Skip to content

Instantly share code, notes, and snippets.

@NotJustAnna

NotJustAnna/CLAUDE.md

Created February 4, 2026 18:37
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save NotJustAnna/484a664d45c840bd141b6f45d6e8e140 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save NotJustAnna/484a664d45c840bd141b6f45d6e8e140 to your computer and use it in GitHub Desktop.
Download ZIP
CLAUDE.md for IaC repository.
Raw
CLAUDE.md

Repository Info, Instructions, and Guidelines for Claude

This is a IaC (Infrastructure as Code) repository.

The main guideline for Claude is: don't try to overachieve. Infrastructure is hard and complex. Measure twice, cut once. Otherwise, (costly) mistakes will be made.

Beware of Iac deadlocks

Infrastructure as Code changes can lead to deadlocks where resources depend on each other in a circular way. This happens for example when configs are changed mid-development, leading to impossible deployment orders.

E.g. K3s gets deployed. Keycloak gets deployed on K3s. Then, OIDC is set up on K3s pointing to Keycloak. We created a chicken-and-egg problem.

When working on IaC changes, always think through the deployment order and dependencies.

Markdown Files

Please avoid writing Markdown files unless explicitly requested by the user. You (Claude) have a tendency to create unnecessary Markdown files, often multiple files when one or none would suffice.

When creating or editing Markdown files, be concise and avoid unnecessary verbosity. You (Claude) often tend to add excessive explanations or filler content in Markdown files, sometimes resulting in hallucinated information. Stick to the essential content required by the user. Don't be afraid to ask clarifying questions about the Markdown file requirements if they are not clear.

Secrets

Secrets are deployed via our Ansible Playbook.

Kubernetes

Avoid Helm like the plague. Prefer kustomize.

Our cluster runs on arm64, this means not all containers/pods/kustomizations run on our cluster.

kubectl is properly configured and as such can be used to debug the cluster. Don't be shy to run kubectl commands.

Deployment is made via ArgoCD, on applications/

Database

We have CloudNative-PG for a reason. Use it.

Domains

We use Cloudflare with Terraform to manage domains. Relevant file is infrastructure/oci-notjustanna/main.tf.

Notes on high availability (HA)

We're not deploying Kubernetes for HA. Our goal with K3s is to be able to spread workloads across multiple nodes. HA is good to have, but not a requirement. If something is either hard to do in HA, or requires significant extra effort and resources, don't do it. If the solution is HA by default, great. But don't go out of your way to make it HA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment