Entity: TazPod (Operator Environment)

This page is the repository hub for the TazPod CLI and its containerized execution model.

Overview

tazpod/ is the operator continuity layer of TazLab.

Its real job is to combine four things into one predictable workflow:

a disposable container runtime
a persistent project-local state envelope under .tazpod/
an encrypted vault at rest (vault.tar.aes)
a RAM-only secret lifecycle during active sessions

In practice, TazPod is where the operator shell, the vault, AWS SSO, project-local persistence, and AI tooling all come together.

Canonical Starting Pages for Agents

Runtime and container model

Secrets and recovery

Tool provisioning and shell behavior

Repository Mapping

tazpod/
├── cmd/tazpod/          # CLI command dispatch and lifecycle logic
├── internal/crypto/     # AES-256-GCM encryption engine
├── internal/utils/      # S3 helpers and runtime utilities
├── internal/vault/      # vault mount, bind, pack/unpack lifecycle
├── .tazpod/             # Dockerfiles and project-local config
├── dotfiles/            # shell init, editor and agent config seeding
└── docs/                # historical/internal docs (useful but not always current)

Operational Notes

current default runtime image: tazzo/tazpod-ai:latest
canonical local config path: .tazpod/config.yaml
canonical encrypted vault path: .tazpod/vault/vault.tar.aes
default bucket for vault persistence: tazlab-storage in eu-central-1

Relationships

Infrastructure target: used to operate on Ephemeral Castle
GitOps target: used daily against TazLab K8s
Semantic retrieval tooling: interacts with Mnemosyne MCP Server

Entity: TazPod (Operator Environment)#

Overview#

Canonical Starting Pages for Agents#

Runtime and container model#

Secrets and recovery#

Tool provisioning and shell behavior#

Repository Mapping#

Operational Notes#

Relationships#