vaultsovereign/vm-skills
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
009e93a80b3c58bbfaa2ceb153e3fba32a6efc3c
vm-skills/gitea-bootstrap/SKILL.md
Vault Sovereign eac77ef7b4 Initial commit: VaultMesh Skills collection 
Collection of operational skills for VaultMesh infrastructure including:
- backup-sovereign: Backup and recovery operations
- btc-anchor: Bitcoin anchoring
- cloudflare-tunnel-manager: Cloudflare tunnel management
- container-registry: Container registry operations
- disaster-recovery: Disaster recovery procedures
- dns-sovereign: DNS management
- eth-anchor: Ethereum anchoring
- gitea-bootstrap: Gitea setup and configuration
- hetzner-bootstrap: Hetzner server provisioning
- merkle-forest: Merkle tree operations
- node-hardening: Node security hardening
- operator-bootstrap: Operator initialization
- proof-verifier: Cryptographic proof verification
- rfc3161-anchor: RFC3161 timestamping
- secrets-vault: Secrets management

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-27 00:25:00 +00:00

2.9 KiB
Raw Blame History

name, description, version
name description version
gitea-bootstrap Bootstrap a sovereign Git service on Node B using Gitea (Docker or native), with two-phase plan/apply, backups, verification, and rollback. Creates an admin user, configures SSH/HTTP, and outputs an audit report. Triggers: 'install gitea', 'bootstrap gitea', 'self-host git', 'node b git', 'gitea plan', 'gitea rollback'. 1.0.0

Gitea Bootstrap

Tier 2 (Infrastructure Sovereignty): build Node B as your self-hosted Git authority.

This skill supports two deployment modes:

  • Docker (recommended for fastest repeatability)
  • Native (system package + systemd)

It is plan/apply gated with DRY_RUN and a confirmation phrase.

Quick Start

cd ~/.claude/skills/gitea-bootstrap

# Choose mode
export MODE="docker"                 # docker | native
export NODE_NAME="node-b"

# Network
export HTTP_PORT=3000
export SSH_PORT=2222                 # external SSH for git (docker mode)
export DOMAIN="git.example.com"      # optional; for reverse proxy

# Storage
export DATA_DIR="$HOME/gitea"
export BACKUP_DIR="outputs/backups"

# Admin bootstrap (you'll be prompted to set password securely)
export ADMIN_USER="sovereign"
export ADMIN_EMAIL="sovereign@vaultmesh.org"

# Safety
export DRY_RUN=1
export REQUIRE_CONFIRM=1
export CONFIRM_PHRASE="I UNDERSTAND THIS WILL INSTALL AND CONFIGURE GITEA"

./scripts/00_preflight.sh
./scripts/10_plan.sh

export DRY_RUN=0
./scripts/11_apply.sh

./scripts/90_verify.sh
./scripts/99_report.sh

Inputs

Parameter Required Default Description
MODE Yes docker docker or native
NODE_NAME No node-b Identifier for reporting
HTTP_PORT No 3000 Gitea web port
SSH_PORT No 2222 SSH port for git (docker mode)
DOMAIN No (empty) Hostname if using reverse proxy
DATA_DIR No ~/gitea Data directory (repos, config, db)
ADMIN_USER Yes (none) Initial admin username
ADMIN_EMAIL Yes (none) Initial admin email
DRY_RUN No 1 Apply refuses unless DRY_RUN=0
REQUIRE_CONFIRM No 1 Require confirmation phrase
CONFIRM_PHRASE No I UNDERSTAND THIS WILL INSTALL AND CONFIGURE GITEA Safety phrase

Outputs

  • outputs/compose.yml (docker mode)
  • outputs/gitea_app.ini (rendered config template)
  • outputs/status_matrix.json
  • outputs/audit_report.md
  • Backups under outputs/backups/

Safety Guarantees

  1. Default DRY_RUN=1
  2. Confirmation phrase required
  3. Backups of generated configs + service definitions
  4. Rollback scripts for docker and native modes

EU Compliance

Aspect Value
Data Residency EU (Ireland - Dublin)
Jurisdiction Irish Law
Git Data Stored on Node B only
Backups Local outputs + optional offsite via backup-sovereign

References

Reference in New Issue View Git Blame Copy Permalink