viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/stacks/platform/modules
History
Viktor Barzin 5be70fb955
[ci skip] codify CNPG PostgreSQL in Terraform, decommission old NFS-backed PG 
Phase 1 complete — PostgreSQL fully migrated off NFS:

dbaas module changes:
- Replace old kubernetes_deployment.postgres with null_resource.pg_cluster
  (CNPG Cluster CR managed via kubectl apply due to webhook mutation issues)
- Update postgresql Service selector: app=postgresql → cnpg primary
- Update backup CronJob: use postgres user + read password from CNPG secret
  (pg-cluster-superuser) instead of hardcoded root password
- Add kube_config_path variable for kubectl in null_resource
- Old deployment deleted from cluster (was scaled to 0)

CNPG cluster status:
- 2 instances: primary (k8s-node4), replica (k8s-node2)
- PostGIS image (ghcr.io/cloudnative-pg/postgis:16)
- 20Gi local-path storage per instance
- All 13 dependent services verified running
- Backup CronJob verified working with new endpoint
2026-02-28 19:23:36 +00:00
..
authentik [ci skip] fix OOM crashes: add resource limits for osrm-bicycle, aiostreams, listenarr, authentik 2026-02-28 17:03:33 +00:00
cloudflared [ci skip] platform: add ndots=2 dns_config to all deployment pod specs 2026-02-23 22:43:05 +00:00
cnpg [ci skip] install CloudNativePG operator as platform module 2026-02-28 17:22:53 +00:00
crowdsec [ci skip] platform: add ndots=2 dns_config to all deployment pod specs 2026-02-23 22:43:05 +00:00
dbaas [ci skip] codify CNPG PostgreSQL in Terraform, decommission old NFS-backed PG 2026-02-28 19:23:36 +00:00
headscale [ci skip] platform: add ndots=2 dns_config to all deployment pod specs 2026-02-23 22:43:05 +00:00
infra-maintenance [ci skip] Infrastructure hardening: security, monitoring, reliability, maintainability 2026-02-23 22:05:28 +00:00
k8s-portal [ci skip] platform: add ndots=2 dns_config to all deployment pod specs 2026-02-23 22:43:05 +00:00
kyverno [ci skip] VPA: reduce LimitRange defaults, add overcommit check, protect tier-0 2026-02-26 23:15:43 +00:00
mailserver [ci skip] platform: add ndots=2 dns_config to all deployment pod specs 2026-02-23 22:43:05 +00:00
metallb [ci skip] Move Terraform modules into stack directories 2026-02-22 14:38:14 +00:00
metrics-server [ci skip] Move Terraform modules into stack directories 2026-02-22 14:38:14 +00:00
monitoring [ci skip] improve network observability dashboard: namespace coloring, layered layout, full-width service map 2026-02-28 19:14:20 +00:00
nvidia [ci skip] platform: add ndots=2 dns_config to all deployment pod specs 2026-02-23 22:43:05 +00:00
rbac Woodpecker CI: use built-in clone, fix CoreDNS DNS resolution [CI SKIP] 2026-02-23 00:08:42 +00:00
redis [ci skip] platform: add ndots=2 dns_config to all deployment pod specs 2026-02-23 22:43:05 +00:00
reverse_proxy [ci skip] Move Terraform modules into stack directories 2026-02-22 14:38:14 +00:00
technitium [ci skip] technitium: add primary-secondary DNS HA with AXFR zone replication 2026-02-28 14:14:20 +00:00
traefik [ci skip] Infrastructure hardening: security, monitoring, reliability, maintainability 2026-02-23 22:05:28 +00:00
uptime-kuma [ci skip] platform: add ndots=2 dns_config to all deployment pod specs 2026-02-23 22:43:05 +00:00
vaultwarden [ci skip] platform: add ndots=2 dns_config to all deployment pod specs 2026-02-23 22:43:05 +00:00
vpa [ci skip] VPA: reduce LimitRange defaults, add overcommit check, protect tier-0 2026-02-26 23:15:43 +00:00
wireguard [ci skip] platform: add ndots=2 dns_config to all deployment pod specs 2026-02-23 22:43:05 +00:00
xray [ci skip] platform: add ndots=2 dns_config to all deployment pod specs 2026-02-23 22:43:05 +00:00