TrendMedia.Au Logo

TrendMedia.Au

The Real OS Underneath

The Real OS Underneath
Published in TrendAITristan V30 April 20265 min read

The Real OS Underneath

I came back from three weeks off, opened the laptop, and felt it immediately.

The AI layers I wanted to build had nowhere solid to stand. Everything important was still riding on scattered .env files, random tokens, and hope. It was fragile. It was theatre.

Solo founders skip this stuff. It’s not sexy. There’s no flashy demo. No “watch my agent do magic” moment. Just secrets, servers, registries, and deploys — the boring plumbing that decides whether the whole system is real or just another clever prototype that falls apart when you look away.

I refused to keep building on sand. So I spent two focused days and built the foundation that actually holds weight.

What Got Built

Five things, in the exact order they had to land. No shortcuts.

First, credentials. I set up OCI Vault in the Melbourne region with a proper compartment and master key. Thirty secrets now live there — the only source of truth. I created a clean secrets-index.md that names every secret, where it’s used, and its OCID. The latest batch? All the TrendMedia article-publishing credentials. Vaulted them. Deleted the old .env from disk. Done. The vault is now the single source. No more copy-paste security theater.

Next, compute. I provisioned s06 — a clean OCI ARM instance. Postgres runs bound only to the Tailscale interface. No public IP. No open ports. If you’re not on the mesh, you see nothing. I created a tos_admin superuser, rotated the password, and vaulted it. Three n8n containers (scheduler, automation, sandbox) now share the same Postgres but live in separate databases with one shared encryption key for the migration. Sandbox can’t touch production data. Clean separation.

Then, registries. Three simple markdown files do the heavy lifting: secrets-index.md, resources.md, and server-map.md. Everything is git-tracked, diff-able, and readable by both humans and agents. I restructured the tos-docs repo — core/, bau/, projects/ — so the foundational truth lives where every agent can find it without hunting.

After that, deploy. I stood up the BUD portal at bud.trendai.au on Cloudflare Pages, protected by Cloudflare Access. An OCI service account lets the build verify vault connectivity at deploy time. A GitHub PAT for the trendai-au user handles repo automation. Clean. Verifiable. No secrets baked into builds.

Finally, migration. Moved the main n8n instance off the dying MySQL HeatWave (n8n dropped support anyway) onto Postgres on s06. The encryption key that used to sit in plaintext in a docker-compose file? Vaulted.

The foundation is now real.

Below the flashy AI layers sits the substrate that makes them possible: Credentials, Compute, Registries, and a solid Deploy path. Everything above it can now stand on something that won’t collapse.

Foundation substrate diagram showing Credentials, Compute and Registries columns with Deploy band and 5 TOS Layers above
Below the AI layers — the substrate that lets them exist.

The Messy Middle

At the start of the week my brain was spinning. The existing setup was a Jenga tower — n8n talking to a database it shouldn’t use, Supabase doing too many jobs, secrets scattered in three places. Touch one piece and the whole thing felt like it might come down.

What unstuck me was simple: I used Claude CLI as a thinking partner. Smallest piece first. Isolate. Verify. Move on.

Vault first — empty scaffold. One secret. Registry entry. Next secret. Within a couple of hours, the chaos turned into a clear sequence.

The lesson wasn’t just technical. When a system feels too tangled to touch, the real bottleneck is rarely the system. It’s the order you choose to untangle it.

The Decisions That Mattered

I made four calls worth calling out:

  • OCI Vault instead of HashiCorp Vault, 1Password, or sops. We’re already on OCI. Adding another control plane made no sense. 1Password is great for people, not for automation. Sops is fine for git secrets but useless for central revocation. OCI Vault is KMS-backed and lives right next to the workloads.
  • Tailscale mesh over raw OCI VPC peering. Simpler. End-to-end encrypted. And crucially, it works cleanly across separate OCI accounts — which matters because the future agent runtime will live on its own account.
  • Postgres over MySQL. Not really a choice — n8n killed MySQL support and forced my hand. Good. Postgres has been rock solid since the switch, and the tooling around it is clearly superior.
  • Markdown registries over a fancy database. I want to think about infrastructure the same way I think about code — as clear diffs in a pull request. Markdown in git gives me that. Agents can read it easily. Future me reviewing changes in three months can read it easily. Simple wins.

What This Actually Enables

s07 — the dedicated agent runtime — is next. It will read from the registries, pull only the credentials it needs from the vault (never holding long-lived ones), and keep working state in Postgres.

With this substrate in place, the real TOS layers — Reasoning Kernel, Memory & Data, Orchestration, Agents, and BUD — can be built on something solid instead of hope and duct tape.

The Thesis, Revisited

Strip the “AI” off “AI Operating System” and what’s left still has to be a real operating system.

That’s what these two days were about: the unsexy, unglamorous, load-bearing layer underneath everything else. Skip it and all the agent magic above it is just theatre.

The question I keep asking myself — and now ask you — is this:

What’s the boring foundational layer in your business that you’ve been avoiding because it doesn’t feel like where the magic happens?

Do that layer first. Everything else becomes possible.

The soul of the system lives in the foundation.

Build it right, and reality starts bending in your favor.