docs: self hosting with kubernetes

.github/workflows/helm-release.yml

@@ -5,7 +5,7 @@ on:
     branches:
       - develop
     paths:
-      - "helm-charts/**"
+      - "self-hosting/kubernetes/helm-charts/**"
   workflow_dispatch: # Allow manual triggering
 
 permissions:
@@ -40,7 +40,7 @@ jobs:
 
       - name: Package and push ${{ matrix.chart }}
         run: |
-          cd helm-charts/${{ matrix.chart }}
+          cd self-hosting/kubernetes/helm-charts/${{ matrix.chart }}
           if grep -q "^dependencies:" Chart.yaml; then
             helm dependency build
           fi
@@ -64,11 +64,11 @@ jobs:
 
       - name: Build dependencies for opentaco
         run: |
-          cd helm-charts/opentaco
+          cd self-hosting/kubernetes/helm-charts/opentaco
           helm dependency build
 
       - name: Package and push opentaco
         run: |
-          cd helm-charts/opentaco
+          cd self-hosting/kubernetes/helm-charts/opentaco
           helm package .
           helm push opentaco-*.tgz oci://ghcr.io/diggerhq/helm-charts

.github/workflows/helm-test.yml

@@ -3,7 +3,7 @@ name: Test Helm Charts
 on:
   pull_request:
     paths:
-      - 'helm-charts/**'
+      - 'self-hosting/kubernetes/helm-charts/**'
       - '.github/workflows/helm-test.yml'
 
 jobs:
@@ -35,18 +35,18 @@ jobs:
 
       - name: Build chart dependencies (if any)
         run: |
-          if grep -q "^dependencies:" helm-charts/${{ matrix.chart }}/Chart.yaml; then
-            helm dependency build helm-charts/${{ matrix.chart }}
+          if grep -q "^dependencies:" self-hosting/kubernetes/helm-charts/${{ matrix.chart }}/Chart.yaml; then
+            helm dependency build self-hosting/kubernetes/helm-charts/${{ matrix.chart }}
           fi
 
       - name: Lint chart
         run: |
-          helm lint helm-charts/${{ matrix.chart }}
+          helm lint self-hosting/kubernetes/helm-charts/${{ matrix.chart }}
 
       - name: Run unit tests (if present)
         run: |
-          if [ -d "helm-charts/${{ matrix.chart }}/tests" ]; then
-            helm unittest helm-charts/${{ matrix.chart }}
+          if [ -d "self-hosting/kubernetes/helm-charts/${{ matrix.chart }}/tests" ]; then
+            helm unittest self-hosting/kubernetes/helm-charts/${{ matrix.chart }}
           else
             echo "No helm-unittest tests found for ${{ matrix.chart }}, skipping"
           fi

docs/ce/drift/overview.mdx

@@ -0,0 +1,8 @@
+---
+title: "Overview"
+description: "Overview of OpenTaco drift detection and remediation"
+---
+
+Drift detection continuously compares deployed infrastructure against your IaC definitions and reports unexpected changes.
+
+Use this section to configure drift scope, notifications, remediation workflows, and operational troubleshooting.

docs/ce/features/overview.mdx

@@ -0,0 +1,8 @@
+---
+title: "Overview"
+description: "Overview of OpenTaco PR automation capabilities"
+---
+
+OpenTaco PR automation runs infrastructure plan and apply workflows through pull requests so teams can review, control, and audit infrastructure changes.
+
+Use this section to configure and scale your PR automation behavior, including policy checks, concurrency controls, repository integration, and workflow ergonomics.

docs/ce/reference/digger.yml.mdx

@@ -306,7 +306,7 @@ Define individual projects using the `projects` array.
 </ParamField>
 
 <ParamField path="drift_detection" type="boolean" default="true">
-  Enable drift detection for this project. See [Drift Detection](/onboarding/set-up-in-ui).
+  Enable drift detection for this project. See [Drift Detection](/onboarding/drift-detection-remediation).
 </ParamField>
 
 <ParamField path="layer" type="number" default="0">
@@ -647,4 +647,4 @@ digger apply -p my-second-app
 - [Generate Projects](/ce/howto/generate-projects)
 - [Terragrunt Parsing Reference](/ce/reference/terragrunt-parsing)
 - [Layering](/ce/features/layering)
-- [Drift Detection](/onboarding/set-up-in-ui)
+- [Drift Detection](/onboarding/drift-detection-remediation)

docs/ce/self-host/deploy-helm.mdx

@@ -13,7 +13,7 @@ description: "Learn how to use Helm chart to install Digger on your Kubernetes c
 <Steps>
   <Step title="Create Helm values">
     Create a `values.yaml` file. This will be used to configure settings for the Digger Helm chart.
-    To explore all configurable properties for your values file, visit the [values.yaml reference](http://github.com/diggerhq/digger/blob/develop/helm-charts/digger-backend/values.yaml).
+    To explore all configurable properties for your values file, visit the [values.yaml reference](http://github.com/diggerhq/digger/blob/develop/self-hosting/kubernetes/helm-charts/digger-backend/values.yaml).
   </Step>
 
   <Step title="Select Digger version">
@@ -509,4 +509,3 @@ description: "Learn how to use Helm chart to install Digger on your Kubernetes c
      kubectl rollout restart deployment/digger-backend -n digger
      ```
 </Accordion>
-

docs/ce/state-management/introduction.mdx → docs/ce/state-management/overview.mdx

@@ -1,5 +1,6 @@
 ---
-title: "Introduction"
+title: "Overview"
+description: "Overview of OpenTaco state management"
 ---
 
 By default digger does not take any opinions on how to manage state. Most users of digger bring their own
@@ -28,4 +29,3 @@ The state manager solution seeks to solve all the issues mentioned above:
 The state manager currently supports Amazon S3 as a backend with plans to support GCP buckets, Azure blob storage and more.
 
 Currently the state manager is self-hostable. There is no managed version of the state manager. Although it can be used in conjunction with digger
-

docs/docs.json

@@ -46,7 +46,7 @@
                   "onboarding/configuring-github-actions-workflow"
                 ]
               },
-              "onboarding/set-up-in-ui"
+              "onboarding/drift-detection-remediation"
             ]
           },
           {
@@ -65,7 +65,7 @@
               "self-hosting/railway",
               "self-hosting/kubernetes",
               {
-                "group": "Deprecated Individual Component Installs",
+                "group": "Individual Component Installs",
                 "pages": [
                   "self-hosting/deprecated-individual-component-installs/orchestrator-backend",
                   "self-hosting/deprecated-individual-component-installs/statesman"
@@ -74,8 +74,21 @@
             ]
           },
           {
-            "group": "Features",
+            "group": "State Management",
+            "pages": [
+              "ce/state-management/overview",
+              "ce/state-management/architecture",
+              "ce/state-management/rbac",
+              "ce/state-management/sso",
+              "ce/state-management/development",
+              "ce/state-management/analytics",
+              "ce/state-management/versioning"
+            ]
+          },
+          {
+            "group": "PR Automation",
             "pages": [
+              "ce/features/overview",
               "ce/features/plan-preview",
               "ce/features/commentops",
               "ce/features/opa-policies",
@@ -89,28 +102,10 @@
               "ce/features/ai-summaries"
             ]
           },
-          {
-            "group": "State Management",
-            "pages": [
-              "ce/state-management/introduction",
-              "ce/state-management/quickstart",
-              "ce/state-management/architecture",
-              "ce/state-management/cloud-backend",
-              "ce/state-management/rbac",
-              "ce/state-management/sso",
-              "ce/state-management/digger-integration",
-              "ce/state-management/development",
-              "ce/state-management/analytics",
-              "ce/state-management/query-backend",
-              "ce/state-management/versioning",
-              "ce/state-management/gcp-quickstart",
-              "ce/state-management/aws-fargate-ad-quickstart"
-            ]
-          },
           {
             "group": "Drift",
             "pages": [
-              "onboarding/set-up-in-ui",
+              "ce/drift/overview",
               "ce/drift/scoping-projects",
               "ce/drift/slack-notifications",
               "ce/drift/github-issues",
@@ -189,19 +184,19 @@
             ]
           },
           {
-            "group": "Local Development",
-            "pages": [
-              "ce/local-development/overview",
-              "ce/local-development/backend",
-              "ce/local-development/statesman",
-              "ce/local-development/ui",
-              "ce/local-development/github-app"
-            ]
-          },
-          {
-            "group": "Contributing",
+            "group": "Development",
             "pages": [
-              "ce/contributing/setup-dev-environment"
+              "ce/contributing/setup-dev-environment",
+              {
+                "group": "Local Development",
+                "pages": [
+                  "ce/local-development/overview",
+                  "ce/local-development/backend",
+                  "ce/local-development/statesman",
+                  "ce/local-development/ui",
+                  "ce/local-development/github-app"
+                ]
+              }
             ]
           },
           {

docs/introduction/introduction.mdx

@@ -57,7 +57,7 @@ Start with the path that matches your immediate goal.
 <Card
   title="Drift Detection + Remediation"
   icon="triangle-exclamation"
-  href="../onboarding/set-up-in-ui"
+  href="../onboarding/drift-detection-remediation"
 >
   <p>Detect drift on a schedule, notify via Slack or GitHub Issues, and remediate with the same command workflow your team already uses.</p>
 </Card>

docs/llms.txt

@@ -21,7 +21,7 @@
 
 ## State Management
 
-- [Introduction](https://docs.opentaco.dev/ce/state-management/introduction): Self-hostable state management with built-in RBAC, validation, multi-account access, versioning, and rollback. Currently supports S3 backend.
+- [Overview](https://docs.opentaco.dev/ce/state-management/overview): Self-hostable state management with built-in RBAC, validation, multi-account access, versioning, and rollback. Currently supports S3 backend.
 - [Architecture](https://docs.opentaco.dev/ce/state-management/architecture): Statesman service provides REST API for state operations. TFE-compatible — supports `terraform login`. Stores state in S3-compatible storage with metadata in SQLite/PostgreSQL/MySQL/MSSQL.
 - [Quickstart](https://docs.opentaco.dev/ce/state-management/quickstart): Quick setup guide for state management.
 - [AWS Fargate Quickstart](https://docs.opentaco.dev/ce/state-management/aws-fargate-ad-quickstart): Deploy state management on AWS Fargate.
@@ -52,7 +52,7 @@
 
 ## Drift Detection
 
-- [Set Up in UI](https://docs.opentaco.dev/onboarding/set-up-in-ui): Configure drift detection schedules (hourly, daily, or custom crontab) via the UI.
+- [Drift Detection + Remediation](https://docs.opentaco.dev/onboarding/drift-detection-remediation): Configure drift detection schedules (hourly, daily, or custom crontab) via the UI.
 - [Slack Notifications](https://docs.opentaco.dev/ce/drift/slack-notifications): Send drift alerts to Slack via webhooks.
 - [GitHub Issues](https://docs.opentaco.dev/ce/drift/github-issues): Create GitHub issues for detected drift.
 - [Remediation](https://docs.opentaco.dev/ce/drift/remediation): Remediate detected drift.

docs/onboarding/account-setup.mdx

@@ -32,4 +32,4 @@ Choose your onboarding path:
 - [State Management](/onboarding/state-management)
 - [Remote Runs (Beta)](/onboarding/remote-jobs) - [dependent on state management]
 - [PR Automation](/onboarding/github-app-setup)
-- [Drift Detection + Remediation](/onboarding/set-up-in-ui) [dependent on PR automation setup]
+- [Drift Detection + Remediation](/onboarding/drift-detection-remediation) [dependent on PR automation setup]

docs/onboarding/configuring-github-actions-workflow.mdx

@@ -182,6 +182,10 @@ Use one provider block per workflow.
 
 Start with default GitHub Actions cache behavior. If your repositories are large, add targeted caching using the guidance in [Caching Strategies](/ce/howto/caching-strategies).
 
+<Note>
+  For the full set of supported GitHub Action inputs and configuration options, refer to the action source: [diggerhq/digger/action.yml](http://github.com/diggerhq/digger/blob/develop/action.yml).
+</Note>
+
 ## Next step
 
 After updating your workflow, open a PR with a change to at least project and verify `plan` and `digger apply` still complete successfully.

docs/onboarding/remote-jobs.mdx

@@ -2,8 +2,6 @@
 title: "Remote Runs (Beta)"
 ---
 
-## TODO: this needs a refresh
-
 Remote Runs lets you execute Terraform / OpenTofu plan and apply operations in OpenTaco-managed remote environments instead of on your local machine. The changes don't need to be pushed to the remote repo for this to function since
 the local directory will be zipped and uploaded to the remote CI environment to perform the plan.
 
@@ -156,4 +154,3 @@ This model is similar to HCP Terraform remote execution.
     </Step>
 </Steps>
 
-

docs/self-hosting/deprecated-individual-component-installs/orchestrator-backend.mdx

@@ -3,8 +3,18 @@ title: "Orchestrator / Backend"
 description: "Legacy standalone install guidance for the OpenTaco orchestrator backend"
 ---
 
-## Coming soon
+Use this page to find older standalone orchestrator/backend self-hosting guides.
 
-- Standalone orchestrator/backend prerequisites
-- Required environment variables and service dependencies
-- Migration notes to current deployment models
+<Warning>
+  These guides are legacy references. For current recommended deployments, use the main self-hosting docs.
+</Warning>
+
+## Legacy orchestrator/backend self-hosting docs
+
+- [Deploy backend as a binary](/ce/self-host/deploy-binary)
+- [Deploy backend with Docker](/ce/self-host/deploy-docker)
+- [Deploy backend with Docker Compose](/ce/self-host/deploy-docker-compose)
+- [Deploy backend with Helm (legacy)](/ce/self-host/deploy-helm)
+- [Self-host on Azure (legacy)](/ce/self-host/self-host-on-azure)
+- [Self-host on Railway (legacy)](/ce/self-host/self-host-on-railway)
+- [Legacy auth methods for backend](/ce/self-host/auth-methods)

docs/self-hosting/deprecated-individual-component-installs/statesman.mdx

@@ -1,10 +1,19 @@
 ---
-title: "Statesman"
-description: "Legacy standalone install guidance for OpenTaco Statesman"
+title: "State Management"
+description: "Legacy standalone install guidance for OpenTaco state management (Statesman)"
 ---
 
-## Coming soon
+Use this page to find older standalone state management (Statesman) self-hosting guides.
 
-- Standalone statesman prerequisites
-- Required environment variables and datastore wiring
-- Migration notes to current deployment models
+<Warning>
+  These guides are legacy references. For current recommended deployments, use the main self-hosting docs.
+</Warning>
+
+## Legacy state management self-hosting docs
+
+- [State management quickstart](/ce/state-management/quickstart)
+- [State management cloud backend](/ce/state-management/cloud-backend)
+- [Query backend configuration](/ce/state-management/query-backend)
+- [Statesman + orchestrator integration](/ce/state-management/digger-integration)
+- [GCP quickstart for state management](/ce/state-management/gcp-quickstart)
+- [AWS Fargate + Active Directory quickstart](/ce/state-management/aws-fargate-ad-quickstart)