eac77ef7b4
Collection of operational skills for VaultMesh infrastructure including: - backup-sovereign: Backup and recovery operations - btc-anchor: Bitcoin anchoring - cloudflare-tunnel-manager: Cloudflare tunnel management - container-registry: Container registry operations - disaster-recovery: Disaster recovery procedures - dns-sovereign: DNS management - eth-anchor: Ethereum anchoring - gitea-bootstrap: Gitea setup and configuration - hetzner-bootstrap: Hetzner server provisioning - merkle-forest: Merkle tree operations - node-hardening: Node security hardening - operator-bootstrap: Operator initialization - proof-verifier: Cryptographic proof verification - rfc3161-anchor: RFC3161 timestamping - secrets-vault: Secrets management 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
25 lines
675 B
Bash
25 lines
675 B
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
: "${ROOT_FILE:=ROOT.txt}"
|
|
: "${TSA_URL:=https://freetsa.org/tsr}"
|
|
: "${DRY_RUN:=1}"
|
|
: "${CONFIRM_PHRASE:=I UNDERSTAND THIS WILL ANCHOR A ROOT VIA TSA}"
|
|
|
|
[[ "$DRY_RUN" == "0" ]] || { echo "DRY_RUN=1"; exit 1; }
|
|
echo "Type confirmation:"
|
|
read -r x; [[ "$x" == "$CONFIRM_PHRASE" ]] || exit 1
|
|
|
|
openssl ts -query -data "$ROOT_FILE" -sha256 -certreq -out request.tsq
|
|
curl -s -H "Content-Type: application/timestamp-query" \
|
|
--data-binary @request.tsq "$TSA_URL" > response.tsr
|
|
|
|
cat > PROOF.json <<EOF
|
|
{
|
|
"skill":"rfc3161-anchor",
|
|
"root_file":"$ROOT_FILE",
|
|
"tsa":"$TSA_URL",
|
|
"timestamp":"$(date -Iseconds)"
|
|
}
|
|
EOF
|
|
echo "[OK] anchored"
|