Chapters:
= SPEC-003: Accessing Camelot via Gatehouse8
:sectnums:
:toc:
== Background
As the kingdom expanded beyond its original castle (Camelot), the need arose for a fortified entry, secure internal communication, and centralized automation.
Gatehouse8 was established as the kingdom’s secure gateway. Merlin took up residence within, wielding automation tools to command Camelot and beyond. Annwn, a sandboxed container realm, flourishes under Camelot’s governance.
This document defines the architecture, roles, and components supporting the kingdom’s infrastructure.
== Kingdom Legend
Annwn: 📦 A container in a sandboxed world
* Runs isolated workloads
* No direct control over infrastructure
* Lives within the greater kingdom
Camelot: 🏰 The Proxmox host — has network + package access
* The castle walls: controls virtual machines and containers
* Provides infrastructure resources to its guests
* Guarded, but more exposed to the world
Gatehouse8: 🏯 The fortified entry
* SSH bastion / jump server
* Controls who enters the kingdom’s inner network
🏯 Gatehouse8 = the place
🛡️ Gatewarden = the role, the keeper of the keys, the enforcer of trust
“Last January we talked about Gatehouse8 as the kingdom’s front door.
TransferPoint is the next structure inside — a secure courtyard where only the right scrolls are passed from one hand to another.
Not a hallway. Not a mess of notes under the door.
A guarded, documented, and intentional place for our most critical exchanges.”
Merlin: 🧙♂️
* Runs Ansible, Terraform, and automation scripts
* Commands deployments and configurations
* Speaks to Camelot and beyond via APIs and SSH
Frodo: 💻 The traveling laptop
* Operator’s personal device
* Initiates connections to Gatehouse8
* Brings keys, commands, and scrolls to the kingdom