a}"
: "${GITOPS_ROOT:=$HOME/infrastructure}"
: "${OUTPUT_DIR:=$SKILL_ROOT/outputs}"
# === FUNCTIONS ===
log_info() { echo "[INFO] $(date -Iseconds) $*"; }
log_warn() { echo "[WARN] $(date -Iseconds) $*" >&2; }
main() {
log_info "Starting $SCRIPT_NAME (PLAN ONLY - no changes made)..."
# Expand ~ in GITOPS_ROOT
GITOPS_ROOT="${GITOPS_ROOT/#\~/$HOME}"
echo ""
echo "============================================"
echo " GITOPS STRUCTURE PLAN"
echo " Node: $NODE_NAME"
echo "============================================"
echo ""
echo "=== Directory Structure ==="
echo " $GITOPS_ROOT/"
echo " +-- config.git/ (bare repo: infrastructure config)"
echo " +-- secrets.git/ (bare repo: encrypted secrets)"
echo " +-- manifests.git/ (bare repo: k8s/deployment manifests)"
echo ""
echo "=== Branch Structure (each repo) ==="
echo " main - production state"
echo " staging - pre-production testing"
echo " dev - development changes"
echo ""
echo "=== Post-Receive Hooks ==="
echo " config.git: Validate YAML on push"
echo " secrets.git: Verify GPG encryption"
echo " manifests.git: Validate manifest syntax"
echo ""
echo "=== Working Directories ==="
echo " After setup, clone repos to working directories:"
echo " git clone $GITOPS_ROOT/config.git ~/config"
echo " git clone $GITOPS_ROOT/secrets.git ~/secrets"
echo " git clone $GITOPS_ROOT/manifests.git ~/manifests"
echo ""
# Check for existing repos
for repo in config secrets manifests; do
if [[ -d "$GITOPS_ROOT/${repo}.git" ]]; then
log_warn "$repo.git already exists - apply will skip creation"
fi
done
echo "============================================"
echo " To apply: ./scripts/31_gitops_apply.sh"
echo " To abort: Do nothing"
echo " To rollback: ./scripts/rollback/undo_gitops.sh"
echo "============================================"
log_info "Completed $SCRIPT_NAME"
}
[[ "${BASH_SOURCE[0]}" == "$0" ]] && main "$@"