Source Summary: LushyCorp Vault Security Architecture
Source Identity
- title:
LushyCorp Vault on Hetzner: security-driven architectural choices - type: blog post
- path:
blog-src/content/posts/lushycorp-vault-hetzner-security-architecture/index.md - date published: 2026-04-04
Scope
Design-first architectural rationale for the Hetzner-based Vault runtime before execution was split into smaller build tracks.
Key Points
- the real design target was a secure lifecycle, not merely a VM running Vault
- secrets were intentionally excluded from images and provider metadata channels
- SSH was accepted only as the initial bridge; long-term control was meant to move to Tailscale
- Ansible replaced an overgrown shell-orchestration path because deterministic convergence mattered more than script minimalism
Notable Claims
- the design reframed the problem as lifecycle security rather than server provisioning
- the SH to Ansible transition was a real methodological turning point, not just a tooling preference
Affected Wiki Pages
- ../topics/ephemeral-castle-hetzner-vault-runtime
- ../entities/ephemeral-castle
- ../topics/tazlab-secret-and-identity-flow
Open Questions
- Which execution-phase pages should be added next to show how the design translated into C1 and C2 behavior?