johan
/
clavitor
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
clavitor/clavis
History
James 16045d5185 Mandatory config file for commercial replication (no env vars) 
Replication is mandatory in Commercial Edition, configured via
/etc/clavitor/replication.yaml (not env vars or CLI flags).

Changes:
- edition/config.go: LoadReplicationConfig() for commercial - validates YAML
- edition/config_community.go: Community stub returning error
- edition/edition.go: Shared ReplicationConfig type with nested structure
- edition/replication.go: Use new nested config (BackupPOP.URL, etc.)
- edition/backup_mode.go: Fix X-Primary-Location header (TODO: add primary_pop to config)
- cmd/clavitor/main.go: Remove replication-* flags, load from /etc/clavitor/replication.yaml
- go.mod/go.sum: Add gopkg.in/yaml.v3 dependency

Config structure:
pop_id: calgary-01
region: north-america
role: primary  # or backup
backup_pop:
  id: zurich-01
  url: https://zurich-01.clavitor.ai
  auth_token_file: /etc/clavitor/replication.key
auth:
  token_file: /etc/clavitor/replication.key

Validation:
- pop_id, region, role are required
- primary role requires backup_pop.id and backup_pop.url
- backup role should NOT have backup_pop configured
- Auth token file must exist

Startup behavior:
- Commercial without config: vault refuses to start
- Community: ignores replication, single-node only

Documentation:
- SPEC-replication-config.md: Full config file design
 		2026-04-02 00:56:30 -04:00
..
clavis-android chore: auto-commit uncommitted changes 2026-03-25 06:04:04 -04:00
clavis-chrome chore: auto-commit uncommitted changes 2026-03-26 00:01:24 -04:00
clavis-cli Replication v2: Active-Passive with Async Sync (Commercial Only) 2026-04-02 00:50:20 -04:00
clavis-crypto chore: auto-commit uncommitted changes 2026-03-25 06:04:04 -04:00
clavis-firefox chore: auto-commit uncommitted changes 2026-03-25 06:04:04 -04:00
clavis-ios chore: auto-commit uncommitted changes 2026-03-25 06:04:04 -04:00
clavis-safari chore: auto-commit uncommitted changes 2026-03-25 06:04:04 -04:00
clavis-vault Mandatory config file for commercial replication (no env vars) 2026-04-02 00:56:30 -04:00
.DS_Store chore: auto-commit uncommitted changes 2026-03-26 00:01:24 -04:00
._.DS_Store chore: auto-commit uncommitted changes 2026-03-25 06:04:04 -04:00
Makefile rebrand: rename vault1984 references to clavitor in Makefile and pop-sync (C-005) 2026-03-29 07:16:12 -04:00
README.md chore: auto-commit uncommitted changes 2026-03-25 06:04:04 -04:00

README.md

Clavis

Secure vault platform with multi-client support.

Architecture

Clavis is the vault server. Everything else is a client that talks to it.

Structure

Active Development

Directory Purpose Status
clavis-vault/ Vault server with embedded UI (Go, FIPS 140-3) Active
clavis-crypto/ JavaScript crypto layer Active
clavis-cli/ CLI for agents Active
clavis-chrome/ Chrome browser extension Active

Planned

Directory Purpose Status
clavis-firefox/ Firefox browser extension Announced
clavis-safari/ Safari browser extension Announced
clavis-ios/ iOS native app Announced
clavis-android/ Android native app Announced

Build

make deploy            # Build + test + restart everything
make deploy-vault      # Build + test + restart vault only
make deploy-web        # Build + restart website only
make status            # Check running processes
make logs-vault        # Tail vault logs
make logs-web          # Tail web logs

Clients

The vault supports multiple client types:

  • Web: Built-in UI served by vault (clavis-vault/)
  • CLI: Command-line tool for automation/agents (clavis-cli/)
  • Browser Extension: Auto-fill and TOTP in Chrome (clavis-chrome/)
  • Mobile: Native iOS/Android apps (planned)

Security

  • FIPS 140-3 validated crypto (BoringCrypto via GOEXPERIMENT)
  • Zero-knowledge architecture
  • Vault server is the single source of truth

License

Proprietary — © Clavitor