viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

deprecate TrueNAS: migrate Immich NFS to Proxmox, remove all 10.0.10.15 references [ci skip]

Browse source 
- Migrate Immich (8 NFS PVs, 1.1TB) from TrueNAS to Proxmox host NFS
- Update config.tfvars nfs_server to 192.168.1.127 (Proxmox)
- Update nfs-csi StorageClass share to /srv/nfs
- Update scripts (weekly-backup, cluster-healthcheck) to Proxmox IP
- Delete obsolete TrueNAS scripts (nfs_exports.sh, truenas-status.sh)
- Rewrite nfs-health.sh for Proxmox NFS monitoring
- Update Freedify nfs_music_server default to Proxmox
- Mark CloudSync monitor CronJob as deprecated
- Update Prometheus alert summaries
- Update all architecture docs, AGENTS.md, and reference docs
- Zero PVs remain on TrueNAS — VM ready for decommission

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Viktor Barzin 2026-04-13 14:41:15 +00:00
parent 69248eaa7b
commit 38d51ab0af
20 changed files with 245 additions and 524 deletions
Download patch file Download diff file Expand all files Collapse all files

4
stacks/freedify/factory/main.tf
View file

@ -63,11 +63,11 @@ variable "ha_sofia_token" {
}
variable "nfs_music_server" {
type = string
default = "10.0.10.15"
default = "192.168.1.127"
}
variable "nfs_music_path" {
type = string
default = "/mnt/main/freedify-music"
default = "/srv/nfs/freedify-music"
}

3
stacks/immich/.terraform.lock.hcl generated
View file

@ -5,6 +5,7 @@ provider "registry.terraform.io/hashicorp/helm" {
version = "3.1.1"
hashes = [
"h1:47CqNwkxctJtL/N/JuEj+8QMg8mRNI/NWeKO5/ydfZU=",
"h1:5b2ojWKT0noujHiweCds37ZreRFRQLNaErdJLusJN88=",
"zh:1a6d5ce931708aec29d1f3d9e360c2a0c35ba5a54d03eeaff0ce3ca597cd0275",
"zh:3411919ba2a5941801e677f0fea08bdd0ae22ba3c9ce3309f55554699e06524a",
"zh:81b36138b8f2320dc7f877b50f9e38f4bc614affe68de885d322629dd0d16a29",
@ -24,6 +25,7 @@ provider "registry.terraform.io/hashicorp/kubernetes" {
version = "3.0.1"
hashes = [
"h1:P0c8knzZnouTNFIRij8IS7+pqd0OKaFDYX0j4GRsiqo=",
"h1:vyHdH0p6bf9xp1NPePObAJkXTJb/I09FQQmmevTzZe0=",
"zh:02d55b0b2238fd17ffa12d5464593864e80f402b90b31f6e1bd02249b9727281",
"zh:20b93a51bfeed82682b3c12f09bac3031f5bdb4977c47c97a042e4df4fb2f9ba",
"zh:6e14486ecfaee38c09ccf33d4fdaf791409f90795c1b66e026c226fad8bc03c7",
@ -44,6 +46,7 @@ provider "registry.terraform.io/hashicorp/vault" {
constraints = "~> 4.0"
hashes = [
"h1:GPfhH6dr1LY0foPBDYv9bEGifx7eSwYqFcEAOWOUxLk=",
"h1:aHqgWQhDBMeZO9iUKwJYMlh4q+xNMUlMIcjRbF4d02Y=",
"zh:269ab13433f67684012ae7e15876532b0312f5d0d2002a9cf9febb1279ce5ea6",
"zh:4babc95bf0c40eb85005db1dc2ca403c46be4a71dd3e409db3711a56f7a5ca0e",
"zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",

2
stacks/immich/backend.tf
View file

@ -1,6 +1,6 @@
# Generated by Terragrunt. Sig: nIlQXj57tbuaRZEa
terraform {
backend "local" {
path = "/Users/viktorbarzin/code/infra/state/stacks/immich/terraform.tfstate"
path = "/home/wizard/code/infra/state/stacks/immich/terraform.tfstate"
}
}

89
stacks/immich/main.tf
View file

@ -17,7 +17,7 @@ variable "immich_version" {
# Change me to upgrade
default = "v2.7.4"
}
variable "nfs_server" { type = string }
variable "proxmox_host" { type = string }
variable "redis_host" { type = string }
@ -27,71 +27,70 @@ module "tls_secret" {
tls_secret_name = var.tls_secret_name
}
# NFS volumes for immich-server
module "nfs_backups" {
# NFS volumes on Proxmox host (migrated from TrueNAS 2026-04-13)
module "nfs_backups_host" {
source = "../../modules/kubernetes/nfs_volume"
name = "immich-backups"
name = "immich-backups-host"
namespace = kubernetes_namespace.immich.metadata[0].name
nfs_server = var.nfs_server
nfs_path = "/mnt/main/immich/immich/backups"
nfs_server = var.proxmox_host
nfs_path = "/srv/nfs/immich/backups"
}
module "nfs_encoded_video" {
module "nfs_encoded_video_host" {
source = "../../modules/kubernetes/nfs_volume"
name = "immich-encoded-video"
name = "immich-encoded-video-host"
namespace = kubernetes_namespace.immich.metadata[0].name
nfs_server = var.nfs_server
nfs_path = "/mnt/main/immich/immich/encoded-video"
nfs_server = var.proxmox_host
nfs_path = "/srv/nfs/immich/encoded-video"
}
module "nfs_library" {
module "nfs_library_host" {
source = "../../modules/kubernetes/nfs_volume"
name = "immich-library"
name = "immich-library-host"
namespace = kubernetes_namespace.immich.metadata[0].name
nfs_server = var.nfs_server
nfs_path = "/mnt/main/immich/immich/library"
nfs_server = var.proxmox_host
nfs_path = "/srv/nfs/immich/library"
}
module "nfs_profile" {
module "nfs_profile_host" {
source = "../../modules/kubernetes/nfs_volume"
name = "immich-profile"
name = "immich-profile-host"
namespace = kubernetes_namespace.immich.metadata[0].name
nfs_server = var.nfs_server
nfs_path = "/mnt/main/immich/immich/profile"
nfs_server = var.proxmox_host
nfs_path = "/srv/nfs/immich/profile"
}
module "nfs_thumbs" {
module "nfs_thumbs_host" {
source = "../../modules/kubernetes/nfs_volume"
name = "immich-thumbs"
name = "immich-thumbs-host"
namespace = kubernetes_namespace.immich.metadata[0].name
nfs_server = var.nfs_server
nfs_path = "/mnt/ssd/immich/thumbs"
nfs_server = var.proxmox_host
nfs_path = "/srv/nfs-ssd/immich/thumbs"
}
module "nfs_upload" {
module "nfs_upload_host" {
source = "../../modules/kubernetes/nfs_volume"
name = "immich-upload"
name = "immich-upload-host"
namespace = kubernetes_namespace.immich.metadata[0].name
nfs_server = var.nfs_server
nfs_path = "/mnt/main/immich/immich/upload"
nfs_server = var.proxmox_host
nfs_path = "/srv/nfs/immich/upload"
}
# NFS volume for immich-postgresql (shared with backup cronjob)
module "nfs_postgresql" {
module "nfs_postgresql_host" {
source = "../../modules/kubernetes/nfs_volume"
name = "immich-postgresql-data"
name = "immich-postgresql-data-host"
namespace = kubernetes_namespace.immich.metadata[0].name
nfs_server = var.nfs_server
nfs_path = "/mnt/main/immich/data-immich-postgresql"
nfs_server = var.proxmox_host
nfs_path = "/srv/nfs/immich/postgresql"
}
# NFS volume for immich-machine-learning cache
module "nfs_ml_cache" {
module "nfs_ml_cache_host" {
source = "../../modules/kubernetes/nfs_volume"
name = "immich-ml-cache"
name = "immich-ml-cache-host"
namespace = kubernetes_namespace.immich.metadata[0].name
nfs_server = var.nfs_server
nfs_path = "/mnt/ssd/immich/machine-learning"
nfs_server = var.proxmox_host
nfs_path = "/srv/nfs-ssd/immich/machine-learning"
}
resource "kubernetes_namespace" "immich" {
@ -303,37 +302,37 @@ resource "kubernetes_deployment" "immich_server" {
volume {
name = "backups"
persistent_volume_claim {
claim_name = module.nfs_backups.claim_name
claim_name = module.nfs_backups_host.claim_name
}
}
volume {
name = "encoded-video"
persistent_volume_claim {
claim_name = module.nfs_encoded_video.claim_name
claim_name = module.nfs_encoded_video_host.claim_name
}
}
volume {
name = "library"
persistent_volume_claim {
claim_name = module.nfs_library.claim_name
claim_name = module.nfs_library_host.claim_name
}
}
volume {
name = "profile"
persistent_volume_claim {
claim_name = module.nfs_profile.claim_name
claim_name = module.nfs_profile_host.claim_name
}
}
volume {
name = "thumbs"
persistent_volume_claim {
claim_name = module.nfs_thumbs.claim_name
claim_name = module.nfs_thumbs_host.claim_name
}
}
volume {
name = "upload"
persistent_volume_claim {
claim_name = module.nfs_upload.claim_name
claim_name = module.nfs_upload_host.claim_name
}
}
}
@ -478,7 +477,7 @@ resource "kubernetes_deployment" "immich-postgres" {
volume {
name = "postgresql-persistent-storage"
persistent_volume_claim {
claim_name = module.nfs_postgresql.claim_name
claim_name = module.nfs_postgresql_host.claim_name
}
}
}
@ -646,7 +645,7 @@ resource "kubernetes_deployment" "immich-machine-learning" {
volume {
name = "cache"
persistent_volume_claim {
claim_name = module.nfs_ml_cache.claim_name
claim_name = module.nfs_ml_cache_host.claim_name
}
}
}
@ -771,7 +770,7 @@ resource "kubernetes_cron_job_v1" "postgresql-backup" {
volume {
name = "postgresql-backup"
persistent_volume_claim {
claim_name = module.nfs_postgresql.claim_name
claim_name = module.nfs_postgresql_host.claim_name
}
}
}

10
stacks/monitoring/modules/monitoring/main.tf
View file

@ -95,8 +95,8 @@ resource "kubernetes_cron_job_v1" "monitor_prom" {
}
# -----------------------------------------------------------------------------
# Cloud Sync Monitor check TrueNAS Cloud Sync job status, push to Pushgateway
# Runs every 6h. Alert fires if no successful sync in 8 days.
# Cloud Sync Monitor DEPRECATED: TrueNAS decommissioned 2026-04-13
# TODO: Remove this resource entirely once TrueNAS VM is shut down
# -----------------------------------------------------------------------------
resource "kubernetes_cron_job_v1" "cloudsync_monitor" {
metadata {
@ -123,11 +123,11 @@ resource "kubernetes_cron_job_v1" "cloudsync_monitor" {
set -euo pipefail
apk add --no-cache curl jq
# Query TrueNAS Cloud Sync tasks
# Query TrueNAS Cloud Sync tasks (TrueNAS deprecated this monitor should be removed)
RESPONSE=$(curl -sf -H "Authorization: Bearer $TRUENAS_API_KEY" \
"http://10.0.10.15/api/v2.0/cloudsync" 2>&1) || {
echo "ERROR: Failed to query TrueNAS API"
exit 1
echo "WARN: TrueNAS API unreachable (VM deprecated)"
exit 0
}
# Parse each task's last successful run

2
stacks/monitoring/modules/monitoring/prometheus_chart_values.tpl
View file

@ -1013,7 +1013,7 @@ serverFiles:
labels:
severity: critical
annotations:
summary: "Only {{ $value | printf \"%.0f\" }} node(s) have NFS activity — TrueNAS (10.0.10.15) may be down (need ≥2)"
summary: "Only {{ $value | printf \"%.0f\" }} node(s) have NFS activity — Proxmox NFS (192.168.1.127) may be down (need ≥2)"
- name: K8s Health
rules:
- alert: PodCrashLooping

2
stacks/nfs-csi/modules/nfs-csi/main.tf
View file

@ -87,7 +87,7 @@ resource "kubernetes_storage_class" "nfs_truenas" {
]
parameters = {
server = "192.168.1.127"
server = var.nfs_server
share = "/srv/nfs"
}
}