viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/stacks
History
Viktor Barzin 64585e329c fix: update Technitium DNS IP from 10.0.20.200 to 10.0.20.201 
Technitium DNS was moved to its own dedicated MetalLB LoadBalancer IP
(10.0.20.201) but several references still pointed to the old shared IP
(10.0.20.200, now used by traefik/coturn/etc). This caused DNS resolution
failures for *.viktorbarzin.lan from pfSense and LAN clients.

- Update CoreDNS Corefile forward in both technitium and platform modules
- Update MetalLB annotation and remove stale allow-shared-ip
- Update zone NS records and apex A record in config.tfvars
- Update legacy BIND forwarder reference

Also fixed on pfSense (not in repo):
- Removed NAT rule redirecting UDP 53 to wrong IP (10.0.20.200)
- Added dnsmasq listen on WAN (192.168.1.2) for LAN clients
- Added domain-specific forwarding (viktorbarzin.lan -> 10.0.20.201)
- Created aliases (technitium_dns, k8s_shared_lb) for all NAT rules

[ci skip]

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-08 09:53:56 +00:00
..
_template multi-user access: fix template memory default, add storage quota, add CONTRIBUTING.md [ci skip] 2026-03-19 23:49:15 +00:00
actualbudget actualbudget: use internal ClusterIP for http-api server URL 2026-04-06 12:22:57 +03:00
affine feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
authentik misc: actualbudget, authentik, headscale, rybbit, terminal, dbaas updates 2026-04-06 11:58:00 +03:00
blog sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
changedetection fix: restore changedetection and flaresolverr services 2026-04-06 14:26:29 +03:00
city-guesser sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
claude-memory remove claude-memory PDB (blocks drains with single replica) 2026-04-06 00:47:40 +03:00
cloudflared consolidate MetalLB IPs: 5 → 1 (10.0.20.200) 2026-03-24 18:35:43 +02:00
cnpg extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
coturn feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
crowdsec fix CrowdSec collection names and increase Helm timeout 2026-03-23 03:41:13 +02:00
cyberchef feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
dashy sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
dawarich feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
dbaas fix(dbaas): raise ResourceQuota to 40Gi and add sidecar resources 2026-04-06 15:57:47 +03:00
descheduler resilience improvements: MySQL anti-affinity comment, descheduler 5min, prometheus termination 60s 2026-04-06 00:25:49 +03:00
diun feat(diun): add auto-update infrastructure 2026-04-06 14:27:01 +03:00
ebook2audiobook sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
ebooks feat(storage): migrate 12 SQLite NFS PVCs to proxmox-lvm (Wave 1) 2026-04-04 16:26:59 +03:00
echo feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
excalidraw feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
external-secrets regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
f1-stream feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
forgejo feat(storage): migrate 12 SQLite NFS PVCs to proxmox-lvm (Wave 1) 2026-04-04 16:26:59 +03:00
freedify freedify: increase memory limits and add new features 2026-04-06 11:57:47 +03:00
freshrss feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
frigate feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
grampsweb feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
hackmd feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
headscale fix(headscale): backup CronJob uses pod_affinity for RWO PVC access 2026-04-08 08:20:08 +01:00
health feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
homepage add default Homepage annotations to ingress_factory for auto-discovery 2026-03-25 11:00:38 +02:00
immich fix(immich): improve thumbnail loading performance on iOS app 2026-04-08 08:08:53 +01:00
infra misc: actualbudget, authentik, headscale, rybbit, terminal, dbaas updates 2026-04-06 11:58:00 +03:00
infra-maintenance add backup_output_bytes metric and cloudsync_transferred_bytes to backup dashboard 2026-03-25 10:44:53 +02:00
insta2spotify feat(storage): migrate 12 SQLite NFS PVCs to proxmox-lvm (Wave 1) 2026-04-04 16:26:59 +03:00
iscsi-csi extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
isponsorblocktv feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
jsoncrack sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
k8s-dashboard fix nextcloud db-username + k8s-dashboard chart repo 2026-03-22 02:50:48 +02:00
k8s-portal feat(k8s-portal): update onboarding + architecture with SOPS state docs 2026-03-17 23:17:47 +00:00
kms consolidate MetalLB IPs: 5 → 1 (10.0.20.200) 2026-03-24 18:35:43 +02:00
kyverno fix: bump tier-1-cluster LimitRange max to 8Gi for MySQL 6Gi limit 2026-04-05 23:31:23 +03:00
linkwarden feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
mailserver fix(mailserver): delete all e2e-probe emails, not just current marker 2026-04-06 13:39:47 +03:00
matrix feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
meshcentral fix(meshcentral): use service port 80→443 to prevent Traefik HTTPS 2026-04-06 13:38:30 +03:00
metallb upgrade MetalLB v0.10.2 → v0.15.3 and update annotations 2026-03-24 17:24:05 +02:00
metrics-server extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
monitoring fix(monitoring): UsingInverterEnergyForTooLong only alerts when stuck 2026-04-06 15:43:47 +03:00
n8n feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
navidrome fix: right-size service memory after PVE RAM upgrade (142→272GB) 2026-04-05 23:02:50 +03:00
netbox regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
networking-toolbox feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
nextcloud nextcloud: refactor chart values and main.tf configuration 2026-04-06 11:57:44 +03:00
nfs-csi cluster health fixes: NFS CSI, Immich ML, dbaas, Redis, DNS, trading-bot removal 2026-04-06 11:54:45 +03:00
novelapp add pvc-autoresizer for automatic PVC expansion before volumes fill up [ci skip] 2026-04-03 23:30:00 +03:00
ntfy feat(storage): migrate 12 SQLite NFS PVCs to proxmox-lvm (Wave 1) 2026-04-04 16:26:59 +03:00
nvidia right-size memory requests to unblock GPU workloads and fix dbaas quota [ci skip] 2026-03-17 22:35:54 +00:00
ollama feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
onlyoffice feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
openclaw feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
osm_routing sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
owntracks feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
paperless-ngx feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
platform fix: update Technitium DNS IP from 10.0.20.200 to 10.0.20.201 2026-04-08 09:53:56 +00:00
plotting-book fix: right-size service memory after PVE RAM upgrade (142→272GB) 2026-04-05 23:02:50 +03:00
poison-fountain sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
priority-pass priority-pass: update backend to v8 (expanded QR container margins) 2026-04-06 13:22:27 +03:00
privatebin feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
proxmox-csi monitoring + proxmox-csi: LVM snapshot RBAC, pushgateway NodePort, backup dashboard 2026-04-06 11:57:41 +03:00
pvc-autoresizer fix: disable cert-manager webhook for pvc-autoresizer, use self-signed cert [ci skip] 2026-04-03 23:44:49 +03:00
rbac extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
real-estate-crawler scale down non-critical services to free cluster memory 2026-03-22 03:10:12 +02:00
redis cluster health fixes: NFS CSI, Immich ML, dbaas, Redis, DNS, trading-bot removal 2026-04-06 11:54:45 +03:00
reloader sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
resume feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
reverse-proxy fix: add retry middleware and per-service rate limit for ha-sofia 2026-04-05 20:47:58 +03:00
rybbit feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
sealed-secrets extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
send feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
servarr fix(prowlarr): correct image tag from 1.31.1 to 2.3.5 [ci skip] 2026-04-06 14:55:33 +03:00
shadowsocks feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
speedtest feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
stirling-pdf feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
tandoor fix: resolve tandoor, matrix, navidrome crash loops 2026-04-05 23:12:49 +03:00
technitium feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
terminal feat(terminal): add image upload button for iOS paste support 2026-04-08 08:11:18 +01:00
tor-proxy feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
trading-bot cluster health fixes: NFS CSI, Immich ML, dbaas, Redis, DNS, trading-bot removal 2026-04-06 11:54:45 +03:00
traefik fix(immich): improve thumbnail loading performance on iOS app 2026-04-08 08:08:53 +01:00
travel_blog sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
tuya-bridge scale down non-critical services to free cluster memory 2026-03-22 03:10:12 +02:00
uptime-kuma feat(storage): migrate 12 SQLite NFS PVCs to proxmox-lvm (Wave 1) 2026-04-04 16:26:59 +03:00
url feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
vault fix: restore technitium MySQL query logging with Vault auto-rotation [ci skip] 2026-04-06 13:00:49 +03:00
vaultwarden add pvc-autoresizer for automatic PVC expansion before volumes fill up [ci skip] 2026-04-03 23:30:00 +03:00
vpa extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
wealthfolio feat: pin ~28 images to specific versions, enable DIUN monitoring, add app-stacks pipeline 2026-04-06 14:27:13 +03:00
webhook_handler fix(provision): security hardening from code review 2026-03-18 21:25:03 +00:00
whisper feat(storage): migrate 38 NFS PVCs to proxmox-lvm (Wave 2) 2026-04-04 19:25:12 +03:00
wireguard consolidate MetalLB IPs: 5 → 1 (10.0.20.200) 2026-03-24 18:35:43 +02:00
woodpecker fix DB password rotation desync in 5 stacks 2026-03-17 07:39:29 +00:00
xray consolidate MetalLB IPs: 5 → 1 (10.0.20.200) 2026-03-24 18:35:43 +02:00
ytdlp state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00