Status
Deployed (first: 2026-06-28 · connectors phase 1: 2026-06-30 · security hardening +
Tailscale key rotation: 2026-07-02 · connectors re-authorized + Notion creds moved to
Secret Manager: 2026-07-03). Public at https://bobsmcp.uk; admin over Tailscale; no
public inbound ports.
Authorized connectors: notion_api, github, cloudflare (hubspot, notion,
slack, workspace_mcp enabled but credential-less).
Integrations using the broker: claude.ai (Notion/GitHub/Cloudflare), the live
Claude Telegram bot (read-only Notion), and the Mac
/wiki-publish skill. Full matrix in the gcp-mcp-standalone/HLD.
Fallback environment to the separate Oracle (OCI) project.
Docs
- gcp-mcp-standalone/HLD — architecture, security model, costs, decisions
- gcp-mcp-standalone/LLD — resources, config, interfaces, sequences
- gcp-mcp-standalone/security-review — full security audit (2026-07-03)
- ADRs: gcp-mcp-standalone/adr/0001-cloudflare-tunnel-over-tailscale-funnel · gcp-mcp-standalone/adr/0002-deny-all-public-ingress · gcp-mcp-standalone/adr/0003-dedicated-domain-for-the-tunnel · gcp-mcp-standalone/adr/0004-tailscale-key-in-secret-manager · gcp-mcp-standalone/adr/0005-pinned-supply-chain · gcp-mcp-standalone/adr/0006-localhost-only-broker-bind
- Runbooks: gcp-mcp-standalone/runbooks/deploy · gcp-mcp-standalone/runbooks/rotate-tailscale-key · gcp-mcp-standalone/runbooks/reconnect-connectors
- Related: telegram-mcp-connector/README (the on-VM Claude Telegram bot)
wiki/projects/gcp-mcp-standalone/README.md · git is the source of truth