viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/docs/architecture
History
Viktor Barzin 6db64fe060
Some checks failed
ci/woodpecker/push/build-cli Pipeline failed
Details
ci/woodpecker/push/default Pipeline was successful
Details
anca-elements: weekly local mirror sdc → sda (replaces Synology as 2nd copy) 
Synology is being removed as a host for the Anca/Elements archive
(770G). /srv/nfs/anca-elements on PVE becomes the source of truth;
sda /mnt/backup/anca-elements becomes the single-disk-failure mirror.
No offsite for this archive — by design.

- scripts/anca-elements-mirror.sh: rsync -rlt --delete -H, idempotent,
  pushes anca_elements_mirror_last_{run_timestamp,status,bytes} to
  Pushgateway, lockfile in /run, SIGTERM-safe (status=2 on abort).
- .service: oneshot, Nice=10, IOSchedulingClass=idle, 5h timeout.
- .timer: weekly Mon 04:00, Persistent=true, 15-min randomised delay.

Deployed to PVE host; timer enabled; initial 770G sync running in
background. Synology original to be deleted after first run completes
and parity is verified.

docs/architecture/backup-dr.md: documents Layer 3a + updated path
exclusion rationale (PVE is now upstream, not downstream).
2026-05-24 11:51:52 +00:00
..
agent-task-tracking.md Add agent task tracking documentation 2026-04-15 17:11:26 +00:00
authentication.md docs/auth: sync to current auth enum (required/app/public/none) 2026-05-11 19:28:42 +00:00
automated-upgrades.md kured: drop Mon-Fri restriction, reboot any day 2026-05-16 12:29:01 +00:00
backup-dr.md anca-elements: weekly local mirror sdc → sda (replaces Synology as 2nd copy) 2026-05-24 11:51:52 +00:00
chrome-service.md chrome-service: open NP for Traefik → noVNC sidecar (port 6080) 2026-05-07 18:40:11 +00:00
ci-cd.md [forgejo] Phases 3+4+5: cutover, decommission, docs sweep 2026-05-07 18:30:02 +00:00
compute.md infra/compute: bump k8s-node1 RAM 32 -> 48 GiB 2026-05-10 15:24:26 +00:00
databases.md [redis] stabilise against node-crash flap cascade — RC1-RC5 fixes 2026-04-22 15:59:00 +00:00
dns.md phpipam-pfsense-import: every 5min → hourly 2026-04-26 22:48:43 +00:00
homepage.md add homepage auto-discovery documentation [ci skip] 2026-03-25 13:06:43 +02:00
incident-response.md [claude-agent-service] Migrate all pipelines from DevVM SSH to K8s HTTP 2026-04-18 10:12:02 +00:00
llama-cpp.md infra/llama-cpp: benchmark report + -fa flag fix 2026-05-10 15:03:16 +00:00
mailserver.md monitoring: bring EmailRoundtripStale threshold docs in sync with for:20m 2026-04-21 22:39:46 +00:00
monitoring.md security(wave1): W1.1 audit-log shipping LIVE + W1.5 trusted-registries Enforce LIVE 2026-05-19 06:37:54 +00:00
multi-tenancy.md add architecture documentation for all infrastructure subsystems [ci skip] 2026-03-24 00:55:25 +02:00
networking.md docs: Technitium DNS IP — 10.0.20.101 → 10.0.20.201 2026-05-23 08:53:52 +00:00
overview.md gpu: schedule off NFD label, not k8s-node1 hostname 2026-04-22 13:43:07 +00:00
secrets.md docs: comprehensive audit and update of all architecture docs and runbooks [ci skip] 2026-04-06 13:21:05 +03:00
security.md security(wave1): W1.7 analysis snapshot — observation data → allowlist plan 2026-05-22 15:22:25 +00:00
storage.md docs+scripts: lock in nextcloud-as-PVE-NFS-browser surface 2026-05-24 11:45:01 +00:00
vpn.md docs: Technitium DNS IP — 10.0.20.101 → 10.0.20.201 2026-05-23 08:53:52 +00:00
wave1-egress-observation-2026-05-22.md security(wave1): W1.7 analysis snapshot — observation data → allowlist plan 2026-05-22 15:22:25 +00:00