The Office / Lab Fleet

A multi-user team mesh.

A multi-user mesh of 10–500 nodes. Designed for orgs that want their storage / chat / calls / VPN on hardware they own — usually because the public cloud isn't an option.

Bootstrap the network

The first node mints a fresh swarm-key:

meshhold keygen > /etc/meshhold/swarm.key

Distribute that key out-of-band to every subsequent node. No node joins without it.

Trusted vs. untrusted nodes

Trust is per-vault. A workstation that legitimately holds vault keys is trusted. A cheap relay VPS that you don't fully control is untrusted — it stores ciphertext, helps blocks survive, never sees plaintext.

reliable is a separate dimension: defaults to true on desktop / server and false on phones. Only reliable nodes count toward replication factor.

Per-key access & rotation

Use multi-key mgmt for headless tooling:

meshhold mgmt-keys add --name="CI runner" --caps=tunnel --expires-in=90d
meshhold mgmt-keys rm <id-prefix>

Web UI: Profile → Management keys has per-row QR / copy / edit / delete.

Backup & disaster recovery

The mesh itself is the redundancy — replication_factor ≥ 2 on every vault. For off-site backup, expose vaults over S3 (see S3 backend) and pipe nightly snapshots to a separate Backblaze B2 bucket or another mesh.

Audit log (Business tier)

Tamper-evident, hash-chained log of administrative + data-access events, exportable to Splunk / Loki / Elastic. Lands as part of the Business tier — see /business/ for the procurement flow.