Skip to content

hyperpolymath/indieweb2-bastion

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

95 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

IndieWeb2

MPL-2.0-or-later Palimpsest

License & Philosophy

This project must declare MPL-2.0-or-later for platform/tooling compatibility.

Philosophy: Palimpsest. The Palimpsest-MPL (PMPL) text is provided in license/PMPL-1.0.txt, and the canonical source is the palimpsest-license repository.

🌟 IndieWeb2

IndieWeb2 is a next-generation framework for building audit-grade, consent-aware, and provenance-rich web infrastructure. It combines hardened bastion ingress, IPv6-native oblivious DNS, GraphQL DNS APIs, and SurrealDB provenance graphs.

πŸš€ Quick Start

Run:

just bootstrap
just all

This will: * Create directories * Install jq, capnproto, nickel, deno * Validate Nickel policies * Run ReScript policy gate * Sign and publish policies * Start GUI/PWA server on port 8443 (or fallback to 8080)

Check ports with:

ss -ltn | grep 8443

If blocked, the Justfile automatically falls back to 8080.

Prerequisites

These will be checked and installed automatically by just bootstrap unless you already have them:

  • stapeln container toolchain: cerro-torre (build/sign), selur (IPC seal), vordr (runtime), selur-compose (orchestration) β€” with Wolfi/Distroless base images

  • Nickel (policy language and contracts)

  • Cap’n Proto (schema/provenance serialization)

  • jq (JSON formatting and diffs)

  • Deno runtime (for signing, publishing, static server, and crypto utilities)

  • SurrealDB (provenance graph and audit trail)

  • IPFS daemon (content‑addressed storage and snapshot rehydration)

Notes

  • just bootstrap will create required directories and attempt to install jq, capnproto, nickel, and deno.

  • stapeln toolchain (cerro-torre, selur, vordr), SurrealDB, and IPFS should be installed and running separately; bootstrap will check and warn if missing.

  • The GUI/PWA dev server defaults to port 8443 (TCP). If that port is occupied, it falls back to 8080. For QUIC/HTTP3 testing, you can enable Deno’s --unstable net APIs and bind to a UDP port in the well‑known range.

Capabilities

Installation

git clone https://gitlab.com/hyperpolymath/indieweb2
cd indieweb2-bastion
just build

πŸ“– Basic Usage

templater init
templater publish
templater verify

For Bash scripts, see Bash Scripts. For other shells (Nu, Zsh, Fish), see Alternative Shell Scripts.

πŸ—οΈ Project Structure

/ β”œβ”€β”€ bastion/ # Hardened ingress gateway configs β”œβ”€β”€ odns/ # Oblivious DNS proxy/resolver β”œβ”€β”€ graphql-dns/ # GraphQL DNS API β”œβ”€β”€ surrealdb/ # Provenance graph schema + exports β”œβ”€β”€ docs/ # Documentation β”œβ”€β”€ scripts/ # Automation scripts β”œβ”€β”€ infra/ # Container manifests (stapeln/cerro-torre) └── licenses/ # Licensing information

πŸ“ Licensing

This project is dual-licensed under: - MIT - Palimpsest v0.8

πŸ’° Funding

Support this project: Contribute or Sponsor.

πŸ› οΈ Contributing

We use the Tri-Perimeter Contribution Framework to balance openness with architectural integrity. See Contribution Guidelines.

πŸ—ΊοΈ Roadmap

🌍 Impact

πŸ€– SLM Integration

This project supports Mistral SLM for local AI tasks such as code review and documentation generation.