fix(docs): markdown code fence violations and add production patterns

.markdownlint-cli2.jsonc

@@ -19,9 +19,11 @@
 
     // Code blocks - fenced only
     "MD046": { "style": "fenced" },  // code-block-style
-    // NOTE: MD040 only checks for missing language on opening fence.
+    // CRITICAL: MD040 only checks for missing language on opening fence.
     // It does NOT catch malformed closing fences with language specifiers (e.g., ```plaintext).
-    // Custom pre-commit hook required to enforce proper closing fence syntax.
+    // This is a CommonMark violation that must be caught by custom pre-commit hook.
+    // Pre-commit hook: check-malformed-fences (provisioning/core/.pre-commit-config.yaml)
+    // Script: provisioning/scripts/check-malformed-fences.nu
 
     // Formatting - strict whitespace
     "MD009": true,  // no-hard-tabs
@@ -96,7 +98,6 @@
     ".coder/**",
     ".claude/**",
     ".wrks/**",
-    ".vale/**",
-    "extensions/providers/*/kcl/docs/**"
+    ".vale/**"
   ]
 }

.pre-commit-config.yaml

@@ -44,32 +44,36 @@ repos:
       #   stages: [pre-push]
 
   # ============================================================================
-  # Nushell Hooks (optional - enable if using Nushell)
+  # Nushell Hooks (ACTIVE)
   # ============================================================================
-  # - repo: local
-  #   hooks:
-  #     - id: nushell-check
-  #       name: Nushell validation (nu --ide-check)
-  #       entry: bash -c 'for f in $(git diff --cached --name-only --diff-filter=ACM | grep "\.nu$"); do echo "Checking: $f"; nu --ide-check 100 "$f" || exit 1; done'
-  #       language: system
-  #       types: [file]
-  #       files: \.nu$
-  #       pass_filenames: false
-  #       stages: [commit]
+  - repo: local
+    hooks:
+      - id: nushell-check
+        name: Nushell validation (nu --ide-check)
+        entry: >-
+          bash -c 'for f in $(git diff --cached --name-only --diff-filter=ACM | grep "\.nu$"); do
+          echo "Checking: $f"; nu --ide-check 100 "$f" || exit 1; done'
+        language: system
+        types: [file]
+        files: \.nu$
+        pass_filenames: false
+        stages: [pre-commit]
 
   # ============================================================================
-  # Nickel Hooks (optional - enable if using Nickel)
+  # Nickel Hooks (ACTIVE)
   # ============================================================================
-  # - repo: local
-  #   hooks:
-  #     - id: nickel-typecheck
-  #       name: Nickel type checking
-  #       entry: bash -c 'export NICKEL_IMPORT_PATH="/Users/Akasha/Tools/dev-system/ci/schemas:/Users/Akasha/Tools/dev-system/ci/validators:/Users/Akasha/Tools/dev-system/ci/defaults:."; for f in $(git diff --cached --name-only --diff-filter=ACM | grep "\.ncl$"); do echo "Checking: $f"; nickel typecheck "$f" || exit 1; done'
-  #       language: system
-  #       types: [file]
-  #       files: \.ncl$
-  #       pass_filenames: false
-  #       stages: [commit]
+  - repo: local
+    hooks:
+      - id: nickel-typecheck
+        name: Nickel type checking
+        entry: >-
+          bash -c 'export NICKEL_IMPORT_PATH="../:."; for f in $(git diff --cached --name-only --diff-filter=ACM | grep "\.ncl$"); do
+          echo "Checking: $f"; nickel typecheck "$f" || exit 1; done'
+        language: system
+        types: [file]
+        files: \.ncl$
+        pass_filenames: false
+        stages: [pre-commit]
 
   # ============================================================================
   # Bash Hooks (optional - enable if using Bash)
@@ -91,10 +95,29 @@ repos:
   #       stages: [commit]
 
   # ============================================================================
-  # Markdown Hooks
+  # Markdown Hooks (ACTIVE)
   # ============================================================================
-  # NOTE: Markdown linting moved to pre-commit phase (too slow for pre-push)
-  # See provisioning/core/.pre-commit-config.yaml for active markdown validation
+  - repo: local
+    hooks:
+      - id: markdownlint
+        name: Markdown linting (markdownlint-cli2)
+        entry: markdownlint-cli2
+        language: system
+        types: [markdown]
+        stages: [pre-commit]
+
+      # CRITICAL: markdownlint-cli2 MD040 only checks opening fences for language.
+      # It does NOT catch malformed closing fences (e.g., ```plaintext) - CommonMark violation.
+      # This hook is ESSENTIAL to prevent malformed closing fences from entering the repo.
+      # See: .markdownlint-cli2.jsonc line 22-24 for details.
+      - id: check-malformed-fences
+        name: Check malformed closing fences (CommonMark)
+        entry: bash -c 'nu scripts/check-malformed-fences.nu $(git diff --cached --name-only --diff-filter=ACM | grep "\.md$" | grep -v ".coder/" | grep -v ".claude/" | grep -v "old_config/" | tr "\n" " ")'
+        language: system
+        types: [markdown]
+        pass_filenames: false
+        stages: [pre-commit]
+        exclude: ^\.coder/|^\.claude/|^old_config/
 
   # ============================================================================
   # General Pre-commit Hooks

.typedialog/ci/2026_01_03_01_form.toml

@@ -1,6 +1,6 @@
 description = "Interactive configuration for continuous integration and code quality tools"
 display_mode = "complete"
-locales_path = ""
+locales_path = "../../../locales"
 name = "CI Configuration Form"
 
 [[elements]]
@@ -13,11 +13,7 @@ type = "section_header"
 [[elements]]
 help = "Name of the project"
 name = "project_name"
-nickel_path = [
-    "ci",
-    "project",
-    "name",
-]
+nickel_path = ["ci", "project", "name"]
 placeholder = "my-project"
 prompt = "Project name"
 required = true
@@ -26,11 +22,7 @@ type = "text"
 [[elements]]
 help = "Optional description"
 name = "project_description"
-nickel_path = [
-    "ci",
-    "project",
-    "description",
-]
+nickel_path = ["ci", "project", "description"]
 placeholder = "Brief description of what this project does"
 prompt = "Project description"
 required = false
@@ -40,11 +32,7 @@ type = "text"
 default = ""
 help = "Project website or documentation site URL"
 name = "project_site_url"
-nickel_path = [
-    "ci",
-    "project",
-    "site_url",
-]
+nickel_path = ["ci", "project", "site_url"]
 placeholder = "https://example.com"
 prompt = "Project Site URL"
 required = false
@@ -54,11 +42,7 @@ type = "text"
 default = ""
 help = "Project repository URL (GitHub, GitLab, etc.)"
 name = "project_repo_url"
-nickel_path = [
-    "ci",
-    "project",
-    "repo_url",
-]
+nickel_path = ["ci", "project", "repo_url"]
 placeholder = "https://github.com/user/repo"
 prompt = "Project Repo URL"
 required = false
@@ -77,85 +61,77 @@ display_mode = "grid"
 help = "Select all languages detected or used in the project"
 min_selected = 1
 name = "detected_languages"
-nickel_path = [
-    "ci",
-    "project",
-    "detected_languages",
-]
+nickel_path = ["ci", "project", "detected_languages"]
 prompt = "Which languages are used in this project?"
 required = true
 searchable = true
 type = "multiselect"
 
   [[elements.options]]
-value = "rust"
   label = "🦀 Rust"
+  value = "rust"
 
   [[elements.options]]
-value = "nushell"
   label = "🐚 NuShell"
+  value = "nushell"
 
   [[elements.options]]
-value = "nickel"
   label = "⚙️  Nickel"
+  value = "nickel"
 
   [[elements.options]]
-value = "bash"
   label = "🔧 Bash/Shell"
+  value = "bash"
 
   [[elements.options]]
-value = "markdown"
   label = "📝 Markdown/Documentation"
+  value = "markdown"
 
   [[elements.options]]
-value = "python"
   label = "🐍 Python"
+  value = "python"
 
   [[elements.options]]
-value = "javascript"
   label = "📜 JavaScript/TypeScript"
+  value = "javascript"
 
 [[elements]]
+default = "rust"
 help = "Main language used for defaults (e.g., in GitHub Actions workflows)"
 name = "primary_language"
-nickel_path = [
-    "ci",
-    "project",
-    "primary_language",
-]
+nickel_path = ["ci", "project", "primary_language"]
 options_from = "detected_languages"
 prompt = "Primary language"
 required = true
 type = "select"
-default = "rust"
 
   [[elements.options]]
-value = "rust"
   label = "🦀 Rust"
+  value = "rust"
 
   [[elements.options]]
-value = "nushell"
   label = "🐚 NuShell"
+  value = "nushell"
 
   [[elements.options]]
-value = "nickel"
   label = "⚙️  Nickel"
+  value = "nickel"
 
   [[elements.options]]
-value = "bash"
   label = "🔧 Bash"
+  value = "bash"
 
   [[elements.options]]
-value = "markdown"
   label = "📝 Markdown"
+  value = "markdown"
 
   [[elements.options]]
-value = "python"
   label = "🐍 Python"
+  value = "python"
 
   [[elements.options]]
-value = "javascript"
   label = "📜 JavaScript"
+  value = "javascript"
 
 [[elements]]
 includes = ["fragments/rust-tools.toml"]
@@ -215,11 +191,7 @@ type = "section_header"
 default = "true"
 help = "Set up continuous integration and deployment pipelines"
 name = "enable_ci_cd"
-nickel_path = [
-    "ci",
-    "features",
-    "enable_ci_cd",
-]
+nickel_path = ["ci", "features", "enable_ci_cd"]
 prompt = "Enable CI/CD integration?"
 type = "confirm"
 

.typedialog/ci/form.toml

@@ -1,6 +1,6 @@
 description = "Interactive configuration for continuous integration and code quality tools"
 display_mode = "complete"
-locales_path = ""
+locales_path = "../../../locales"
 name = "CI Configuration Form"
 
 [[elements]]
@@ -13,11 +13,7 @@ type = "section_header"
 [[elements]]
 help = "Name of the project"
 name = "project_name"
-nickel_path = [
-    "ci",
-    "project",
-    "name",
-]
+nickel_path = ["ci", "project", "name"]
 placeholder = "my-project"
 prompt = "Project name"
 required = true
@@ -26,11 +22,7 @@ type = "text"
 [[elements]]
 help = "Optional description"
 name = "project_description"
-nickel_path = [
-    "ci",
-    "project",
-    "description",
-]
+nickel_path = ["ci", "project", "description"]
 placeholder = "Brief description of what this project does"
 prompt = "Project description"
 required = false
@@ -40,11 +32,7 @@ type = "text"
 default = ""
 help = "Project website or documentation site URL"
 name = "project_site_url"
-nickel_path = [
-    "ci",
-    "project",
-    "site_url",
-]
+nickel_path = ["ci", "project", "site_url"]
 placeholder = "https://example.com"
 prompt = "Project Site URL"
 required = false
@@ -54,11 +42,7 @@ type = "text"
 default = ""
 help = "Project repository URL (GitHub, GitLab, etc.)"
 name = "project_repo_url"
-nickel_path = [
-    "ci",
-    "project",
-    "repo_url",
-]
+nickel_path = ["ci", "project", "repo_url"]
 placeholder = "https://github.com/user/repo"
 prompt = "Project Repo URL"
 required = false
@@ -77,85 +61,77 @@ display_mode = "grid"
 help = "Select all languages detected or used in the project"
 min_selected = 1
 name = "detected_languages"
-nickel_path = [
-    "ci",
-    "project",
-    "detected_languages",
-]
+nickel_path = ["ci", "project", "detected_languages"]
 prompt = "Which languages are used in this project?"
 required = true
 searchable = true
 type = "multiselect"
 
   [[elements.options]]
-value = "rust"
   label = "🦀 Rust"
+  value = "rust"
 
   [[elements.options]]
-value = "nushell"
   label = "🐚 NuShell"
+  value = "nushell"
 
   [[elements.options]]
-value = "nickel"
   label = "⚙️  Nickel"
+  value = "nickel"
 
   [[elements.options]]
-value = "bash"
   label = "🔧 Bash/Shell"
+  value = "bash"
 
   [[elements.options]]
-value = "markdown"
   label = "📝 Markdown/Documentation"
+  value = "markdown"
 
   [[elements.options]]
-value = "python"
   label = "🐍 Python"
+  value = "python"
 
   [[elements.options]]
-value = "javascript"
   label = "📜 JavaScript/TypeScript"
+  value = "javascript"
 
 [[elements]]
+default = "rust"
 help = "Main language used for defaults (e.g., in GitHub Actions workflows)"
 name = "primary_language"
-nickel_path = [
-    "ci",
-    "project",
-    "primary_language",
-]
+nickel_path = ["ci", "project", "primary_language"]
 options_from = "detected_languages"
 prompt = "Primary language"
 required = true
 type = "select"
-default = "rust"
 
   [[elements.options]]
-value = "rust"
   label = "🦀 Rust"
+  value = "rust"
 
   [[elements.options]]
-value = "nushell"
   label = "🐚 NuShell"
+  value = "nushell"
 
   [[elements.options]]
-value = "nickel"
   label = "⚙️  Nickel"
+  value = "nickel"
 
   [[elements.options]]
-value = "bash"
   label = "🔧 Bash"
+  value = "bash"
 
   [[elements.options]]
-value = "markdown"
   label = "📝 Markdown"
+  value = "markdown"
 
   [[elements.options]]
-value = "python"
   label = "🐍 Python"
+  value = "python"
 
   [[elements.options]]
-value = "javascript"
   label = "📜 JavaScript"
+  value = "javascript"
 
 [[elements]]
 includes = ["fragments/rust-tools.toml"]
@@ -215,11 +191,7 @@ type = "section_header"
 default = "true"
 help = "Set up continuous integration and deployment pipelines"
 name = "enable_ci_cd"
-nickel_path = [
-    "ci",
-    "features",
-    "enable_ci_cd",
-]
+nickel_path = ["ci", "features", "enable_ci_cd"]
 prompt = "Enable CI/CD integration?"
 type = "confirm"
 

.typedialog/core/forms/auth-login.toml

@@ -4,7 +4,7 @@
 
 description = "Interactive authentication login"
 display_mode = "complete"
-locales_path = ""
+locales_path = "../../../../../locales"
 name = "Authentication Login"
 
 # ============================================================================
@@ -49,13 +49,13 @@ title = "🔒 Multi-Factor Authentication"
 type = "section_header"
 
 [[elements]]
+default = false
 help = "Do you have MFA enabled for this account?"
 name = "has_mfa"
 nickel_path = ["auth", "has_mfa"]
 prompt = "MFA enabled?"
 required = false
 type = "confirm"
-default = false
 
 [[elements]]
 help = "Enter your MFA code (6 digits)"
@@ -80,10 +80,10 @@ title = "✅ Confirmation"
 type = "section_header"
 
 [[elements]]
+default = true
 help = "Confirm login with the provided credentials"
 name = "confirm_login"
 nickel_path = ["auth", "confirm_login"]
 prompt = "Proceed with login?"
 required = false
 type = "confirm"
-default = true

.typedialog/core/forms/infrastructure/cluster_delete_confirm.toml

@@ -3,114 +3,114 @@
 # Purpose: Confirm destructive cluster deletion operation
 
 [meta]
-title = "Cluster Deletion Confirmation"
-description = "This action will permanently delete the entire cluster and all associated resources"
 allow_cancel = true
+description = "This action will permanently delete the entire cluster and all associated resources"
+title = "Cluster Deletion Confirmation"
 
 # ============================================================================
 # CRITICAL WARNING SECTION
 # ============================================================================
 
 [items.critical_warning]
-type = "text"
-prompt = "🔴 CRITICAL: Cluster Deletion is Irreversible"
 display_only = true
+prompt = "🔴 CRITICAL: Cluster Deletion is Irreversible"
+type = "text"
 
 [items.warning_details]
-type = "text"
-prompt = "Cluster Deletion will:"
+display_only = true
 help = """
 • Permanently delete all nodes in the cluster
 • Destroy all persistent volumes and data
 • Terminate all running applications and services
 • Remove all persistent configurations
 • Make cluster inaccessible - cannot be recovered"""
-display_only = true
+prompt = "Cluster Deletion will:"
+type = "text"
 
 # ============================================================================
 # CLUSTER INFORMATION
 # ============================================================================
 
 [items.cluster_info_header]
-type = "text"
-prompt = "Cluster to Delete"
 display_only = true
+prompt = "Cluster to Delete"
+type = "text"
 
 [items.cluster_name]
-type = "text"
-prompt = "Cluster Name"
 default = "{{ cluster_name | default('unknown') }}"
 display_only = true
+prompt = "Cluster Name"
+type = "text"
 
 [items.cluster_type]
-type = "text"
-prompt = "Cluster Type"
 default = "{{ cluster_type | default('unknown') }}"
 display_only = true
+prompt = "Cluster Type"
+type = "text"
 
 [items.node_count]
-type = "text"
-prompt = "Number of Nodes"
 default = "{{ node_count | default('unknown') }}"
 display_only = true
+prompt = "Number of Nodes"
+type = "text"
 
 [items.total_resources]
-type = "text"
-prompt = "Total Resources"
-help = "Approximate total CPU and memory that will be freed"
 default = "{{ total_resources | default('unknown') }}"
 display_only = true
+help = "Approximate total CPU and memory that will be freed"
+prompt = "Total Resources"
+type = "text"
 
 # ============================================================================
 # DEPENDENT RESOURCES
 # ============================================================================
 
 [items.dependents_header]
-type = "text"
-prompt = "Resources That Will Be Deleted"
 display_only = true
+prompt = "Resources That Will Be Deleted"
+type = "text"
 
 [items.deployments_count]
-type = "text"
-prompt = "Deployments"
 default = "{{ deployments_count | default('0') }}"
 display_only = true
+prompt = "Deployments"
+type = "text"
 
 [items.services_count]
-type = "text"
-prompt = "Services"
 default = "{{ services_count | default('0') }}"
 display_only = true
+prompt = "Services"
+type = "text"
 
 [items.volumes_count]
-type = "text"
-prompt = "Persistent Volumes"
 default = "{{ volumes_count | default('0') }}"
 display_only = true
+prompt = "Persistent Volumes"
+type = "text"
 
 # ============================================================================
 # CONFIRMATION
 # ============================================================================
 
 [items.confirm_header]
-type = "text"
-prompt = "Final Confirmation Required"
 display_only = true
+prompt = "Final Confirmation Required"
+type = "text"
 
 [items.confirmation_text]
-type = "text"
-prompt = "Type 'DELETE CLUSTER' to Confirm"
 help = "You must type the exact phrase: DELETE CLUSTER"
+prompt = "Type 'DELETE CLUSTER' to Confirm"
 required = true
+type = "text"
 
 [items.understand_final]
-type = "confirm"
-prompt = "I understand this operation is permanent and all data will be lost"
 help = "Check this box to acknowledge that you understand the consequences"
+prompt = "I understand this operation is permanent and all data will be lost"
 required = true
+type = "confirm"
 
 [items.proceed_final]
-type = "confirm"
-prompt = "Delete cluster '{{ cluster_name | default('cluster') }}' with {{ node_count | default('all') }} nodes?"
 help = "This is the final confirmation. There is no undo."
+prompt = "Delete cluster '{{ cluster_name | default('cluster') }}' with {{ node_count | default('all') }} nodes?"
 required = true
+type = "confirm"

.typedialog/core/forms/infrastructure/generic_delete_confirm.toml

@@ -3,81 +3,81 @@
 # Purpose: Generic confirmation for any resource deletion
 
 [meta]
-title = "Resource Deletion Confirmation"
-description = "Confirm permanent deletion of resource"
 allow_cancel = true
+description = "Confirm permanent deletion of resource"
+title = "Resource Deletion Confirmation"
 
 # ============================================================================
 # WARNING SECTION
 # ============================================================================
 
 [items.warning_header]
-type = "text"
-prompt = "⚠️ Warning: Permanent Deletion"
 display_only = true
+prompt = "⚠️ Warning: Permanent Deletion"
+type = "text"
 
 [items.resource_type]
-type = "text"
-prompt = "Resource Type"
 default = "{{ resource_type | default('Resource') }}"
 display_only = true
+prompt = "Resource Type"
+type = "text"
 
 [items.resource_name]
-type = "text"
-prompt = "Resource Name"
 default = "{{ resource_name | default('unknown') }}"
 display_only = true
+prompt = "Resource Name"
+type = "text"
 
 [items.resource_id]
-type = "text"
-prompt = "Resource ID"
-help = "Unique identifier of the resource"
 default = "{{ resource_id | default('') }}"
 display_only = true
+help = "Unique identifier of the resource"
+prompt = "Resource ID"
+type = "text"
 
 [items.resource_status]
-type = "text"
-prompt = "Current Status"
 default = "{{ resource_status | default('unknown') }}"
 display_only = true
+prompt = "Current Status"
+type = "text"
 
 # ============================================================================
 # IMPACT INFORMATION
 # ============================================================================
 
 [items.impact_header]
-type = "text"
-prompt = "Deletion Impact"
 display_only = true
+prompt = "Deletion Impact"
+type = "text"
 
 [items.irreversible_warning]
-type = "text"
-prompt = "This action is irreversible"
-help = "There is no way to undo this operation"
 display_only = true
+help = "There is no way to undo this operation"
+prompt = "This action is irreversible"
+type = "text"
 
 [items.data_loss_warning]
-type = "text"
-prompt = "All associated data will be permanently lost"
-help = "This includes configurations, logs, and cached data"
 display_only = true
+help = "This includes configurations, logs, and cached data"
+prompt = "All associated data will be permanently lost"
+type = "text"
 
 # ============================================================================
 # CONFIRMATION
 # ============================================================================
 
 [items.confirm_text]
-type = "text"
-prompt = "Type 'DELETE' to Confirm"
 help = "This prevents accidental deletion"
+prompt = "Type 'DELETE' to Confirm"
 required = true
+type = "text"
 
 [items.final_confirm]
-type = "confirm"
 prompt = "I understand this is permanent and all data will be lost"
 required = true
+type = "confirm"
 
 [items.proceed]
-type = "confirm"
 prompt = "Delete {{ resource_type | default('resource') }} '{{ resource_name | default('unknown') }}'?"
 required = true
+type = "confirm"

.typedialog/core/forms/infrastructure/server_delete_confirm.toml

@@ -3,82 +3,82 @@
 # Purpose: Confirm destructive server deletion operation
 
 [meta]
-title = "Server Deletion Confirmation"
-description = "This action will permanently delete the server and all associated data"
 allow_cancel = true
+description = "This action will permanently delete the server and all associated data"
+title = "Server Deletion Confirmation"
 
 # ============================================================================
 # WARNING SECTION
 # ============================================================================
 
 [items.warning_header]
-type = "text"
-prompt = "⚠️ WARNING: This Action Cannot Be Undone"
 display_only = true
+prompt = "⚠️ WARNING: This Action Cannot Be Undone"
+type = "text"
 
 [items.warning_text]
-type = "text"
-prompt = "Server Deletion will:"
+display_only = true
 help = """
 • Permanently remove the server from all providers
 • Delete all associated data and configurations
 • Terminate all running services
 • Release allocated IP addresses and storage"""
-display_only = true
+prompt = "Server Deletion will:"
+type = "text"
 
 # ============================================================================
 # SERVER INFORMATION
 # ============================================================================
 
 [items.server_info_header]
-type = "text"
-prompt = "Server to Delete"
 display_only = true
+prompt = "Server to Delete"
+type = "text"
 
 [items.server_name]
-type = "text"
-prompt = "Server Name"
-help = "Name of the server being deleted"
 default = "{{ server_name | default('unknown') }}"
 display_only = true
+help = "Name of the server being deleted"
+prompt = "Server Name"
+type = "text"
 
 [items.server_ip]
-type = "text"
-prompt = "IP Address"
-help = "Current IP address of the server"
 default = "{{ server_ip | default('not assigned') }}"
 display_only = true
+help = "Current IP address of the server"
+prompt = "IP Address"
+type = "text"
 
 [items.server_status]
-type = "text"
-prompt = "Current Status"
-help = "Current operational status"
 default = "{{ server_status | default('unknown') }}"
 display_only = true
+help = "Current operational status"
+prompt = "Current Status"
+type = "text"
 
 # ============================================================================
 # CONFIRMATION
 # ============================================================================
 
 [items.confirm_header]
-type = "text"
-prompt = "Confirm Deletion"
 display_only = true
+prompt = "Confirm Deletion"
+type = "text"
 
 [items.confirmation_text]
-type = "text"
-prompt = "Type 'DELETE' to Confirm"
 help = "This prevents accidental deletion. You must type the exact word DELETE"
+prompt = "Type 'DELETE' to Confirm"
 required = true
+type = "text"
 
 [items.final_confirm]
-type = "confirm"
-prompt = "I understand this is permanent and cannot be undone"
 help = "Check this box to confirm you understand the consequences"
+prompt = "I understand this is permanent and cannot be undone"
 required = true
+type = "confirm"
 
 [items.proceed]
-type = "confirm"
-prompt = "Delete server {{ server_name | default('server') }}?"
 help = "Final confirmation to proceed with deletion"
+prompt = "Delete server {{ server_name | default('server') }}?"
 required = true
+type = "confirm"

.typedialog/core/forms/infrastructure/taskserv_delete_confirm.toml

@@ -3,106 +3,106 @@
 # Purpose: Confirm destructive taskserv deletion operation
 
 [meta]
-title = "Task Service Deletion Confirmation"
-description = "This action will permanently delete the task service and all associated data"
 allow_cancel = true
+description = "This action will permanently delete the task service and all associated data"
+title = "Task Service Deletion Confirmation"
 
 # ============================================================================
 # WARNING SECTION
 # ============================================================================
 
 [items.warning_header]
-type = "text"
-prompt = "⚠️ WARNING: This Action Cannot Be Undone"
 display_only = true
+prompt = "⚠️ WARNING: This Action Cannot Be Undone"
+type = "text"
 
 [items.warning_text]
-type = "text"
-prompt = "Task Service Deletion will:"
+display_only = true
 help = """
 • Permanently remove the service definition
 • Delete all containers and images
 • Remove all associated volumes and data
 • Terminate all running tasks
 • Invalidate all service references"""
-display_only = true
+prompt = "Task Service Deletion will:"
+type = "text"
 
 # ============================================================================
 # TASKSERV INFORMATION
 # ============================================================================
 
 [items.taskserv_info_header]
-type = "text"
-prompt = "Task Service to Delete"
 display_only = true
+prompt = "Task Service to Delete"
+type = "text"
 
 [items.taskserv_name]
-type = "text"
-prompt = "Service Name"
-help = "Name of the task service being deleted"
 default = "{{ taskserv_name | default('unknown') }}"
 display_only = true
+help = "Name of the task service being deleted"
+prompt = "Service Name"
+type = "text"
 
 [items.taskserv_type]
-type = "text"
-prompt = "Service Type"
-help = "Type of service (e.g., kubernetes, postgres, redis)"
 default = "{{ taskserv_type | default('unknown') }}"
 display_only = true
+help = "Type of service (e.g., kubernetes, postgres, redis)"
+prompt = "Service Type"
+type = "text"
 
 [items.taskserv_server]
-type = "text"
-prompt = "Deployed On Server"
-help = "Server hosting this task service"
 default = "{{ taskserv_server | default('unknown') }}"
 display_only = true
+help = "Server hosting this task service"
+prompt = "Deployed On Server"
+type = "text"
 
 [items.taskserv_status]
-type = "text"
-prompt = "Current Status"
-help = "Operational status of the service"
 default = "{{ taskserv_status | default('unknown') }}"
 display_only = true
+help = "Operational status of the service"
+prompt = "Current Status"
+type = "text"
 
 # ============================================================================
 # IMPACT ANALYSIS
 # ============================================================================
 
 [items.impact_header]
-type = "text"
-prompt = "Services That Depend on This"
 display_only = true
+prompt = "Services That Depend on This"
+type = "text"
 
 [items.dependent_services]
-type = "text"
-prompt = "Dependent Services"
-help = "These services will be affected by deletion"
 default = "{{ dependent_services | default('none') }}"
 display_only = true
+help = "These services will be affected by deletion"
+prompt = "Dependent Services"
+type = "text"
 
 # ============================================================================
 # CONFIRMATION
 # ============================================================================
 
 [items.confirm_header]
-type = "text"
-prompt = "Confirm Deletion"
 display_only = true
+prompt = "Confirm Deletion"
+type = "text"
 
 [items.confirmation_text]
-type = "text"
-prompt = "Type 'DELETE' to Confirm"
 help = "This prevents accidental deletion. You must type the exact word DELETE"
+prompt = "Type 'DELETE' to Confirm"
 required = true
+type = "text"
 
 [items.final_confirm]
-type = "confirm"
-prompt = "I understand this is permanent and will affect dependent services"
 help = "Check this box to confirm you understand the consequences"
+prompt = "I understand this is permanent and will affect dependent services"
 required = true
+type = "confirm"
 
 [items.proceed]
-type = "confirm"
-prompt = "Delete {{ taskserv_type | default('task service') }} '{{ taskserv_name | default('unknown') }}'?"
 help = "Final confirmation to proceed with deletion"
+prompt = "Delete {{ taskserv_type | default('task service') }} '{{ taskserv_name | default('unknown') }}'?"
 required = true
+type = "confirm"

.typedialog/core/forms/mfa-enroll.toml

@@ -4,7 +4,7 @@
 
 description = "Interactive Multi-Factor Authentication enrollment"
 display_mode = "complete"
-locales_path = ""
+locales_path = "../../../../../locales"
 name = "MFA Enrollment"
 
 # ============================================================================
@@ -19,14 +19,14 @@ title = "🔐 Multi-Factor Authentication Setup"
 type = "section_header"
 
 [[elements]]
+default = "totp"
 help = "Choose the MFA method"
 name = "mfa_type"
 nickel_path = ["mfa", "type"]
+options = ["totp", "webauthn", "sms"]
 prompt = "MFA Type"
 required = true
 type = "select"
-options = ["totp", "webauthn", "sms"]
-default = "totp"
 
 # ============================================================================
 # TOTP CONFIGURATION (Time-based One-Time Password)
@@ -41,6 +41,7 @@ type = "section_header"
 when = "mfa_type == 'totp'"
 
 [[elements]]
+default = "Authenticator App"
 help = "Name for this MFA device (e.g., 'iPhone', 'Authenticator App')"
 name = "totp_device_name"
 nickel_path = ["mfa", "totp", "device_name"]
@@ -48,7 +49,6 @@ placeholder = "My Phone"
 prompt = "Device name"
 required = false
 type = "text"
-default = "Authenticator App"
 when = "mfa_type == 'totp'"
 
 [[elements]]
@@ -75,6 +75,7 @@ type = "section_header"
 when = "mfa_type == 'webauthn'"
 
 [[elements]]
+default = "Security Key"
 help = "Name for this security key (e.g., 'YubiKey', 'Fingerprint')"
 name = "webauthn_device_name"
 nickel_path = ["mfa", "webauthn", "device_name"]
@@ -82,7 +83,6 @@ placeholder = "Security Key"
 prompt = "Device name"
 required = false
 type = "text"
-default = "Security Key"
 when = "mfa_type == 'webauthn'"
 
 # ============================================================================
@@ -131,24 +131,24 @@ title = "💾 Backup Codes"
 type = "section_header"
 
 [[elements]]
+default = true
 help = "Generate backup codes for account recovery"
 name = "generate_backup_codes"
 nickel_path = ["mfa", "generate_backup_codes"]
 prompt = "Generate backup codes?"
 required = false
 type = "confirm"
-default = true
 
 [[elements]]
+default = 10
 help = "Number of backup codes to generate"
+max = 20
+min = 5
 name = "backup_codes_count"
 nickel_path = ["mfa", "backup_codes_count"]
 prompt = "Number of backup codes"
 required = false
 type = "number"
-min = 5
-max = 20
-default = 10
 when = "generate_backup_codes == true"
 
 # ============================================================================
@@ -163,10 +163,10 @@ title = "✅ Confirmation"
 type = "section_header"
 
 [[elements]]
+default = true
 help = "Confirm MFA enrollment with the provided configuration"
 name = "confirm_enroll"
 nickel_path = ["mfa", "confirm_enroll"]
 prompt = "Complete MFA enrollment?"
 required = false
 type = "confirm"
-default = true

.typedialog/core/forms/setup-wizard.toml

@@ -4,7 +4,7 @@
 
 description = "Interactive setup wizard for provisioning system initialization"
 display_mode = "complete"
-locales_path = ""
+locales_path = "../../../../../locales"
 name = "Provisioning System Setup Wizard"
 
 # ============================================================================
@@ -28,13 +28,13 @@ required = true
 type = "text"
 
 [[elements]]
+default = true
 help = "Use recommended paths for your operating system"
 name = "use_defaults"
 nickel_path = ["system_config", "use_defaults"]
 prompt = "Use recommended paths for your OS?"
 required = false
 type = "confirm"
-default = true
 
 # ============================================================================
 # DEPLOYMENT MODE SELECTION
@@ -48,14 +48,14 @@ title = "🚀 Deployment Mode"
 type = "section_header"
 
 [[elements]]
+default = "docker-compose"
 help = "Choose how platform services will be deployed"
 name = "deployment_mode"
 nickel_path = ["deployment_mode"]
+options = ["docker-compose", "kubernetes", "remote-ssh", "systemd"]
 prompt = "Deployment mode"
 required = true
 type = "select"
-options = ["docker-compose", "kubernetes", "remote-ssh", "systemd"]
-default = "docker-compose"
 
 # ============================================================================
 # PROVIDER SELECTION
@@ -75,40 +75,40 @@ title = "Select at least one provider"
 type = "section_header"
 
 [[elements]]
+default = false
 help = "Enable UpCloud provider"
 name = "provider_upcloud"
 nickel_path = ["providers", "upcloud"]
 prompt = "Use UpCloud?"
 required = false
 type = "confirm"
-default = false
 
 [[elements]]
+default = false
 help = "Enable AWS provider"
 name = "provider_aws"
 nickel_path = ["providers", "aws"]
 prompt = "Use AWS?"
 required = false
 type = "confirm"
-default = false
 
 [[elements]]
+default = false
 help = "Enable Hetzner provider"
 name = "provider_hetzner"
 nickel_path = ["providers", "hetzner"]
 prompt = "Use Hetzner?"
 required = false
 type = "confirm"
-default = false
 
 [[elements]]
+default = true
 help = "Enable local provider (required for local deployments)"
 name = "provider_local"
 nickel_path = ["providers", "local"]
 prompt = "Use local provider?"
 required = false
 type = "confirm"
-default = true
 
 # ============================================================================
 # RESOURCE ALLOCATION
@@ -122,26 +122,26 @@ title = "💻 Resource Allocation"
 type = "section_header"
 
 [[elements]]
+default = 4
 help = "Number of CPU cores to allocate"
+max = 128
+min = 1
 name = "cpu_count"
 nickel_path = ["resources", "cpu_count"]
 prompt = "Number of CPUs to allocate"
 required = true
 type = "number"
-min = 1
-max = 128
-default = 4
 
 [[elements]]
+default = 8
 help = "Amount of memory to allocate (in GB)"
+max = 1024
+min = 1
 name = "memory_gb"
 nickel_path = ["resources", "memory_gb"]
 prompt = "Memory in GB to allocate"
 required = true
 type = "number"
-min = 1
-max = 1024
-default = 8
 
 # ============================================================================
 # SECURITY CONFIGURATION
@@ -155,31 +155,31 @@ title = "🔒 Security Configuration"
 type = "section_header"
 
 [[elements]]
+default = true
 help = "Enable Multi-Factor Authentication for enhanced security"
 name = "enable_mfa"
 nickel_path = ["security", "enable_mfa"]
 prompt = "Enable Multi-Factor Authentication (MFA)?"
 required = false
 type = "confirm"
-default = true
 
 [[elements]]
+default = true
 help = "Enable audit logging for all operations"
 name = "enable_audit"
 nickel_path = ["security", "enable_audit"]
 prompt = "Enable audit logging for all operations?"
 required = false
 type = "confirm"
-default = true
 
 [[elements]]
+default = true
 help = "Require approval for destructive operations"
 name = "require_approval"
 nickel_path = ["security", "require_approval_for_destructive"]
 prompt = "Require approval for destructive operations?"
 required = false
 type = "confirm"
-default = true
 
 # ============================================================================
 # WORKSPACE CONFIGURATION
@@ -193,30 +193,30 @@ title = "📁 Initial Workspace"
 type = "section_header"
 
 [[elements]]
+default = true
 help = "Create an initial workspace for your infrastructure"
 name = "create_workspace"
 nickel_path = ["workspace", "create_workspace"]
 prompt = "Create workspace now?"
 required = false
 type = "confirm"
-default = true
 
 [[elements]]
+default = "default"
 help = "Name for the initial workspace"
 name = "workspace_name"
 nickel_path = ["workspace", "name"]
 prompt = "Workspace name"
 required = false
 type = "text"
-default = "default"
 when = "create_workspace == true"
 
 [[elements]]
+default = "Default workspace"
 help = "Optional description for the workspace"
 name = "workspace_description"
 nickel_path = ["workspace", "description"]
 prompt = "Workspace description (optional)"
 required = false
 type = "text"
-default = "Default workspace"
 when = "create_workspace == true"

.typedialog/platform/forms/ai-service-form.toml

@@ -1,13 +1,13 @@
 # AI Service Configuration Form
 # Sections for AI Service deployment with RAG/MCP integration
 
-title = "AI Service Configuration"
 description = "Configure AI Service with RAG and MCP integration"
+title = "AI Service Configuration"
 
 sections = [
   { name = "server", label = "Server Settings", description = "HTTP server and worker configuration" },
   { name = "rag_integration", label = "RAG Integration", description = "Retrieval-Augmented Generation service integration" },
   { name = "mcp_integration", label = "MCP Integration", description = "Model Context Protocol service integration" },
   { name = "dag", label = "DAG Execution", description = "Directed Acyclic Graph task execution settings" },
-  { name = "monitoring", label = "Monitoring", description = "Health checks and observability" }
+  { name = "monitoring", label = "Monitoring", description = "Health checks and observability" },
 ]

.typedialog/platform/forms/control-center-form.toml

@@ -1,7 +1,7 @@
-name = "control_center_configuration"
 description = "Interactive configuration for Control Center service (policy and RBAC management)"
 display_mode = "complete"
 fallback_locale = "en-US"
+name = "control_center_configuration"
 
 # ============================================================================
 # CONTROL CENTER SERVICE FORM - COMPOSED FROM FRAGMENTS
@@ -13,106 +13,109 @@ fallback_locale = "en-US"
 # DEPLOYMENT MODE SELECTION
 # Determines service resources and feature set (solo/multiuser/cicd/enterprise)
 [[items]]
-name = "deployment_mode_group"
-type = "group"
-title = "Deployment Configuration"
 description = "Select deployment mode and database backend"
-includes = ["fragments/deployment/mode-selection.toml", "fragments/deployment/database-backend-selection.toml"]
+includes = [
+  "fragments/deployment/mode-selection.toml",
+  "fragments/deployment/database-backend-selection.toml",
+]
+name = "deployment_mode_group"
+title = "Deployment Configuration"
+type = "group"
 
 # WORKSPACE CONFIGURATION
 # Workspace name, path, and context
 [[items]]
-name = "workspace_group"
-type = "group"
-title = "Workspace Settings"
 description = "Configure workspace context for this Control Center instance"
 includes = ["fragments/workspace-section.toml"]
+name = "workspace_group"
+title = "Workspace Settings"
+type = "group"
 
 # SERVER CONFIGURATION
 # HTTP server settings (host, port, workers, connections)
 [[items]]
-name = "server_group"
-type = "group"
-title = "Server Settings"
 description = "Configure HTTP server for Control Center"
 includes = ["fragments/server-section.toml"]
+name = "server_group"
+title = "Server Settings"
+type = "group"
 
 # DATABASE BACKEND CONFIGURATION
 # Conditional sections based on selected backend
 [[items]]
-name = "database_rocksdb_group"
-type = "group"
-title = "RocksDB Configuration"
-description = "Configure RocksDB backend for policy storage"
 condition = "database_backend_selection == 'rocksdb'"
+description = "Configure RocksDB backend for policy storage"
 includes = ["fragments/database-rocksdb-section.toml"]
+name = "database_rocksdb_group"
+title = "RocksDB Configuration"
+type = "group"
 
 [[items]]
-name = "database_surrealdb_group"
-type = "group"
-title = "SurrealDB Configuration"
-description = "Configure SurrealDB backend for policy storage"
 condition = "database_backend_selection == 'surrealdb_embedded' || database_backend_selection == 'surrealdb_server'"
+description = "Configure SurrealDB backend for policy storage"
 includes = ["fragments/database-surrealdb-section.toml"]
+name = "database_surrealdb_group"
+title = "SurrealDB Configuration"
+type = "group"
 
 [[items]]
-name = "database_postgres_group"
-type = "group"
-title = "PostgreSQL Configuration"
-description = "Configure PostgreSQL backend for policy storage"
 condition = "database_backend_selection == 'postgresql'"
+description = "Configure PostgreSQL backend for policy storage"
 includes = ["fragments/database-postgres-section.toml"]
+name = "database_postgres_group"
+title = "PostgreSQL Configuration"
+type = "group"
 
 # CONTROL CENTER-SPECIFIC: SECURITY CONFIGURATION
 # JWT, RBAC, MFA, rate limiting, TLS, sessions
 [[items]]
-name = "security_group"
-type = "group"
-title = "Security Configuration"
 description = "Configure authentication, authorization, and security settings"
 includes = ["fragments/control-center/security-section.toml"]
+name = "security_group"
+title = "Security Configuration"
+type = "group"
 
 # CONTROL CENTER-SPECIFIC: POLICY CONFIGURATION
 # Policy caching, versioning, management
 [[items]]
-name = "policy_group"
-type = "group"
-title = "Policy Configuration"
 description = "Configure policy engine and policy management"
 includes = ["fragments/control-center/policy-section.toml"]
+name = "policy_group"
+title = "Policy Configuration"
+type = "group"
 
 # CONTROL CENTER-SPECIFIC: USER MANAGEMENT CONFIGURATION
 # User registration, sessions, audit logging
 [[items]]
-name = "users_group"
-type = "group"
-title = "User Management Configuration"
 description = "Configure user registration, sessions, and audit"
 includes = ["fragments/control-center/users-section.toml"]
+name = "users_group"
+title = "User Management Configuration"
+type = "group"
 
 # CONTROL CENTER-SPECIFIC: COMPLIANCE & AUDIT CONFIGURATION
 # Audit logging, compliance frameworks, data retention, encryption
 [[items]]
-name = "compliance_group"
-type = "group"
-title = "Compliance & Audit Configuration"
 description = "Configure audit logging, compliance, and data retention"
 includes = ["fragments/control-center/compliance-section.toml"]
+name = "compliance_group"
+title = "Compliance & Audit Configuration"
+type = "group"
 
 # MONITORING CONFIGURATION
 # Metrics collection, health checks
 [[items]]
-name = "monitoring_group"
-type = "group"
-title = "Monitoring Configuration"
 description = "Configure metrics and health checks"
 includes = ["fragments/monitoring-section.toml"]
+name = "monitoring_group"
+title = "Monitoring Configuration"
+type = "group"
 
 # LOGGING CONFIGURATION
 # Log levels, formats, rotation
 [[items]]
-name = "logging_group"
-type = "group"
-title = "Logging Configuration"
 description = "Configure logging behavior and output"
 includes = ["fragments/logging-section.toml"]
+name = "logging_group"
+title = "Logging Configuration"
+type = "group"

.typedialog/platform/forms/extension-registry-form.toml

@@ -1,36 +1,36 @@
 [form]
-name = "Extension Registry Configuration"
 description = "Multi-instance extension distribution via Git sources (Gitea, Forgejo, GitHub) and OCI registries"
+name = "Extension Registry Configuration"
 version = "2.0"
 
 [[sections]]
-name = "Server Configuration"
 description = "Network and performance settings"
 includes = ["fragments/extension-registry/server.toml"]
+name = "Server Configuration"
 
 [[sections]]
-name = "Git Sources"
 description = "Configure Gitea, Forgejo, and GitHub as extension sources"
 includes = [
   "fragments/extension-registry/gitea-multi.toml",
   "fragments/extension-registry/forgejo-multi.toml",
   "fragments/extension-registry/github-multi.toml",
 ]
+name = "Git Sources"
 
 [[sections]]
-name = "OCI Registries"
 description = "Configure OCI registries for distribution (Zot, Harbor, Docker Hub, GHCR, Quay)"
 includes = ["fragments/extension-registry/oci-multi.toml"]
+name = "OCI Registries"
 
 [[sections]]
-name = "Caching"
 description = "Cache configuration and TTL settings"
 includes = ["fragments/extension-registry/cache.toml"]
+name = "Caching"
 
 [[sections]]
-name = "Legacy Configuration"
 description = "Single-instance configuration (automatically migrated to multi-instance format)"
 includes = [
   "fragments/extension-registry/gitea-legacy.toml",
   "fragments/extension-registry/oci-legacy.toml",
 ]
+name = "Legacy Configuration"

.typedialog/platform/forms/fragments/ai-service/dag.toml

@@ -1,8 +1,8 @@
 # AI Service DAG Workflow Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "ai_dag_header"
 title = "🔀 DAG Workflow Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/ai-service/mcp-integration.toml

@@ -1,8 +1,8 @@
 # AI Service MCP Integration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "ai_mcp_header"
 title = "🔧 MCP Integration"
 type = "section_header"

.typedialog/platform/forms/fragments/ai-service/monitoring.toml

@@ -1,8 +1,8 @@
 # AI Service Monitoring Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "ai_monitoring_header"
 title = "📊 Monitoring Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/ai-service/rag-integration.toml

@@ -1,8 +1,8 @@
 # AI Service RAG Integration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "ai_rag_header"
 title = "🧠 RAG Integration"
 type = "section_header"

.typedialog/platform/forms/fragments/ai-service/server.toml

@@ -1,8 +1,8 @@
 # AI Service Server Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "ai_service_server_header"
 title = "🖥️ Server Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/control-center/compliance-section.toml

@@ -1,8 +1,8 @@
 # Control Center Compliance & Audit Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "compliance_section_header"
 title = "✅ Compliance & Audit"
 type = "section_header"

.typedialog/platform/forms/fragments/control-center/policy-section.toml

@@ -1,8 +1,8 @@
 # Control Center Policy Engine Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "policy_section_header"
 title = "📋 Policy Engine Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/control-center/rbac-section.toml

@@ -1,8 +1,8 @@
 # Control Center RBAC Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "rbac_section_header"
 title = "🔐 RBAC Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/control-center/security-section.toml

@@ -2,8 +2,8 @@
 # JWT, RBAC, MFA, rate limiting
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "security_section_header"
 title = "🔐 Security Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/control-center/users-section.toml

@@ -1,8 +1,8 @@
 # Control Center User Management Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "users_section_header"
 title = "👥 User Management"
 type = "section_header"

.typedialog/platform/forms/fragments/database-postgres-section.toml

@@ -2,8 +2,8 @@
 # Used by: control-center, installer (when backend = postgresql)
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "database_section_header"
 title = "💾 PostgreSQL Database Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/database-rocksdb-section.toml

@@ -2,8 +2,8 @@
 # Used by: control-center, installer (when backend = rocksdb)
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "database_section_header"
 title = "💾 RocksDB Database Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/database-surrealdb-section.toml

@@ -2,8 +2,8 @@
 # Used by: orchestrator, control-center (when backend = surrealdb)
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "database_section_header"
 title = "💾 SurrealDB Database Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/deployment/database-backend-selection.toml

@@ -3,8 +3,8 @@
 # Based on the selection, include the corresponding database-*-section.toml fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "database_backend_selection_header"
 title = "🗄️ Database Backend Selection"
 type = "section_header"
@@ -25,69 +25,69 @@ condition = "database_backend_selection == 'rocksdb'"
 default = false
 help = "RocksDB: Embedded key-value store. Zero external dependencies, local filesystem storage, good for solo/multiuser modes. Limited to single instance."
 name = "rocksdb_info"
-type = "info"
 prompt = "RocksDB Info"
+type = "info"
 
 [[elements]]
 condition = "database_backend_selection == 'surrealdb_embedded'"
 default = false
 help = "SurrealDB (Embedded): In-process SurrealDB. No external server needed, queryable JSON/SQL, suitable for small to medium deployments."
 name = "surrealdb_embedded_info"
-type = "info"
 prompt = "SurrealDB Embedded Info"
+type = "info"
 
 [[elements]]
 condition = "database_backend_selection == 'surrealdb_server'"
 default = false
 help = "SurrealDB (Server): External SurrealDB server. Scalable multi-instance, HA ready, suitable for multiuser/enterprise modes."
 name = "surrealdb_server_info"
-type = "info"
 prompt = "SurrealDB Server Info"
+type = "info"
 
 [[elements]]
 condition = "database_backend_selection == 'postgresql'"
 default = false
 help = "PostgreSQL: Traditional RDBMS. Proven stability, full ACID, complex queries, suitable for enterprise with HA via replication."
 name = "postgresql_info"
-type = "info"
 prompt = "PostgreSQL Info"
+type = "info"
 
 # Backend Selection Guidelines
 [[elements]]
-name = "backend_selection_guide"
-type = "section_header"
-title = "Backend Selection Guide"
-border_top = true
 border_bottom = true
+border_top = true
+name = "backend_selection_guide"
+title = "Backend Selection Guide"
+type = "section_header"
 
 [[elements]]
 condition = "deployment_mode == 'solo'"
 default = false
 help = "Recommended for Solo: RocksDB (simplest) or SurrealDB Embedded (more features, same simplicity)"
 name = "solo_recommendation"
-type = "info"
 prompt = "Solo Recommendation"
+type = "info"
 
 [[elements]]
 condition = "deployment_mode == 'multiuser'"
 default = false
 help = "Recommended for MultiUser: SurrealDB Server (scalable, easy clustering) or PostgreSQL (if you need traditional RDBMS)"
 name = "multiuser_recommendation"
-type = "info"
 prompt = "MultiUser Recommendation"
+type = "info"
 
 [[elements]]
 condition = "deployment_mode == 'cicd'"
 default = false
 help = "Recommended for CI/CD: SurrealDB Embedded (ephemeral, no external deps) or RocksDB (fastest)"
 name = "cicd_recommendation"
-type = "info"
 prompt = "CI/CD Recommendation"
+type = "info"
 
 [[elements]]
 condition = "deployment_mode == 'enterprise'"
 default = false
 help = "Recommended for Enterprise: SurrealDB Server HA (native clustering) or PostgreSQL with replication + external backup service"
 name = "enterprise_recommendation"
-type = "info"
 prompt = "Enterprise Recommendation"
+type = "info"

.typedialog/platform/forms/fragments/deployment/mode-selection.toml

@@ -1,8 +1,8 @@
 # Deployment Mode Selection Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "deployment_mode_section_header"
 title = "🚀 Deployment Mode"
 type = "section_header"
@@ -19,11 +19,11 @@ type = "select"
 
 # Mode Descriptions
 [[elements]]
-name = "mode_description"
-type = "section_header"
-title = "Mode Details"
-border_top = false
 border_bottom = true
+border_top = false
+name = "mode_description"
+title = "Mode Details"
+type = "section_header"
 
 # Solo Mode Info (conditional)
 [[elements]]
@@ -67,29 +67,29 @@ condition = "deployment_mode == 'solo'"
 default = false
 help = "Resources: 2 CPU, 4GB RAM | Storage: 50GB | Database: Filesystem or RocksDB | Security: Optional | HA: None"
 name = "solo_resources_info"
-type = "text"
 prompt = "Solo Resources"
+type = "text"
 
 [[elements]]
 condition = "deployment_mode == 'multiuser'"
 default = false
 help = "Resources: 4 CPU, 8GB RAM | Storage: 100GB | Database: PostgreSQL or SurrealDB | Security: RBAC | HA: Optional"
 name = "multiuser_resources_info"
-type = "text"
 prompt = "MultiUser Resources"
+type = "text"
 
 [[elements]]
 condition = "deployment_mode == 'cicd'"
 default = false
 help = "Resources: 8 CPU, 16GB RAM | Storage: 200GB (ephemeral) | Database: Embedded | Security: API tokens | HA: None"
 name = "cicd_resources_info"
-type = "text"
 prompt = "CI/CD Resources"
+type = "text"
 
 [[elements]]
 condition = "deployment_mode == 'enterprise'"
 default = false
 help = "Resources: 16+ CPU, 32+ GB RAM | Storage: 500GB+ | Database: SurrealDB Cluster HA | Security: MFA, Vault | HA: Full clustering"
 name = "enterprise_resources_info"
-type = "text"
 prompt = "Enterprise Resources"
+type = "text"

.typedialog/platform/forms/fragments/extension-registry/auth.toml

@@ -1,8 +1,8 @@
 # Extension Registry Authentication Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "registry_auth_header"
 title = "🔐 Authentication"
 type = "section_header"

.typedialog/platform/forms/fragments/extension-registry/cache.toml

@@ -1,8 +1,8 @@
 # Extension Registry Cache Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "registry_cache_header"
 title = "⚡ Cache Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/extension-registry/gitea.toml

@@ -1,8 +1,8 @@
 # Extension Registry Gitea Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "registry_gitea_header"
 title = "🐙 Gitea Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/extension-registry/oci.toml

@@ -1,8 +1,8 @@
 # Extension Registry OCI Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "registry_oci_header"
 title = "📦 OCI Registry Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/extension-registry/server.toml

@@ -1,8 +1,8 @@
 # Extension Registry Server Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "registry_server_header"
 title = "🖥️ Server Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/installer/database-section.toml

@@ -1,8 +1,8 @@
 # Installer Database Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "database_section_header"
 title = "🗄️ Database Configuration"
 type = "section_header"
@@ -105,8 +105,8 @@ type = "confirm"
 condition = "backup_before_install == true"
 default = 7
 help = "Backup retention in days"
-min = 1
 max = 365
+min = 1
 name = "backup_retention_days"
 nickel_path = ["installer", "database", "backup", "retention_days"]
 prompt = "Backup Retention (days)"

.typedialog/platform/forms/fragments/installer/ha-section.toml

@@ -1,8 +1,8 @@
 # Installer High Availability Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "ha_section_header"
 title = "🔄 High Availability"
 type = "section_header"
@@ -21,8 +21,8 @@ type = "confirm"
 condition = "ha_enabled == true"
 default = 3
 help = "Number of nodes in the HA cluster"
-min = 3
 max = 256
+min = 3
 name = "ha_cluster_size"
 nickel_path = ["installer", "ha", "cluster_size"]
 prompt = "Cluster Size"
@@ -103,8 +103,8 @@ type = "confirm"
 condition = "ha_health_checks_enabled == true"
 default = 10
 help = "Health check interval in seconds"
-min = 1
 max = 120
+min = 1
 name = "ha_health_check_interval"
 nickel_path = ["installer", "ha", "health_checks", "interval_seconds"]
 prompt = "Health Check Interval (seconds)"
@@ -114,8 +114,8 @@ type = "number"
 condition = "ha_health_checks_enabled == true"
 default = 30000
 help = "Health check timeout in milliseconds"
-min = 1000
 max = 300000
+min = 1000
 name = "ha_health_check_timeout"
 nickel_path = ["installer", "ha", "health_checks", "timeout_ms"]
 prompt = "Health Check Timeout (ms)"
@@ -125,8 +125,8 @@ type = "number"
 condition = "ha_health_checks_enabled == true"
 default = 3
 help = "Number of failed checks before marking node as unhealthy"
-min = 1
 max = 10
+min = 1
 name = "ha_health_check_failure_threshold"
 nickel_path = ["installer", "ha", "health_checks", "failure_threshold"]
 prompt = "Failure Threshold"
@@ -156,8 +156,8 @@ type = "select"
 condition = "ha_failover_enabled == true"
 default = 60
 help = "Failover delay in seconds (wait before failing over)"
-min = 0
 max = 600
+min = 0
 name = "ha_failover_delay"
 nickel_path = ["installer", "ha", "failover", "delay_seconds"]
 prompt = "Failover Delay (seconds)"
@@ -167,8 +167,8 @@ type = "number"
 condition = "ha_failover_enabled == true && ha_failover_strategy == 'priority_based'"
 default = 100
 help = "Priority value for node selection in failover (higher = higher priority)"
-min = 0
 max = 1000
+min = 0
 name = "ha_node_priority"
 nickel_path = ["installer", "ha", "failover", "node_priority"]
 prompt = "Node Priority"
@@ -188,8 +188,8 @@ type = "confirm"
 condition = "ha_split_brain_enabled == true"
 default = 30
 help = "Timeout for detecting split-brain in seconds"
-min = 5
 max = 300
+min = 5
 name = "ha_split_brain_timeout"
 nickel_path = ["installer", "ha", "split_brain", "timeout_seconds"]
 prompt = "Split-Brain Timeout (seconds)"
@@ -230,8 +230,8 @@ type = "number"
 condition = "ha_backup_enabled == true"
 default = 7
 help = "Backup retention in days"
-min = 1
 max = 365
+min = 1
 name = "ha_backup_retention_days"
 nickel_path = ["installer", "ha", "backup", "retention_days"]
 prompt = "Backup Retention (days)"

.typedialog/platform/forms/fragments/installer/installation-section.toml

@@ -1,8 +1,8 @@
 # Installer Installation Strategy Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "installation_section_header"
 title = "🔧 Installation Strategy"
 type = "section_header"
@@ -216,8 +216,8 @@ type = "confirm"
 condition = "auto_recovery_enabled == true"
 default = 3
 help = "Maximum number of recovery attempts"
-min = 1
 max = 10
+min = 1
 name = "auto_recovery_max_attempts"
 nickel_path = ["installer", "installation", "auto_recovery", "max_attempts"]
 prompt = "Max Recovery Attempts"

.typedialog/platform/forms/fragments/installer/networking-section.toml

@@ -1,8 +1,8 @@
 # Installer Networking Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "installer_networking_section_header"
 title = "🌐 Networking Configuration"
 type = "section_header"
@@ -56,8 +56,8 @@ type = "text"
 condition = "configure_dns == true"
 default = 53
 help = "DNS server port"
-min = 1
 max = 65535
+min = 1
 name = "dns_port"
 nickel_path = ["installer", "networking", "dns", "port"]
 prompt = "DNS Port"

.typedialog/platform/forms/fragments/installer/post-install-section.toml

@@ -1,8 +1,8 @@
 # Installer Post-Installation Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "post_install_section_header"
 title = "✨ Post-Installation"
 type = "section_header"

.typedialog/platform/forms/fragments/installer/preflight-section.toml

@@ -1,8 +1,8 @@
 # Installer Preflight Checks Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "preflight_section_header"
 title = "✅ Preflight Checks"
 type = "section_header"
@@ -40,8 +40,8 @@ type = "confirm"
 condition = "check_memory == true"
 default = 4
 help = "Minimum required RAM in GB"
-min = 1
 max = 512
+min = 1
 name = "min_memory_gb"
 nickel_path = ["installer", "preflight", "memory_check", "min_memory_gb"]
 prompt = "Min Memory (GB)"
@@ -60,8 +60,8 @@ type = "confirm"
 condition = "check_cpu == true"
 default = 2
 help = "Minimum required CPU cores"
-min = 1
 max = 128
+min = 1
 name = "min_cpu_cores"
 nickel_path = ["installer", "preflight", "cpu_check", "min_cpu_cores"]
 prompt = "Min CPU Cores"

.typedialog/platform/forms/fragments/installer/services-section.toml

@@ -1,8 +1,8 @@
 # Installer Services Selection Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "services_section_header"
 title = "🚀 Services Selection"
 type = "section_header"

.typedialog/platform/forms/fragments/installer/storage-section.toml

@@ -1,8 +1,8 @@
 # Installer Storage Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "installer_storage_section_header"
 title = "💾 Storage Configuration"
 type = "section_header"
@@ -218,8 +218,8 @@ type = "confirm"
 condition = "storage_cleanup_enabled == true"
 default = 90
 help = "Retention period for archived data in days"
-min = 7
 max = 3650
+min = 7
 name = "storage_cleanup_retention_days"
 nickel_path = ["installer", "storage", "cleanup", "retention_days"]
 prompt = "Retention Period (days)"

.typedialog/platform/forms/fragments/installer/target-section.toml

@@ -1,8 +1,8 @@
 # Installer Target Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "target_section_header"
 title = "🎯 Installation Target"
 type = "section_header"

.typedialog/platform/forms/fragments/installer/upgrades-section.toml

@@ -1,8 +1,8 @@
 # Installer Upgrades Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "upgrades_section_header"
 title = "📦 Upgrades Configuration"
 type = "section_header"
@@ -58,8 +58,8 @@ type = "select"
 condition = "upgrade_strategy == 'rolling'"
 default = 1
 help = "Number of services to upgrade in parallel"
-min = 1
 max = 10
+min = 1
 name = "rolling_upgrade_parallel"
 nickel_path = ["installer", "upgrades", "rolling", "parallel_services"]
 prompt = "Parallel Services"
@@ -69,8 +69,8 @@ type = "number"
 condition = "upgrade_strategy == 'canary'"
 default = 10
 help = "Percentage of traffic to route to canary version"
-min = 1
 max = 50
+min = 1
 name = "canary_percentage"
 nickel_path = ["installer", "upgrades", "canary", "traffic_percentage"]
 prompt = "Canary Traffic %"
@@ -185,8 +185,8 @@ type = "select"
 condition = "backup_before_upgrade == true"
 default = 30
 help = "Backup timeout in minutes"
-min = 5
 max = 1440
+min = 5
 name = "backup_timeout_minutes"
 nickel_path = ["installer", "upgrades", "backup_timeout_minutes"]
 prompt = "Backup Timeout (minutes)"

.typedialog/platform/forms/fragments/logging-section.toml

@@ -2,8 +2,8 @@
 # Optional for all services
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "logging_section_header"
 title = "📝 Logging Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/mcp-server/prompts-section.toml

@@ -1,8 +1,8 @@
 # MCP Server Prompts Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "prompts_section_header"
 title = "💬 Prompts Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/mcp-server/resources-section.toml

@@ -1,8 +1,8 @@
 # MCP Server Resources Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "resources_section_header"
 title = "📦 Resources Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/mcp-server/sampling-section.toml

@@ -1,8 +1,8 @@
 # MCP Server Sampling Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "sampling_section_header"
 title = "🎲 Sampling Configuration"
 type = "section_header"
@@ -39,8 +39,8 @@ type = "text"
 condition = "sampling_enabled == true"
 default = 0.7
 help = "Temperature for sampling (0.0-2.0, higher = more creative)"
-min = 0.0
 max = 2.0
+min = 0.0
 name = "sampling_temperature"
 nickel_path = ["sampling", "temperature"]
 prompt = "Temperature"

.typedialog/platform/forms/fragments/mcp-server/tools-section.toml

@@ -1,8 +1,8 @@
 # MCP Server Tools Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "tools_section_header"
 title = "🔧 Tools Configuration"
 type = "section_header"
@@ -30,8 +30,8 @@ type = "number"
 condition = "tools_enabled == true"
 default = 30000
 help = "Tool execution timeout in milliseconds (range: ${constraint.mcp_server.tools.timeout.min}-${constraint.mcp_server.tools.timeout.max})"
-min = "${constraint.mcp_server.tools.timeout.min}"
 max = "${constraint.mcp_server.tools.timeout.max}"
+min = "${constraint.mcp_server.tools.timeout.min}"
 name = "tools_timeout"
 nickel_path = ["tools", "timeout"]
 prompt = "Tool Timeout (ms)"

.typedialog/platform/forms/fragments/monitoring-section.toml

@@ -2,8 +2,8 @@
 # Optional for all services
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "monitoring_section_header"
 title = "📊 Monitoring Configuration"
 type = "section_header"
@@ -29,8 +29,8 @@ type = "confirm"
 condition = "monitoring_enabled == true && monitoring_metrics_enabled == true"
 default = 60
 help = "Metrics collection interval in seconds (range: ${constraint.common.monitoring.metrics_interval.min}-${constraint.common.monitoring.metrics_interval.max})"
-min = "${constraint.common.monitoring.metrics_interval.min}"
 max = "${constraint.common.monitoring.metrics_interval.max}"
+min = "${constraint.common.monitoring.metrics_interval.min}"
 name = "monitoring_metrics_interval"
 nickel_path = ["monitoring", "metrics", "interval"]
 prompt = "Metrics Collection Interval (seconds)"

.typedialog/platform/forms/fragments/orchestrator/batch-section.toml

@@ -1,8 +1,8 @@
 # Orchestrator Batch Workflow Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "batch_section_header"
 title = "🔄 Batch Workflow Configuration"
 type = "section_header"
@@ -20,8 +20,8 @@ type = "number"
 [[elements]]
 default = 1800000
 help = "Batch operation timeout in milliseconds (range: ${constraint.orchestrator.batch.operation_timeout.min}-${constraint.orchestrator.batch.operation_timeout.max})"
-min = "${constraint.orchestrator.batch.operation_timeout.min}"
 max = "${constraint.orchestrator.batch.operation_timeout.max}"
+min = "${constraint.orchestrator.batch.operation_timeout.min}"
 name = "batch_operation_timeout"
 nickel_path = ["batch", "operation_timeout"]
 prompt = "Operation Timeout (ms)"

.typedialog/platform/forms/fragments/orchestrator/extensions-section.toml

@@ -1,8 +1,8 @@
 # Orchestrator Extensions Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "extensions_section_header"
 title = "🔌 Extensions Configuration"
 type = "section_header"
@@ -123,8 +123,8 @@ type = "number"
 condition = "auto_load_extensions == true && extensions_sandbox_enabled == true"
 default = 1
 help = "Maximum CPU cores for sandboxed extension"
-min = 0.1
 max = 8
+min = 0.1
 name = "extensions_sandbox_max_cpu"
 nickel_path = ["orchestrator", "extensions", "sandbox", "max_cpu"]
 prompt = "Max CPU Cores"
@@ -174,8 +174,8 @@ type = "number"
 condition = "auto_load_extensions == true && extensions_health_check_enabled == true"
 default = 3
 help = "Number of failed health checks before unloading extension"
-min = 1
 max = 10
+min = 1
 name = "extensions_health_check_failure_threshold"
 nickel_path = ["orchestrator", "extensions", "health_check", "failure_threshold"]
 prompt = "Failure Threshold"

.typedialog/platform/forms/fragments/orchestrator/performance-section.toml

@@ -1,8 +1,8 @@
 # Orchestrator Performance Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "performance_section_header"
 title = "⚡ Performance Configuration"
 type = "section_header"
@@ -39,8 +39,8 @@ type = "confirm"
 condition = "memory_limits_enabled == true"
 default = 4096
 help = "Maximum heap memory in MB"
-min = 256
 max = 131072
+min = 256
 name = "memory_max_heap_mb"
 nickel_path = ["orchestrator", "performance", "memory_limits", "max_heap_mb"]
 prompt = "Max Heap Memory (MB)"
@@ -61,8 +61,8 @@ type = "number"
 condition = "memory_limits_enabled == true"
 default = 80
 help = "Garbage collection trigger threshold (%)"
-min = 50
 max = 95
+min = 50
 name = "memory_gc_threshold_percent"
 nickel_path = ["orchestrator", "performance", "memory_limits", "gc_threshold_percent"]
 prompt = "GC Threshold (%)"
@@ -91,8 +91,8 @@ type = "select"
 condition = "profiling_enabled == true"
 default = 100
 help = "Profiling sampling rate in Hz (samples per second)"
-min = 10
 max = 1000
+min = 10
 name = "profiling_sample_rate"
 nickel_path = ["orchestrator", "performance", "profiling", "sample_rate_hz"]
 prompt = "Sampling Rate (Hz)"
@@ -172,8 +172,8 @@ type = "number"
 [[elements]]
 default = 4
 help = "Number of worker threads for task execution"
-min = 1
 max = 256
+min = 1
 name = "thread_pool_size"
 nickel_path = ["orchestrator", "performance", "thread_pool", "size"]
 prompt = "Thread Pool Size"
@@ -182,8 +182,8 @@ type = "number"
 [[elements]]
 default = 128
 help = "Work queue size per worker thread"
-min = 8
 max = 10000
+min = 8
 name = "thread_pool_queue_size"
 nickel_path = ["orchestrator", "performance", "thread_pool", "queue_size"]
 prompt = "Work Queue Size"
@@ -211,8 +211,8 @@ type = "confirm"
 condition = "async_io_enabled == true"
 default = 4
 help = "Number of I/O worker threads"
-min = 1
 max = 32
+min = 1
 name = "async_io_worker_threads"
 nickel_path = ["orchestrator", "performance", "async_io", "worker_threads"]
 prompt = "I/O Worker Threads"

.typedialog/platform/forms/fragments/orchestrator/queue-section.toml

@@ -1,8 +1,8 @@
 # Orchestrator Queue Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "queue_section_header"
 title = "📦 Queue Configuration"
 type = "section_header"
@@ -20,8 +20,8 @@ type = "number"
 [[elements]]
 default = 3
 help = "Number of retry attempts for failed tasks (range: ${constraint.orchestrator.queue.retry_attempts.min}-${constraint.orchestrator.queue.retry_attempts.max})"
-min = "${constraint.orchestrator.queue.retry_attempts.min}"
 max = "${constraint.orchestrator.queue.retry_attempts.max}"
+min = "${constraint.orchestrator.queue.retry_attempts.min}"
 name = "queue_retry_attempts"
 nickel_path = ["queue", "retry_attempts"]
 prompt = "Retry Attempts"
@@ -30,8 +30,8 @@ type = "number"
 [[elements]]
 default = 5000
 help = "Delay in milliseconds between retry attempts (range: ${constraint.orchestrator.queue.retry_delay.min}-${constraint.orchestrator.queue.retry_delay.max})"
-min = "${constraint.orchestrator.queue.retry_delay.min}"
 max = "${constraint.orchestrator.queue.retry_delay.max}"
+min = "${constraint.orchestrator.queue.retry_delay.min}"
 name = "queue_retry_delay"
 nickel_path = ["queue", "retry_delay"]
 prompt = "Retry Delay (ms)"
@@ -40,8 +40,8 @@ type = "number"
 [[elements]]
 default = 3600000
 help = "Task timeout in milliseconds (range: ${constraint.orchestrator.queue.task_timeout.min}-${constraint.orchestrator.queue.task_timeout.max})"
-min = "${constraint.orchestrator.queue.task_timeout.min}"
 max = "${constraint.orchestrator.queue.task_timeout.max}"
+min = "${constraint.orchestrator.queue.task_timeout.min}"
 name = "queue_task_timeout"
 nickel_path = ["queue", "task_timeout"]
 prompt = "Task Timeout (ms)"

.typedialog/platform/forms/fragments/orchestrator/storage-section.toml

@@ -1,8 +1,8 @@
 # Orchestrator Storage Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "storage_section_header"
 title = "💾 Storage Configuration"
 type = "section_header"
@@ -134,8 +134,8 @@ type = "select"
 condition = "storage_compression_enabled == true && storage_compression_algorithm == 'zstd'"
 default = 3
 help = "Compression level (1-19, higher = better compression but slower)"
-min = 1
 max = 19
+min = 1
 name = "storage_compression_level"
 nickel_path = ["orchestrator", "storage", "compression", "level"]
 prompt = "Compression Level"

.typedialog/platform/forms/fragments/provisioning-daemon/actions.toml

@@ -1,8 +1,8 @@
 # Provisioning Daemon Actions Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "daemon_actions_header"
 title = "✓ Actions Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/provisioning-daemon/daemon.toml

@@ -1,8 +1,8 @@
 # Provisioning Daemon Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "daemon_config_header"
 title = "⚙️ Daemon Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/provisioning-daemon/health.toml

@@ -1,8 +1,8 @@
 # Provisioning Daemon Health Check Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "daemon_health_header"
 title = "❤️ Health Check Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/provisioning-daemon/logging.toml

@@ -1,8 +1,8 @@
 # Provisioning Daemon Logging Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "daemon_logging_header"
 title = "📝 Logging Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/provisioning-daemon/workers.toml

@@ -1,8 +1,8 @@
 # Provisioning Daemon Worker Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "daemon_workers_header"
 title = "👷 Worker Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/provisioning/.typedialog/provisioning/platform/scripts/README.md

@@ -1,98 +1 @@
-# TypeDialog + Nickel Configuration Scripts
-
-Phase 8 Nushell automation scripts for interactive configuration workflow, config generation, validation, and deployment.
-
-## Quick Start
-
-```bash
-# 1. Interactive Configuration (TypeDialog)
-nu scripts/configure.nu orchestrator solo
-
-# 2. Generate TOML configs
-nu scripts/generate-configs.nu orchestrator solo
-
-# 3. Validate configuration
-nu scripts/validate-config.nu provisioning/.typedialog/provisioning/platform/values/orchestrator.solo.ncl
-
-# 4. Render Docker Compose
-nu scripts/render-docker-compose.nu solo
-
-# 5. Full deployment workflow
-nu scripts/install-services.nu orchestrator solo --docker
-```
-
-## Scripts Overview
-
-### Shared Helpers
-- **ansi.nu** - ANSI color and emoji output formatting
-- **paths.nu** - Path validation and directory structure helpers  
-- **external.nu** - Safe external command execution with error handling
-
-### Core Configuration Scripts
-- **configure.nu** - Interactive TypeDialog configuration wizard
-- **generate-configs.nu** - Export Nickel configs to TOML
-- **validate-config.nu** - Validate Nickel configuration
-
-### Rendering Scripts
-- **render-docker-compose.nu** - Render Docker Compose from Nickel templates
-- **render-kubernetes.nu** - Render Kubernetes manifests from Nickel templates
-
-### Deployment & Monitoring Scripts
-- **install-services.nu** - Full deployment orchestration
-- **detect-services.nu** - Auto-detect running services
-
-## Supported Services
-- orchestrator (port 9090)
-- control-center (port 8080)
-- mcp-server (port 8888)
-- installer (port 8000)
-
-## Supported Deployment Modes
-- solo (2 CPU, 4GB RAM)
-- multiuser (4 CPU, 8GB RAM)
-- cicd (8 CPU, 16GB RAM)
-- enterprise (16+ CPU, 32+ GB RAM)
-
-## Nushell Compliance
-All scripts follow Nushell 0.109.0+ guidelines with proper type signatures, error handling, and no try-catch blocks.
-
-## Examples
-
-### Single Service Configuration
-```bash
-nu scripts/configure.nu orchestrator solo --backend web
-nu scripts/validate-config.nu provisioning/.typedialog/provisioning/platform/values/orchestrator.solo.ncl
-nu scripts/generate-configs.nu orchestrator solo
-cargo run -p orchestrator -- --config provisioning/platform/config/orchestrator.solo.toml
-```
-
-### Docker Compose Deployment
-```bash
-nu scripts/generate-configs.nu orchestrator multiuser
-nu scripts/render-docker-compose.nu multiuser
-docker-compose -f provisioning/platform/infrastructure/docker/docker-compose.multiuser.yml up -d
-```
-
-### Kubernetes Deployment
-```bash
-nu scripts/generate-configs.nu orchestrator enterprise
-nu scripts/render-kubernetes.nu enterprise --namespace production
-nu scripts/install-services.nu all enterprise --kubernetes --namespace production
-```
-
-## Phase 8 Status
-
-✅ Phase 8.A: Shared helper modules
-✅ Phase 8.B: Core configuration scripts  
-✅ Phase 8.C: Rendering scripts
-✅ Phase 8.D: Deployment orchestration
-✅ Phase 8.E: Testing and documentation
-
-## Requirements
-
-- Nushell 0.109.1+
-- Nickel 1.15.1+
-- TypeDialog CLI
-- yq v4.50.1+
-- Docker (optional)
-- kubectl (optional)
+# TypeDialog + Nickel Configuration Scripts\n\nPhase 8 Nushell automation scripts for interactive configuration workflow, config generation, validation, and deployment.\n\n## Quick Start\n\n```\n# 1. Interactive Configuration (TypeDialog)\nnu scripts/configure.nu orchestrator solo\n\n# 2. Generate TOML configs\nnu scripts/generate-configs.nu orchestrator solo\n\n# 3. Validate configuration\nnu scripts/validate-config.nu provisioning/.typedialog/provisioning/platform/values/orchestrator.solo.ncl\n\n# 4. Render Docker Compose\nnu scripts/render-docker-compose.nu solo\n\n# 5. Full deployment workflow\nnu scripts/install-services.nu orchestrator solo --docker\n```\n\n## Scripts Overview\n\n### Shared Helpers\n- **ansi.nu** - ANSI color and emoji output formatting\n- **paths.nu** - Path validation and directory structure helpers  \n- **external.nu** - Safe external command execution with error handling\n\n### Core Configuration Scripts\n- **configure.nu** - Interactive TypeDialog configuration wizard\n- **generate-configs.nu** - Export Nickel configs to TOML\n- **validate-config.nu** - Validate Nickel configuration\n\n### Rendering Scripts\n- **render-docker-compose.nu** - Render Docker Compose from Nickel templates\n- **render-kubernetes.nu** - Render Kubernetes manifests from Nickel templates\n\n### Deployment & Monitoring Scripts\n- **install-services.nu** - Full deployment orchestration\n- **detect-services.nu** - Auto-detect running services\n\n## Supported Services\n- orchestrator (port 9090)\n- control-center (port 8080)\n- mcp-server (port 8888)\n- installer (port 8000)\n\n## Supported Deployment Modes\n- solo (2 CPU, 4GB RAM)\n- multiuser (4 CPU, 8GB RAM)\n- cicd (8 CPU, 16GB RAM)\n- enterprise (16+ CPU, 32+ GB RAM)\n\n## Nushell Compliance\nAll scripts follow Nushell 0.109.0+ guidelines with proper type signatures, error handling, and no try-catch blocks.\n\n## Examples\n\n### Single Service Configuration\n```\nnu scripts/configure.nu orchestrator solo --backend web\nnu scripts/validate-config.nu provisioning/.typedialog/provisioning/platform/values/orchestrator.solo.ncl\nnu scripts/generate-configs.nu orchestrator solo\ncargo run -p orchestrator -- --config provisioning/platform/config/orchestrator.solo.toml\n```\n\n### Docker Compose Deployment\n```\nnu scripts/generate-configs.nu orchestrator multiuser\nnu scripts/render-docker-compose.nu multiuser\ndocker-compose -f provisioning/platform/infrastructure/docker/docker-compose.multiuser.yml up -d\n```\n\n### Kubernetes Deployment\n```\nnu scripts/generate-configs.nu orchestrator enterprise\nnu scripts/render-kubernetes.nu enterprise --namespace production\nnu scripts/install-services.nu all enterprise --kubernetes --namespace production\n```\n\n## Phase 8 Status\n\n✅ Phase 8.A: Shared helper modules\n✅ Phase 8.B: Core configuration scripts  \n✅ Phase 8.C: Rendering scripts\n✅ Phase 8.D: Deployment orchestration\n✅ Phase 8.E: Testing and documentation\n\n## Requirements\n\n- Nushell 0.109.1+\n- Nickel 1.15.1+\n- TypeDialog CLI\n- yq v4.50.1+\n- Docker (optional)\n- kubectl (optional)

.typedialog/platform/forms/fragments/rag/embeddings.toml

@@ -1,8 +1,8 @@
 # RAG Embeddings Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "rag_embeddings_header"
 title = "🧠 Embeddings Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/rag/ingestion.toml

@@ -1,8 +1,8 @@
 # RAG Document Ingestion Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "rag_ingestion_header"
 title = "📄 Document Ingestion Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/rag/llm.toml

@@ -1,8 +1,8 @@
 # RAG Language Model Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "rag_llm_header"
 title = "🤖 Language Model Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/rag/retrieval.toml

@@ -1,8 +1,8 @@
 # RAG Retrieval Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "rag_retrieval_header"
 title = "🔍 Retrieval Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/rag/vector-db.toml

@@ -1,8 +1,8 @@
 # RAG Vector Database Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "rag_vector_db_header"
 title = "🗄️ Vector Database Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/server-section.toml

@@ -2,8 +2,8 @@
 # Used by all services: orchestrator, control-center, mcp-server
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "server_section_header"
 title = "🌐 HTTP Server Configuration"
 type = "section_header"
@@ -31,8 +31,8 @@ type = "number"
 [[elements]]
 default = 4
 help = "Number of worker threads for HTTP server (range: ${constraint.common.server.workers.min}-${constraint.common.server.workers.max})"
-min = "${constraint.common.server.workers.min}"
 max = "${constraint.common.server.workers.max}"
+min = "${constraint.common.server.workers.min}"
 name = "server_workers"
 nickel_path = ["server", "workers"]
 prompt = "Worker Threads"
@@ -41,8 +41,8 @@ type = "number"
 [[elements]]
 default = 75
 help = "TCP keep-alive timeout in seconds (0 = disabled, range: ${constraint.common.server.keep_alive.min}-${constraint.common.server.keep_alive.max})"
-min = "${constraint.common.server.keep_alive.min}"
 max = "${constraint.common.server.keep_alive.max}"
+min = "${constraint.common.server.keep_alive.min}"
 name = "server_keep_alive"
 nickel_path = ["server", "keep_alive"]
 prompt = "Keep-Alive Timeout (seconds)"
@@ -51,8 +51,8 @@ type = "number"
 [[elements]]
 default = 100
 help = "Maximum number of concurrent TCP connections (range: ${constraint.common.server.max_connections.min}-${constraint.common.server.max_connections.max})"
-min = "${constraint.common.server.max_connections.min}"
 max = "${constraint.common.server.max_connections.max}"
+min = "${constraint.common.server.max_connections.min}"
 name = "server_max_connections"
 nickel_path = ["server", "max_connections"]
 prompt = "Max Connections"

.typedialog/platform/forms/fragments/vault-service/ha.toml

@@ -1,8 +1,8 @@
 # Vault Service High Availability Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "vault_ha_header"
 title = "🔄 High Availability Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/vault-service/mount.toml

@@ -1,8 +1,8 @@
 # Vault Service Mount Point Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "vault_mount_header"
 title = "📍 Mount Point Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/vault-service/server.toml

@@ -1,8 +1,8 @@
 # Vault Service Server Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "vault_server_header"
 title = "🖥️ Server Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/vault-service/storage.toml

@@ -1,8 +1,8 @@
 # Vault Service Storage Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "vault_storage_header"
 title = "💾 Storage Configuration"
 type = "section_header"

.typedialog/platform/forms/fragments/vault-service/tls.toml

@@ -1,8 +1,8 @@
 # Vault Service TLS Configuration Fragment
 
 [[elements]]
-border_top = true
 border_bottom = false
+border_top = true
 name = "vault_tls_header"
 title = "🔒 TLS Configuration"
 type = "section_header"

.typedialog/platform/forms/installer-form.toml

@@ -1,7 +1,7 @@
-name = "installer_configuration"
 description = "Interactive configuration for Provisioning Platform Installer (deployment and lifecycle management)"
 display_mode = "complete"
 fallback_locale = "en-US"
+name = "installer_configuration"
 
 # ============================================================================
 # INSTALLER SERVICE FORM - COMPOSED FROM FRAGMENTS
@@ -13,98 +13,101 @@ fallback_locale = "en-US"
 # DEPLOYMENT MODE SELECTION
 # Determines deployment environment and service resources
 [[items]]
-name = "deployment_mode_group"
-type = "group"
-title = "Deployment Configuration"
 description = "Select deployment mode and database backend for installed services"
-includes = ["fragments/deployment/mode-selection.toml", "fragments/deployment/database-backend-selection.toml"]
+includes = [
+  "fragments/deployment/mode-selection.toml",
+  "fragments/deployment/database-backend-selection.toml",
+]
+name = "deployment_mode_group"
+title = "Deployment Configuration"
+type = "group"
 
 # INSTALLATION TARGET CONFIGURATION
 # Target environment: local, remote, kubernetes, docker
 [[items]]
-name = "target_group"
-type = "group"
-title = "Installation Target"
 description = "Configure target environment and connectivity"
 includes = ["fragments/installer/target-section.toml"]
+name = "target_group"
+title = "Installation Target"
+type = "group"
 
 # PREFLIGHT CHECKS CONFIGURATION
 # Disk, memory, CPU, network, dependencies, ports validation
 [[items]]
-name = "preflight_group"
-type = "group"
-title = "Preflight Checks"
 description = "Configure pre-installation validation checks"
 includes = ["fragments/installer/preflight-section.toml"]
+name = "preflight_group"
+title = "Preflight Checks"
+type = "group"
 
 # INSTALLATION STRATEGY CONFIGURATION
 # Installation mode, parallelization, timeout, rollback, logging, hooks
 [[items]]
-name = "installation_group"
-type = "group"
-title = "Installation Strategy"
 description = "Configure installation behavior and strategy"
 includes = ["fragments/installer/installation-section.toml"]
+name = "installation_group"
+title = "Installation Strategy"
+type = "group"
 
 # SERVICES SELECTION CONFIGURATION
 # Which services to install, ports, auto-start, health checks
 [[items]]
-name = "services_group"
-type = "group"
-title = "Services Selection"
 description = "Select which services to install and configure their deployment"
 includes = ["fragments/installer/services-section.toml"]
+name = "services_group"
+title = "Services Selection"
+type = "group"
 
 # DATABASE CONFIGURATION
 # Database initialization, migrations, backup, verification, optimization
 [[items]]
-name = "database_group"
-type = "group"
-title = "Database Configuration"
 description = "Configure database initialization and management"
 includes = ["fragments/installer/database-section.toml"]
+name = "database_group"
+title = "Database Configuration"
+type = "group"
 
 # STORAGE CONFIGURATION
 # Storage location, backend, compression, encryption, replication, cleanup
 [[items]]
-name = "storage_group"
-type = "group"
-title = "Storage Configuration"
 description = "Configure storage for provisioning data and artifacts"
 includes = ["fragments/installer/storage-section.toml"]
+name = "storage_group"
+title = "Storage Configuration"
+type = "group"
 
 # NETWORKING CONFIGURATION
 # Bind address, DNS, TLS, firewall, load balancer, ingress, proxy
 [[items]]
-name = "networking_group"
-type = "group"
-title = "Networking Configuration"
 description = "Configure networking, DNS, TLS, and firewall"
 includes = ["fragments/installer/networking-section.toml"]
+name = "networking_group"
+title = "Networking Configuration"
+type = "group"
 
 # HIGH AVAILABILITY CONFIGURATION
 # Cluster setup, replication, health checks, failover, backup, load distribution
 [[items]]
-name = "ha_group"
-type = "group"
-title = "High Availability Configuration"
 description = "Configure high availability and clustering"
 includes = ["fragments/installer/ha-section.toml"]
+name = "ha_group"
+title = "High Availability Configuration"
+type = "group"
 
 # POST-INSTALLATION CONFIGURATION
 # Admin user, workspace config, extensions, API setup, verification, cleanup
 [[items]]
-name = "post_install_group"
-type = "group"
-title = "Post-Installation Configuration"
 description = "Configure post-installation tasks and verification"
 includes = ["fragments/installer/post-install-section.toml"]
+name = "post_install_group"
+title = "Post-Installation Configuration"
+type = "group"
 
 # UPGRADES CONFIGURATION
 # Auto-upgrade, channels, strategies, pre-checks, backup, rollback, health monitoring
 [[items]]
-name = "upgrades_group"
-type = "group"
-title = "Upgrades Configuration"
 description = "Configure automatic updates and upgrade strategies"
 includes = ["fragments/installer/upgrades-section.toml"]
+name = "upgrades_group"
+title = "Upgrades Configuration"
+type = "group"

.typedialog/platform/forms/mcp-server-form.toml

@@ -1,7 +1,7 @@
-name = "mcp_server_configuration"
 description = "Interactive configuration for MCP Server service (Model Context Protocol interface)"
 display_mode = "complete"
 fallback_locale = "en-US"
+name = "mcp_server_configuration"
 
 # ============================================================================
 # MCP SERVER SERVICE FORM - COMPOSED FROM FRAGMENTS
@@ -13,106 +13,109 @@ fallback_locale = "en-US"
 # DEPLOYMENT MODE SELECTION
 # Determines service resources and feature set (solo/multiuser/cicd/enterprise)
 [[items]]
-name = "deployment_mode_group"
-type = "group"
-title = "Deployment Configuration"
 description = "Select deployment mode and database backend"
-includes = ["fragments/deployment/mode-selection.toml", "fragments/deployment/database-backend-selection.toml"]
+includes = [
+  "fragments/deployment/mode-selection.toml",
+  "fragments/deployment/database-backend-selection.toml",
+]
+name = "deployment_mode_group"
+title = "Deployment Configuration"
+type = "group"
 
 # WORKSPACE CONFIGURATION
 # Workspace name, path, and context
 [[items]]
-name = "workspace_group"
-type = "group"
-title = "Workspace Settings"
 description = "Configure workspace context for this MCP Server instance"
 includes = ["fragments/workspace-section.toml"]
+name = "workspace_group"
+title = "Workspace Settings"
+type = "group"
 
 # SERVER CONFIGURATION
 # HTTP server settings (host, port, workers, connections)
 [[items]]
-name = "server_group"
-type = "group"
-title = "Server Settings"
 description = "Configure HTTP server for MCP Server"
 includes = ["fragments/server-section.toml"]
+name = "server_group"
+title = "Server Settings"
+type = "group"
 
 # DATABASE BACKEND CONFIGURATION
 # Conditional sections based on selected backend
 [[items]]
-name = "database_rocksdb_group"
-type = "group"
-title = "RocksDB Configuration"
-description = "Configure RocksDB backend for MCP state"
 condition = "database_backend_selection == 'rocksdb'"
+description = "Configure RocksDB backend for MCP state"
 includes = ["fragments/database-rocksdb-section.toml"]
+name = "database_rocksdb_group"
+title = "RocksDB Configuration"
+type = "group"
 
 [[items]]
-name = "database_surrealdb_group"
-type = "group"
-title = "SurrealDB Configuration"
-description = "Configure SurrealDB backend for MCP state"
 condition = "database_backend_selection == 'surrealdb_embedded' || database_backend_selection == 'surrealdb_server'"
+description = "Configure SurrealDB backend for MCP state"
 includes = ["fragments/database-surrealdb-section.toml"]
+name = "database_surrealdb_group"
+title = "SurrealDB Configuration"
+type = "group"
 
 [[items]]
-name = "database_postgres_group"
-type = "group"
-title = "PostgreSQL Configuration"
-description = "Configure PostgreSQL backend for MCP state"
 condition = "database_backend_selection == 'postgresql'"
+description = "Configure PostgreSQL backend for MCP state"
 includes = ["fragments/database-postgres-section.toml"]
+name = "database_postgres_group"
+title = "PostgreSQL Configuration"
+type = "group"
 
 # MCP-SPECIFIC: TOOLS CONFIGURATION
 # Tool management, validation, caching, concurrent execution
 [[items]]
-name = "tools_group"
-type = "group"
-title = "Tools Configuration"
 description = "Configure MCP tools, execution, and caching"
 includes = ["fragments/mcp-server/tools-section.toml"]
+name = "tools_group"
+title = "Tools Configuration"
+type = "group"
 
 # MCP-SPECIFIC: PROMPTS CONFIGURATION
 # Custom prompt templates, versioning, caching
 [[items]]
-name = "prompts_group"
-type = "group"
-title = "Prompts Configuration"
 description = "Configure custom prompt templates and management"
 includes = ["fragments/mcp-server/prompts-section.toml"]
+name = "prompts_group"
+title = "Prompts Configuration"
+type = "group"
 
 # MCP-SPECIFIC: RESOURCES CONFIGURATION
 # Resource management, max size, caching, validation
 [[items]]
-name = "resources_group"
-type = "group"
-title = "Resources Configuration"
 description = "Configure MCP resources and resource management"
 includes = ["fragments/mcp-server/resources-section.toml"]
+name = "resources_group"
+title = "Resources Configuration"
+type = "group"
 
 # MCP-SPECIFIC: SAMPLING CONFIGURATION
 # AI model sampling, temperature, output tokens, caching
 [[items]]
-name = "sampling_group"
-type = "group"
-title = "Sampling Configuration"
 description = "Configure AI model sampling and inference"
 includes = ["fragments/mcp-server/sampling-section.toml"]
+name = "sampling_group"
+title = "Sampling Configuration"
+type = "group"
 
 # MONITORING CONFIGURATION
 # Metrics collection, health checks
 [[items]]
-name = "monitoring_group"
-type = "group"
-title = "Monitoring Configuration"
 description = "Configure metrics and health checks"
 includes = ["fragments/monitoring-section.toml"]
+name = "monitoring_group"
+title = "Monitoring Configuration"
+type = "group"
 
 # LOGGING CONFIGURATION
 # Log levels, formats, rotation
 [[items]]
-name = "logging_group"
-type = "group"
-title = "Logging Configuration"
 description = "Configure logging behavior and output"
 includes = ["fragments/logging-section.toml"]
+name = "logging_group"
+title = "Logging Configuration"
+type = "group"

.typedialog/platform/forms/orchestrator-form.toml

@@ -1,7 +1,7 @@
-name = "orchestrator_configuration"
 description = "Interactive configuration for Orchestrator service (workflow engine and task scheduling)"
 display_mode = "complete"
 fallback_locale = "en-US"
+name = "orchestrator_configuration"
 
 # ============================================================================
 # ORCHESTRATOR SERVICE FORM - COMPOSED FROM FRAGMENTS
@@ -13,115 +13,118 @@ fallback_locale = "en-US"
 # DEPLOYMENT MODE SELECTION
 # Determines service resources and feature set (solo/multiuser/cicd/enterprise)
 [[items]]
-name = "deployment_mode_group"
-type = "group"
-title = "Deployment Configuration"
 description = "Select deployment mode and database backend"
-includes = ["fragments/deployment/mode-selection.toml", "fragments/deployment/database-backend-selection.toml"]
+includes = [
+  "fragments/deployment/mode-selection.toml",
+  "fragments/deployment/database-backend-selection.toml",
+]
+name = "deployment_mode_group"
+title = "Deployment Configuration"
+type = "group"
 
 # WORKSPACE CONFIGURATION
 # Workspace name, path, and multi-workspace mode
 [[items]]
-name = "workspace_group"
-type = "group"
-title = "Workspace Settings"
 description = "Configure workspace context for this Orchestrator instance"
 includes = ["fragments/workspace-section.toml"]
+name = "workspace_group"
+title = "Workspace Settings"
+type = "group"
 
 # SERVER CONFIGURATION
 # HTTP server settings (host, port, workers, connections)
 [[items]]
-name = "server_group"
-type = "group"
-title = "Server Settings"
 description = "Configure HTTP server for Orchestrator"
 includes = ["fragments/server-section.toml"]
+name = "server_group"
+title = "Server Settings"
+type = "group"
 
 # DATABASE BACKEND CONFIGURATION
 # Conditional sections based on selected backend
 [[items]]
-name = "database_rocksdb_group"
-type = "group"
-title = "RocksDB Configuration"
-description = "Configure RocksDB backend"
 condition = "database_backend_selection == 'rocksdb'"
+description = "Configure RocksDB backend"
 includes = ["fragments/database-rocksdb-section.toml"]
+name = "database_rocksdb_group"
+title = "RocksDB Configuration"
+type = "group"
 
 [[items]]
-name = "database_surrealdb_group"
-type = "group"
-title = "SurrealDB Configuration"
-description = "Configure SurrealDB backend"
 condition = "database_backend_selection == 'surrealdb_embedded' || database_backend_selection == 'surrealdb_server'"
+description = "Configure SurrealDB backend"
 includes = ["fragments/database-surrealdb-section.toml"]
+name = "database_surrealdb_group"
+title = "SurrealDB Configuration"
+type = "group"
 
 [[items]]
-name = "database_postgres_group"
-type = "group"
-title = "PostgreSQL Configuration"
-description = "Configure PostgreSQL backend"
 condition = "database_backend_selection == 'postgresql'"
+description = "Configure PostgreSQL backend"
 includes = ["fragments/database-postgres-section.toml"]
+name = "database_postgres_group"
+title = "PostgreSQL Configuration"
+type = "group"
 
 # ORCHESTRATOR-SPECIFIC: STORAGE CONFIGURATION
 # Storage backend, caching, compression, garbage collection
 [[items]]
-name = "storage_group"
-type = "group"
-title = "Storage Configuration"
 description = "Configure storage backend for workflow state and artifacts"
 includes = ["fragments/orchestrator/storage-section.toml"]
+name = "storage_group"
+title = "Storage Configuration"
+type = "group"
 
 # ORCHESTRATOR-SPECIFIC: QUEUE CONFIGURATION
 # Task queue, concurrency, retries, timeouts
 [[items]]
-name = "queue_group"
-type = "group"
-title = "Task Queue Configuration"
 description = "Configure task queue behavior and limits"
 includes = ["fragments/orchestrator/queue-section.toml"]
+name = "queue_group"
+title = "Task Queue Configuration"
+type = "group"
 
 # ORCHESTRATOR-SPECIFIC: BATCH WORKFLOW CONFIGURATION
 # Batch operations, parallel limits, checkpointing, rollback
 [[items]]
-name = "batch_group"
-type = "group"
-title = "Batch Workflow Configuration"
 description = "Configure batch workflow execution and recovery"
 includes = ["fragments/orchestrator/batch-section.toml"]
+name = "batch_group"
+title = "Batch Workflow Configuration"
+type = "group"
 
 # ORCHESTRATOR-SPECIFIC: EXTENSIONS CONFIGURATION
 # Extension auto-loading, OCI registry, discovery, sandboxing
 [[items]]
-name = "extensions_group"
-type = "group"
-title = "Extensions Configuration"
 description = "Configure extension management and auto-loading"
 includes = ["fragments/orchestrator/extensions-section.toml"]
+name = "extensions_group"
+title = "Extensions Configuration"
+type = "group"
 
 # ORCHESTRATOR-SPECIFIC: PERFORMANCE CONFIGURATION
 # CPU affinity, memory limits, profiling, caching, thread pools
 [[items]]
-name = "performance_group"
-type = "group"
-title = "Performance Configuration"
 description = "Configure advanced performance settings"
 includes = ["fragments/orchestrator/performance-section.toml"]
+name = "performance_group"
+title = "Performance Configuration"
+type = "group"
 
 # MONITORING CONFIGURATION
 # Metrics collection, health checks
 [[items]]
-name = "monitoring_group"
-type = "group"
-title = "Monitoring Configuration"
 description = "Configure metrics and health checks"
 includes = ["fragments/monitoring-section.toml"]
+name = "monitoring_group"
+title = "Monitoring Configuration"
+type = "group"
 
 # LOGGING CONFIGURATION
 # Log levels, formats, rotation
 [[items]]
-name = "logging_group"
-type = "group"
-title = "Logging Configuration"
 description = "Configure logging behavior and output"
 includes = ["fragments/logging-section.toml"]
+name = "logging_group"
+title = "Logging Configuration"
+type = "group"

.typedialog/platform/forms/provisioning-daemon-form.toml

@@ -1,13 +1,13 @@
 # Provisioning Daemon Configuration Form
 # Sections for provisioning daemon background service
 
-title = "Provisioning Daemon Configuration"
 description = "Configure background provisioning daemon service"
+title = "Provisioning Daemon Configuration"
 
 sections = [
   { name = "daemon", label = "Daemon Control", description = "Daemon operation and polling configuration" },
   { name = "logging", label = "Logging", description = "Log output and verbosity settings" },
   { name = "actions", label = "Actions", description = "Automatic actions and cleanup policies" },
   { name = "workers", label = "Workers", description = "Worker thread and concurrency settings" },
-  { name = "health", label = "Health", description = "Health checks and monitoring" }
+  { name = "health", label = "Health", description = "Health checks and monitoring" },
 ]

.typedialog/platform/forms/rag-form.toml

@@ -1,23 +1,23 @@
 [form]
-name = "RAG System Configuration"
 description = "Retrieval-Augmented Generation system"
+name = "RAG System Configuration"
 
 [[sections]]
-name = "Embeddings"
 includes = ["fragments/rag/embeddings.toml"]
+name = "Embeddings"
 
 [[sections]]
-name = "Vector Database"
 includes = ["fragments/rag/vector-db.toml"]
+name = "Vector Database"
 
 [[sections]]
-name = "Language Model"
 includes = ["fragments/rag/llm.toml"]
+name = "Language Model"
 
 [[sections]]
-name = "Retrieval"
 includes = ["fragments/rag/retrieval.toml"]
+name = "Retrieval"
 
 [[sections]]
-name = "Ingestion"
 includes = ["fragments/rag/ingestion.toml"]
+name = "Ingestion"

.typedialog/platform/forms/vault-service-form.toml

@@ -1,29 +1,29 @@
 [form]
-name = "Vault Service Configuration"
 description = "Secrets management and encryption service configuration"
+name = "Vault Service Configuration"
 version = "1.0"
 
 [[sections]]
-name = "Server"
 description = "HTTP server configuration"
 includes = ["fragments/vault-service/server.toml"]
+name = "Server"
 
 [[sections]]
-name = "Storage"
 description = "Storage backend configuration"
 includes = ["fragments/vault-service/storage.toml"]
+name = "Storage"
 
 [[sections]]
-name = "TLS/SSL"
 description = "TLS and security settings"
 includes = ["fragments/vault-service/tls.toml"]
+name = "TLS/SSL"
 
 [[sections]]
-name = "Mount Point"
 description = "Vault mount point and key configuration"
 includes = ["fragments/vault-service/mount.toml"]
+name = "Mount Point"
 
 [[sections]]
-name = "High Availability"
 description = "HA and clustering configuration"
 includes = ["fragments/vault-service/ha.toml"]
+name = "High Availability"

.typedialog/provisioning/constraints.toml

@@ -3,38 +3,38 @@
 # Version: 1.0.0
 
 [project]
-name_min_length = 1
+description_max_length = 500
 name_max_length = 64
+name_min_length = 1
 name_pattern = "^[a-z0-9-]+$"
 version_pattern = "^[0-9]+\\.[0-9]+\\.[0-9]+$"
-description_max_length = 500
 
 [service]
 # Service type must be one of these
 allowed_types = ["api", "worker", "scheduler", "frontend", "backend", "database", "cache", "queue"]
-name_min_length = 1
-name_max_length = 32
-name_pattern = "^[a-z0-9-]+$"
-replicas_min = 1
-replicas_max = 100
-healthcheck_interval_min = 5
 healthcheck_interval_max = 300
-healthcheck_timeout_min = 1
-healthcheck_timeout_max = 60
-healthcheck_retries_min = 1
+healthcheck_interval_min = 5
 healthcheck_retries_max = 10
+healthcheck_retries_min = 1
+healthcheck_timeout_max = 60
+healthcheck_timeout_min = 1
+name_max_length = 32
+name_min_length = 1
+name_pattern = "^[a-z0-9-]+$"
+replicas_max = 100
+replicas_min = 1
 
   [service.image]
-name_min_length = 1
   name_max_length = 256
+  name_min_length = 1
   tag_max_length = 128
   tag_pattern = "^[a-zA-Z0-9._-]+$"
 
   [service.ports]
-container_port_min = 1
   container_port_max = 65535
-host_port_min = 1024
+  container_port_min = 1
   host_port_max = 65535
+  host_port_min = 1024
   protocol_allowed = ["tcp", "udp", "sctp"]
 
   [service.resources]
@@ -47,110 +47,110 @@ memory_request_pattern = "^[0-9]+(Mi|Gi|M|G|Ki|K)$"
 
 [database]
 allowed_types = ["sqlite", "postgres", "mysql", "surrealdb", "none"]
-name_pattern = "^[a-zA-Z0-9_]+$"
 name_max_length = 64
+name_pattern = "^[a-zA-Z0-9_]+$"
 
   [database.sqlite]
   database_path_max_length = 256
 
   [database.postgres]
-host_max_length = 256
-port_min = 1024
-port_max = 65535
-database_name_max_length = 64
-username_max_length = 64
-password_min_length = 8
-password_max_length = 128
-pool_size_min = 1
-pool_size_max = 1000
-connection_timeout_min = 1
   connection_timeout_max = 300
-idle_timeout_min = 60
+  connection_timeout_min = 1
+  database_name_max_length = 64
+  host_max_length = 256
   idle_timeout_max = 3600
-max_lifetime_min = 300
+  idle_timeout_min = 60
   max_lifetime_max = 86400
+  max_lifetime_min = 300
+  password_max_length = 128
+  password_min_length = 8
+  pool_size_max = 1000
+  pool_size_min = 1
+  port_max = 65535
+  port_min = 1024
+  username_max_length = 64
 
   [database.mysql]
-host_max_length = 256
-port_min = 1024
-port_max = 65535
-database_name_max_length = 64
-username_max_length = 32
-password_min_length = 8
-password_max_length = 128
-pool_size_min = 1
-pool_size_max = 1000
-connection_timeout_min = 1
   connection_timeout_max = 300
+  connection_timeout_min = 1
+  database_name_max_length = 64
+  host_max_length = 256
+  password_max_length = 128
+  password_min_length = 8
+  pool_size_max = 1000
+  pool_size_min = 1
+  port_max = 65535
+  port_min = 1024
+  username_max_length = 32
 
   [database.surrealdb]
-host_max_length = 256
-port_min = 1024
-port_max = 65535
-namespace_max_length = 64
   database_name_max_length = 64
-username_max_length = 64
-password_min_length = 8
+  host_max_length = 256
+  namespace_max_length = 64
   password_max_length = 128
+  password_min_length = 8
+  port_max = 65535
+  port_min = 1024
+  username_max_length = 64
 
 [deployment.docker_compose]
-version_allowed = ["3.8", "3.9"]
 restart_policy_allowed = ["no", "always", "on-failure", "unless-stopped"]
+version_allowed = ["3.8", "3.9"]
 
 [deployment.kubernetes]
-namespace_pattern = "^[a-z0-9-]+$"
-namespace_max_length = 63
 api_version_allowed = ["v1", "apps/v1", "networking.k8s.io/v1"]
+namespace_max_length = 63
+namespace_pattern = "^[a-z0-9-]+$"
 
   [deployment.kubernetes.ingress]
-path_type_allowed = ["Prefix", "Exact", "ImplementationSpecific"]
   class_name_max_length = 64
+  path_type_allowed = ["Prefix", "Exact", "ImplementationSpecific"]
 
 [network]
-network_name_pattern = "^[a-z0-9-]+$"
-network_name_max_length = 64
 driver_allowed = ["bridge", "host", "overlay", "macvlan", "none"]
+network_name_max_length = 64
+network_name_pattern = "^[a-z0-9-]+$"
 subnet_pattern = "^([0-9]{1,3}\\.){3}[0-9]{1,3}/[0-9]{1,2}$"
 
 [storage]
-volume_name_pattern = "^[a-z0-9-]+$"
-volume_name_max_length = 64
 driver_allowed = ["local", "nfs", "cifs"]
 mount_path_max_length = 256
 size_pattern = "^[0-9]+(Mi|Gi|Ti|M|G|T)$"
+volume_name_max_length = 64
+volume_name_pattern = "^[a-z0-9-]+$"
 
 [monitoring.prometheus]
-port_min = 1024
-port_max = 65535
-scrape_interval_min = 5
-scrape_interval_max = 300
-evaluation_interval_min = 5
 evaluation_interval_max = 300
+evaluation_interval_min = 5
+port_max = 65535
+port_min = 1024
 retention_pattern = "^[0-9]+(d|h|m)$"
+scrape_interval_max = 300
+scrape_interval_min = 5
 
 [monitoring.grafana]
-port_min = 1024
-port_max = 65535
-admin_password_min_length = 8
 admin_password_max_length = 128
+admin_password_min_length = 8
+port_max = 65535
+port_min = 1024
 
 [security.tls]
+ca_path_max_length = 256
 cert_path_max_length = 256
 key_path_max_length = 256
-ca_path_max_length = 256
 
 [security.secrets]
-secret_name_pattern = "^[a-z0-9-]+$"
-secret_name_max_length = 64
 secret_key_max_length = 64
+secret_name_max_length = 64
+secret_name_pattern = "^[a-z0-9-]+$"
 
 [security.auth]
 allowed_methods = ["none", "basic", "bearer", "oauth2", "jwt", "api_key"]
-token_expiry_min = 300
 token_expiry_max = 86400
+token_expiry_min = 300
 
 [environment]
 # Environment variable constraints
-var_name_pattern = "^[A-Z_][A-Z0-9_]*$"
 var_name_max_length = 128
+var_name_pattern = "^[A-Z_][A-Z0-9_]*$"
 var_value_max_length = 4096

.typedialog/provisioning/form.toml

@@ -4,7 +4,7 @@
 
 description = "Interactive configuration for deployment provisioning (Docker Compose, Kubernetes, databases, monitoring)"
 display_mode = "complete"
-locales_path = ""
+locales_path = "../../../locales"
 name = "Provisioning Configuration Form"
 
 # ============================================================================
@@ -29,6 +29,7 @@ type = "text"
 validation_pattern = "^[a-z0-9-]+$"
 
 [[elements]]
+default = "0.1.0"
 help = "Semantic version (X.Y.Z)"
 name = "project_version"
 nickel_path = ["provisioning", "project", "version"]
@@ -36,7 +37,6 @@ placeholder = "0.1.0"
 prompt = "Project version"
 required = true
 type = "text"
-default = "0.1.0"
 validation_pattern = "^[0-9]+\\.[0-9]+\\.[0-9]+$"
 
 [[elements]]
@@ -60,21 +60,21 @@ title = "💾 Database Configuration"
 type = "section_header"
 
 [[elements]]
+default = "sqlite"
 help = "Select the database type for your application"
 name = "database_type"
 nickel_path = ["provisioning", "database", "type"]
+options = ["none", "sqlite", "postgres", "mysql", "surrealdb"]
 prompt = "Database type"
 required = true
 type = "select"
-options = ["none", "sqlite", "postgres", "mysql", "surrealdb"]
-default = "sqlite"
 
 # Load database-specific fragments (conditional)
 load_fragments = [
   "fragments/database-sqlite.toml",
   "fragments/database-postgres.toml",
   "fragments/database-mysql.toml",
-    "fragments/database-surrealdb.toml"
+  "fragments/database-surrealdb.toml",
 ]
 
 # ============================================================================
@@ -89,6 +89,7 @@ title = "🚀 Service Configuration"
 type = "section_header"
 
 [[elements]]
+default = "api"
 help = "Name of the main API service"
 name = "api_service_name"
 nickel_path = ["provisioning", "services", "api", "name"]
@@ -96,33 +97,33 @@ placeholder = "api"
 prompt = "API service name"
 required = true
 type = "text"
-default = "api"
 
 [[elements]]
+custom_type = "u16"
+default = "8080"
 help = "Container port for the API service"
+maximum = "65535"
+minimum = "1"
 name = "api_container_port"
 nickel_path = ["provisioning", "services", "api", "ports", "0", "container_port"]
 prompt = "Container port"
 required = true
 type = "custom"
-custom_type = "u16"
-default = "8080"
-minimum = "1"
-maximum = "65535"
 
 [[elements]]
+custom_type = "u16"
+default = "8080"
 help = "Host port to expose the API service"
+maximum = "65535"
+minimum = "1024"
 name = "api_host_port"
 nickel_path = ["provisioning", "services", "api", "ports", "0", "host_port"]
 prompt = "Host port"
 required = true
 type = "custom"
-custom_type = "u16"
-default = "8080"
-minimum = "1024"
-maximum = "65535"
 
 [[elements]]
+default = "/health"
 help = "Health check endpoint for the API"
 name = "api_healthcheck_endpoint"
 nickel_path = ["provisioning", "services", "api", "healthcheck", "endpoint"]
@@ -130,19 +131,18 @@ placeholder = "/health"
 prompt = "Health check endpoint"
 required = true
 type = "text"
-default = "/health"
 
 [[elements]]
+custom_type = "u16"
+default = "1"
 help = "Number of service replicas"
+maximum = "100"
+minimum = "1"
 name = "api_replicas"
 nickel_path = ["provisioning", "services", "api", "replicas"]
 prompt = "Number of replicas"
 required = true
 type = "custom"
-custom_type = "u16"
-default = "1"
-minimum = "1"
-maximum = "100"
 
 # ============================================================================
 # DEPLOYMENT TARGET (Always shown)
@@ -156,20 +156,17 @@ title = "🚢 Deployment Target"
 type = "section_header"
 
 [[elements]]
+default = "docker"
 help = "Select the deployment platform"
 name = "deployment_target"
 nickel_path = ["provisioning", "deployment", "target"]
+options = ["docker", "kubernetes", "both"]
 prompt = "Deployment target"
 required = true
 type = "select"
-options = ["docker", "kubernetes", "both"]
-default = "docker"
 
 # Load deployment-specific fragments (conditional)
-load_fragments = [
-    "fragments/deployment-docker.toml",
-    "fragments/deployment-k8s.toml"
-]
+load_fragments = ["fragments/deployment-docker.toml", "fragments/deployment-k8s.toml"]
 
 # ============================================================================
 # MONITORING (Optional)
@@ -183,18 +180,16 @@ title = "📊 Monitoring & Observability"
 type = "section_header"
 
 [[elements]]
+default = false
 help = "Enable monitoring stack (Prometheus, Grafana)"
 name = "enable_monitoring"
 nickel_path = ["provisioning", "monitoring", "enabled"]
 prompt = "Enable monitoring?"
 required = true
 type = "confirm"
-default = false
 
 # Load monitoring fragment (conditional)
-load_fragments = [
-    "fragments/monitoring.toml"
-]
+load_fragments = ["fragments/monitoring.toml"]
 
 # ============================================================================
 # SECURITY (Optional)
@@ -208,29 +203,26 @@ title = "🔒 Security Configuration"
 type = "section_header"
 
 [[elements]]
+default = false
 help = "Enable TLS/SSL for services"
 name = "enable_tls"
 nickel_path = ["provisioning", "security", "tls", "enabled"]
 prompt = "Enable TLS/SSL?"
 required = true
 type = "confirm"
-default = false
 
 [[elements]]
+default = "none"
 help = "Authentication method"
 name = "auth_method"
 nickel_path = ["provisioning", "security", "auth", "method"]
+options = ["none", "basic", "bearer", "oauth2", "jwt", "api_key"]
 prompt = "Authentication method"
 required = true
 type = "select"
-options = ["none", "basic", "bearer", "oauth2", "jwt", "api_key"]
-default = "none"
 
 # Load security fragments (conditional)
-load_fragments = [
-    "fragments/auth-jwt.toml",
-    "fragments/auth-api-key.toml"
-]
+load_fragments = ["fragments/auth-jwt.toml", "fragments/auth-api-key.toml"]
 
 # ============================================================================
 # CONFIRMATION (Always shown)
@@ -244,9 +236,9 @@ title = "✅ Confirmation"
 type = "section_header"
 
 [[elements]]
+default = true
 help = "Review your configuration and confirm to generate"
 name = "confirm_generation"
 prompt = "Generate provisioning configuration?"
 required = true
 type = "confirm"
-default = true

.typedialog/provisioning/fragments/auth-api-key.toml

@@ -2,30 +2,30 @@
 # Conditional: when auth_method == "api_key"
 
 [[elements]]
-type = "text"
-name = "api_key_header_name"
-prompt = "API key header name"
-help = "HTTP header name for API key (e.g., 'X-API-Key', 'Authorization')"
 default = "X-API-Key"
+help = "HTTP header name for API key (e.g., 'X-API-Key', 'Authorization')"
+name = "api_key_header_name"
 nickel_path = ["provisioning", "security", "auth", "api_key", "header_name"]
+prompt = "API key header name"
 required = true
-when = "auth_method == api_key"
-
-[[elements]]
 type = "text"
-name = "api_key_query_param"
-prompt = "API key query parameter (optional)"
-help = "Query parameter name for API key (e.g., 'api_key'). Leave empty to disable."
-placeholder = "api_key"
-nickel_path = ["provisioning", "security", "auth", "api_key", "query_param"]
-required = false
 when = "auth_method == api_key"
 
 [[elements]]
-type = "section_header"
+help = "Query parameter name for API key (e.g., 'api_key'). Leave empty to disable."
+name = "api_key_query_param"
+nickel_path = ["provisioning", "security", "auth", "api_key", "query_param"]
+placeholder = "api_key"
+prompt = "API key query parameter (optional)"
+required = false
+type = "text"
+when = "auth_method == api_key"
+
+[[elements]]
+border_bottom = true
+border_top = true
+help = "API keys will need to be manually configured in the generated config file"
 name = "api_key_note"
 title = "ℹ️ API Keys Configuration"
-border_top = true
-border_bottom = true
-help = "API keys will need to be manually configured in the generated config file"
+type = "section_header"
 when = "auth_method == api_key"

.typedialog/provisioning/fragments/auth-jwt.toml

@@ -2,45 +2,45 @@
 # Conditional: when auth_method == "jwt"
 
 [[elements]]
-type = "password"
-name = "jwt_secret"
-prompt = "JWT secret key"
 help = "Secret key for signing JWT tokens (min 8 characters, use strong random string)"
-placeholder = "your-secret-key-here"
+name = "jwt_secret"
 nickel_path = ["provisioning", "security", "auth", "jwt", "secret"]
+placeholder = "your-secret-key-here"
+prompt = "JWT secret key"
 required = true
+type = "password"
 when = "auth_method == jwt"
 
 [[elements]]
-type = "select"
-name = "jwt_algorithm"
-prompt = "JWT signing algorithm"
-help = "Algorithm for signing JWT tokens"
-options = ["HS256", "HS384", "HS512", "RS256", "RS384", "RS512"]
 default = "HS256"
+help = "Algorithm for signing JWT tokens"
+name = "jwt_algorithm"
 nickel_path = ["provisioning", "security", "auth", "jwt", "algorithm"]
+options = ["HS256", "HS384", "HS512", "RS256", "RS384", "RS512"]
+prompt = "JWT signing algorithm"
 required = true
+type = "select"
 when = "auth_method == jwt"
 
 [[elements]]
-type = "custom"
 custom_type = "u32"
-name = "jwt_expiry_seconds"
-prompt = "Token expiry (seconds)"
-help = "JWT token expiration time in seconds (300-86400)"
 default = "3600"
-minimum = "300"
+help = "JWT token expiration time in seconds (300-86400)"
 maximum = "86400"
+minimum = "300"
+name = "jwt_expiry_seconds"
 nickel_path = ["provisioning", "security", "auth", "jwt", "expiry_seconds"]
+prompt = "Token expiry (seconds)"
 required = true
+type = "custom"
 when = "auth_method == jwt"
 
 [[elements]]
-type = "text"
-name = "jwt_issuer"
-prompt = "JWT issuer"
 help = "Issuer claim for JWT tokens (e.g., 'my-api')"
-placeholder = "my-api"
+name = "jwt_issuer"
 nickel_path = ["provisioning", "security", "auth", "jwt", "issuer"]
+placeholder = "my-api"
+prompt = "JWT issuer"
 required = false
+type = "text"
 when = "auth_method == jwt"

.typedialog/provisioning/fragments/database-mysql.toml

@@ -2,87 +2,87 @@
 # Conditional: when database_type == "mysql"
 
 [[elements]]
-type = "text"
-name = "mysql_host"
-prompt = "MySQL host"
-help = "Hostname or IP address of MySQL server"
 default = "localhost"
+help = "Hostname or IP address of MySQL server"
+name = "mysql_host"
 nickel_path = ["provisioning", "database", "mysql", "host"]
+prompt = "MySQL host"
 required = true
+type = "text"
 when = "database_type == mysql"
 
 [[elements]]
-type = "custom"
 custom_type = "u16"
-name = "mysql_port"
-prompt = "MySQL port"
-help = "Port number for MySQL server"
 default = "3306"
-minimum = "1024"
+help = "Port number for MySQL server"
 maximum = "65535"
+minimum = "1024"
+name = "mysql_port"
 nickel_path = ["provisioning", "database", "mysql", "port"]
+prompt = "MySQL port"
 required = true
-when = "database_type == mysql"
-
-[[elements]]
-type = "text"
-name = "mysql_database"
-prompt = "Database name"
-help = "MySQL database name"
-placeholder = "myapp"
-nickel_path = ["provisioning", "database", "mysql", "database"]
-required = true
-when = "database_type == mysql"
-validation_pattern = "^[a-zA-Z0-9_]+$"
-
-[[elements]]
-type = "text"
-name = "mysql_username"
-prompt = "Database username"
-help = "MySQL username for authentication"
-default = "root"
-nickel_path = ["provisioning", "database", "mysql", "username"]
-required = true
-when = "database_type == mysql"
-
-[[elements]]
-type = "password"
-name = "mysql_password"
-prompt = "Database password"
-help = "MySQL password (min 8 characters)"
-nickel_path = ["provisioning", "database", "mysql", "password"]
-required = true
-when = "database_type == mysql"
-
-[[elements]]
 type = "custom"
+when = "database_type == mysql"
+
+[[elements]]
+help = "MySQL database name"
+name = "mysql_database"
+nickel_path = ["provisioning", "database", "mysql", "database"]
+placeholder = "myapp"
+prompt = "Database name"
+required = true
+type = "text"
+validation_pattern = "^[a-zA-Z0-9_]+$"
+when = "database_type == mysql"
+
+[[elements]]
+default = "root"
+help = "MySQL username for authentication"
+name = "mysql_username"
+nickel_path = ["provisioning", "database", "mysql", "username"]
+prompt = "Database username"
+required = true
+type = "text"
+when = "database_type == mysql"
+
+[[elements]]
+help = "MySQL password (min 8 characters)"
+name = "mysql_password"
+nickel_path = ["provisioning", "database", "mysql", "password"]
+prompt = "Database password"
+required = true
+type = "password"
+when = "database_type == mysql"
+
+[[elements]]
 custom_type = "u16"
-name = "mysql_pool_size"
-prompt = "Connection pool size"
-help = "Maximum number of database connections (1-1000)"
 default = "10"
-minimum = "1"
+help = "Maximum number of database connections (1-1000)"
 maximum = "1000"
+minimum = "1"
+name = "mysql_pool_size"
 nickel_path = ["provisioning", "database", "mysql", "pool_size"]
+prompt = "Connection pool size"
 required = true
+type = "custom"
 when = "database_type == mysql"
 
 [[elements]]
-type = "text"
-name = "mysql_charset"
-prompt = "Character set"
-help = "MySQL character set"
 default = "utf8mb4"
+help = "MySQL character set"
+name = "mysql_charset"
 nickel_path = ["provisioning", "database", "mysql", "charset"]
+prompt = "Character set"
 required = true
+type = "text"
 when = "database_type == mysql"
 
 [[elements]]
-type = "text"
-name = "mysql_collation"
-prompt = "Collation"
-help = "MySQL collation"
 default = "utf8mb4_unicode_ci"
+help = "MySQL collation"
+name = "mysql_collation"
 nickel_path = ["provisioning", "database", "mysql", "collation"]
+prompt = "Collation"
 required = true
+type = "text"
 when = "database_type == mysql"

.typedialog/provisioning/fragments/database-postgres.toml

@@ -2,91 +2,91 @@
 # Conditional: when database_type == "postgres"
 
 [[elements]]
-type = "text"
-name = "postgres_host"
-prompt = "PostgreSQL host"
-help = "Hostname or IP address of PostgreSQL server"
 default = "localhost"
+help = "Hostname or IP address of PostgreSQL server"
+name = "postgres_host"
 nickel_path = ["provisioning", "database", "postgres", "host"]
+prompt = "PostgreSQL host"
 required = true
+type = "text"
 when = "database_type == postgres"
 
 [[elements]]
-type = "custom"
 custom_type = "u16"
-name = "postgres_port"
-prompt = "PostgreSQL port"
-help = "Port number for PostgreSQL server"
 default = "5432"
-minimum = "1024"
+help = "Port number for PostgreSQL server"
 maximum = "65535"
+minimum = "1024"
+name = "postgres_port"
 nickel_path = ["provisioning", "database", "postgres", "port"]
+prompt = "PostgreSQL port"
 required = true
+type = "custom"
 when = "database_type == postgres"
 
 [[elements]]
-type = "text"
-name = "postgres_database"
-prompt = "Database name"
 help = "PostgreSQL database name"
-placeholder = "myapp"
+name = "postgres_database"
 nickel_path = ["provisioning", "database", "postgres", "database"]
+placeholder = "myapp"
+prompt = "Database name"
 required = true
-when = "database_type == postgres"
-validation_pattern = "^[a-zA-Z0-9_]+$"
-
-[[elements]]
 type = "text"
-name = "postgres_username"
-prompt = "Database username"
-help = "PostgreSQL username for authentication"
+validation_pattern = "^[a-zA-Z0-9_]+$"
+when = "database_type == postgres"
+
+[[elements]]
 default = "postgres"
+help = "PostgreSQL username for authentication"
+name = "postgres_username"
 nickel_path = ["provisioning", "database", "postgres", "username"]
+prompt = "Database username"
 required = true
+type = "text"
 when = "database_type == postgres"
 
 [[elements]]
-type = "password"
-name = "postgres_password"
-prompt = "Database password"
 help = "PostgreSQL password (min 8 characters)"
+name = "postgres_password"
 nickel_path = ["provisioning", "database", "postgres", "password"]
+prompt = "Database password"
 required = true
+type = "password"
 when = "database_type == postgres"
 
 [[elements]]
-type = "custom"
 custom_type = "u16"
-name = "postgres_pool_size"
-prompt = "Connection pool size"
-help = "Maximum number of database connections (1-1000)"
 default = "10"
-minimum = "1"
+help = "Maximum number of database connections (1-1000)"
 maximum = "1000"
-nickel_path = ["provisioning", "database", "postgres", "pool_size"]
-required = true
-when = "database_type == postgres"
-
-[[elements]]
-type = "custom"
-custom_type = "u16"
-name = "postgres_connection_timeout"
-prompt = "Connection timeout (seconds)"
-help = "Timeout for establishing database connections (1-300)"
-default = "30"
 minimum = "1"
-maximum = "300"
-nickel_path = ["provisioning", "database", "postgres", "connection_timeout"]
+name = "postgres_pool_size"
+nickel_path = ["provisioning", "database", "postgres", "pool_size"]
+prompt = "Connection pool size"
 required = true
+type = "custom"
 when = "database_type == postgres"
 
 [[elements]]
-type = "select"
-name = "postgres_ssl_mode"
-prompt = "SSL mode"
-help = "PostgreSQL SSL connection mode"
-options = ["disable", "allow", "prefer", "require", "verify-ca", "verify-full"]
-default = "prefer"
-nickel_path = ["provisioning", "database", "postgres", "ssl_mode"]
+custom_type = "u16"
+default = "30"
+help = "Timeout for establishing database connections (1-300)"
+maximum = "300"
+minimum = "1"
+name = "postgres_connection_timeout"
+nickel_path = ["provisioning", "database", "postgres", "connection_timeout"]
+prompt = "Connection timeout (seconds)"
 required = true
+type = "custom"
+when = "database_type == postgres"
+
+[[elements]]
+default = "prefer"
+help = "PostgreSQL SSL connection mode"
+name = "postgres_ssl_mode"
+nickel_path = ["provisioning", "database", "postgres", "ssl_mode"]
+options = ["disable", "allow", "prefer", "require", "verify-ca", "verify-full"]
+prompt = "SSL mode"
+required = true
+type = "select"
 when = "database_type == postgres"

.typedialog/provisioning/fragments/database-sqlite.toml

@@ -2,43 +2,43 @@
 # Conditional: when database_type == "sqlite"
 
 [[elements]]
-type = "text"
-name = "sqlite_database_path"
-prompt = "Database file path"
-help = "Path to SQLite database file (will be created if it doesn't exist)"
 default = "./data/app.db"
+help = "Path to SQLite database file (will be created if it doesn't exist)"
+name = "sqlite_database_path"
 nickel_path = ["provisioning", "database", "sqlite", "database_path"]
+prompt = "Database file path"
 required = true
+type = "text"
 when = "database_type == sqlite"
 
 [[elements]]
-type = "select"
-name = "sqlite_journal_mode"
-prompt = "Journal mode"
-help = "SQLite journaling mode (WAL is recommended for concurrency)"
-options = ["WAL", "DELETE", "TRUNCATE", "PERSIST", "MEMORY"]
 default = "WAL"
+help = "SQLite journaling mode (WAL is recommended for concurrency)"
+name = "sqlite_journal_mode"
 nickel_path = ["provisioning", "database", "sqlite", "journal_mode"]
+options = ["WAL", "DELETE", "TRUNCATE", "PERSIST", "MEMORY"]
+prompt = "Journal mode"
 required = true
-when = "database_type == sqlite"
-
-[[elements]]
 type = "select"
-name = "sqlite_synchronous"
-prompt = "Synchronous mode"
-help = "SQLite synchronous mode (NORMAL balances safety and speed)"
-options = ["OFF", "NORMAL", "FULL", "EXTRA"]
-default = "NORMAL"
-nickel_path = ["provisioning", "database", "sqlite", "synchronous"]
-required = true
 when = "database_type == sqlite"
 
 [[elements]]
-type = "confirm"
-name = "sqlite_foreign_keys"
-prompt = "Enable foreign key constraints?"
-help = "Enable SQLite foreign key enforcement"
-default = true
-nickel_path = ["provisioning", "database", "sqlite", "foreign_keys"]
+default = "NORMAL"
+help = "SQLite synchronous mode (NORMAL balances safety and speed)"
+name = "sqlite_synchronous"
+nickel_path = ["provisioning", "database", "sqlite", "synchronous"]
+options = ["OFF", "NORMAL", "FULL", "EXTRA"]
+prompt = "Synchronous mode"
 required = true
+type = "select"
+when = "database_type == sqlite"
+
+[[elements]]
+default = true
+help = "Enable SQLite foreign key enforcement"
+name = "sqlite_foreign_keys"
+nickel_path = ["provisioning", "database", "sqlite", "foreign_keys"]
+prompt = "Enable foreign key constraints?"
+required = true
+type = "confirm"
 when = "database_type == sqlite"

.typedialog/provisioning/fragments/database-surrealdb.toml

@@ -2,74 +2,74 @@
 # Conditional: when database_type == "surrealdb"
 
 [[elements]]
-type = "text"
-name = "surrealdb_host"
-prompt = "SurrealDB host"
-help = "Hostname or IP address of SurrealDB server"
 default = "localhost"
+help = "Hostname or IP address of SurrealDB server"
+name = "surrealdb_host"
 nickel_path = ["provisioning", "database", "surrealdb", "host"]
+prompt = "SurrealDB host"
 required = true
+type = "text"
 when = "database_type == surrealdb"
 
 [[elements]]
-type = "custom"
 custom_type = "u16"
-name = "surrealdb_port"
-prompt = "SurrealDB port"
-help = "Port number for SurrealDB server"
 default = "8000"
-minimum = "1024"
+help = "Port number for SurrealDB server"
 maximum = "65535"
+minimum = "1024"
+name = "surrealdb_port"
 nickel_path = ["provisioning", "database", "surrealdb", "port"]
+prompt = "SurrealDB port"
 required = true
+type = "custom"
 when = "database_type == surrealdb"
 
 [[elements]]
-type = "text"
-name = "surrealdb_namespace"
-prompt = "Namespace"
 help = "SurrealDB namespace"
-placeholder = "myapp"
+name = "surrealdb_namespace"
 nickel_path = ["provisioning", "database", "surrealdb", "namespace"]
+placeholder = "myapp"
+prompt = "Namespace"
 required = true
+type = "text"
 when = "database_type == surrealdb"
 
 [[elements]]
-type = "text"
-name = "surrealdb_database"
-prompt = "Database name"
 help = "SurrealDB database name"
-placeholder = "main"
+name = "surrealdb_database"
 nickel_path = ["provisioning", "database", "surrealdb", "database"]
+placeholder = "main"
+prompt = "Database name"
 required = true
-when = "database_type == surrealdb"
-
-[[elements]]
 type = "text"
-name = "surrealdb_username"
-prompt = "Database username"
-help = "SurrealDB username for authentication"
+when = "database_type == surrealdb"
+
+[[elements]]
 default = "root"
+help = "SurrealDB username for authentication"
+name = "surrealdb_username"
 nickel_path = ["provisioning", "database", "surrealdb", "username"]
+prompt = "Database username"
 required = true
+type = "text"
 when = "database_type == surrealdb"
 
 [[elements]]
-type = "password"
-name = "surrealdb_password"
-prompt = "Database password"
 help = "SurrealDB password (min 8 characters)"
+name = "surrealdb_password"
 nickel_path = ["provisioning", "database", "surrealdb", "password"]
+prompt = "Database password"
 required = true
+type = "password"
 when = "database_type == surrealdb"
 
 [[elements]]
-type = "select"
-name = "surrealdb_protocol"
-prompt = "Connection protocol"
-help = "Protocol for connecting to SurrealDB"
-options = ["http", "https", "ws", "wss"]
 default = "http"
+help = "Protocol for connecting to SurrealDB"
+name = "surrealdb_protocol"
 nickel_path = ["provisioning", "database", "surrealdb", "protocol"]
+options = ["http", "https", "ws", "wss"]
+prompt = "Connection protocol"
 required = true
+type = "select"
 when = "database_type == surrealdb"

.typedialog/provisioning/fragments/deployment-docker.toml

@@ -2,43 +2,43 @@
 # Conditional: when deployment_target == "docker" or deployment_target == "both"
 
 [[elements]]
-type = "select"
-name = "docker_compose_version"
-prompt = "Docker Compose version"
-help = "Docker Compose file format version"
-options = ["3.8", "3.9"]
 default = "3.8"
+help = "Docker Compose file format version"
+name = "docker_compose_version"
 nickel_path = ["provisioning", "deployment", "docker_compose", "version"]
+options = ["3.8", "3.9"]
+prompt = "Docker Compose version"
+required = true
+type = "select"
+when = "deployment_target == docker || deployment_target == both"
+
+[[elements]]
+help = "Project name for Docker Compose (optional, uses directory name if not set)"
+name = "docker_project_name"
+nickel_path = ["provisioning", "deployment", "docker_compose", "project_name"]
+placeholder = "my-app"
+prompt = "Docker Compose project name"
+required = false
+type = "text"
+when = "deployment_target == docker || deployment_target == both"
+
+[[elements]]
+default = ".env"
+help = "Path to .env file for environment variables"
+name = "docker_env_file"
+nickel_path = ["provisioning", "deployment", "docker_compose", "env_file"]
+prompt = "Environment file path"
+required = true
+type = "text"
+when = "deployment_target == docker || deployment_target == both"
+
+[[elements]]
+default = "unless-stopped"
+help = "Restart policy for containers"
+name = "restart_policy"
+nickel_path = ["provisioning", "services", "api", "restart_policy"]
+options = ["no", "always", "on-failure", "unless-stopped"]
+prompt = "Container restart policy"
 required = true
-when = "deployment_target == docker || deployment_target == both"
-
-[[elements]]
-type = "text"
-name = "docker_project_name"
-prompt = "Docker Compose project name"
-help = "Project name for Docker Compose (optional, uses directory name if not set)"
-placeholder = "my-app"
-nickel_path = ["provisioning", "deployment", "docker_compose", "project_name"]
-required = false
-when = "deployment_target == docker || deployment_target == both"
-
-[[elements]]
-type = "text"
-name = "docker_env_file"
-prompt = "Environment file path"
-help = "Path to .env file for environment variables"
-default = ".env"
-nickel_path = ["provisioning", "deployment", "docker_compose", "env_file"]
-required = true
-when = "deployment_target == docker || deployment_target == both"
-
-[[elements]]
 type = "select"
-name = "restart_policy"
-prompt = "Container restart policy"
-help = "Restart policy for containers"
-options = ["no", "always", "on-failure", "unless-stopped"]
-default = "unless-stopped"
-nickel_path = ["provisioning", "services", "api", "restart_policy"]
-required = true
 when = "deployment_target == docker || deployment_target == both"

.typedialog/provisioning/fragments/deployment-k8s.toml

@@ -2,152 +2,152 @@
 # Conditional: when deployment_target == "kubernetes" or deployment_target == "both"
 
 [[elements]]
-type = "text"
-name = "k8s_namespace"
-prompt = "Kubernetes namespace"
-help = "Namespace for deploying resources"
 default = "default"
+help = "Namespace for deploying resources"
+name = "k8s_namespace"
 nickel_path = ["provisioning", "deployment", "kubernetes", "namespace"]
+prompt = "Kubernetes namespace"
 required = true
-when = "deployment_target == kubernetes || deployment_target == both"
+type = "text"
 validation_pattern = "^[a-z0-9-]+$"
+when = "deployment_target == kubernetes || deployment_target == both"
 
 [[elements]]
-type = "confirm"
-name = "k8s_create_namespace"
-prompt = "Create namespace if it doesn't exist?"
+default = false
 help = "Automatically create the namespace during deployment"
-default = false
+name = "k8s_create_namespace"
 nickel_path = ["provisioning", "deployment", "kubernetes", "create_namespace"]
+prompt = "Create namespace if it doesn't exist?"
 required = true
+type = "confirm"
 when = "deployment_target == kubernetes || deployment_target == both"
 
 [[elements]]
-type = "select"
-name = "k8s_service_type"
-prompt = "Service type"
-help = "Kubernetes Service type"
-options = ["ClusterIP", "NodePort", "LoadBalancer"]
 default = "ClusterIP"
+help = "Kubernetes Service type"
+name = "k8s_service_type"
 nickel_path = ["provisioning", "deployment", "kubernetes", "service", "type"]
+options = ["ClusterIP", "NodePort", "LoadBalancer"]
+prompt = "Service type"
 required = true
+type = "select"
 when = "deployment_target == kubernetes || deployment_target == both"
 
 [[elements]]
-type = "confirm"
-name = "k8s_enable_ingress"
-prompt = "Enable Ingress?"
+default = false
 help = "Create an Ingress resource for external access"
-default = false
+name = "k8s_enable_ingress"
 nickel_path = ["provisioning", "deployment", "kubernetes", "ingress", "enabled"]
+prompt = "Enable Ingress?"
 required = true
-when = "deployment_target == kubernetes || deployment_target == both"
-
-[[elements]]
-type = "text"
-name = "k8s_ingress_class"
-prompt = "Ingress class name"
-help = "Ingress controller class (e.g., nginx, traefik)"
-default = "nginx"
-nickel_path = ["provisioning", "deployment", "kubernetes", "ingress", "class_name"]
-required = true
-when = "(deployment_target == kubernetes || deployment_target == both) && k8s_enable_ingress == true"
-
-[[elements]]
-type = "text"
-name = "k8s_ingress_host"
-prompt = "Ingress hostname"
-help = "Hostname for Ingress (e.g., api.example.com)"
-placeholder = "api.example.com"
-nickel_path = ["provisioning", "deployment", "kubernetes", "ingress", "rules", 0, "host"]
-required = true
-when = "(deployment_target == kubernetes || deployment_target == both) && k8s_enable_ingress == true"
-
-[[elements]]
 type = "confirm"
-name = "k8s_enable_hpa"
-prompt = "Enable Horizontal Pod Autoscaler?"
-help = "Automatically scale pods based on CPU/memory usage"
+when = "deployment_target == kubernetes || deployment_target == both"
+
+[[elements]]
+default = "nginx"
+help = "Ingress controller class (e.g., nginx, traefik)"
+name = "k8s_ingress_class"
+nickel_path = ["provisioning", "deployment", "kubernetes", "ingress", "class_name"]
+prompt = "Ingress class name"
+required = true
+type = "text"
+when = "(deployment_target == kubernetes || deployment_target == both) && k8s_enable_ingress == true"
+
+[[elements]]
+help = "Hostname for Ingress (e.g., api.example.com)"
+name = "k8s_ingress_host"
+nickel_path = ["provisioning", "deployment", "kubernetes", "ingress", "rules", 0, "host"]
+placeholder = "api.example.com"
+prompt = "Ingress hostname"
+required = true
+type = "text"
+when = "(deployment_target == kubernetes || deployment_target == both) && k8s_enable_ingress == true"
+
+[[elements]]
 default = false
+help = "Automatically scale pods based on CPU/memory usage"
+name = "k8s_enable_hpa"
 nickel_path = ["provisioning", "deployment", "kubernetes", "hpa", "enabled"]
+prompt = "Enable Horizontal Pod Autoscaler?"
 required = true
+type = "confirm"
 when = "deployment_target == kubernetes || deployment_target == both"
 
 [[elements]]
-type = "custom"
 custom_type = "u16"
-name = "k8s_hpa_min_replicas"
-prompt = "Minimum replicas"
-help = "Minimum number of pods (1-100)"
 default = "1"
-minimum = "1"
+help = "Minimum number of pods (1-100)"
 maximum = "100"
+minimum = "1"
+name = "k8s_hpa_min_replicas"
 nickel_path = ["provisioning", "deployment", "kubernetes", "hpa", "min_replicas"]
+prompt = "Minimum replicas"
 required = true
+type = "custom"
 when = "(deployment_target == kubernetes || deployment_target == both) && k8s_enable_hpa == true"
 
 [[elements]]
-type = "custom"
 custom_type = "u16"
-name = "k8s_hpa_max_replicas"
-prompt = "Maximum replicas"
-help = "Maximum number of pods (1-100)"
 default = "10"
-minimum = "1"
+help = "Maximum number of pods (1-100)"
 maximum = "100"
+minimum = "1"
+name = "k8s_hpa_max_replicas"
 nickel_path = ["provisioning", "deployment", "kubernetes", "hpa", "max_replicas"]
+prompt = "Maximum replicas"
+required = true
+type = "custom"
+when = "(deployment_target == kubernetes || deployment_target == both) && k8s_enable_hpa == true"
+
+[[elements]]
+custom_type = "u16"
+default = "80"
+help = "Target CPU utilization percentage (1-100)"
+maximum = "100"
+minimum = "1"
+name = "k8s_hpa_cpu_target"
+nickel_path = ["provisioning", "deployment", "kubernetes", "hpa", "target_cpu_utilization"]
+prompt = "Target CPU utilization (%)"
 required = true
-when = "(deployment_target == kubernetes || deployment_target == both) && k8s_enable_hpa == true"
-
-[[elements]]
 type = "custom"
-custom_type = "u16"
-name = "k8s_hpa_cpu_target"
-prompt = "Target CPU utilization (%)"
-help = "Target CPU utilization percentage (1-100)"
-default = "80"
-minimum = "1"
-maximum = "100"
-nickel_path = ["provisioning", "deployment", "kubernetes", "hpa", "target_cpu_utilization"]
-required = true
 when = "(deployment_target == kubernetes || deployment_target == both) && k8s_enable_hpa == true"
 
 [[elements]]
-type = "text"
-name = "k8s_cpu_request"
-prompt = "CPU request"
-help = "CPU request (e.g., '100m', '1')"
 default = "100m"
+help = "CPU request (e.g., '100m', '1')"
+name = "k8s_cpu_request"
 nickel_path = ["provisioning", "services", "api", "resources", "cpu_request"]
+prompt = "CPU request"
 required = false
+type = "text"
 when = "deployment_target == kubernetes || deployment_target == both"
 
 [[elements]]
-type = "text"
-name = "k8s_cpu_limit"
-prompt = "CPU limit"
-help = "CPU limit (e.g., '500m', '2')"
 default = "500m"
+help = "CPU limit (e.g., '500m', '2')"
+name = "k8s_cpu_limit"
 nickel_path = ["provisioning", "services", "api", "resources", "cpu_limit"]
+prompt = "CPU limit"
 required = false
+type = "text"
 when = "deployment_target == kubernetes || deployment_target == both"
 
 [[elements]]
-type = "text"
-name = "k8s_memory_request"
-prompt = "Memory request"
-help = "Memory request (e.g., '128Mi', '1Gi')"
 default = "128Mi"
+help = "Memory request (e.g., '128Mi', '1Gi')"
+name = "k8s_memory_request"
 nickel_path = ["provisioning", "services", "api", "resources", "memory_request"]
+prompt = "Memory request"
 required = false
+type = "text"
 when = "deployment_target == kubernetes || deployment_target == both"
 
 [[elements]]
-type = "text"
-name = "k8s_memory_limit"
-prompt = "Memory limit"
-help = "Memory limit (e.g., '512Mi', '2Gi')"
 default = "512Mi"
+help = "Memory limit (e.g., '512Mi', '2Gi')"
+name = "k8s_memory_limit"
 nickel_path = ["provisioning", "services", "api", "resources", "memory_limit"]
+prompt = "Memory limit"
 required = false
+type = "text"
 when = "deployment_target == kubernetes || deployment_target == both"

.typedialog/provisioning/fragments/monitoring.toml

@@ -2,97 +2,97 @@
 # Conditional: when enable_monitoring == true
 
 [[elements]]
-type = "confirm"
-name = "enable_prometheus"
-prompt = "Enable Prometheus?"
+default = true
 help = "Enable Prometheus for metrics collection"
-default = true
+name = "enable_prometheus"
 nickel_path = ["provisioning", "monitoring", "prometheus", "enabled"]
+prompt = "Enable Prometheus?"
 required = true
+type = "confirm"
 when = "enable_monitoring == true"
 
 [[elements]]
-type = "custom"
 custom_type = "u16"
-name = "prometheus_port"
-prompt = "Prometheus port"
-help = "Port for Prometheus web UI"
 default = "9090"
-minimum = "1024"
+help = "Port for Prometheus web UI"
 maximum = "65535"
+minimum = "1024"
+name = "prometheus_port"
 nickel_path = ["provisioning", "monitoring", "prometheus", "port"]
+prompt = "Prometheus port"
 required = true
-when = "enable_monitoring == true && enable_prometheus == true"
-
-[[elements]]
-type = "text"
-name = "prometheus_retention"
-prompt = "Data retention period"
-help = "How long to keep metrics (e.g., '15d', '30d')"
-default = "15d"
-nickel_path = ["provisioning", "monitoring", "prometheus", "retention"]
-required = true
-when = "enable_monitoring == true && enable_prometheus == true"
-
-[[elements]]
-type = "confirm"
-name = "enable_grafana"
-prompt = "Enable Grafana?"
-help = "Enable Grafana for visualizing metrics"
-default = true
-nickel_path = ["provisioning", "monitoring", "grafana", "enabled"]
-required = true
-when = "enable_monitoring == true"
-
-[[elements]]
 type = "custom"
-custom_type = "u16"
-name = "grafana_port"
-prompt = "Grafana port"
-help = "Port for Grafana web UI"
-default = "3000"
-minimum = "1024"
-maximum = "65535"
-nickel_path = ["provisioning", "monitoring", "grafana", "port"]
-required = true
-when = "enable_monitoring == true && enable_grafana == true"
+when = "enable_monitoring == true && enable_prometheus == true"
 
 [[elements]]
+default = "15d"
+help = "How long to keep metrics (e.g., '15d', '30d')"
+name = "prometheus_retention"
+nickel_path = ["provisioning", "monitoring", "prometheus", "retention"]
+prompt = "Data retention period"
+required = true
 type = "text"
-name = "grafana_admin_user"
-prompt = "Grafana admin username"
-help = "Admin username for Grafana"
+when = "enable_monitoring == true && enable_prometheus == true"
+
+[[elements]]
+default = true
+help = "Enable Grafana for visualizing metrics"
+name = "enable_grafana"
+nickel_path = ["provisioning", "monitoring", "grafana", "enabled"]
+prompt = "Enable Grafana?"
+required = true
+type = "confirm"
+when = "enable_monitoring == true"
+
+[[elements]]
+custom_type = "u16"
+default = "3000"
+help = "Port for Grafana web UI"
+maximum = "65535"
+minimum = "1024"
+name = "grafana_port"
+nickel_path = ["provisioning", "monitoring", "grafana", "port"]
+prompt = "Grafana port"
+required = true
+type = "custom"
+when = "enable_monitoring == true && enable_grafana == true"
+
+[[elements]]
 default = "admin"
+help = "Admin username for Grafana"
+name = "grafana_admin_user"
 nickel_path = ["provisioning", "monitoring", "grafana", "admin_user"]
+prompt = "Grafana admin username"
 required = true
+type = "text"
 when = "enable_monitoring == true && enable_grafana == true"
 
 [[elements]]
-type = "password"
-name = "grafana_admin_password"
-prompt = "Grafana admin password"
-help = "Admin password for Grafana (min 8 characters)"
 default = "changeme"
+help = "Admin password for Grafana (min 8 characters)"
+name = "grafana_admin_password"
 nickel_path = ["provisioning", "monitoring", "grafana", "admin_password"]
+prompt = "Grafana admin password"
 required = true
+type = "password"
 when = "enable_monitoring == true && enable_grafana == true"
 
 [[elements]]
-type = "confirm"
-name = "enable_loki"
-prompt = "Enable Loki?"
-help = "Enable Loki for log aggregation"
 default = false
+help = "Enable Loki for log aggregation"
+name = "enable_loki"
 nickel_path = ["provisioning", "monitoring", "loki", "enabled"]
+prompt = "Enable Loki?"
 required = true
+type = "confirm"
 when = "enable_monitoring == true"
 
 [[elements]]
-type = "confirm"
-name = "enable_jaeger"
-prompt = "Enable Jaeger?"
-help = "Enable Jaeger for distributed tracing"
 default = false
+help = "Enable Jaeger for distributed tracing"
+name = "enable_jaeger"
 nickel_path = ["provisioning", "monitoring", "jaeger", "enabled"]
+prompt = "Enable Jaeger?"
 required = true
+type = "confirm"
 when = "enable_monitoring == true"

.vale/styles/write-good/README.md

@@ -2,7 +2,7 @@ Based on [write-good](https://github.com/btford/write-good).
 
 > Naive linter for English prose for developers who can't write good and wanna learn to do other stuff good too.
 
-```plaintext
+```
 The MIT License (MIT)
 
 Copyright (c) 2014 Brian Ford

.woodpecker/README.md

@@ -1,79 +1 @@
-# Woodpecker CI Configuration
-
-Pipelines for Gitea/Forgejo + Woodpecker CI.
-
-## Files
-
-- **`ci.yml`** - Main CI pipeline (push, pull requests)
-- **`Dockerfile`** - Custom CI image with pre-installed tools
-- **`Dockerfile.cross`** - Cross-compilation image for multi-platform builds
-
-## Setup
-
-### 1. Activate Woodpecker CI
-
-Enable Woodpecker CI in your Gitea/Forgejo repository settings.
-
-### 2. (Optional) Build Custom Image
-
-Speeds up CI by pre-installing tools (~5 min faster per run).
-
-```bash
-# Build CI image
-docker build -t your-registry/ci:latest -f .woodpecker/Dockerfile .
-
-# Push to your registry
-docker push your-registry/ci:latest
-
-# Update .woodpecker/ci.yml
-# Change: image: rust:latest
-# To: image: your-registry/ci:latest
-```
-
-### 3. Cross-Compilation Setup
-
-For multi-platform builds:
-
-```bash
-# Build cross-compilation image
-docker build -t your-registry/ci-cross:latest -f .woodpecker/Dockerfile.cross .
-
-# Push to registry
-docker push your-registry/ci-cross:latest
-```
-
-## CI Pipeline (`ci.yml`)
-
-**Triggers**: Push to `main`/`develop`, Pull Requests
-
-**Jobs**:
-
-1. Lint (Rust, Bash, Nickel, Nushell, Markdown) - Parallel
-2. Test (all features)
-3. Build (release)
-4. Security audit
-5. License compliance check
-
-**Duration**: ~15-20 minutes (without custom image), ~10-15 minutes (with custom image)
-
-## Triggering Pipelines
-
-```bash
-# CI pipeline (automatic on push/PR)
-git push origin main
-```
-
-## Viewing Results
-
-- **Gitea/Forgejo**: Repository → Actions → Pipeline runs
-- **Woodpecker UI**: <https://your-woodpecker.instance/repos/{user}/{repo}>
-
-## Differences from GitHub Actions
-
-| Feature | GitHub Actions | Woodpecker CI |
-| --------- | --------------- | --------------- |
-| Matrix builds | ✅ 3 OS | ❌ Linux only* |
-| Caching | ✅ Built-in | ⚠️  Server-side** |
-
-\* Multi-OS builds require multiple Woodpecker agents
-\*\* Configure in Woodpecker server settings
+# Woodpecker CI Configuration\n\nPipelines for Gitea/Forgejo + Woodpecker CI.\n\n## Files\n\n- **`ci.yml`** - Main CI pipeline (push, pull requests)\n- **`Dockerfile`** - Custom CI image with pre-installed tools\n- **`Dockerfile.cross`** - Cross-compilation image for multi-platform builds\n\n## Setup\n\n### 1. Activate Woodpecker CI\n\nEnable Woodpecker CI in your Gitea/Forgejo repository settings.\n\n### 2. (Optional) Build Custom Image\n\nSpeeds up CI by pre-installing tools (~5 min faster per run).\n\n```\n# Build CI image\ndocker build -t your-registry/ci:latest -f .woodpecker/Dockerfile .\n\n# Push to your registry\ndocker push your-registry/ci:latest\n\n# Update .woodpecker/ci.yml\n# Change: image: rust:latest\n# To: image: your-registry/ci:latest\n```\n\n### 3. Cross-Compilation Setup\n\nFor multi-platform builds:\n\n```\n# Build cross-compilation image\ndocker build -t your-registry/ci-cross:latest -f .woodpecker/Dockerfile.cross .\n\n# Push to registry\ndocker push your-registry/ci-cross:latest\n```\n\n## CI Pipeline (`ci.yml`)\n\n**Triggers**: Push to `main`/`develop`, Pull Requests\n\n**Jobs**:\n\n1. Lint (Rust, Bash, Nickel, Nushell, Markdown) - Parallel\n2. Test (all features)\n3. Build (release)\n4. Security audit\n5. License compliance check\n\n**Duration**: ~15-20 minutes (without custom image), ~10-15 minutes (with custom image)\n\n## Triggering Pipelines\n\n```\n# CI pipeline (automatic on push/PR)\ngit push origin main\n```\n\n## Viewing Results\n\n- **Gitea/Forgejo**: Repository → Actions → Pipeline runs\n- **Woodpecker UI**: <https://your-woodpecker.instance/repos/{user}/{repo}>\n\n## Differences from GitHub Actions\n\n| Feature | GitHub Actions | Woodpecker CI |\n| --------- | --------------- | --------------- |\n| Matrix builds | ✅ 3 OS | ❌ Linux only* |\n| Caching | ✅ Built-in | ⚠️  Server-side** |\n\n\* Multi-OS builds require multiple Woodpecker agents\n\*\* Configure in Woodpecker server settings

CODE_OF_CONDUCT.md

@@ -1,107 +1 @@
-# Code of Conduct
-
-## Our Pledge
-
-We, as members, contributors, and leaders, pledge to make participation in our project and community a harassment-free experience for everyone, regardless of:
-
-- Age
-- Body size
-- Visible or invisible disability
-- Ethnicity
-- Sex characteristics
-- Gender identity and expression
-- Level of experience
-- Education
-- Socioeconomic status
-- Nationality
-- Personal appearance
-- Race
-- Caste
-- Color
-- Religion
-- Sexual identity and orientation
-
-We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
-
-## Our Standards
-
-Examples of behavior that contributes to a positive environment for our community include:
-
-- Demonstrating empathy and kindness toward other people
-- Being respectful of differing opinions, viewpoints, and experiences
-- Giving and gracefully accepting constructive feedback
-- Accepting responsibility and apologizing to those affected by mistakes
-- Focusing on what is best not just for us as individuals, but for the overall community
-
-Examples of unacceptable behavior include:
-
-- The use of sexualized language or imagery
-- Trolling, insulting, or derogatory comments
-- Personal or political attacks
-- Public or private harassment
-- Publishing others' private information (doxing)
-- Other conduct which could reasonably be considered inappropriate in a professional setting
-
-## Enforcement Responsibilities
-
-Project maintainers are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate corrective action in response to unacceptable behavior.
-
-Maintainers have the right and responsibility to:
-
-- Remove, edit, or reject comments, commits, code, and other contributions
-- Ban contributors for behavior they deem inappropriate, threatening, or harmful
-
-## Scope
-
-This Code of Conduct applies to:
-
-- All community spaces (GitHub, forums, chat, events, etc.)
-- Official project channels and representations
-- Interactions between community members related to the project
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to project maintainers:
-
-- Email: [project contact]
-- GitHub: Private security advisory
-- Issues: Report with `conduct` label (public discussions only)
-
-All complaints will be reviewed and investigated promptly and fairly.
-
-### Enforcement Guidelines
-
-**1. Correction**
-
-- Community impact: Use of inappropriate language or unwelcoming behavior
-- Action: Private written warning with explanation and clarity on impact
-- Consequence: Warning and no further violations
-
-**2. Warning**
-
-- Community impact: Violation through single incident or series of actions
-- Action: Written warning with severity consequences for continued behavior
-- Consequence: Suspension from community interaction
-
-**3. Temporary Ban**
-
-- Community impact: Serious violation of standards
-- Action: Temporary ban from community interaction
-- Consequence: Revocation of ban after reflection period
-
-**4. Permanent Ban**
-
-- Community impact: Pattern of violating community standards
-- Action: Permanent ban from community interaction
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org), version 2.1.
-
-For answers to common questions about this code of conduct, see the FAQ at <https://www.contributor-covenant.org/faq>.
-
----
-
-**Thank you for being part of our community!**
-
-We believe in creating a welcoming and inclusive space where everyone can contribute their best work. Together, we make this project better.
+# Code of Conduct\n\n## Our Pledge\n\nWe, as members, contributors, and leaders, pledge to make participation in our project and community a harassment-free experience for everyone, regardless of:\n\n- Age\n- Body size\n- Visible or invisible disability\n- Ethnicity\n- Sex characteristics\n- Gender identity and expression\n- Level of experience\n- Education\n- Socioeconomic status\n- Nationality\n- Personal appearance\n- Race\n- Caste\n- Color\n- Religion\n- Sexual identity and orientation\n\nWe pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.\n\n## Our Standards\n\nExamples of behavior that contributes to a positive environment for our community include:\n\n- Demonstrating empathy and kindness toward other people\n- Being respectful of differing opinions, viewpoints, and experiences\n- Giving and gracefully accepting constructive feedback\n- Accepting responsibility and apologizing to those affected by mistakes\n- Focusing on what is best not just for us as individuals, but for the overall community\n\nExamples of unacceptable behavior include:\n\n- The use of sexualized language or imagery\n- Trolling, insulting, or derogatory comments\n- Personal or political attacks\n- Public or private harassment\n- Publishing others' private information (doxing)\n- Other conduct which could reasonably be considered inappropriate in a professional setting\n\n## Enforcement Responsibilities\n\nProject maintainers are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate corrective action in response to unacceptable behavior.\n\nMaintainers have the right and responsibility to:\n\n- Remove, edit, or reject comments, commits, code, and other contributions\n- Ban contributors for behavior they deem inappropriate, threatening, or harmful\n\n## Scope\n\nThis Code of Conduct applies to:\n\n- All community spaces (GitHub, forums, chat, events, etc.)\n- Official project channels and representations\n- Interactions between community members related to the project\n\n## Enforcement\n\nInstances of abusive, harassing, or otherwise unacceptable behavior may be reported to project maintainers:\n\n- Email: [project contact]\n- GitHub: Private security advisory\n- Issues: Report with `conduct` label (public discussions only)\n\nAll complaints will be reviewed and investigated promptly and fairly.\n\n### Enforcement Guidelines\n\n**1. Correction**\n\n- Community impact: Use of inappropriate language or unwelcoming behavior\n- Action: Private written warning with explanation and clarity on impact\n- Consequence: Warning and no further violations\n\n**2. Warning**\n\n- Community impact: Violation through single incident or series of actions\n- Action: Written warning with severity consequences for continued behavior\n- Consequence: Suspension from community interaction\n\n**3. Temporary Ban**\n\n- Community impact: Serious violation of standards\n- Action: Temporary ban from community interaction\n- Consequence: Revocation of ban after reflection period\n\n**4. Permanent Ban**\n\n- Community impact: Pattern of violating community standards\n- Action: Permanent ban from community interaction\n\n## Attribution\n\nThis Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org), version 2.1.\n\nFor answers to common questions about this code of conduct, see the FAQ at <https://www.contributor-covenant.org/faq>.\n\n---\n\n**Thank you for being part of our community!**\n\nWe believe in creating a welcoming and inclusive space where everyone can contribute their best work. Together, we make this project better.