viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2636 commits 2 branches 0 tags 2.3 GiB
Commit graph

2636 commits

This branch
This branch
All branches
Author SHA1 Message Date
Viktor Barzin
f42633de35 state(affine): update encrypted state 2026-04-15 19:58:05 +00:00
Viktor Barzin
0daf96f267 state(affine): update encrypted state 2026-04-15 19:57:56 +00:00
Viktor Barzin
cd1b0cdac7 state(hackmd): update encrypted state 2026-04-15 19:56:45 +00:00
Viktor Barzin
f0f6fca1c7 state(hackmd): update encrypted state 2026-04-15 19:55:02 +00:00
Viktor Barzin
9ada39e8cc state(hackmd): update encrypted state 2026-04-15 19:54:52 +00:00
Viktor Barzin
df5bf41586 state(nextcloud): update encrypted state 2026-04-15 19:53:40 +00:00
Viktor Barzin
63cb53818d state(mailserver): update encrypted state 2026-04-15 19:52:59 +00:00
Viktor Barzin
24303f2df8 state(nextcloud): update encrypted state 2026-04-15 19:51:56 +00:00
Viktor Barzin
0f4010d925 state(mailserver): update encrypted state 2026-04-15 19:51:51 +00:00
Viktor Barzin
f86c869640 state(nextcloud): update encrypted state 2026-04-15 19:51:48 +00:00
Viktor Barzin
81d6644818 state(mailserver): update encrypted state 2026-04-15 19:51:41 +00:00
Viktor Barzin
1fc1b57191 state(headscale): update encrypted state 2026-04-15 19:49:10 +00:00
Viktor Barzin
f028c6c826 state(frigate): update encrypted state 2026-04-15 19:48:43 +00:00
Viktor Barzin
f294e61ecc state(headscale): update encrypted state 2026-04-15 19:48:02 +00:00
Viktor Barzin
2bc691d1e9 state(headscale): update encrypted state 2026-04-15 19:47:53 +00:00
Viktor Barzin
21313dd57d state(frigate): update encrypted state 2026-04-15 19:47:35 +00:00
Viktor Barzin
624e3e9c32 state(frigate): update encrypted state 2026-04-15 19:47:27 +00:00
Viktor Barzin
81ece9d39c state(health): update encrypted state 2026-04-15 19:45:54 +00:00
Viktor Barzin
8753dc3caf state(proxmox-csi): update encrypted state 2026-04-15 19:43:38 +00:00
Viktor Barzin
7bdbd7ac17 state(mailserver): update encrypted state 2026-04-15 19:20:04 +00:00
Viktor Barzin
597c153690 state(forgejo): update encrypted state 2026-04-15 19:19:50 +00:00
Viktor Barzin
cd95541711 state(n8n): update encrypted state 2026-04-15 19:17:52 +00:00
Viktor Barzin
690045e056 state(matrix): update encrypted state 2026-04-15 19:17:44 +00:00
Viktor Barzin
1613003d00 upgrade: vaultwarden 1.35.4 -> 1.35.7 
Security fixes (1.35.5): 3 CVEs — org vault purge by unconfirmed owner
(GHSA-937x-3j8m-7w7p), cross-org group binding unauthorized access
(GHSA-569v-845w-g82p), refresh tokens not invalidated on stamp rotation
(GHSA-6j4w-g4jh-xjfx). 2FA remember tokens now max 30 days.
1.35.6: Fix 2FA remember tokens broken in 1.35.5.
1.35.7: Fix 2FA for Android.

Risk: SAFE (patch bump, no breaking changes)
DB backup: yes (job: pre-upgrade-vaultwarden-1776280439, SQLite, 7 MiB)
Config changes applied: none
Flagged for manual review: none

Co-Authored-By: Service Upgrade Agent <noreply@viktorbarzin.me>
 2026-04-15 19:14:21 +00:00
Viktor Barzin
42d61d6ba2 state(diun): update encrypted state 2026-04-15 19:12:16 +00:00
Viktor Barzin
e51b388ab4 state(dbaas): update encrypted state 2026-04-15 19:11:22 +00:00
Viktor Barzin
d3ad4b27d9 state(forgejo): update encrypted state 2026-04-15 19:08:24 +00:00
Viktor Barzin
bab78a584c state(forgejo): update encrypted state 2026-04-15 19:08:18 +00:00
Viktor Barzin
c5d1120715 state(mailserver): update encrypted state 2026-04-15 19:08:08 +00:00
Viktor Barzin
8b2589f269 state(mailserver): update encrypted state 2026-04-15 19:07:59 +00:00
Viktor Barzin
56cf1a901c state(mailserver): update encrypted state 2026-04-15 19:07:52 +00:00
Viktor Barzin
bf66d77b6a state(mailserver): update encrypted state 2026-04-15 19:07:42 +00:00
Viktor Barzin
936ac0c333 state(vaultwarden): update encrypted state 2026-04-15 19:07:35 +00:00
Viktor Barzin
b14f59fb01 state(vaultwarden): update encrypted state 2026-04-15 19:07:26 +00:00
Viktor Barzin
a5575e2c39 state(health): update encrypted state 2026-04-15 19:06:01 +00:00
Viktor Barzin
182da8e253 state(health): update encrypted state 2026-04-15 19:05:52 +00:00
Viktor Barzin
6aca8c49cc state(matrix): update encrypted state 2026-04-15 19:05:46 +00:00
Viktor Barzin
9ebbf49987 state(health): update encrypted state 2026-04-15 19:05:45 +00:00
Viktor Barzin
01eca7e65a state(matrix): update encrypted state 2026-04-15 19:05:37 +00:00
Viktor Barzin
4225767c5e state(matrix): update encrypted state 2026-04-15 19:05:28 +00:00
Viktor Barzin
abbaf04016 state(n8n): update encrypted state 2026-04-15 19:05:27 +00:00
Viktor Barzin
76f5fd9abd state(n8n): update encrypted state 2026-04-15 19:05:18 +00:00
Viktor Barzin
e3965a1daa state(proxmox-csi): update encrypted state 2026-04-15 19:03:18 +00:00
Viktor Barzin
0b212e511b state(proxmox-csi): update encrypted state 2026-04-15 19:02:33 +00:00
Viktor Barzin
addd55e932 state(proxmox-csi): update encrypted state 2026-04-15 19:00:56 +00:00
Viktor Barzin
f3d34dc04b state(proxmox-csi): update encrypted state 2026-04-15 19:00:10 +00:00
Viktor Barzin
69474fae96 docs: add comprehensive DNS architecture documentation 
Covers Technitium HA (3-instance AXFR replication), CoreDNS config,
Cloudflare external DNS, Split Horizon hairpin NAT fix, DHCP-DNS
auto-registration, 6 automation CronJobs, and troubleshooting guides.
Also fixes stale NFS reference in networking.md.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-15 18:10:27 +00:00
Viktor Barzin
2053776d1c chore: sort outage report service list alphabetically 
[ci skip]

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-15 18:01:54 +00:00
Viktor Barzin
0a448c2bae docs: rewrite incident-response as user contribution guide 
Complete rewrite of the user-facing documentation:
- How to report outages and request features
- Mermaid flow diagrams for both incident and feature request paths
- SLA expectations (automated vs human response times)
- Self-service checks before reporting
- Severity level definitions
- Status page explanation
- Full technical architecture section with component inventory
- Safety guardrails, labels, and commit conventions

[ci skip]

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-15 17:59:09 +00:00
Viktor Barzin
cf578516e9 feat: auto-cleanup failed/evicted pods via Kyverno ClusterCleanupPolicy 
Add cleanup-failed-pods policy that runs hourly (at :15) to delete all
pods in Failed phase cluster-wide. Prevents stale evicted and failed
CronJob pods from accumulating and creating healthcheck noise.

Also adds ClusterRole + ClusterRoleBinding to grant Kyverno cleanup
controller permission to delete Pods (not included by default).

[ci skip]

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-15 17:37:49 +00:00