Sync docs/metacircular.md versions and add undeploy capability

Update version references to match current git tags: MCIAS v1.9.0, Metacrypt v1.3.1, MCP v0.7.6. Add Phase D (DNS registration) to MCP status, update RPC/CLI counts, and document undeploy as a first-class capability. Also sync STATUS.md and packaging-and-deployment.md with the same version updates. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Update packaging docs: fix stale versions, add missing CLI commands
2026-03-28 23:06:24 -07:00 · 2026-03-28 23:06:13 -07:00 · 2026-03-28 23:05:37 -07:00 · 2026-03-28 16:11:21 -07:00 · 2026-03-28 11:11:53 -07:00 · 2026-03-27 21:55:23 -07:00
3 changed files with 22 additions and 31 deletions
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -18,10 +18,8 @@ Metacircular is a multi-service personal infrastructure platform. This root repo
 | `mcdsl/` | Standard library — shared packages for auth, db, config, HTTP/gRPC servers, CSRF, snapshots | Go |
 | `mcdoc/` | Documentation server — renders markdown from Gitea, serves public docs via mc-proxy | Go |
 | `mcp/` | Control plane — operator-driven deployment, service registry, container lifecycle (master/agent) | Go |
 | `mcdeploy/` | Deployment CLI — tactical bridge tool for build, push, deploy operations | Go |
 | `mcns/` | Networking service — custom Go DNS server, authoritative for internal zones | Go |
 | `ca/` | PKI infrastructure and secrets for dev/test (not source code, gitignored) | — |
 | `docs/` | Platform-wide documentation (architecture overview, deployment guide) | Markdown |
 Each subproject has its own `CLAUDE.md`, `ARCHITECTURE.md`, `Makefile`, and `go.mod`. When working in a subproject, read its own CLAUDE.md first.
--- a/README.md
+++ b/README.md
@@ -25,8 +25,7 @@ lives in [docs/metacircular.md](docs/metacircular.md).
 | **MC-Proxy** | Node ingress — TLS proxy and router. L4 passthrough or L7 terminating (per-route), PROXY protocol, firewall with rate limiting and GeoIP. | Implemented |
 | **MCNS** | Networking — authoritative DNS for internal platform zones, upstream forwarding. | Implemented |
 | **MCP** | Control plane — operator-driven deployment, service registry, data transfer, master/agent container lifecycle. | Implemented |
-| **MCDoc** | Documentation server — renders markdown from Gitea, serves public docs. | Implemented |
+| **MCDoc** | Documentation server — renders markdown from Gitea, serves public docs. | In progress |
 | **MCDeploy** | Deployment CLI — single-binary tool for build, push, deploy, cert renewal, and status. Tactical bridge tool while MCP capabilities mature. | Active dev |
 Shared library: **MCDSL** — standard library for all services (auth, db,
 config, TLS server, CSRF, snapshots).
@@ -103,7 +102,6 @@ metacircular/
 ├── mcns/           DNS server
 ├── mcat/           Login policy tester
 ├── mcdsl/          Standard library (shared packages)
 ├── mcdeploy/       Deployment CLI tool
 ├── mcdoc/          Documentation server
 ├── ca/             PKI infrastructure (dev/test, not source code)
 └── docs/           Platform-wide documentation
--- a/STATUS.md
+++ b/STATUS.md
@@ -24,8 +24,8 @@ provisioning, and DNS registration). Multi-node deployment is being planned
 | MCAT | v1.1.1 | Complete | Unknown | — |
 | MCDSL | v1.4.0 | Stable | N/A (library) | — |
 | MCNS | v1.1.1 | Production | Yes | rift |
 | MCDoc | v0.1.0 | Production | Yes | rift |
 | MCP | v0.7.6 | Production | Yes | rift |
 | MCDoc | v0.1.0 | Active dev | No | — |
 ## Service Details
@@ -60,8 +60,8 @@ provisioning, and DNS registration). Multi-node deployment is being planned
 - **Deployment:** Running on rift. Fronts Metacrypt, MCR, and sgard on ports
  443, 8443, and 9443. Prometheus metrics on 127.0.0.1:9091. Routes persisted
  in SQLite and managed via gRPC API.
- **Recent work:** Route persistence (SQLite), idempotent AddRoute (upsert),
+- **Recent work:** MCR route additions, Nix flake, L7 backend cert handling,
-  golangci-lint v2 compliance, module path migration to mc/ org.
+  Prometheus metrics, L7 policies.
 - **Artifacts:** systemd units (service + backup timer), Docker Compose
  (standard + rift), install and backup scripts, rift config.
@@ -109,36 +109,31 @@ provisioning, and DNS registration). Multi-node deployment is being planned
 - **Artifacts:** Dockerfile, Docker Compose (rift), MCP service definition,
  systemd units, install script, example config.
 ### MCDoc — Documentation Server
 - **Version:** v0.1.0.
 - **Phase:** Production. Fetches and renders markdown documentation from Gitea.
 - **Deployment:** Running on rift as a container, fronted by MC-Proxy on
  port 443 (L7).
 - **Recent work:** Initial implementation, Gitea content fetching, goldmark
  rendering with syntax highlighting, webhook-driven refresh.
 - **Artifacts:** Dockerfile, MCP service definition.
 ### MCP — Control Plane
 - **Version:** v0.7.6.
- **Phase:** Production. Phases A–D complete. Deployed to rift, managing all
+- **Phase:** Production. Phases A–D complete (automated port assignment, route
-  platform containers.
+  registration, TLS cert provisioning, DNS registration).
 - **Deployment:** Running on rift. Agent as systemd service under `mcp` user
-  with rootless podman. Manages metacrypt, mc-proxy, mcr, mcns, and mcdoc
+  with rootless podman. Manages metacrypt, mc-proxy, mcr, and mcns containers.
  containers.
 - **Architecture:** Two components — `mcp` CLI (thin client on vade) and
  `mcp-agent` (per-node daemon with SQLite registry, podman management,
-  monitoring with drift/flap detection, route registration with mc-proxy,
+  monitoring with drift/flap detection). gRPC-only (no REST). 15 RPCs, 17+
-  automated TLS cert provisioning for L7 routes via Metacrypt CA, automated
+  CLI commands.
-  DNS registration in MCNS). gRPC-only (no REST). 15 RPCs, 17+ CLI commands.
+- **Recent work:** Phase C (automated TLS cert provisioning via Metacrypt CA),
- **Recent work:** Phase C (automated TLS cert provisioning), Phase D
+  Phase D (automated DNS registration via MCNS), undeploy command, logs
-  (automated DNS registration via MCNS), undeploy command, logs command,
+  command, edit command, auto-login to MCR, system account auth model.
  edit command, auto-login to MCR, system account auth model, module path
  migration.
 - **Artifacts:** systemd service (NixOS), TLS cert from Metacrypt, service
  definition files, design docs.
 ### MCDoc — Documentation Server
 - **Version:** v0.1.0.
 - **Phase:** Active development.
 - **Deployment:** Not yet deployed.
 - **Description:** Documentation server — fetches markdown from Gitea, renders
  HTML, serves public docs via mc-proxy. No MCIAS auth required.
 ## Node Inventory
 | Node | Address (LAN) | Address (Tailscale) | Role |
@@ -149,12 +144,12 @@ provisioning, and DNS registration). Multi-node deployment is being planned
 Note: Services deployed via MCP receive dynamically assigned host ports
 (10000–60000). The ports below are for infrastructure services with static
-assignments or well-known ports.
+assignments.
 | Port | Protocol | Services |
 |------|----------|----------|
 | 53 | DNS (LAN + Tailscale) | mcns |
-| 443 | L7 (TLS termination) | metacrypt-web, mcr-web, mcdoc |
+| 443 | L7 (TLS termination) | metacrypt-web, mcr-web |
 | 8080 | HTTP (all interfaces) | exod |
 | 8443 | L4 (SNI passthrough) | metacrypt API, mcr API |
 | 9090 | HTTP (all interfaces) | exod |
Author	SHA1	Message	Date
Kyle Isom	95bec6a095	Sync docs/metacircular.md versions and add undeploy capability Update version references to match current git tags: MCIAS v1.9.0, Metacrypt v1.3.1, MCP v0.7.6. Add Phase D (DNS registration) to MCP status, update RPC/CLI counts, and document undeploy as a first-class capability. Also sync STATUS.md and packaging-and-deployment.md with the same version updates. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 23:06:24 -07:00
Kyle Isom	faf58ceb72	Update packaging docs: fix stale versions, add missing CLI commands Sync the deployed services version table with current git tags (MCIAS v1.9.0, Metacrypt v1.3.1, MCR v1.2.1, MCNS v1.1.1, MCP v0.7.6) and add mcp logs and mcp edit to the command reference. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 23:06:13 -07:00
Kyle Isom	bce32654e1	Sync platform docs: Phase D complete, Phase E planned, version updates - PLATFORM_EVOLUTION: Mark Phase D (DNS) complete, add Phase E (multi-node agent management) planning with items #10-12 - PLATFORM_EVOLUTION: Fix stale mcdsl reference (v1.2.0 adds → added, consuming services now on v1.4.0) - STATUS: Update all service versions to current, note Phase A-D completion and Phase E planning - docs/packaging-and-deployment: Add agent management section Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 23:05:37 -07:00
Kyle Isom	0123e6e29a	Update metacircular.md with system account auth model Document the three-tier identity model across MCIAS, MCR, Metacrypt, MCNS, and MCP. Update version numbers for MCR (v1.2.1), MCNS (v1.1.1), MCP (v0.7.2). Clarify that admin is reserved for MCIAS administration, not routine deploy operations. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 16:11:21 -07:00
Kyle Isom	86bbfa640f	Add CLI security standard: never echo passwords New standard requiring mcdsl/terminal.ReadPassword for interactive password prompts. Codifies the fix applied to MCP's login command. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 11:11:53 -07:00
Kyle Isom	cadbb3f234	Sync packaging docs with MCP implementation reality Fix service definition examples to require explicit image fields, remove phantom version top-level field, document container listen address requirement (0.0.0.0:$PORT not localhost), add undeploy command, and update deployed service versions. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 21:55:23 -07:00
Kyle Isom	a777c3ff8b	Mark Phase C complete in PLATFORM_EVOLUTION.md Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 14:59:35 -07:00