viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/stacks
History
Viktor Barzin dd59512153 migrate iSCSI block volumes from democratic-csi to Proxmox CSI [ci skip] 
Replace TrueNAS iSCSI (democratic-csi) with Proxmox CSI plugin for all
block storage PVCs. Eliminates double-CoW (ZFS + LVM-thin) and removes
the iSCSI network hop for database I/O.

New stack: stacks/proxmox-csi/ — deploys proxmox-csi-plugin Helm chart
with StorageClass "proxmox-lvm" using existing local-lvm thin pool.

Migrated PVCs (12 total):
- Phase 1 standalone: plotting-book, novelapp, vaultwarden, nextcloud, prometheus
- Phase 2 StatefulSets: CNPG PostgreSQL (2), MySQL InnoDB (3), Redis (2)

All services verified healthy post-migration.
2026-04-02 22:13:04 +03:00
..
_template multi-user access: fix template memory default, add storage quota, add CONTRIBUTING.md [ci skip] 2026-03-19 23:49:15 +00:00
actualbudget ingress latency: add histogram buckets, fix restarts, right-size memory 2026-03-23 10:52:43 +02:00
affine fix DB password rotation desync in 5 stacks 2026-03-17 07:39:29 +00:00
authentik fix alerts and reduce Prometheus disk write rate 2026-03-28 15:42:14 +02:00
blog sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
changedetection fix OOMKilled containers: bump immich/actualbudget memory, disable changedetection, cap clickhouse 2026-03-22 15:22:29 +02:00
city-guesser sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
claude-memory switch claude-memory server to multi-user API_KEYS auth 2026-03-22 20:08:07 +02:00
cloudflared consolidate MetalLB IPs: 5 → 1 (10.0.20.200) 2026-03-24 18:35:43 +02:00
cnpg extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
coturn consolidate MetalLB IPs: 5 → 1 (10.0.20.200) 2026-03-24 18:35:43 +02:00
crowdsec fix CrowdSec collection names and increase Helm timeout 2026-03-23 03:41:13 +02:00
cyberchef sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
dashy sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
dawarich bump memory limits for OOM-prone services 2026-03-21 11:12:12 +00:00
dbaas migrate iSCSI block volumes from democratic-csi to Proxmox CSI [ci skip] 2026-04-02 22:13:04 +03:00
descheduler sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
diun regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
ebook2audiobook sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
ebooks add SLACK_WEBHOOK_URL env var to book-search deployment 2026-03-29 13:53:24 +03:00
echo state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
excalidraw sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
external-secrets regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
f1-stream scale up f1-stream and changedetection [ci skip] 2026-03-16 07:06:09 +00:00
forgejo ingress latency: add histogram buckets, fix restarts, right-size memory 2026-03-23 10:52:43 +02:00
freedify state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
freshrss bump memory limits for OOM-prone services 2026-03-21 11:12:12 +00:00
frigate move Frigate cache to tmpfs to eliminate disk writes on node1 2026-03-23 11:52:49 +02:00
grampsweb migrate 16 plan-time stacks: vault data source → ESO + kubernetes_secret 2026-03-15 22:06:39 +00:00
hackmd fix DB password desync + migrate remaining tfvars to Vault 2026-03-15 21:39:45 +00:00
headscale feat: organize Grafana dashboards into folders 2026-03-28 16:23:49 +02:00
health right-size 14 services and scale down GPU-heavy workloads [ci skip] 2026-03-15 23:00:49 +00:00
homepage add default Homepage annotations to ingress_factory for auto-discovery 2026-03-25 11:00:38 +02:00
immich fix: increase memory limits for OOMKilled pods (immich, clickhouse, speedtest) 2026-03-27 13:57:16 +02:00
infra add upstream fallback to containerd registry mirrors 2026-04-02 11:05:30 +03:00
infra-maintenance add backup_output_bytes metric and cloudsync_transferred_bytes to backup dashboard 2026-03-25 10:44:53 +02:00
insta2spotify remove setup_tls_secret from insta2spotify (Kyverno auto-syncs) 2026-03-25 13:44:34 +02:00
iscsi-csi extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
isponsorblocktv sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
jsoncrack sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
k8s-dashboard fix nextcloud db-username + k8s-dashboard chart repo 2026-03-22 02:50:48 +02:00
k8s-portal feat(k8s-portal): update onboarding + architecture with SOPS state docs 2026-03-17 23:17:47 +00:00
kms consolidate MetalLB IPs: 5 → 1 (10.0.20.200) 2026-03-24 18:35:43 +02:00
kyverno add Kyverno TLS secret sync + enhance renewal pipeline 2026-03-23 22:19:34 +02:00
linkwarden fix alerts and reduce Prometheus disk write rate 2026-03-28 15:42:14 +02:00
mailserver fix email monitor: use internal URL for Uptime Kuma push 2026-03-25 22:59:26 +02:00
matrix regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
meshcentral sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
metallb upgrade MetalLB v0.10.2 → v0.15.3 and update annotations 2026-03-24 17:24:05 +02:00
metrics-server extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
monitoring migrate iSCSI block volumes from democratic-csi to Proxmox CSI [ci skip] 2026-04-02 22:13:04 +03:00
n8n bump memory limits for OOM-prone services 2026-03-21 11:12:12 +00:00
navidrome state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
netbox regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
networking-toolbox sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
nextcloud migrate iSCSI block volumes from democratic-csi to Proxmox CSI [ci skip] 2026-04-02 22:13:04 +03:00
nfs-csi extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
novelapp migrate iSCSI block volumes from democratic-csi to Proxmox CSI [ci skip] 2026-04-02 22:13:04 +03:00
ntfy state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
nvidia right-size memory requests to unblock GPU workloads and fix dbaas quota [ci skip] 2026-03-17 22:35:54 +00:00
ollama fix ollama: remove conditional count on basicAuth (incompatible with ESO data source) 2026-03-15 22:24:36 +00:00
onlyoffice right-size memory requests to unblock GPU workloads and fix dbaas quota [ci skip] 2026-03-17 22:35:54 +00:00
openclaw openclaw: remove install-dotfiles init container to reduce NFS writes 2026-03-29 01:11:33 +02:00
osm_routing sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
owntracks state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
paperless-ngx regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
platform migrate iSCSI block volumes from democratic-csi to Proxmox CSI [ci skip] 2026-04-02 22:13:04 +03:00
plotting-book migrate iSCSI block volumes from democratic-csi to Proxmox CSI [ci skip] 2026-04-02 22:13:04 +03:00
poison-fountain sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
priority-pass use registry.viktorbarzin.me hostname for private images + protect ingress 2026-03-23 01:02:27 +02:00
privatebin state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
proxmox-csi migrate iSCSI block volumes from democratic-csi to Proxmox CSI [ci skip] 2026-04-02 22:13:04 +03:00
rbac extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
real-estate-crawler scale down non-critical services to free cluster memory 2026-03-22 03:10:12 +02:00
redis migrate iSCSI block volumes from democratic-csi to Proxmox CSI [ci skip] 2026-04-02 22:13:04 +03:00
reloader sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
resume regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
reverse-proxy add htpasswd auth to private docker registry + expose at registry.viktorbarzin.me 2026-03-22 22:10:10 +02:00
rybbit fix: increase memory limits for OOMKilled pods (immich, clickhouse, speedtest) 2026-03-27 13:57:16 +02:00
sealed-secrets extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
send sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
servarr cleanup: remove old audiobook-search, superseded by book-search 2026-03-25 23:16:01 +02:00
shadowsocks consolidate MetalLB IPs: 5 → 1 (10.0.20.200) 2026-03-24 18:35:43 +02:00
speedtest fix: increase memory limits for OOMKilled pods (immich, clickhouse, speedtest) 2026-03-27 13:57:16 +02:00
stirling-pdf right-size 14 services and scale down GPU-heavy workloads [ci skip] 2026-03-15 23:00:49 +00:00
tandoor fix DB password desync + migrate remaining tfvars to Vault 2026-03-15 21:39:45 +00:00
technitium feat: organize Grafana dashboards into folders 2026-03-28 16:23:49 +02:00
terminal sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
tor-proxy consolidate MetalLB IPs: 5 → 1 (10.0.20.200) 2026-03-24 18:35:43 +02:00
trading-bot fix DB password desync + migrate remaining tfvars to Vault 2026-03-15 21:39:45 +00:00
traefik state(monitoring): update encrypted state 2026-03-29 01:04:11 +02:00
travel_blog sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
tuya-bridge scale down non-critical services to free cluster memory 2026-03-22 03:10:12 +02:00
uptime-kuma extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
url state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
vault vault: increase k8s auth token TTLs and add periodic renewal 2026-03-26 12:21:47 +02:00
vaultwarden migrate iSCSI block volumes from democratic-csi to Proxmox CSI [ci skip] 2026-04-02 22:13:04 +03:00
vpa extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
wealthfolio add wealthfolio-sync CronJob for automated portfolio sync 2026-03-24 02:07:36 +02:00
webhook_handler fix(provision): security hardening from code review 2026-03-18 21:25:03 +00:00
whisper sync regenerated providers.tf + upstream changes 2026-03-22 02:56:04 +02:00
wireguard consolidate MetalLB IPs: 5 → 1 (10.0.20.200) 2026-03-24 18:35:43 +02:00
woodpecker fix DB password rotation desync in 5 stacks 2026-03-17 07:39:29 +00:00
xray consolidate MetalLB IPs: 5 → 1 (10.0.20.200) 2026-03-24 18:35:43 +02:00
ytdlp state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00