.claude /skills
docs(claude): add refresh-tokens skill — SSO re-login for kubectl and argocd CLI
2026-06-10 20:29:10 +03:00
.hermes /plans
docs: plan k3s state backups
2026-05-20 22:46:00 +00:00
apps
feat(firecrawl): add self-hosted firecrawl stack
2026-06-29 01:55:26 +03:00
argocd
fix: customize harbor robot health in argocd
2026-05-22 17:19:40 +00:00
argocd-crds
argocd: split CRDs into separate app with server-side apply
2026-05-09 23:45:18 +03:00
argocd-extras
redis: migrate secrets from SOPS to ESO + Bitwarden
2026-05-09 23:33:11 +03:00
authentik
authentik: fix harbor blueprint !Env tag — add required default value
2026-05-11 02:22:31 +03:00
authentik-extras
authentik: migrate DB password to ESO, clean up postgres SOPS
2026-05-10 20:55:49 +03:00
ca
feat(ca): pin root CA sha256 fingerprint on page; record verification and problems
2026-06-10 20:29:19 +03:00
calico
docs: refresh network topology — ap01/border01/snipe parallel, rot IP .223 → .10
2026-05-24 19:58:47 +03:00
calico-crds
calico-crds: fix URL — use /raw/ format like external-secrets-crds
2026-05-10 00:09:08 +03:00
cert-manager
fix(cert-manager): pin trust-manager image to work around helm template name collision
2026-06-10 20:16:45 +03:00
cert-manager-crds
cert-manager: split CRDs into separate app with server-side apply
2026-05-09 23:49:53 +03:00
cert-manager-extras
cert-manager: add ZeroSSL as fallback ACME issuer
2026-05-08 23:35:14 +03:00
certs
reflector/certs: share *.cluster.farwydi.dev wildcard cross-ns
2026-05-20 01:26:25 +03:00
cnpg
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
cnpg-crds
cnpg: split CRDs into separate app with server-side apply
2026-05-10 00:20:58 +03:00
cold-backups
docs: refresh network topology — ap01/border01/snipe parallel, rot IP .223 → .10
2026-05-24 19:58:47 +03:00
coredns
coredns: fix OOM loop — use .override instead of .server block
2026-05-11 16:37:24 +03:00
crossplane
crossplane/harbor: switch provider URL to https://harbor-core.cluster.farwydi.dev
2026-05-12 00:56:58 +03:00
crossplane-crds
crossplane-crds: use raw URLs — upstream dir lacks kustomization.yaml
2026-05-11 02:58:41 +03:00
decisions
docs: refresh network topology — ap01/border01/snipe parallel, rot IP .223 → .10
2026-05-24 19:58:47 +03:00
docs /alerts
feat: route alerts to Hermes incidents
2026-05-21 11:47:32 +00:00
element-web
synapse: SSO-only login, disable password auth
2026-05-09 03:51:23 +03:00
eveloot
eveloot: fix double /eve-where-to-sell-blue/ prefix on prebuilt asset URLs
2026-05-11 19:33:25 +03:00
external-dns
feat(mail): deploy stalwart mail stack
2026-06-19 01:38:06 +00:00
external-dns-secret
external-dns: sync *.farwydi.dev to Cloudflare from Ingress
2026-05-03 01:55:51 +03:00
external-secrets
fix(external-secrets): raise bitwarden sdk memory limit
2026-06-18 10:59:31 +00:00
external-secrets-crds
external-secrets: split CRDs into separate app (sync-wave -1)
2026-05-09 21:24:55 +03:00
external-secrets-extras
external-secrets: enable bitwarden-sdk-server subchart + bootstrap token
2026-05-09 21:34:46 +03:00
firecrawl
feat(firecrawl): add self-hosted firecrawl stack
2026-06-29 01:55:26 +03:00
fluent-bit
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
forgejo
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
forgejo-extras
forgejo: migrate DB password from SOPS to ESO
2026-05-10 20:48:21 +03:00
grafana
external-dns: watch Services + register grafana.cluster.farwydi.dev
2026-05-20 02:20:14 +03:00
grafana-dashboards
grafana-dashboards: add kubernetes-mixin alerting rules
2026-05-10 02:41:32 +03:00
grafana-operator
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
grafana-operator-crds
grafana-operator: add operator with CRDs split into separate Argo app
2026-04-28 16:28:00 +03:00
harbor
fix: split harbor registry generated secret
2026-05-22 17:41:37 +00:00
hermes
fix(hermes): set pull secret via HermesClusterDefaults, not the instance
2026-05-31 20:23:01 +03:00
hermes-operator
fix(hermes-operator): use shared in-cluster ClusterIssuer for webhook cert
2026-05-31 20:09:28 +03:00
home-assistant
home-assistant + mosquitto: add HA Container and MQTT broker with web UI
2026-05-03 22:48:38 +03:00
homebox
feat(homebox): CLI client + hermes skill for photo cataloging
2026-06-30 23:30:21 +03:00
immich
docs: refresh network topology — ap01/border01/snipe parallel, rot IP .223 → .10
2026-05-24 19:58:47 +03:00
incidents
incidents: record PodRestarted wsdd alert (self-resolving, fix was in repo)
2026-05-21 16:46:19 +00:00
ingress
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
ingress-edge
feat(mail): deploy stalwart mail stack
2026-06-19 01:38:06 +00:00
kube-state-metrics
metrics: add VictoriaMetrics + vmagent, node-exporter, kube-state-metrics with Grafana dashboards
2026-04-28 21:08:06 +03:00
kubeconfig
docs: refresh network topology — ap01/border01/snipe parallel, rot IP .223 → .10
2026-05-24 19:58:47 +03:00
lb
docs: refresh network topology — ap01/border01/snipe parallel, rot IP .223 → .10
2026-05-24 19:58:47 +03:00
mail
feat(mail): deploy stalwart mail stack
2026-06-19 01:38:06 +00:00
mosquitto
fix(mosquitto): increase mqttx-web memory limit 64Mi→128Mi (OOMKilled, 25 restarts)
2026-05-22 10:44:20 +00:00
network
fix(ap01): default gw should be snipe (10.44.0.2), not border01
2026-05-25 02:27:13 +03:00
node /rot
feat(node): add bare dtrade LXC container
2026-06-22 21:50:57 +03:00
node-exporter
metrics: add VictoriaMetrics + vmagent, node-exporter, kube-state-metrics with Grafana dashboards
2026-04-28 21:08:06 +03:00
odysseus
fix(odysseus): use unauthenticated health readiness
2026-06-09 22:19:14 +03:00
openebs
docs: refresh network topology — ap01/border01/snipe parallel, rot IP .223 → .10
2026-05-24 19:58:47 +03:00
portfolio
ghpages: route farwydi.dev + eveloot.farwydi.dev via nginx-ingress
2026-05-11 18:45:36 +03:00
postgres
fix(postgres): pg_cron.so in shared_preload_libraries (CNPG needs .so suffix)
2026-06-29 02:22:43 +03:00
problems
docs(problems): firecrawl pg_cron .so crash + cascade incident
2026-06-29 03:31:29 +03:00
redis
fix(redis): grant firecrawl ACL +info for bullmq worker
2026-06-29 03:15:31 +03:00
redis-operator
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
redis-operator-crds
redis-operator: split CRDs into separate app with server-side apply
2026-05-10 00:25:47 +03:00
reflector
reflector/certs: share *.cluster.farwydi.dev wildcard cross-ns
2026-05-20 01:26:25 +03:00
registry
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
s3
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
samba
docs(samba): document Windows insecure-guest-logon requirement
2026-05-22 00:04:41 +03:00
sops
docs: drop manual helm/kubectl-apply, document GitOps-only flow
2026-04-27 00:28:52 +03:00
synapse
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
synapse-extras
add authentik OIDC provider for Synapse (Matrix)
2026-05-09 03:41:08 +03:00
velero
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
victoria-logs
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
victoria-metrics
feat: route alerts to Hermes incidents
2026-05-21 11:47:32 +00:00
victoria-metrics-operator
fix(resources): reduce overprovisioned cpu requests
2026-05-22 16:56:48 +00:00
volsync
volsync: add Volsync operator with CRDs split
2026-05-03 18:24:57 +03:00
volsync-crds
volsync: add Volsync operator with CRDs split
2026-05-03 18:24:57 +03:00
woodpecker
docs: refresh network topology — ap01/border01/snipe parallel, rot IP .223 → .10
2026-05-24 19:58:47 +03:00
workflow
docs(firecrawl): add self-host deployment plan
2026-06-29 01:39:29 +03:00
.gitignore
chore(ap01): drop OpenWrt sysupgrade .bin from repo
2026-05-25 02:20:32 +03:00
.sops.yaml
hermes: encrypt sops vars, simplify .sops.yaml rules
2026-05-21 14:58:19 +03:00
CLAUDE.md
docs: refresh network topology — ap01/border01/snipe parallel, rot IP .223 → .10
2026-05-24 19:58:47 +03:00
DNS.md
docs(problems): record dns and storage incidents
2026-06-09 22:25:13 +03:00
NETWORK.md
feat(ap01): declarative dumb-AP via community.openwrt collection
2026-05-25 02:15:20 +03:00
NODE.md
docs(problems): record dns and storage incidents
2026-06-09 22:25:13 +03:00
root.yaml
migrate git
2026-05-09 02:39:41 +03:00
ROUTER.md
docs: refresh network topology — ap01/border01/snipe parallel, rot IP .223 → .10
2026-05-24 19:58:47 +03:00
SOUL.md
feat: add Blightkeeper Hermes profile to repo
2026-05-21 13:00:03 +00:00