viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/stacks
History
Viktor Barzin e823b795f7 fix(dbaas,vault): fix backup CronJob failures and mysql-operator memory 
- Add docker.io/library/ prefix to mysql and postgres backup images
  to satisfy Kyverno require-trusted-registries policy (both CronJobs
  were blocked for 46h, triggering MySQLBackupStale alert)
- Document mysql-operator chart ignoring resources values key — the
  LimitRange default (256Mi) was silently applied, putting the operator
  at 97% memory. Patched live to 512Mi via kubectl.
- Increase vault-raft-backup backoff_limit to 6 for transient failures
  (also fixed NFS export: vault-backup was a separate ZFS dataset not
  in the TrueNAS NFS share — destroyed dataset, created directory)
2026-03-19 23:26:05 +00:00
..
_template add generic multi-user cluster onboarding system 2026-03-15 22:23:36 +00:00
actualbudget state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
affine fix DB password rotation desync in 5 stacks 2026-03-17 07:39:29 +00:00
audiobookshelf state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
authentik extract dbaas, authentik, crowdsec from platform into independent stacks [ci skip] 2026-03-17 18:11:53 +00:00
blog add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
calibre state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
changedetection state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
city-guesser add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
claude-memory right-size 14 services and scale down GPU-heavy workloads [ci skip] 2026-03-15 23:00:49 +00:00
cloudflared extract monitoring, nvidia, mailserver, cloudflared, kyverno from platform [ci skip] 2026-03-17 21:34:11 +00:00
cnpg extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
coturn state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
crowdsec extract dbaas, authentik, crowdsec from platform into independent stacks [ci skip] 2026-03-17 18:11:53 +00:00
cyberchef add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
dashy add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
dawarich right-size 14 services and scale down GPU-heavy workloads [ci skip] 2026-03-15 23:00:49 +00:00
dbaas fix(dbaas,vault): fix backup CronJob failures and mysql-operator memory 2026-03-19 23:26:05 +00:00
descheduler migrate all secrets from SOPS to Vault KV 2026-03-14 17:15:48 +00:00
diun regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
ebook2audiobook right-size 14 services and scale down GPU-heavy workloads [ci skip] 2026-03-15 23:00:49 +00:00
echo state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
excalidraw add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
external-secrets regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
f1-stream scale up f1-stream and changedetection [ci skip] 2026-03-16 07:06:09 +00:00
forgejo migrate consuming stacks to ESO + remove k8s-dashboard static token 2026-03-15 19:05:04 +00:00
freedify state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
freshrss state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
frigate state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
grampsweb migrate 16 plan-time stacks: vault data source → ESO + kubernetes_secret 2026-03-15 22:06:39 +00:00
hackmd fix DB password desync + migrate remaining tfvars to Vault 2026-03-15 21:39:45 +00:00
headscale extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
health right-size 14 services and scale down GPU-heavy workloads [ci skip] 2026-03-15 23:00:49 +00:00
homepage add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
immich fix(immich): bump postgres memory 512Mi → 1Gi for v2.6.1 geodata migration 2026-03-19 22:50:36 +00:00
infra state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
infra-maintenance backup & DR: add alerting, fix rotation, secure MySQL password, add runbooks 2026-03-19 20:34:33 +00:00
iscsi-csi extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
isponsorblocktv add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
jsoncrack migrate all secrets from SOPS to Vault KV 2026-03-14 17:15:48 +00:00
k8s-dashboard migrate consuming stacks to ESO + remove k8s-dashboard static token 2026-03-15 19:05:04 +00:00
k8s-portal feat(k8s-portal): update onboarding + architecture with SOPS state docs 2026-03-17 23:17:47 +00:00
kms add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
kyverno extract monitoring, nvidia, mailserver, cloudflared, kyverno from platform [ci skip] 2026-03-17 21:34:11 +00:00
linkwarden right-size 14 services and scale down GPU-heavy workloads [ci skip] 2026-03-15 23:00:49 +00:00
mailserver extract monitoring, nvidia, mailserver, cloudflared, kyverno from platform [ci skip] 2026-03-17 21:34:11 +00:00
matrix regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
meshcentral add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
metallb extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
metrics-server extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
monitoring backup & DR: add alerting, fix rotation, secure MySQL password, add runbooks 2026-03-19 20:34:33 +00:00
n8n regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
navidrome state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
netbox regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
networking-toolbox add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
nextcloud fix DB password rotation desync in 5 stacks 2026-03-17 07:39:29 +00:00
nfs-csi extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
novelapp state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
ntfy state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
nvidia right-size memory requests to unblock GPU workloads and fix dbaas quota [ci skip] 2026-03-17 22:35:54 +00:00
ollama fix ollama: remove conditional count on basicAuth (incompatible with ESO data source) 2026-03-15 22:24:36 +00:00
onlyoffice right-size memory requests to unblock GPU workloads and fix dbaas quota [ci skip] 2026-03-17 22:35:54 +00:00
openclaw state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
osm_routing add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
owntracks state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
paperless-ngx regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
platform feat(traefik): add custom error pages with tarampampam/error-pages 2026-03-19 23:14:27 +00:00
plotting-book fix DB password desync + migrate remaining tfvars to Vault 2026-03-15 21:39:45 +00:00
poison-fountain regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
privatebin state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
rbac extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
real-estate-crawler fix DB password rotation desync in 5 stacks 2026-03-17 07:39:29 +00:00
redis backup & DR: add alerting, fix rotation, secure MySQL password, add runbooks 2026-03-19 20:34:33 +00:00
reloader [ci skip] phase 5+6: update CI pipelines for SOPS, add sensitive=true to secret vars 2026-03-07 14:30:36 +00:00
resume regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
reverse-proxy extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
rybbit right-size 14 services and scale down GPU-heavy workloads [ci skip] 2026-03-15 23:00:49 +00:00
sealed-secrets extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
send add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
servarr state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
shadowsocks regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
speedtest fix DB password desync + migrate remaining tfvars to Vault 2026-03-15 21:39:45 +00:00
stirling-pdf right-size 14 services and scale down GPU-heavy workloads [ci skip] 2026-03-15 23:00:49 +00:00
tandoor fix DB password desync + migrate remaining tfvars to Vault 2026-03-15 21:39:45 +00:00
technitium extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
terminal regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
tor-proxy add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
trading-bot fix DB password desync + migrate remaining tfvars to Vault 2026-03-15 21:39:45 +00:00
traefik feat(traefik): add custom error pages with tarampampam/error-pages 2026-03-19 23:14:27 +00:00
travel_blog add vaultwarden daily backup CronJob to NFS 2026-03-15 00:03:59 +00:00
tuya-bridge regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
uptime-kuma extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
url state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
vault fix(dbaas,vault): fix backup CronJob failures and mysql-operator memory 2026-03-19 23:26:05 +00:00
vaultwarden extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
vpa extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
wealthfolio regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
webhook_handler fix(provision): security hardening from code review 2026-03-18 21:25:03 +00:00
whisper right-size 14 services and scale down GPU-heavy workloads [ci skip] 2026-03-15 23:00:49 +00:00
wireguard extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
woodpecker fix DB password rotation desync in 5 stacks 2026-03-17 07:39:29 +00:00
xray extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
ytdlp state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00