Commit graph

  • 62d42657e6 state(redis): update encrypted state Viktor Barzin 2026-03-19 20:32:27 +00:00
  • 5be9f70a0d state(infra-maintenance): update encrypted state Viktor Barzin 2026-03-19 20:32:19 +00:00
  • 13759e58da state(redis): update encrypted state Viktor Barzin 2026-03-19 20:31:13 +00:00
  • 2511c1d78d state(infra-maintenance): update encrypted state Viktor Barzin 2026-03-19 20:30:50 +00:00
  • 414232cf5e state(redis): update encrypted state Viktor Barzin 2026-03-19 20:27:38 +00:00
  • 4680dd5fbc state(infra-maintenance): update encrypted state Viktor Barzin 2026-03-19 20:27:15 +00:00
  • e54bc016ba reduce alert noise: raise memory thresholds, exclude claude-memory 4xx, right-size mysql-operator Viktor Barzin 2026-03-19 20:25:36 +00:00
  • 21bb3036af state(dbaas): update encrypted state Viktor Barzin 2026-03-19 20:23:59 +00:00
  • 67d1ce453c add /sentinel dir to cloud-init for kured reboot gating Viktor Barzin 2026-03-19 19:57:13 +00:00
  • 01eb9dd121 fix(monitoring): patch idrac-redfish-exporter to restore PSU voltage metric Viktor Barzin 2026-03-19 13:37:14 +00:00
  • b05421dbb5 add comment explaining prometheus 4Gi minimum memory requirement [ci skip] Viktor Barzin 2026-03-18 21:45:26 +00:00
  • 9d87ce605f revert prometheus memory 3Gi→4Gi: WAL tmpfs shares cgroup limit Viktor Barzin 2026-03-18 21:44:14 +00:00
  • 03f55d969f state(vault): update encrypted state Viktor Barzin 2026-03-18 21:30:59 +00:00
  • 410c893647 fix(provision): security hardening from code review Viktor Barzin 2026-03-18 21:25:03 +00:00
  • e51c063600 docs(add-user): update skill with actual working flow (no auto TF apply) Viktor Barzin 2026-03-18 00:28:46 +00:00
  • 82403a933c fix(provision): remove TF apply from pipeline, notify for manual apply Viktor Barzin 2026-03-18 00:23:06 +00:00
  • d76b4b698f fix(provision): targeted vault apply + git-crypt in terragrunt step Viktor Barzin 2026-03-18 00:19:16 +00:00
  • 6fad484126 fix(provision): reduce memory limit to 4Gi (LimitRange max) Viktor Barzin 2026-03-18 00:15:26 +00:00
  • de6a5caecc fix(provision): merge terragrunt-apply into single shell block for env persistence Viktor Barzin 2026-03-18 00:11:14 +00:00
  • 7a24ff6702 fix(provision): use $USERNAME/$EMAIL directly — Woodpecker 3.x env vars Viktor Barzin 2026-03-18 00:04:51 +00:00
  • 52dc657af5 debug(provision): dump env vars to find correct variable names Viktor Barzin 2026-03-18 00:00:33 +00:00
  • 0a05343d86 fix(provision): use $VAR instead of ${VAR} to avoid Woodpecker interpolation Viktor Barzin 2026-03-17 23:58:46 +00:00
  • fd130971aa feat(provision): automated user provisioning via Authentik webhook Viktor Barzin 2026-03-17 23:56:30 +00:00
  • 82b9dd9e8a state(webhook_handler): update encrypted state Viktor Barzin 2026-03-17 23:52:32 +00:00
  • 5b29cfc73a state(vault): update encrypted state Viktor Barzin 2026-03-17 23:46:56 +00:00
  • 0fff155f17 feat(k8s-portal): update onboarding + architecture with SOPS state docs Viktor Barzin 2026-03-17 23:17:47 +00:00
  • ccbcebb670 feat(vault): automate SOPS onboarding for namespace-owners Viktor Barzin 2026-03-17 23:15:25 +00:00
  • 4d40c51a97 state(vault): update encrypted state Viktor Barzin 2026-03-17 23:14:24 +00:00
  • 7a8452e4c7 state(vault): update encrypted state Viktor Barzin 2026-03-17 23:14:16 +00:00
  • 0215d81622 state(vault): update encrypted state Viktor Barzin 2026-03-17 23:13:57 +00:00
  • 750cfcce7c state(vault): update encrypted state Viktor Barzin 2026-03-17 23:13:55 +00:00
  • e54ad33315 state(vault): update encrypted state Viktor Barzin 2026-03-17 23:13:19 +00:00
  • 02d0291797 state(vault): update encrypted state Viktor Barzin 2026-03-17 23:12:58 +00:00
  • 468df3c5c4 state(vault): update encrypted state Viktor Barzin 2026-03-17 23:12:35 +00:00
  • cf570c3d3b state(vault): update encrypted state Viktor Barzin 2026-03-17 23:12:03 +00:00
  • 4277b41c28 state(vault): update encrypted state Viktor Barzin 2026-03-17 23:11:55 +00:00
  • 77143dfd6b state: per-stack Transit keys for namespace-owner access control Viktor Barzin 2026-03-17 23:08:18 +00:00
  • 6239e07dd5 docs: add plotting-book to GHA-migrated list and repo IDs [ci skip] Viktor Barzin 2026-03-17 23:07:32 +00:00
  • 4e7ca1ad61 state: add Vault Transit as primary SOPS backend, age as fallback Viktor Barzin 2026-03-17 22:56:33 +00:00
  • 9f80eb7ba0 state: add devvm as SOPS recipient Viktor Barzin 2026-03-17 22:41:19 +00:00
  • b6faa24349 state: add SOPS-encrypted terraform state to git Viktor Barzin 2026-03-17 22:37:56 +00:00
  • 12a51c4ffa right-size memory requests to unblock GPU workloads and fix dbaas quota [ci skip] Viktor Barzin 2026-03-17 22:35:54 +00:00
  • 73511b1230 extract remaining 19 modules from platform, complete stack split [ci skip] Viktor Barzin 2026-03-17 21:42:16 +00:00
  • ae36dc253b extract monitoring, nvidia, mailserver, cloudflared, kyverno from platform [ci skip] Viktor Barzin 2026-03-17 21:34:11 +00:00
  • 3c804aedf8 extract dbaas, authentik, crowdsec from platform into independent stacks [ci skip] Viktor Barzin 2026-03-17 18:11:53 +00:00
  • c8b42f78df fix DB password rotation desync in 5 stacks Viktor Barzin 2026-03-17 07:39:29 +00:00
  • 8d8c8db737 increase DB password rotation from 24h to weekly (604800s) Viktor Barzin 2026-03-16 23:17:01 +00:00
  • c31ba2c50c k8s-portal: use Recreate strategy, limit revision history to 3 Viktor Barzin 2026-03-16 22:55:15 +00:00
  • 6cc4d526f1 add GitHub Pages for post-mortems Viktor Barzin 2026-03-16 22:16:05 +00:00
  • fb66676d7b post-mortem: kured + containerd cascade outage — alerts + report Viktor Barzin 2026-03-16 22:06:10 +00:00
  • d6afbe84c8 post-mortem v2: pipeline team architecture with 4-stage agents [ci skip] Viktor Barzin 2026-03-16 21:59:34 +00:00
  • 327c021a90 fix: improve Slack alert formatting — add values, fix ContainerNearOOM filter Viktor Barzin 2026-03-16 19:35:24 +00:00
  • b2d07556d5 fix: migrate woodpecker database credentials to runtime-refreshed ExternalSecret Viktor Barzin 2026-03-16 19:12:01 +00:00
  • 0abb6b83ad add deploy-app skill and agent for automated repo→app deployment [ci skip] Viktor Barzin 2026-03-16 18:06:24 +00:00
  • f8a36f0621 fix pull-through cache: remove maxsize, harden nginx caching [ci skip] Viktor Barzin 2026-03-16 07:41:11 +00:00
  • 88abbef7c3 update claude knowledge: GHA builds architecture, postgresql_host fix [ci skip] Viktor Barzin 2026-03-16 07:10:45 +00:00
  • 708eb69742 fix: update postgresql_host to pg-cluster-rw (old service had no endpoints) Viktor Barzin 2026-03-16 07:07:22 +00:00
  • c7bcd5b8b5 scale up f1-stream and changedetection [ci skip] Viktor Barzin 2026-03-16 07:06:09 +00:00
  • 6478097e2d fix platform stack: k8s_users.domains and sensitive for_each errors [ci skip] Viktor Barzin 2026-03-15 23:36:46 +00:00
  • b87ba5e778 update claude knowledge: secret/viktor is go-to for all personal secrets [ci skip] Viktor Barzin 2026-03-15 23:21:52 +00:00
  • a9890a1f27 trigger CI: json webhook Viktor Barzin 2026-03-15 23:17:58 +00:00
  • 0c6681bc76 fix woodpecker sync: single $ in heredoc, alpine image for jq, port 80 not 8000 Viktor Barzin 2026-03-15 23:12:52 +00:00
  • a04335d0f3 right-size 14 services and scale down GPU-heavy workloads [ci skip] Viktor Barzin 2026-03-15 23:00:49 +00:00
  • b6d619e5df fix: increase terragrunt-apply step memory to 2Gi Viktor Barzin 2026-03-15 22:59:34 +00:00
  • 0c1239030d fix: CI pipeline - disable corrupted cache, add pull before push Viktor Barzin 2026-03-15 22:51:08 +00:00
  • c8069f53c8 update claude knowledge: final ESO migration state [ci skip] Viktor Barzin 2026-03-15 22:32:46 +00:00
  • 6c8a42b4e3 add add-user skill for cluster onboarding Viktor Barzin 2026-03-15 22:28:54 +00:00
  • 82b1f82a2c add user onboarding and admin instructions to README Viktor Barzin 2026-03-15 22:25:43 +00:00
  • cc55249524 fix ollama: remove conditional count on basicAuth (incompatible with ESO data source) Viktor Barzin 2026-03-15 22:24:36 +00:00
  • 50620e6047 add generic multi-user cluster onboarding system Viktor Barzin 2026-03-15 22:23:36 +00:00
  • 39b3c51709 migrate 16 plan-time stacks: vault data source → ESO + kubernetes_secret Viktor Barzin 2026-03-15 22:06:39 +00:00
  • af3b1b5c90 fix health DB ExternalSecret: use pg-health not postgresql-health role name Viktor Barzin 2026-03-15 21:52:54 +00:00
  • a186d26ba7 Woodpecker CI deploy commit [CI SKIP] root 2026-03-15 21:43:40 +00:00
  • 745e43c983 fix DB password desync + migrate remaining tfvars to Vault Viktor Barzin 2026-03-15 21:39:45 +00:00
  • 06a0d0599a regenerate providers.tf: remove vault_root_token variable [ci skip] Viktor Barzin 2026-03-15 21:21:01 +00:00
  • 2c8f3a607e fix realestate-crawler: access nested notification_settings correctly Viktor Barzin 2026-03-15 21:01:24 +00:00
  • 23dfaa1ac8 update claude knowledge: vault-native secrets migration decisions [ci skip] Viktor Barzin 2026-03-15 21:00:07 +00:00
  • 1ffce19611 fix woodpecker sync script: escape $ and %{} for HCL heredoc Viktor Barzin 2026-03-15 19:37:00 +00:00
  • 0f262ceda3 add pod dependency management via Kyverno init container injection Viktor Barzin 2026-03-15 19:17:44 +00:00
  • dc274ab413 Woodpecker CI deploy commit [CI SKIP] root 2026-03-15 19:16:23 +00:00
  • f0312df2be fix gpu-workload Kyverno policy: use replace with explicit priority value Viktor Barzin 2026-03-15 19:11:44 +00:00
  • 29c98aaea8 add Vault→Woodpecker secret sync CronJob (Part E) Viktor Barzin 2026-03-15 19:06:12 +00:00
  • 1acf8cc4e8 migrate consuming stacks to ESO + remove k8s-dashboard static token Viktor Barzin 2026-03-15 19:05:04 +00:00
  • cfc30b62e8 enhance devops-engineer agent: deploy + monitor pod health [ci skip] Viktor Barzin 2026-03-15 18:44:20 +00:00
  • a2720f6a4c claude-memory: read DB password from Vault KV instead of tfvars Viktor Barzin 2026-03-15 18:22:29 +00:00
  • 90b7d6ebb5 etcd defrag cronjob: add --command-timeout=60s Viktor Barzin 2026-03-15 17:24:24 +00:00
  • c034adab5f mitigate cluster instability during terraform applies Viktor Barzin 2026-03-15 17:23:39 +00:00
  • 1fe7798609 fix openclaw init container: escape shell vars, fix image path [ci skip] Viktor Barzin 2026-03-15 17:19:03 +00:00
  • 3aba29e7a3 remove SOPS pipeline, deploy ESO + Vault DB/K8s engines Viktor Barzin 2026-03-15 16:37:38 +00:00
  • d17a6e2fd3 fix calendar-query.py: use get_display_name(), URL-decode names, fix search API Viktor Barzin 2026-03-15 16:12:36 +00:00
  • deeea5edab openclaw: replace cc-config NFS with dotfiles repo clone [ci skip] Viktor Barzin 2026-03-15 16:04:02 +00:00
  • 944d6d3b22 update claude knowledge: resource management learnings from right-sizing session [ci skip] Viktor Barzin 2026-03-15 15:38:37 +00:00
  • 5beb481dc4 fix immich TF drift from Kyverno ndots injection, right-size nvidia GPU operator Viktor Barzin 2026-03-15 15:36:19 +00:00
  • a6d281dbc6 vaultwarden: upgrade to 1.35.4, use Recreate strategy Viktor Barzin 2026-03-15 15:35:09 +00:00
  • 3f0e8541f6 claude-memory: pin image to :17, fixes URL-decode crash on sync endpoint Viktor Barzin 2026-03-15 15:32:50 +00:00
  • 194281e527 right-size cluster memory: reduce overprovisioned, fix under-provisioned services Viktor Barzin 2026-03-15 15:30:18 +00:00
  • 8bac6db48f add name/description/tools to review-loop agent frontmatter [ci skip] Viktor Barzin 2026-03-15 11:14:31 +00:00
  • 616370d34c rename planner agent to review-loop [ci skip] Viktor Barzin 2026-03-15 11:12:14 +00:00
  • 18d012db11 fix: reduce openclaw memory requests for scheduling Viktor Barzin 2026-03-15 10:47:34 +00:00
  • 123e996b04 add planner agent: plan-review-fix convergence loop [ci skip] Viktor Barzin 2026-03-15 10:46:53 +00:00