viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1132 commits 2 branches 0 tags 2.3 GiB
Commit graph

947 commits

Author SHA1 Message Date
Viktor Barzin
5f0c32d005 Add audiblez-web service and refactor ebook2audiobook deployments 
Uncomment ebook2audiobook deployment with proper GPU tolerations
(set to 0 replicas). Disable audiblez CLI deployment in favor of
audiblez-web. Add new audiblez-web deployment, service, and ingress
with GPU support, large upload limits, and auth protection.
 2026-02-06 20:22:05 +00:00
Viktor Barzin
1275697f2b Add GPU node taint tolerations and enhance GPU memory exporter 
Add nvidia.com/gpu toleration to all GPU workloads (frigate, ollama)
to support NoSchedule taint on GPU nodes. Update nvidia operator
helm values with daemonset tolerations. Enhance GPU pod memory
exporter with Kubernetes API integration to resolve container IDs
to pod names/namespaces, adding RBAC resources for API access.
 2026-02-06 20:19:26 +00:00
Viktor Barzin
9ef4d38d51 Add DRONE_WEBHOOK_SECRET for GitHub webhook authentication 
Fixes webhook signature validation failures causing 400 errors.
 2026-02-01 20:42:07 +00:00
Viktor Barzin
da4cf18d6d Add per-pod GPU memory metrics exporter 
- Add DaemonSet that runs on GPU node and exposes Prometheus metrics
- Uses nvidia-smi to collect per-process GPU memory usage
- Maps PIDs to container IDs via /proc/<pid>/cgroup
- Exposes gpu_pod_memory_used_bytes metric at :9401/metrics
- Add Prometheus scrape config for gpu-pod-memory job

[ci skip]
 2026-01-31 16:58:14 +00:00
Viktor Barzin
751b83a53c Add crowdsec-blocklist-import CronJob 
Import public threat intelligence blocklists into CrowdSec daily at 4 AM.
Uses kubectl exec to run the import script inside an existing CrowdSec
agent pod that is already registered with the LAPI.

Source: https://github.com/wolffcatskyy/crowdsec-blocklist-import

[ci skip]
 2026-01-28 20:11:44 +00:00
Viktor Barzin
3d7190e935 fix resume pdf generation [ci skip] 2026-01-28 19:42:13 +00:00
Viktor Barzin
187340d652 upgrade immich to 2.5.0 [ci skip] 2026-01-28 19:41:52 +00:00
Viktor Barzin
8cfdc35a2b add the yt-highlights app [ci skip] 2026-01-28 18:03:49 +00:00
Viktor Barzin
8faf05982f ad service for youtube video highlights [ci skip] 2026-01-28 17:58:39 +00:00
Viktor Barzin
db2aaeeac3 add reactive resume service [ci skip] 2026-01-28 17:57:39 +00:00
Viktor Barzin
1eb3c30479 increase the num of nvidia slices to 20 [ci skip] 2026-01-26 20:41:59 +00:00
Viktor Barzin
e85c0365cd Add AFFiNE visual canvas for storytelling 
- Deploy AFFiNE as self-hosted visual canvas tool
- Uses shared PostgreSQL and Redis from cluster
- NFS storage for uploads and configuration
- Email configured via mailserver.viktorbarzin.me
- Ingress at affine.viktorbarzin.me

[ci skip]
 2026-01-25 21:40:39 +00:00
Viktor Barzin
5ded70c1ab add excalidraw with support for storing drawings per user [ci skip] 2026-01-25 00:46:26 +00:00
Viktor Barzin
10092ec285 reduce the frequency of polling idrac and remove some duplicates [ci skip] 2026-01-24 18:47:22 +00:00
Viktor Barzin
5e4623ea18 add mcaptcha [ci skip] 2026-01-24 18:46:47 +00:00
Viktor Barzin
83545c6327 add crowdsec rule ot skip my home ip[ci skip] 2026-01-24 18:46:12 +00:00
Viktor Barzin
43800017b3 use hcaptcha with nginx [ci skip] 2026-01-24 18:45:41 +00:00
Viktor Barzin
a361ad2548 add mcaptcha but disabled as we found another way[ci skip] 2026-01-24 18:43:43 +00:00
Viktor Barzin
309afebf17 add ollama-api ingress accessible only locally to allow claude code [ci skip] 2026-01-19 20:15:46 +00:00
Viktor Barzin
e631659208 preload immich models so they are always fresh [ci skip] 2026-01-19 20:15:09 +00:00
Viktor Barzin
8601c26e63 add boilerplate for adding basic auth as fallback when authentik is down [ci skip] 2026-01-18 14:05:24 +00:00
Viktor Barzin
add3bc4cbf update resume to be a bit more working; still not workign but closer...[ci skip] 2026-01-18 14:05:01 +00:00
Viktor Barzin
c17b481346 disallow my sites from being iframed [ci skip] 2026-01-18 13:41:20 +00:00
Viktor Barzin
a1d945a0b2 add prometheus alerts for deployment/statefulset/daemonset replica mismatches [ci skip] 
- Add DeploymentReplicasMismatch alert
- Add StatefulSetReplicasMismatch alert
- Add DaemonSetMissingPods alert
- Add .claude/ directory with remote executor and knowledge base
 2026-01-18 11:04:51 +00:00
Viktor Barzin
e8e18d466e do not unload immich ML model [ci skip] 2026-01-17 23:39:46 +00:00
Viktor Barzin
62be47b2a9 add cronjob for weekly backups of nextcloud [ci skip] 2026-01-17 23:35:10 +00:00
Viktor Barzin
185a138cc5 dedup ram alert and increase threshold to 95% [ci skip] 2026-01-17 22:42:22 +00:00
Viktor Barzin
e837b41b48 add freedify [ci skip] 2026-01-17 22:40:35 +00:00
Viktor Barzin
19184ee22f upgrade nextcloud and add external redis [ci skip] 2026-01-17 20:50:29 +00:00
Viktor Barzin
1ace09f1ea add emo instance for actual budget [ci skip] 2026-01-17 15:01:29 +00:00
Viktor Barzin
474da4efe5 add speedtest deployment [ci skip] 2026-01-13 20:34:44 +00:00
Viktor Barzin
61e318398c scale grafana to 3 pods for resilience [ci skip] 2026-01-12 18:27:54 +00:00
Viktor Barzin
b5db0dd7cf scale pgbouncer to 3 for resilience and run them on separate nodes [ci skip] 2026-01-12 18:27:54 +00:00
Viktor Barzin
155c0dece4 upgrade vaultwarden [ci skip] 2026-01-10 22:47:22 +00:00
Viktor Barzin
84bf53eaca upgrade ollama [ci skip] 2026-01-10 22:47:10 +00:00
Viktor Barzin
da38c7bb30 move some tiers around [ci skip] 2026-01-10 22:47:00 +00:00
Viktor Barzin
8a64640194 run descheduler hourly for more frequent updates [ci skip] 2026-01-10 21:03:42 +00:00
Viktor Barzin
fb84affce6 disable auth-response-headers for idrac and gw ingresses as they cause errors on the upstream [ci skip] 2026-01-10 20:41:00 +00:00
Viktor Barzin
235a469dea add credentials for ab bank sync cronjob [ci skip] 2026-01-10 20:01:06 +00:00
Viktor Barzin
ff9e431544 sclae tuya bridge to 3 pods for resilience [ci skip] 2026-01-10 19:27:57 +00:00
Viktor Barzin
445506b1d5 move crowdsec to croe services [ci skip] 2026-01-10 19:27:32 +00:00
Viktor Barzin
aa6dd13b48 add actualbudget-http-api plus a cronjob to periodically run bank sync [ci skip] 2026-01-10 19:27:14 +00:00
Viktor Barzin
f1e9fb9afe add tier to all deployments [ci skip] 2026-01-10 16:28:14 +00:00
Viktor Barzin
1b5cbeb9c8 monitor idrac more frequently [ci skip] 2026-01-07 18:55:59 +00:00
Viktor Barzin
7e8f73452c add ipv6 addresses to the ingress factory [ci skip] 2026-01-07 18:54:37 +00:00
Viktor Barzin
9edab32199 disable sidekiq as it is not working [ci skip] 2026-01-07 18:54:22 +00:00
Viktor Barzin
8d7a926e6f pin version [ci skip] 2026-01-05 20:17:02 +00:00
Viktor Barzin
934fa34c79 update cpu temp alert to above 60 [ci skip] 2026-01-04 12:26:46 +00:00
Viktor Barzin
01d4c9c3e1 update definition of high cpu usage to use pve metrics in stead for a longer period [ci skip] 2026-01-03 23:30:28 +00:00
Viktor Barzin
75a110c932 store the aiostreams secret key in resource to keep it persistent [ci skip] 2026-01-03 23:14:02 +00:00