viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2221 commits 2 branches 0 tags 2.3 GiB
Commit graph

2221 commits

This branch
This branch
All branches
Author SHA1 Message Date
Viktor Barzin
4907b9932c state(tor-proxy): update encrypted state 2026-04-04 17:41:56 +03:00
Viktor Barzin
53305a11f8 state(rybbit): update encrypted state 2026-04-04 17:40:42 +03:00
Viktor Barzin
8016dcb9d3 state(tandoor): update encrypted state 2026-04-04 17:32:21 +03:00
Viktor Barzin
de21e035cc state(stirling-pdf): update encrypted state 2026-04-04 17:32:05 +03:00
Viktor Barzin
57b84a110f state(speedtest): update encrypted state 2026-04-04 17:29:26 +03:00
Viktor Barzin
396c06c2a7 state(privatebin): update encrypted state 2026-04-04 17:28:31 +03:00
Viktor Barzin
411f4ed585 state(paperless-ngx): update encrypted state 2026-04-04 17:27:42 +03:00
Viktor Barzin
42ab019ddb state(owntracks): update encrypted state 2026-04-04 17:27:04 +03:00
Viktor Barzin
b22087effe state(onlyoffice): update encrypted state 2026-04-04 17:26:28 +03:00
Viktor Barzin
4a475aff28 state(health): update encrypted state 2026-04-04 17:25:24 +03:00
Viktor Barzin
89a13f9f9e state(grampsweb): update encrypted state 2026-04-04 17:24:48 +03:00
Viktor Barzin
db8ce37964 state(send): update encrypted state 2026-04-04 17:24:41 +03:00
Viktor Barzin
db3bcdb6c1 state(n8n): update encrypted state 2026-04-04 17:24:06 +03:00
Viktor Barzin
d57c6fc5a5 state(isponsorblocktv): update encrypted state 2026-04-04 17:13:03 +03:00
Viktor Barzin
80bd7292e0 state(hackmd): update encrypted state 2026-04-04 17:12:44 +03:00
Viktor Barzin
a1c43936ea state(f1-stream): update encrypted state 2026-04-04 17:12:24 +03:00
Viktor Barzin
1fcef591bb state(excalidraw): update encrypted state 2026-04-04 17:12:02 +03:00
Viktor Barzin
c131a50a32 state(diun): update encrypted state 2026-04-04 17:11:41 +03:00
Viktor Barzin
7bab4ead12 state(changedetection): update encrypted state 2026-04-04 17:11:22 +03:00
Viktor Barzin
c2584f4cdc state(affine): update encrypted state 2026-04-04 17:11:17 +03:00
Viktor Barzin
b98dcaef36 state(nextcloud): update encrypted state 2026-04-04 17:06:04 +03:00
Viktor Barzin
2667a19999 state(nextcloud): update encrypted state 2026-04-04 17:02:26 +03:00
Viktor Barzin
bc4fb5da8f state(nextcloud): update encrypted state 2026-04-04 16:38:09 +03:00
Viktor Barzin
2d5c55f7b1 docs: add storage class decision rule to CLAUDE.md 
Default to proxmox-lvm for all new services. NFS only for RWX,
backup destinations, or shared media libraries. Updated iSCSI
backup section to reflect proxmox-lvm migration.
 2026-04-04 16:35:12 +03:00
Viktor Barzin
ee39dd2fc9 feat(storage): migrate 12 SQLite NFS PVCs to proxmox-lvm (Wave 1) 
Add proxmox-lvm PVCs with pvc-autoresizer annotations for all
SQLite-backed services. Deployments updated to use new block storage
PVCs. Old NFS modules retained for 1-week rollback.

Services: ntfy, freshrss, insta2spotify, actualbudget (x3),
wealthfolio, navidrome (DB only), audiobookshelf config,
headscale, forgejo, uptime-kuma.

Also: set Recreate strategy on ntfy, forgejo, insta2spotify,
wealthfolio (required for RWO volumes).
 2026-04-04 16:26:59 +03:00
Viktor Barzin
792da5c066 state(platform): update encrypted state 2026-04-04 16:17:16 +03:00
Viktor Barzin
9ea29160d7 state(uptime-kuma): update encrypted state 2026-04-04 16:17:03 +03:00
Viktor Barzin
e0ca0edd51 state(forgejo): update encrypted state 2026-04-04 16:15:43 +03:00
Viktor Barzin
1f2ab8b547 state(headscale): update encrypted state 2026-04-04 16:15:25 +03:00
Viktor Barzin
afd22150f6 state(proxmox-csi): update encrypted state 2026-04-04 16:13:31 +03:00
Viktor Barzin
f48e400087 state(vault): update encrypted state 2026-04-04 16:10:25 +03:00
Viktor Barzin
d07314c0df state(navidrome): update encrypted state 2026-04-04 16:09:35 +03:00
Viktor Barzin
8b9ae390eb state(wealthfolio): update encrypted state 2026-04-04 16:08:57 +03:00
Viktor Barzin
afd4c78cd7 state(actualbudget): update encrypted state 2026-04-04 16:08:18 +03:00
Viktor Barzin
6ec3774aa9 state(freshrss): update encrypted state 2026-04-04 16:02:50 +03:00
Viktor Barzin
56342aedcc state(ntfy): update encrypted state 2026-04-04 15:59:53 +03:00
Viktor Barzin
c422aa2ef6 state(nextcloud): update encrypted state 2026-04-04 15:30:29 +03:00
Viktor Barzin
3d3759ea2f fix: disable cert-manager webhook for pvc-autoresizer, use self-signed cert [ci skip] 
Cluster doesn't have cert-manager installed. Use self-signed certificate
for the controller and disable the PVC mutating webhook (annotations are
set directly on PVCs via Terraform).
 2026-04-03 23:44:49 +03:00
Viktor Barzin
ce7b8c2b2e add pvc-autoresizer for automatic PVC expansion before volumes fill up [ci skip] 
Deploy topolvm/pvc-autoresizer controller that monitors kubelet_volume_stats
via Prometheus and auto-expands annotated PVCs. Annotated all 9 block-storage
PVCs (proxmox-lvm) with per-PVC thresholds and max limits. Updated PVFillingUp
alert to critical/10m (means auto-expansion failed) and added PVAutoExpanding
info alert at 80%.
 2026-04-03 23:30:00 +03:00
Viktor Barzin
b2cac8cc97 add proxmox-csi cleanup TODO for post-migration tasks [ci skip] 2026-04-03 20:02:14 +03:00
Viktor Barzin
d49acebd8e migrate ebooks-calibre to proxmox-lvm, update storage docs [ci skip] 
- Migrate ebooks-calibre-config-iscsi (2Gi, 2380 files) to proxmox-lvm
- Update docs/architecture/storage.md: document Proxmox CSI as primary
  block storage, mark democratic-csi iSCSI as deprecated
- Add full migration plan to docs/plans/
 2026-04-03 19:45:34 +03:00
Viktor Barzin
ca57c8c15c state(uptime-kuma): update encrypted state 2026-04-03 15:11:53 +03:00
Viktor Barzin
8d8534df8a state(crowdsec): update encrypted state 2026-04-03 15:01:08 +03:00
Viktor Barzin
d86c62b6ef state(health): update encrypted state 2026-04-03 15:00:30 +03:00
Viktor Barzin
b49e9d7e69 state(woodpecker): update encrypted state 2026-04-03 14:59:49 +03:00
Viktor Barzin
dd59512153 migrate iSCSI block volumes from democratic-csi to Proxmox CSI [ci skip] 
Replace TrueNAS iSCSI (democratic-csi) with Proxmox CSI plugin for all
block storage PVCs. Eliminates double-CoW (ZFS + LVM-thin) and removes
the iSCSI network hop for database I/O.

New stack: stacks/proxmox-csi/ — deploys proxmox-csi-plugin Helm chart
with StorageClass "proxmox-lvm" using existing local-lvm thin pool.

Migrated PVCs (12 total):
- Phase 1 standalone: plotting-book, novelapp, vaultwarden, nextcloud, prometheus
- Phase 2 StatefulSets: CNPG PostgreSQL (2), MySQL InnoDB (3), Redis (2)

All services verified healthy post-migration.
 2026-04-02 22:13:04 +03:00
Viktor Barzin
337da2184d add upstream fallback to containerd registry mirrors 
When the pull-through proxy (10.0.20.10) is down, containerd now falls
back to the official upstream registries (registry-1.docker.io, ghcr.io)
instead of failing. Also cleans up stale disabled registry mirror dirs
and removes unnecessary containerd restart from the rollout script.
 2026-04-02 11:05:30 +03:00
Viktor Barzin
2d8aa5ed89 docs: update hardware inventory for R730 RAM upgrade to 272GB 
Upgraded from 144GB (4x32G + 2x8G) to 272GB (8x32G + 2x8G) DDR4-2400.
Added physical DIMM slot diagram, channel layout, and BIOS speed override
notes. Updated compute architecture with correct CPU (single socket),
VM memory values, and capacity figures.
 2026-04-02 00:48:13 +03:00
Viktor Barzin
87c858f026 state(platform): update encrypted state 2026-04-01 20:08:32 +03:00
Viktor Barzin
5af6558935 state(platform): update encrypted state 2026-04-01 20:08:29 +03:00