Wiki Index

Read this file first when navigating the wiki.

Core

homepage - Public-facing entry point and orientation page for the rendered wiki.
overview - Top-level purpose, scope, and current shape of the wiki.
log - Append-only history of ingests, durable queries, lint passes, and structural changes.

sources/blog-zero-credentials-on-disk - TazPod migration toward AWS SSO and S3-backed encrypted vault recovery.
sources/blog-tailscale-secure-backbone - Tailscale as declarative network backbone managed in ephemeral-castle.
sources/blog-lushycorp-vault-security-architecture - Design-first rationale for the Hetzner Vault runtime security model.
sources/blog-terraforming-the-cloud-vault-hetzner - Execution chronicle for the Hetzner Vault local lifecycle and remote durability runtime.
sources/blog-recursive-memory-compact-context - Explanation of the recursive memory layer and why it was added after contexts.
sources/research-proxmox-and-talos-iac - Proxmox, Talos, and Terraform provisioning research.
sources/research-tailscale-and-networking - Tailscale, Talos networking, VIP, and MetalLB research.
sources/research-talos-storage-and-persistence - Longhorn, Talos storage, and Kubernetes persistence research.
sources/research-kubernetes-core-models - Kubernetes controllers and storage primitive research.
sources/research-kubernetes-secrets-and-sops - Talos security, Vault, Infisical, and SOPS research.
sources/research-terminal-tooling - Operator terminal productivity stack research.

entities/agents-ctx - Governance repository for contexts, active memory, and cross-project agent rules.
entities/tazpod - Operator environment layer hub.
entities/ephemeral-castle - Provider-specific infrastructure layer hub.
entities/tazlab-k8s - Provider-agnostic Flux GitOps desired-state layer hub.
entities/mnemosyne-mcp-server - Semantic memory service hub.
entities/blog-src - Hugo blog source.
entities/wiki-tazlab-net - Wiki repository hub.

concepts/tazlab-knowledge-layers - Roles of memory, mnemosyne, and wiki.tazlab.net.

topics/tazlab-system-map - High-level system map.
topics/tazlab-repository-map - Boundaries and relationships across repositories.
topics/tazlab-cluster-delivery-flow - Bootstrap to GitOps handoff.
topics/tazlab-secret-and-identity-flow - Secret-management strategy.
topics/tazlab-crisp-program-map - Map of the main CRISP workstreams.
topics/tazlab-infrastructure-tech-stack - Technology reference stack.

topics/tazlab-k8s-flux-dag - Flux dependency graph (DAG) and synchronization logic.
topics/tazlab-k8s-repository-mapping - Directory structure, file types, and variable substitution.
topics/tazlab-k8s-operators-inventory - List and roles of all cluster controllers.
topics/tazlab-k8s-bootstrap-logic - Cluster cold-start handling and wait-for-db pattern.
topics/tazlab-k8s-conventions - Coding standards, naming, and manifest purity.
topics/tazlab-k8s-structure - Kustomize layering pattern (apps/base vs apps/cluster).
topics/tazlab-k8s-image-automation - Flux image update policy and setter markers.
topics/tazlab-k8s-secrets-mapping - ExternalSecret mapping to external providers.
topics/tazlab-k8s-ingress-and-auth - Traefik stack and ForwardAuth with Dex/OAuth2Proxy.
topics/tazlab-k8s-monitoring - Grafana and Prometheus observability.
topics/tazlab-k8s-layers - Functional split of cluster resources.

topics/tazpod-image-hierarchy - Docker layering and build policy.
topics/tazpod-vault-security - RAM enclave, AES encryption, and AWS bridging.
topics/tazpod-nomadic-workflow - Smart recovery path, local bootstrap, and host-to-host restoration via S3 and Vault.
topics/tazpod-provisioning-and-dotfiles - Bashrc logic, persistence symlinks, and auto-init.
topics/tazpod-sync-daemon - Background save/push mechanics.

analyses/ephemeral-castle-topology-drift - Notes the current 1 CP + 1 worker code truth versus older 2-worker prose.