# olsitec-foundation The self-hosting platform "egg": a **single Pulumi project** that brings up Forgejo (+ Actions + OCI/npm registry), PostgreSQL, HashiCorp Vault, RustFS (S3), and a reverse proxy as plain OCI containers on **one VM** — recoverable from `{a VM, this repo, the master passphrase}`. This is **Layer 0**. Kubernetes, ArgoCD and everything else are Layer-1 consumers of this foundation (see [ADR-004](documentation/decisions/ADR_004_layered_platform_foundation.md)). ## Layout - `bootstrap/` — the egg Pulumi project (phases, components, config). - `packages/` — shared, publishable Pulumi modules (`@olsitec/pulumi-*`). - `preflight/` — host & toolchain validation (run before any deploy). - `backup/`, `dr/` — backup + disaster-recovery automation. - `.forgejo/workflows/` — CI (preflight, pulumi preview/up, backup-verify). - `documentation/` — planning, ADRs, contracts, baseline overlay. **Read [`documentation/000_baseline.md`](documentation/000_baseline.md) and [`documentation/000_TOPOLOGY.md`](documentation/000_TOPOLOGY.md) first.** ## Status Planning complete (PLAN-001 vision, PLAN-002 strategy, ADR-004/005 accepted). Implementation not yet started — next step is **T00** (contracts) per PLAN-002 §10. ## Recovery in one line `git clone` this repo → set `PULUMI_CONFIG_PASSPHRASE` → `./preflight/preflight.sh` → `pulumi up` → restore latest offsite backup. Full procedure: [`dr/RUNBOOK.md`](dr/) (TBD, task T13).