Wiki Log
[2026-04-22] bootstrap | repository scaffold
Initialized the first wiki.tazlab.net project scaffold.
Created:
- repository-level
AGENTS.mdschema README.mddocs/llm-wiki-pattern.mddocs/tazlab-integration.mdwiki/index.mdwiki/overview.md- raw source directories and wiki content directories
Why it matters:
This establishes the durable structure that future agents can use to ingest sources, maintain knowledge pages, and later integrate the wiki cleanly into the wider TazLab context system.
[2026-04-22] restructure | tazlab-wiki context and seed knowledge pages
Created the dedicated AGENTS.ctx/tazlab-wiki/ context and seeded the first durable TazLab knowledge pages in the wiki repository.
Created or updated:
AGENTS.ctx/tazlab-wiki/CONTEXT.mdAGENTS.ctx/CONTEXT.mdwiki/overview.mdwiki/index.mdwiki/concepts/tazlab-knowledge-layers.mdwiki/topics/tazlab-system-map.mdwiki/topics/tazlab-repository-map.md
Why it matters:
This gives future agents a named context that points to the wiki as an organized knowledge surface, while also providing the first durable pages that explain the overall TazLab structure and where different kinds of information belong.
[2026-04-22] restructure | repository hubs and cross-cutting architecture pages
Expanded the wiki from seed pages into a first-pass navigable knowledge base with repository hub pages and cross-cutting architecture topics.
Created or updated:
wiki/entities/agents-ctx.mdwiki/entities/tazpod.mdwiki/entities/ephemeral-castle.mdwiki/entities/tazlab-k8s.mdwiki/entities/mnemosyne-mcp-server.mdwiki/entities/blog-src.mdwiki/entities/wiki-tazlab-net.mdwiki/topics/ephemeral-castle-hetzner-vault-runtime.mdwiki/topics/ephemeral-castle-tailscale-foundation.mdwiki/topics/tazlab-secret-and-identity-flow.mdwiki/topics/tazlab-cluster-delivery-flow.mdwiki/index.mdwiki/overview.mdwiki/topics/tazlab-system-map.mdwiki/topics/tazlab-repository-map.md
Why it matters:
The wiki now describes the main TazLab repositories as first-class hubs, documents the two major ephemeral-castle subdomains called out by the operator, and introduces reusable architecture pages that connect operator environment, infrastructure bootstrap, GitOps, memory, and secret flow into one navigable structure.
[2026-04-22] ingest | blog narratives and CRISP program structure
Added first source-summary coverage from the blog layer and connected it to the wiki’s architecture pages, while also introducing a CRISP program-map page to explain the design tree behind current TazLab work.
Created or updated:
wiki/sources/blog-zero-credentials-on-disk.mdwiki/sources/blog-tailscale-secure-backbone.mdwiki/sources/blog-lushycorp-vault-security-architecture.mdwiki/sources/blog-terraforming-the-cloud-vault-hetzner.mdwiki/sources/blog-recursive-memory-compact-context.mdwiki/topics/tazlab-crisp-program-map.mdwiki/entities/blog-src.mdwiki/entities/agents-ctx.mdwiki/entities/tazpod.mdwiki/entities/ephemeral-castle.mdwiki/index.md
Why it matters:
The wiki now contains not only structural pages about the ecosystem, but also provenance-rich summaries of key published articles and an explicit map of the CRISP initiative tree, which makes the documentation layer more useful for both historical understanding and future agent onboarding.
[2026-04-22] restructure | flux dag and cluster layer detail
Added a code-aligned Flux DAG page for the active tazlab-k8s cluster and wired the existing cluster/secret/system pages to it so future agents can see the actual dependency order and installed workloads in one place.
Created or updated:
wiki/topics/tazlab-flux-dag.mdwiki/topics/tazlab-cluster-delivery-flow.mdwiki/topics/tazlab-system-map.mdwiki/topics/tazlab-secret-and-identity-flow.mdwiki/entities/tazlab-k8s.mdwiki/index.mdwiki/overview.md
Why it matters:
The wiki now explains the cluster as an executable Flux graph, not just as a conceptual architecture. That makes it much easier to answer operational questions about which layer depends on which, what gets installed where, and where the secret, auth, database, and application surfaces actually appear.
[2026-04-22] restructure | tazlab-k8s granularity and technology trunk split
Expanded the TazLab operational trunk into dedicated tazlab-k8s layer pages and created a separate technology/reference trunk for the software stack used to run TazLab.
Created or updated:
wiki/topics/tazlab-k8s-layers.mdwiki/topics/tazlab-k8s-operators.mdwiki/topics/tazlab-k8s-configs.mdwiki/topics/tazlab-k8s-instances.mdwiki/topics/tazlab-k8s-auth.mdwiki/topics/tazlab-k8s-apps.mdwiki/topics/tazlab-infrastructure-tech-stack.mdwiki/topics/tazlab-flux-dag-troubleshooting.mdwiki/entities/proxmox.mdwiki/entities/talos-linux.mdwiki/entities/tailscale.mdwiki/entities/metallb.mdwiki/entities/longhorn.mdwiki/entities/terraform.mdwiki/entities/kubernetes.mdwiki/entities/sops.mdwiki/entities/hashicorp-vault.mdwiki/entities/operator-terminal-tooling.mdwiki/sources/research-proxmox-and-talos-iac.mdwiki/sources/research-tailscale-and-networking.mdwiki/sources/research-talos-storage-and-persistence.mdwiki/sources/research-kubernetes-core-models.mdwiki/sources/research-kubernetes-secrets-and-sops.mdwiki/sources/research-terminal-tooling.md
Why it matters:
The wiki now reflects the way the operator actually thinks about the system: one trunk for TazLab itself and a second trunk for the supporting technologies and external research that explain how the system is built and debugged.
[2026-04-22] lint | broken research links in network entities
Fixed entity references in wiki/entities/metallb.md and wiki/entities/talos-linux.md so they point at the existing wiki/sources/research-tailscale-and-networking.md summary instead of a non-existent page.
Why it matters:
This removes dead links from the technology trunk and keeps the source graph consistent for future navigation.
[2026-04-22] restructure | secret model corrected to Infisical
Updated the wiki’s secret-management pages so the current TazLab state is described as Infisical-backed GitOps delivery, with SOPS demoted to research-only status and the LushyCorp/Vault path called out as the transition track.
Created or updated:
wiki/entities/infisical.mdwiki/entities/sops.mdwiki/entities/hashicorp-vault.mdwiki/entities/tazlab-k8s.mdwiki/topics/tazlab-secret-and-identity-flow.mdwiki/topics/tazlab-infrastructure-tech-stack.mdwiki/sources/research-kubernetes-secrets-and-sops.mdwiki/index.md
Why it matters:
This prevents the wiki from teaching an outdated secret flow and keeps the current operational model aligned with the live cluster and infrastructure context.
[2026-04-22] restructure | deep Ephemeral Castle documentation sweep
Added a deeper code-backed documentation set for ephemeral-castle, including a repository map, bootstrap pipeline, Proxmox/Talos foundation page, a Tailscale foundation expansion, and an analysis note for current topology drift.
Created or updated:
wiki/entities/ephemeral-castle.mdwiki/topics/ephemeral-castle-repository-map.mdwiki/topics/ephemeral-castle-cluster-bootstrap.mdwiki/topics/ephemeral-castle-proxmox-talos-foundation.mdwiki/topics/ephemeral-castle-tailscale-foundation.mdwiki/topics/tazlab-cluster-delivery-flow.mdwiki/topics/tazlab-system-map.mdwiki/analyses/ephemeral-castle-topology-drift.mdwiki/index.md
Why it matters:
This turns ephemeral-castle from a shallow hub into a navigable, code-aligned documentation surface that explains the actual bootstrap pipeline, module boundaries, and the current live topology without hiding doc drift.
[2026-04-23] restructure | wiki homepage draft
Added wiki/homepage.md as the public-facing entry point for the rendered wiki and linked it from wiki/index.md so future publication work has a clear landing page distinct from the internal index.
Why it matters:
This gives the eventual Hugo publication layer a dedicated front door without changing the canonical internal wiki directory structure.
[2026-04-23] restructure | Hugo publication adapter
Added the first publish/ adapter for the wiki, including Hugo mounts, minimal site templates, and the rendered-homepage wiring needed for local preview with hugo server.
Created or updated:
publish/hugo.tomlpublish/layouts/_default/baseof.htmlpublish/layouts/_default/list.htmlpublish/layouts/_default/single.htmlpublish/layouts/index.htmlwiki/homepage.mdwiki/overview.mdREADME.md
Why it matters:
This turns the wiki from a content-only repository into a site that can be previewed locally and later wired into the same deployment chain used by the blog, without restructuring the source wiki tree.
[2026-04-23] restructure | PaperMod theme adoption
Installed PaperMod as a Git submodule under publish/themes/ and switched the Hugo adapter to use the theme directly, keeping only the homepage override needed to preserve homepage.md as the public landing page.
Created or updated:
.gitmodulespublish/themes/PaperModpublish/hugo.tomlpublish/layouts/index.html
Why it matters:
This aligns the wiki publication path with the blog’s theme-management model while keeping the adapter minimal and easier to maintain than a hand-rolled full layout stack.
[2026-04-23] restructure | PaperMod visual refinement
Adjusted the wiki presentation layer so PaperMod behaves like a documentation site instead of a generic blog: stronger link contrast, fixed light theme, cleaner section cards, a more serious homepage, and no duplicate listing appended under the main wiki index.
Created or updated:
publish/hugo.tomlpublish/assets/css/extended/wiki.csspublish/layouts/index.htmlpublish/layouts/_default/list.html
Why it matters:
This makes the rendered wiki materially easier to scan and navigate, fixes low-visibility links, and gives the public surface a more professional documentation-oriented visual language.
[2026-04-23] restructure | wiki image publication pipeline
Added the container build and GitHub Actions publication path for the wiki, mirroring the blog’s delivery pattern while building from the publish/ adapter and publishing to the dedicated tazzo/tazlab-wiki image stream.
Created or updated:
Dockerfile.dockerignore.github/workflows/publish.yml
Why it matters:
This gives the wiki a production-ready image publication lane that matches the existing blog deployment model and keeps the Docker Hub credential contract aligned on the same GitHub Actions secret name used by the blog.
[2026-04-23] fix | wiki Docker build git metadata
Disabled enableGitInfo in publish/hugo.toml so the containerized Hugo build no longer tries to read .git metadata that is not copied into the wiki image build context.
Created or updated:
publish/hugo.toml
Why it matters:
This removes the failed to load Git data buildx failure in GitHub Actions and lets the wiki image publish from the Docker build path without bundling the repository history into the image.
[2026-04-23] restructure | deep Ephemeral Castle documentation expansion
Performed a comprehensive documentation sweep of the ephemeral-castle repository, creating a modular and granular manual for future agents.
Created or updated:
wiki/entities/ephemeral-castle.md(Hub centralizzato)wiki/topics/ephemeral-castle-architecture.mdwiki/topics/ephemeral-castle-terragrunt-layers.mdwiki/topics/ephemeral-castle-rebirth-protocol.mdwiki/topics/ephemeral-castle-vault-runtime-architecture.mdwiki/topics/ephemeral-castle-vault-bootstrap-and-restore.mdwiki/topics/ephemeral-castle-tailnet-security.mdwiki/topics/ephemeral-castle-tailscale-bridge.mdwiki/operations/ephemeral-castle-commands.mdwiki/index.md
Why it matters:
This provides a complete technical operational context for agents, allowing them to understand the Terragrunt layer model, the Vault runtime lifecycle on Hetzner, and the Tailscale mesh security without having to reverse-engineer the entire codebase or read obsolete documents.
[2026-04-23] restructure | deep TazLab K8s documentation sweep
Performed a comprehensive documentation sweep of the tazlab-k8s GitOps repository, detailing the layering pattern, image automation, and secret delivery model.
Created or updated:
wiki/entities/tazlab-k8s.md(Hub centralizzato)wiki/topics/tazlab-k8s-structure.mdwiki/topics/tazlab-k8s-image-automation.mdwiki/topics/tazlab-k8s-secrets-mapping.mdwiki/topics/tazlab-k8s-ingress-and-auth.mdwiki/topics/tazlab-k8s-monitoring.mdwiki/index.md
Why it matters:
This ensures that any agent working on the cluster has a clear understanding of the GitOps workflow, how to safely add new applications, and how secrets are injected without exposing them in manifests.
[2026-04-23] restructure | deep TazPod documentation sweep
Completed the operational manual by documenting the tazpod operator environment, its container architecture, and the sensitive vault-unseal mechanism.
Created or updated:
wiki/entities/tazpod.md(Hub centralizzato)wiki/topics/tazpod-architecture.mdwiki/topics/tazpod-vault-mechanism.mdwiki/operations/tazpod-cli-reference.mdwiki/index.md
Why it matters:
This provides the final piece of the onboarding puzzle for new agents, explaining how to maintain their own secrets, recover the environment from S3, and use the TazPod toolchain to interact with the rest of the TazLab infrastructure.
[2026-04-23] restructure | deep TazLab K8s GitOps manual expansion
Completed the GitOps manual by documenting the Flux DAG, repository structure, operator inventory, and cold-start logic.
Created or updated:
wiki/topics/tazlab-k8s-flux-dag.mdwiki/topics/tazlab-k8s-repository-mapping.mdwiki/topics/tazlab-k8s-operators-inventory.mdwiki/topics/tazlab-k8s-bootstrap-logic.mdwiki/topics/tazlab-k8s-conventions.mdwiki/index.md
Why it matters:
This provides a detailed technical reference for the cluster’s desired state, allowing future agents to navigate the GitOps dependency graph, troubleshoot reconciliation issues, and correctly add or modify infrastructure operators and application manifests.
[2026-04-23] restructure | deep TazPod manual expansion
Completed the operator documentation by secluding the tazpod repository into granular topics covering image layering, the RAM-only security model, and nomadic recovery workflows.
Created or updated:
wiki/topics/tazpod-image-hierarchy.mdwiki/topics/tazpod-vault-security.mdwiki/topics/tazpod-nomadic-recovery-flow.mdwiki/topics/tazpod-provisioning-and-dotfiles.mdwiki/topics/tazpod-sync-daemon.mdwiki/index.md
Why it matters:
This provides a definitive technical manual for the operator environment, ensuring that any future agent understands how to recover from scratch, how secrets are protected in memory, and how the containerized toolchain is provisioned and kept in sync with S3.
[2026-04-25] refine | high-definition TazPod manual revision
Reworked the canonical tazpod pages to align them with the actual Go command dispatch, vault paths, S3 contract, Docker layer chain, and .bashrc provisioning logic instead of relying on older generalized summaries.
Created or updated:
wiki/topics/tazpod-architecture.mdwiki/topics/tazpod-image-hierarchy.mdwiki/topics/tazpod-vault-security.mdwiki/topics/tazpod-nomadic-workflow.mdwiki/topics/tazpod-provisioning-and-dotfiles.mdwiki/topics/tazpod-sync-daemon.mdwiki/operations/tazpod-cli-reference.mdwiki/entities/tazpod.mdwiki/index.md
Why it matters:
The tazpod section now explains the actual runtime contract, command dispatch, persistence boundaries, cryptographic model, and operator recovery flow with enough fidelity that an agent can reason directly from the wiki before opening the code.