Deployment orchestrator for the Disentangle Network. Single CLI from infrastructure provisioning through FluxCD bootstrap across OCI, Talos, and bare-metal clusters with post-quantum Nebula mesh overlay.

Every command displays next-step hints on completion.

brew install disentangle-network/tap/disentangle-launch

From source:

go install github.com/disentangle-network/launch@latest

~/.config/launch/config.yaml:

oci_region: us-phoenix-1
oci_compartment_id: ocid1.tenancy.oc1..xxx
cloudflare_account_id: xxx
domain: disentangle.network
github_org: disentangle-network
github_user: your-github-username

repos:
  k8s_oci_foundation: /path/to/k8s-oci-foundation
  deploy: /path/to/deploy
  fleet: /path/to/fleet

cluster_name: oci-dev
environment: dev

protocol_image: ghcr.io/disentangle-network/disentangle-node
protocol_version: v0.4.0

Secrets (Cloudflare API token) are resolved automatically from 1Password (op://Infrastructure/disentangle/cloudflare), falling back to CLOUDFLARE_API_TOKEN env var.

launch-disentangle setup → preflight → infra plan → infra apply → infra kubeconfig
                                                            ↓
                         fleet init → cluster import → cluster add
                                                            ↓
                                    secrets init → bootstrap → status
                                                       ↓
                                              mesh init → mesh add

Supports three deployment topologies: OCI cloud (via OpenTofu), Talos bare-metal (via Omni or talosctl), and Raspberry Pi edge nodes. All kubeconfigs merge into ~/.config/launch/kubeconfig.

Run launch-disentangle preflight to check all prerequisites: tofu/terraform, kubectl, helm, flux, gh, sops, age, nebula-cert.

Apache-2.0