// Remote access reference for Anton. Use when Codex needs to reach or reason about kubectl, flux, talosctl, Tailscale MagicDNS, kubeconfig, talosconfig, off-LAN node access, or failed connectivity to k8s nodes.
Anton ADR lifecycle — author new architectural decision records, list existing ones by status or affects-category, and mark old decisions superseded. Use when capturing a decision (especially after `cluster-intake-gatekeeper` returns an ADD/DEFER/REJECT verdict), when reviewing prior decisions before changing direction, when checking if a candidate component has been removed before, or when promoting a decision out of memory into a durable record. ADRs live in `context/adrs/` and are immutable — supersession is the only way to change a decision. The ADR index is built by scanning ADR files directly and injected into every Codex session by `.Codex/hooks/inject_adr_index.py`. Keywords — ADR, architecture decision record, decision log, supersede, decision history, why did we, prior decision, recorded decision, MADR, immutable, intake handoff, cluster-intake-gatekeeper handoff, removal graveyard, reverted decision.
Intake gate for adding new system or infrastructure components to Anton. Asks the user to declare intent (concrete need, honest learning, or both), then applies the matching rubric — full production rubric for concrete need, contained-learning rubric for learning intake — and returns add / defer / reject with an ADR-ready summary. Welcomes honest learning intake (anton is partly a learning cluster; "things that don't scale" are okay when declared) but rejects completionism dressed as need. Read-only — never scaffolds manifests, never applies to the cluster. Use when asking "should I add X", "can I run X on the cluster", "is X worth adopting", "I want to try X", "I want to learn X", "evaluate new component", "vet this helm chart", "cluster intake", "new app decision", before scaffolding a new Flux app, or when tempted by a shiny project on HN. Hands passing candidates off to add-flux-app. Keywords — intake, adopt, install, new component, new app, evaluate, should I run, worth it, learning, experiment, try out,
Expose a workload for access. Four paths: envoy-internal (LAN via split-horizon DNS), Tailscale Ingress (internal remote HTTP with browser-trusted TLS), Tailscale Service annotation (raw TCP / non-HTTP), envoy-external + Cloudflare tunnel (genuinely public, requires explicit approval). Handles HTTPRoute authoring, DNSEndpoint for secondary domains, and per-domain cert wiring.
Triage ntfy.sh-routed alerts in Anton — identify which alert fired, why it fired (or why it didn't deliver), and propose a fix. Use when "got an ntfy alert", "alert just fired", "ntfy not delivering", "AlertmanagerClusterFailedToSendAlerts", "AlertmanagerFailedToSendAlerts", "code 40014", "attachments not allowed", "iOS push missing", "test the ntfy receiver", "send a test alert", "what just paged me", "is ntfy working". Combines kube-prometheus-stack Alertmanager API, the self-hosted ntfy server (ADR 0026), and the ntfy CLI for poll/publish probes. Read-only by default; proposes edits the operator applies.
Anton planner skill — author, update, and close multi-session initiatives (migrations, rollouts, long-running refactors) in `context/plans/`. Use when starting a multi-session initiative, tracking next steps on in-flight work, migrating a memory entry to a durable plan, closing a completed initiative, or reviewing what's open. Plans live at `context/plans/NNNN-kebab-slug.md` and are mutable — they capture execution state (what's next, what's blocked, log of decisions made during work) while ADRs capture immutable decisions (why). The active-plan index is built by scanning plan files directly and injected into every Codex session by `.Codex/hooks/inject_plans_index.py`. Keywords — plan, planner, initiative, track work, multi-session, next steps, checklist, migration plan, rollout plan, roadmap, in-flight, blocker, close plan, review-by, exit plan, timebox, memory-to-plan handoff.
Use when Codex needs to inspect or troubleshoot the Anton cluster's self-hosted Temporal deployment with the local Temporal CLI, including checking cluster health, namespaces, workflow visibility, schedules, search attributes, Web UI reachability, or Kubernetes readiness for the `temporal` namespace. Prefer this for Temporal CLI tasks in Anton rather than generic Temporal SDK guidance.
| name | anton-remote-access |
| description | Remote access reference for Anton. Use when Codex needs to reach or reason about kubectl, flux, talosctl, Tailscale MagicDNS, kubeconfig, talosconfig, off-LAN node access, or failed connectivity to k8s nodes. |
Goal: Use Anton's expected remote access paths for read-only inspection and operator-reviewed actions.
Success means:
./talos/clusterconfig/talosconfig.k8s-1, k8s-2, k8s-3.Stop when: the access path is clear enough to run the requested read-only command or to hand the operator a safe mutation command.
The repo sets these paths through Taskfile.yaml and .mise.toml:
KUBECONFIG=./kubeconfig
TALOSCONFIG=./talos/clusterconfig/talosconfig
SOPS_AGE_KEY_FILE=./age.key
The expected Kubernetes context is tailscale-operator.<tailnet-name>.ts.net; use the placeholder in committed docs. admin@anton is a fallback when Tailscale is unavailable.
kubectl config current-context
kubectl get nodes -o wide
flux get ks -A
flux get hr -A
talosctl --talosconfig ./talos/clusterconfig/talosconfig \
-e k8s-1 -n k8s-1,k8s-2,k8s-3 health
Use -e k8s-1 as the Talos endpoint and fan out with -n k8s-1,k8s-2,k8s-3 for all-node inspection.
For apply, upgrade, reset, drain, delete, or reconcile commands, first present the exact command, target node or namespace, expected effect, and rollback or verification step. Proceed only after the operator explicitly approves that action.