[ci skip] complete NFS CSI migration: complex stacks + platform modules

Migrate remaining multi-volume stacks and all platform modules from inline NFS volumes to CSI-backed PV/PVC with nfs-truenas StorageClass (soft,timeo=30,retrans=3 mount options). Complex stacks: openclaw (4 vols), immich (8 vols), frigate (2 vols), nextcloud (2 vols + old PV replaced), rybbit (1 vol) Remaining stacks: affine, ebook2audiobook, f1-stream, osm_routing, real-estate-crawler Platform modules: monitoring (prometheus, loki, alertmanager PVs converted from native NFS to CSI), redis, dbaas, technitium, headscale, vaultwarden, uptime-kuma, mailserver, infra-maintenance
2026-03-02 01:24:07 +00:00 · 2026-03-02 01:24:07 +00:00 · 0e324df545
commit 0e324df545
parent 11b3d92684
24 changed files with 411 additions and 179 deletions
--- a/stacks/platform/modules/headscale/main.tf
+++ b/stacks/platform/modules/headscale/main.tf
@ -20,6 +20,14 @@ module "tls_secret" {
  tls_secret_name = var.tls_secret_name
 }

+module "nfs_data" {
+  source     = "../../../../modules/kubernetes/nfs_volume"
+  name       = "headscale-data"
+  namespace  = kubernetes_namespace.headscale.metadata[0].name
+  nfs_server = var.nfs_server
+  nfs_path   = "/mnt/main/headscale"
+}
+
 resource "kubernetes_deployment" "headscale" {
  metadata {
    name      = "headscale"
@ -111,9 +119,8 @@ resource "kubernetes_deployment" "headscale" {

        volume {
          name = "nfs-config"
-          nfs {
-            path   = "/mnt/main/headscale"
-            server = var.nfs_server
+          persistent_volume_claim {
+            claim_name = module.nfs_data.claim_name
          }
        }
        # container {