Try it in 60 minutes

v0.1.0 in progress

This tutorial describes the v0.1.0 end-to-end flow. Until Phase D ships, the helm install step below is a placeholder. Track progress on the roadmap.

Prerequisites: Docker, kubectl, helm, kind (or any Kubernetes cluster you already trust).

1. Read

Skim the manifesto (5 minutes) and the architecture overview (15 minutes). If the opinions don’t match yours, save yourself the install.

2. Stand up the platform

kind create cluster --name plinth
helm install plinth oci://ghcr.io/plinth-dev/platform --values dev.values.yaml

The dev profile spins up a single-node cluster with HA disabled. It’s not production-shaped — it’s the fastest way to see everything wired together.

When helm install finishes, Argo CD reconciles the rest. Wait for kubectl get applications -n argocd to settle.

3. Generate a module

brew install plinth-dev/tap/plinth   # or: go install github.com/plinth-dev/cli@latest
plinth new my-module --web --api --owner=me

The CLI clones the starters, renames everything, and (with --gitlab-push and --open-mrs) opens MRs against the GitOps and policies repos.

4. See it deployed

open http://argo.localhost           # Argo CD shows my-module syncing
open http://my-module.localhost      # the module's dashboard

You should see your module reconcile in Argo, then come up at its hostname with auth, audit, OTel, and security headers already wired.

What’s not here

• Production hardening. The dev profile turns off HA, replicas, network policies, and a chunk of Wazuh / Falco rules. The prod profile is what you actually deploy. See architecture for the full posture.
• Bare metal. The Talos bootstrap path is documented separately. Phase D ships kind-first; bare metal lands in Phase D.5.