> ## Documentation Index
> Fetch the complete documentation index at: https://docs.shiftlabs.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Overview

> Unified infrastructure and DevOps platform for modern engineering teams

ShiftLabs brings infrastructure management, deployments, secrets, and access control into one platform. Connect your on-premise or cloud infrastructure and manage everything from a single interface.

## What You Can Do

<CardGroup cols={3}>
  <Card title="Manage Infrastructure" icon="server">
    Monitor and operate Kubernetes clusters and Ceph storage from one dashboard
  </Card>

  <Card title="Deploy Applications" icon="code-branch">
    Build CI pipelines and manage GitOps deployments with ArgoCD integration
  </Card>

  <Card title="Secure Secrets" icon="shield-check">
    Store and access secrets through HashiCorp Vault with full audit trails
  </Card>

  <Card title="Control Access" icon="users">
    Manage users, roles, and project-based permissions across all resources
  </Card>

  <Card title="Connect Services" icon="plug">
    Integrate with Kafka, Redis, and Consul for messaging, caching, and service discovery
  </Card>

  <Card title="Extend Your Network" icon="network-wired">
    Connect on-premise infrastructure through encrypted WireGuard mesh networking
  </Card>
</CardGroup>

## How It Works

ShiftLabs connects to your infrastructure through a lightweight mesh agent. The agent creates an encrypted tunnel—no inbound ports or complex firewall rules required.

<Steps>
  <Step title="ShiftLabs Platform" icon="browser">
    You interact with the **Web Interface**, which communicates with the **API Layer** to manage all your resources.
  </Step>

  <Step title="Encrypted Tunnel" icon="lock">
    The **Mesh Agent** establishes a WireGuard tunnel between ShiftLabs and your environment. No inbound ports needed.
  </Step>

  <Step title="Your Infrastructure" icon="server">
    ShiftLabs securely reaches your services through the tunnel:

    <CardGroup cols={3}>
      <Card title="Kubernetes" icon="dharmachakra">Clusters & workloads</Card>
      <Card title="Ceph Storage" icon="hard-drive">Distributed storage</Card>
      <Card title="Vault" icon="shield-check">Secrets management</Card>
      <Card title="Kafka" icon="message">Event streaming</Card>
      <Card title="Redis" icon="database">Caching layer</Card>
      <Card title="Consul" icon="sitemap">Service discovery</Card>
    </CardGroup>
  </Step>
</Steps>

## Explore by Area

### Infrastructure

<CardGroup cols={2}>
  <Card title="Kubernetes" icon="dharmachakra" href="/infrastructure/kubernetes/system/clusters">
    Clusters, workloads, networking, storage, and access control
  </Card>

  <Card title="Ceph Storage" icon="hard-drive" href="/infrastructure/ceph/system/clusters">
    Distributed storage clusters, OSDs, and performance monitoring
  </Card>
</CardGroup>

### CI/CD & Deployments

<CardGroup cols={2}>
  <Card title="CI Platform" icon="hammer" href="/ci-cd-deployments/ci-platform/projects">
    Build pipelines, container registry, and deployment templates
  </Card>

  <Card title="CD Platform" icon="rotate" href="/ci-cd-deployments/cd-platform/applications">
    GitOps deployments with ArgoCD integration
  </Card>
</CardGroup>

### Platform Services

<CardGroup cols={2}>
  <Card title="Vault" icon="shield-check" href="/platform-services/vault/secrets">
    Secrets management, policies, and tokens
  </Card>

  <Card title="Consul" icon="sitemap" href="/platform-services/consul/services">
    Service discovery, key-value store, and intentions
  </Card>

  <Card title="Kafka" icon="message" href="/platform-services/kafka/topics">
    Topics, consumer groups, and schema registry
  </Card>

  <Card title="Redis" icon="database" href="/platform-services/redis/overview">
    Key browser, configuration, and CLI access
  </Card>
</CardGroup>

### Access & Security

<CardGroup cols={2}>
  <Card title="Users & Roles" icon="user-shield" href="/access-management/users">
    User management and role-based access control
  </Card>

  <Card title="Projects" icon="folder-tree" href="/access-management/projects">
    Project-based resource isolation and permissions
  </Card>

  <Card title="Audit Logs" icon="clipboard-list" href="/audit-compliance/audit-logs">
    System and IAM activity tracking
  </Card>

  <Card title="Keyrings" icon="key" href="/security/keyrings">
    PGP-encrypted credential storage
  </Card>
</CardGroup>

### Connectivity

<CardGroup cols={2}>
  <Card title="Mesh Agent" icon="network-wired" href="/mesh-networking/mesh-agent">
    Connect on-premise infrastructure securely
  </Card>

  <Card title="Integrations" icon="plug" href="/settings/integrations/overview">
    Configure external service connections
  </Card>
</CardGroup>

## Get Started

<Steps>
  <Step title="Set Up Connectivity">
    [Create a Mesh Agent](/mesh-networking/mesh-agent) to connect your infrastructure, or configure [integrations](/settings/integrations/overview) for cloud services.
  </Step>

  <Step title="Create a Project">
    [Create a project](/access-management/projects) to organize resources and control access.
  </Step>

  <Step title="Add Team Members">
    [Invite users](/access-management/users) and assign them to projects with appropriate [roles](/access-management/roles).
  </Step>

  <Step title="Connect Infrastructure">
    Add your [Kubernetes clusters](/infrastructure/kubernetes/system/clusters) and [Ceph storage](/infrastructure/ceph/system/clusters).
  </Step>

  <Step title="Deploy Applications">
    Set up [CI pipelines](/ci-cd-deployments/ci-platform/projects) and [CD applications](/ci-cd-deployments/cd-platform/applications) to deploy your workloads.
  </Step>
</Steps>

## FAQ

<AccordionGroup>
  <Accordion title="Do I need to install anything on my servers?">
    Only the Mesh Agent if connecting on-premise infrastructure. It's a lightweight service that creates encrypted tunnels. For cloud-hosted services, just configure the integration.
  </Accordion>

  <Accordion title="Can I use ShiftLabs with my existing tools?">
    Yes. ShiftLabs integrates with existing Kubernetes clusters, Vault instances, ArgoCD, Kafka, Redis, and Consul. You don't need to replace your infrastructure.
  </Accordion>

  <Accordion title="How does access control work?">
    ShiftLabs uses role-based access control (RBAC) with projects. Users get permissions through roles assigned directly or via groups. All access is scoped to specific projects.
  </Accordion>

  <Accordion title="Is my data encrypted?">
    Yes. All connections use TLS. The Mesh Agent uses WireGuard for end-to-end encryption. Secrets in Vault are encrypted at rest.
  </Accordion>

  <Accordion title="Where is ShiftLabs hosted?">
    ShiftLabs runs on secure cloud infrastructure with SOC 2 compliance. Your infrastructure data stays in your environment—only management traffic passes through ShiftLabs.
  </Accordion>
</AccordionGroup>