Sigil Gate Project Blog

While I was chopping down maples and opening the dacha season, the project kept moving. Yesterday I finished building the Architecture 2.0 infrastructure and ran a full end-to-end test. First traffic is flowing.

Two empty clusters waited in the cold for their first tenants: data moved into etcd, and k3s welcomed its first service — a database API built on FastAPI.

The etcd cluster is up and waiting for data. Here’s why copying everything over as-is didn’t work out — and how the migration turned into a full rethink of the data schemas.

First component: the management cluster on Kubernetes.

The concept behind Architecture 2.0.

Architecture 2.0 is taking shape — time to build. First component: a Kubernetes management cluster. But before any logic or services, there’s one question that comes first: security.

Breaking down what was wrong with the old architecture and how I redesigned it: from a tree to two independent clusters, zero trust, one domain per cluster, and Docker-based onboarding.

How I got hacked, had my CI/CD taken down, and had tokens vacuumed across the entire core cluster — in fifteen minutes.

Someone hinted that storing Telegram IDs in plaintext is not a great idea. I fixed it. Here’s how — and why it turned out trickier than expected.

The project is still closed — but I’ve started bringing in new participants. Here’s how the collaboration works and where it’s all heading.