Joey McDonald jmcdice

Step-by-Step Network Policy Deployment Plan

Summary: How These Network Policies Work

Network policies in Kubernetes are like traffic rules for your application's components. They control which parts of your application can talk to each other and how. Here's a simple breakdown of how the policies in this guide work:

Zero-Trust Starting Point: We begin by assuming no communication is allowed. It's like having walls between all parts of your application.
Allowing Necessary Communication: We then create "doors" in these walls, but only where needed. For example:
- We allow components in the same environment (like production) to talk to each other.

We let the backend talk to the frontend, but not the other way around.

Mai-Tai Architecture: Projects, Channels, Agents & Users

Overview

Mai-Tai is a human-agent collaboration platform. This document defines the mental model for how projects, channels, agents, and users relate to each other.

Core Entities

Mai-Tai Site Map (v2 - Workspace Edition)

A simplified, workspace-centric architecture. No more channels - one workspace = one chat.

Page Structure

mai-tai.dev/
│
├── /                           # Landing page (public)

Home Automation Control with Claude via Mai-Tai

A complete setup guide for controlling your home automation devices through Claude in mai-tai mode using Home Assistant.

🏠 System Overview

This setup allows you to control your home devices by simply messaging Claude. No manual commands needed - just natural language requests like "turn on the living room lights" and Claude handles the rest.

Architecture

Home Assistant: Running in Docker, handles device discovery and control

🛋️⚡ Couch Commander - Network Architecture

System Overview

Complete media automation stack running on UGREEN NAS (Linux) with VPN protection for downloads.

graph TB
    subgraph Internet["🌐 Internet"]
        VPN[ProtonVPN<br/>Netherlands/Sweden/US]
        Indexers[Torrent Indexers<br/>via Prowlarr]

	# Install gcloud

	export CLOUD_SDK_REPO="cloud-sdk-$(lsb_release -c -s)"
	echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" \| sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
	curl https://packages.cloud.google.com/apt/doc/apt-key.gpg \| apt-key add -
	apt-get -y update
	apt-get -y --allow-unauthenticated install google-cloud-sdk kubectl

	# Install GCSFuse

	## Install Utils:
	$ sudo apt-get update
	$ sudo apt-get install tmux youtube-dl htop ccze vlc

	## Install and use youtube-dl
	$ youtube-dl https://www.youtube.com/watch?v=cC9r0jHF-Fw
	$ youtube-dl -F <video> (list video formats)
	$ youtube-dl -f <index> <video> download video at <format> --output fish.webm

	## Example

	# Deploy Concourse to PKS

	$ helm init --wait
	$ kubectl create serviceaccount --namespace kube-system tiller
	$ kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
	$ kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
	$ helm install --name concourse stable/concourse

	# View Concourse via your browser
	$ export POD_NAME=$(kubectl get pods --namespace default\|perl -lane 'print @F[0] if /web/')

	FROM ubuntu:latest

	ENV DEBIAN_FRONTEND noninteractive
	RUN sed -i 's#http://archive.ubuntu.com/#http://ubuntu.mirrors.tds.net/ubuntu/#' /etc/apt/sources.list

	# built-in packages
	RUN apt-get update
	RUN apt-get -o Dpkg::Options::='--force-confold' --force-yes -fuy dist-upgrade

	# common utils apt

	# Mai-Tai Site Map

	A tree-style overview of all pages and their purposes.

	## Page Structure

	```
	mai-tai.dev/
	│
	├── / # Landing page (public)