diff --git a/CLAUDE.md b/CLAUDE.md index ecdcbeb..e2265fc 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -18,8 +18,10 @@ Metacircular is a multi-service personal infrastructure platform. This root repo | `mcdsl/` | Standard library — shared packages for auth, db, config, HTTP/gRPC servers, CSRF, snapshots | Go | | `mcdoc/` | Documentation server — renders markdown from Gitea, serves public docs via mc-proxy | Go | | `mcp/` | Control plane — operator-driven deployment, service registry, container lifecycle (master/agent) | Go | +| `mcdeploy/` | Deployment CLI — tactical bridge tool for build, push, deploy operations | Go | | `mcns/` | Networking service — custom Go DNS server, authoritative for internal zones | Go | | `ca/` | PKI infrastructure and secrets for dev/test (not source code, gitignored) | — | +| `docs/` | Platform-wide documentation (architecture overview, deployment guide) | Markdown | Each subproject has its own `CLAUDE.md`, `ARCHITECTURE.md`, `Makefile`, and `go.mod`. When working in a subproject, read its own CLAUDE.md first. diff --git a/README.md b/README.md index 8d3f1a6..bda8745 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,8 @@ lives in [docs/metacircular.md](docs/metacircular.md). | **MC-Proxy** | Node ingress — TLS proxy and router. L4 passthrough or L7 terminating (per-route), PROXY protocol, firewall with rate limiting and GeoIP. | Implemented | | **MCNS** | Networking — authoritative DNS for internal platform zones, upstream forwarding. | Implemented | | **MCP** | Control plane — operator-driven deployment, service registry, data transfer, master/agent container lifecycle. | Implemented | -| **MCDoc** | Documentation server — renders markdown from Gitea, serves public docs. | In progress | +| **MCDoc** | Documentation server — renders markdown from Gitea, serves public docs. | Implemented | +| **MCDeploy** | Deployment CLI — single-binary tool for build, push, deploy, cert renewal, and status. Tactical bridge tool while MCP capabilities mature. | Active dev | Shared library: **MCDSL** — standard library for all services (auth, db, config, TLS server, CSRF, snapshots). @@ -102,6 +103,7 @@ metacircular/ ├── mcns/ DNS server ├── mcat/ Login policy tester ├── mcdsl/ Standard library (shared packages) +├── mcdeploy/ Deployment CLI tool ├── mcdoc/ Documentation server ├── ca/ PKI infrastructure (dev/test, not source code) └── docs/ Platform-wide documentation diff --git a/STATUS.md b/STATUS.md index 410883a..2479bba 100644 --- a/STATUS.md +++ b/STATUS.md @@ -1,6 +1,6 @@ # Metacircular Platform Status -Last updated: 2026-03-26 +Last updated: 2026-03-27 ## Platform Overview @@ -16,12 +16,13 @@ deployed on rift, serving authoritative DNS. |---------|---------|------------|----------|------| | MCIAS | v1.8.0 | Maintenance | Yes | (separate) | | Metacrypt | v1.1.0 | Production | Yes | rift | -| MC-Proxy | v1.1.0 | Maintenance | Yes | rift | +| MC-Proxy | v1.2.1 | Maintenance | Yes | rift | | MCR | v1.2.0 | Production | Yes | rift | | MCAT | v1.1.0 | Complete | Unknown | — | | MCDSL | v1.2.0 | Stable | N/A (library) | — | | MCNS | v1.1.0 | Production | Yes | rift | -| MCP | v0.3.0 | Production | Yes | rift | +| MCDoc | v0.1.0 | Production | Yes | rift | +| MCP | v0.4.0 | Production | Yes | rift | | MCDeploy | v0.2.0 | Active dev | N/A (CLI tool) | — | ## Service Details @@ -52,12 +53,12 @@ deployed on rift, serving authoritative DNS. ### MC-Proxy — TLS Proxy and Router -- **Version:** v1.1.0. Phases 1-8 complete. +- **Version:** v1.2.1. - **Phase:** Maintenance. Stable and actively routing traffic on rift. - **Deployment:** Running on rift. Fronts Metacrypt, MCR, and sgard on ports 443, 8443, and 9443. Prometheus metrics on 127.0.0.1:9091. -- **Recent work:** MCR route additions, Nix flake, L7 backend cert handling, - Prometheus metrics, L7 policies. +- **Recent work:** Route persistence (SQLite), idempotent AddRoute (upsert), + golangci-lint v2 compliance, module path migration to mc/ org. - **Artifacts:** systemd units (service + backup timer), Docker Compose (standard + rift), install and backup scripts, rift config. @@ -104,19 +105,33 @@ deployed on rift, serving authoritative DNS. - **Artifacts:** Dockerfile, Docker Compose (rift), MCP service definition, systemd units, install script, example config. +### MCDoc — Documentation Server + +- **Version:** v0.1.0. +- **Phase:** Production. Fetches and renders markdown documentation from Gitea. +- **Deployment:** Running on rift as a container, fronted by MC-Proxy on + port 443 (L7). +- **Recent work:** Initial implementation, Gitea content fetching, goldmark + rendering with syntax highlighting, webhook-driven refresh. +- **Artifacts:** Dockerfile, MCP service definition. + ### MCP — Control Plane -- **Version:** v0.3.0. -- **Phase:** Production. Phases 0-4 complete. Deployed to rift, managing all - platform containers. +- **Version:** v0.4.0. +- **Phase:** Production. Phases 0-4 complete. Phase C (automated TLS cert + provisioning) implemented. Deployed to rift, managing all platform containers. - **Deployment:** Running on rift. Agent as systemd service under `mcp` user with rootless podman. Manages metacrypt, mc-proxy, mcr, and mcns containers. - **Architecture:** Two components — `mcp` CLI (thin client on vade) and `mcp-agent` (per-node daemon with SQLite registry, podman management, - monitoring with drift/flap detection). gRPC-only (no REST). + monitoring with drift/flap detection, route registration with mc-proxy during + deploy/stop, automated TLS cert provisioning for L7 routes via Metacrypt CA). + gRPC-only (no REST). - **Recent work:** Full v1 implementation (12 RPCs, 15 CLI commands), deployment to rift, container migration from kyle→mcp user, service - definition authoring. + definition authoring. Phase C automated TLS cert provisioning for L7 routes, + mc-proxy route registration during deploy, mc-proxy dependency updated to + v1.2.0, module path migration. - **Artifacts:** systemd service (NixOS), TLS cert from Metacrypt, service definition files, design docs.