SSSS/Citadel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Citadel is a distributed systems deployment & infrastructure control plane with KDL parsing, drift detection, and a HappyX telemetry dashboard.
1 commit 1 branch 0 tags 4.6 MiB
Find a file
Exact
Markus Maiwald 12d574c6c3
 feat: initial public release of Citadel control plane 
Citadel is a declarative infrastructure deployment and monitoring
control plane for blockchain validator networks and distributed systems.

Core Features:
- Declarative KDL configuration (PANOPTICUM.kdl)
- Multi-provider support (DigitalOcean, Hetzner, AWS, GCP, etc.)
- Pulumi-based infrastructure compilation
- SQLite state management with encryption
- Zig-based Sentinel monitoring agents
- Role-based access control with JWT authentication
- 4-eyes approval workflow for production changes

Architecture:
- Control Plane: Nim + HappyX web framework
- Sentinel Agents: Zig (minimal footprint)
- Infrastructure: Pulumi TypeScript generation
- Frontend: HTMX + PicoCSS (no JavaScript frameworks)

Security:
- Age/SOPS encryption for secrets
- Comprehensive .gitignore protecting credentials
- Clean separation of public code and operational data

License: Libertaria Commonwealth License v1.0 (LCL-1.0)
2026-01-29 12:33:42 +01:00
.secrets feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
citadel feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
docs feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
expeditions feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
image-factory feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
legal feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
vault feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
website feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
.gitignore feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
.gitlab-ci.yml feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
CITADEL.kdl.example feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
CODE_OF_CONDUCT.md feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
LICENCE feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
LICENSING.md feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
README.md feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00
SECURITY.md feat: initial public release of Citadel control plane 2026-01-29 12:33:42 +01:00

README.md

Citadel

Sovereign Infrastructure Orchestration for Blockchain Networks

The Sentinel guards the Citadel.

What is Citadel?

Citadel is a unified control plane for managing hybrid multi-cloud blockchain infrastructure without Kubernetes overhead. It transforms declarative KDL configurations into deployable infrastructure across privacy-focused EU sovereign clouds.

Core Capabilities

  • Declarative Infrastructure-as-Code — Define your entire infrastructure in human-readable KDL cells
  • Multi-Cloud Orchestration — Deploy across Hetzner, AWS, GCP, OVH, Exoscale, Scaleway, UpCloud
  • Sentinel Agents — Lightweight node health monitoring and remote command execution
  • 4-Eyes Approval Workflows — Secure approval process for mainnet deployments with E2E encryption
  • Reconciliation Engine — Continuously align desired state with actual deployed infrastructure
  • Privacy-Anchored — Built for EU sovereign clouds with data residency compliance
CITADEL.kdl → Citadel → Pulumi TypeScript → Cloud Providers
                 ↓
            Dashboard (HappyX + HTMX)
                 ↓
            Sentinel Agents

Quick Start

# Parse configuration
citadel parse CITADEL.kdl

# Validate against policies
citadel validate --env devnet

# Compile to Pulumi
citadel compile --env devnet

# Preview changes
citadel plan --env devnet

# Deploy
citadel apply --env devnet --auto-approve

# Start dashboard
citadel serve --port 8080

Architecture

Component Language Purpose
citadel Nim CLI + Compiler + Dashboard + Daemon
sentinel Nim Lightweight node agent for health monitoring
cells KDL + Pulumi Composable infrastructure modules

Directory Structure

citadel/
├── CITADEL.kdl          # Your infrastructure config
├── citadel/             # Nim control plane
│   ├── src/citadel/
│   │   ├── core/        # Parser, validator, types
│   │   ├── compiler/    # Pulumi generation
│   │   ├── daemon/      # Server + API
│   │   ├── sentinel/    # Node agent
│   │   ├── state/       # Reconciliation engine
│   │   ├── approval/    # 4-Eyes workflow
│   │   ├── ui/          # HappyX routes + templates
│   │   └── auth/        # JWT, ACL
│   └── tests/
├── cells/               # Infrastructure modules
├── vault/               # Secrets management
└── legal/               # License texts

Development

# Install dependencies
cd citadel && nimble install

# Run tests
nimble test

# Development server
nimble dev

# Build release
nimble build

License

See LICENSING.md for full details.

Acknowledgments

Citadel is developed as an open-source project by independent consultants. We extend our sincere gratitude to Dlabs Kft for generously providing real-world infrastructure resources and allowing us to battle-test Citadel while building the Mosaic Blockchain ecosystem. Their trust enables us to develop production-hardened tooling that benefits the entire community.

Built with purpose. Tested in production. Open for all.