[ci skip] complete NFS CSI migration: complex stacks + platform modules

Migrate remaining multi-volume stacks and all platform modules from inline NFS volumes to CSI-backed PV/PVC with nfs-truenas StorageClass (soft,timeo=30,retrans=3 mount options). Complex stacks: openclaw (4 vols), immich (8 vols), frigate (2 vols), nextcloud (2 vols + old PV replaced), rybbit (1 vol) Remaining stacks: affine, ebook2audiobook, f1-stream, osm_routing, real-estate-crawler Platform modules: monitoring (prometheus, loki, alertmanager PVs converted from native NFS to CSI), redis, dbaas, technitium, headscale, vaultwarden, uptime-kuma, mailserver, infra-maintenance
2026-03-02 01:24:07 +00:00 · 2026-03-02 01:24:07 +00:00 · 0e324df545
commit 0e324df545
parent 11b3d92684
24 changed files with 411 additions and 179 deletions
--- a/stacks/nextcloud/chart_values.yaml
+++ b/stacks/nextcloud/chart_values.yaml
@ -41,7 +41,7 @@ externalDatabase:

 persistence:
  enabled: true
-  existingClaim: nextcloud-data-pvc
+  existingClaim: nextcloud-data

  accessMode: ReadWriteOnce
  size: 100Gi
--- a/stacks/nextcloud/main.tf
+++ b/stacks/nextcloud/main.tf
@ -91,6 +91,23 @@ resource "helm_release" "nextcloud" {
 #   }
 # }

+module "nfs_nextcloud_data" {
+  source     = "../../modules/kubernetes/nfs_volume"
+  name       = "nextcloud-data"
+  namespace  = kubernetes_namespace.nextcloud.metadata[0].name
+  nfs_server = var.nfs_server
+  nfs_path   = "/mnt/main/nextcloud"
+  storage    = "100Gi"
+}
+
+module "nfs_nextcloud_backup" {
+  source     = "../../modules/kubernetes/nfs_volume"
+  name       = "nextcloud-backup"
+  namespace  = kubernetes_namespace.nextcloud.metadata[0].name
+  nfs_server = var.nfs_server
+  nfs_path   = "/mnt/main/nextcloud-backup"
+}
+
 resource "kubernetes_deployment" "whiteboard" {
  metadata {
    name      = "whiteboard"
@ -160,40 +177,6 @@ resource "kubernetes_service" "whiteboard" {
  }
 }

-resource "kubernetes_persistent_volume" "nextcloud-data-pv" {
-  metadata {
-    name = "nextcloud-data-pv"
-  }
-  spec {
-    capacity = {
-      "storage" = "100Gi"
-    }
-    access_modes = ["ReadWriteOnce"]
-    persistent_volume_source {
-      nfs {
-        path   = "/mnt/main/nextcloud"
-        server = var.nfs_server
-      }
-    }
-  }
-}
-
-resource "kubernetes_persistent_volume_claim" "nextcloud-data-pvc" {
-  metadata {
-    name      = "nextcloud-data-pvc"
-    namespace = kubernetes_namespace.nextcloud.metadata[0].name
-  }
-  spec {
-    access_modes = ["ReadWriteOnce"]
-    resources {
-      requests = {
-        "storage" = "100Gi"
-      }
-    }
-    volume_name = "nextcloud-data-pv"
-  }
-}
-
 module "ingress" {
  source          = "../../modules/kubernetes/ingress_factory"
  namespace       = kubernetes_namespace.nextcloud.metadata[0].name
@ -333,17 +316,15 @@ resource "kubernetes_cron_job_v1" "nextcloud-backup" {

            volume {
              name = "nextcloud-data"
-              nfs {
-                server = var.nfs_server
-                path   = "/mnt/main/nextcloud"
+              persistent_volume_claim {
+                claim_name = module.nfs_nextcloud_data.claim_name
              }
            }

            volume {
              name = "backup"
-              nfs {
-                server = var.nfs_server
-                path   = "/mnt/main/nextcloud-backup"
+              persistent_volume_claim {
+                claim_name = module.nfs_nextcloud_backup.claim_name
              }
            }