zharikov/rot-k8s
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
212 commits 1 branch 0 tags 3.8 MiB
  • Makefile 41.7%
  • Jinja 29.6%
  • Dockerfile 12.6%
  • Nix 8.6%
  • Shell 7.5%
Find a file
Exact
Leonid Zharikov 00ba216a84 argocd: add backend-protocol GRPC annotation to gRPC ingress 
Without this annotation nginx-ingress doesn't speak gRPC to the backend.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-09 04:25:30 +03:00
apps remove srhtgit + srhtmeta, add forgejo cold backup 2026-05-09 03:07:14 +03:00
argocd argocd: add backend-protocol GRPC annotation to gRPC ingress 2026-05-09 04:25:30 +03:00
argocd-extras kubeconfig: migrate kubectl OIDC login from dex to authentik 2026-05-08 21:26:38 +03:00
authentik kubeconfig: migrate kubectl OIDC login from dex to authentik 2026-05-08 21:26:38 +03:00
authentik-extras authentik: extend OIDC token lifetimes for kubectl and argocd 2026-05-09 04:18:41 +03:00
avahi-mdns remove multus: experiment over, qbt-smb is calico-only 2026-04-28 21:33:20 +03:00
calico lb+calico: add aeza-lb1 as second TCP-front, reserve pod pool 10.100.4.0/24 2026-05-03 00:41:41 +03:00
cert-manager cert-manager: add ZeroSSL as fallback ACME issuer 2026-05-08 23:35:14 +03:00
cert-manager-extras cert-manager: add ZeroSSL as fallback ACME issuer 2026-05-08 23:35:14 +03:00
cnpg docs: drop manual helm/kubectl-apply, document GitOps-only flow 2026-04-27 00:28:52 +03:00
cold-backups remove srhtgit + srhtmeta, add forgejo cold backup 2026-05-09 03:07:14 +03:00
decisions decisions: document Argo CD repoURL migration gotchas 2026-05-09 03:30:02 +03:00
element-web synapse: SSO-only login, disable password auth 2026-05-09 03:51:23 +03:00
external-dns external-dns: derive targets from Ingress status, switch to upsert-only 2026-05-03 14:54:37 +03:00
external-dns-secret external-dns: sync *.farwydi.dev to Cloudflare from Ingress 2026-05-03 01:55:51 +03:00
fluent-bit fluent-bit: fallback _msg_field to message/msg for JSON-merged logs 2026-04-28 21:18:46 +03:00
forgejo forgejo: enable SSH for internal cluster access 2026-05-09 02:24:54 +03:00
forgejo-extras forgejo: add Forgejo git forge with Authentik OIDC 2026-05-09 02:02:07 +03:00
grafana grafana: enable OIDC auth via authentik (public + PKCE) 2026-05-08 18:28:47 +03:00
grafana-operator grafana-operator: add operator with CRDs split into separate Argo app 2026-04-28 16:28:00 +03:00
grafana-operator-crds grafana-operator: add operator with CRDs split into separate Argo app 2026-04-28 16:28:00 +03:00
home-assistant home-assistant + mosquitto: add HA Container and MQTT broker with web UI 2026-05-03 22:48:38 +03:00
immich immich: enable OIDC auth via authentik (public + PKCE) 2026-05-08 18:01:15 +03:00
immich-extras immich: add app with vectorchord on shared pg and redis ACL 2026-05-03 21:14:57 +03:00
ingress docs: drop manual helm/kubectl-apply, document GitOps-only flow 2026-04-27 00:28:52 +03:00
ingress-edge ingress-edge: switch SSH tcp-proxy from srhtgit to forgejo 2026-05-09 02:43:24 +03:00
kube-state-metrics metrics: add VictoriaMetrics + vmagent, node-exporter, kube-state-metrics with Grafana dashboards 2026-04-28 21:08:06 +03:00
kubeconfig cleanup 2026-05-09 02:02:44 +03:00
lb lb: refactor into composable group-based architecture 2026-05-06 01:52:14 +03:00
mosquitto add mqtt user 2026-05-04 00:44:27 +03:00
node-exporter metrics: add VictoriaMetrics + vmagent, node-exporter, kube-state-metrics with Grafana dashboards 2026-04-28 21:08:06 +03:00
openebs openebs: add openebs-zfs-hdd-8tb SC (Retain); document hdd-bigboi LVM->ZFS 2026-05-03 20:38:22 +03:00
postgres remove srhtgit + srhtmeta, add forgejo cold backup 2026-05-09 03:07:14 +03:00
qbittorrent-smb samba: add README with Windows mount cmd, drop Garden cmd from qbittorrent-smb README 2026-04-28 22:17:13 +03:00
redis remove srhtgit + srhtmeta, add forgejo cold backup 2026-05-09 03:07:14 +03:00
redis-operator docs: drop manual helm/kubectl-apply, document GitOps-only flow 2026-04-27 00:28:52 +03:00
registry docs: rewrite kubectl/helm flow as local-first, GitOps-only 2026-04-27 00:15:54 +03:00
s3 s3: add bucket "authentik" for authentik media storage 2026-05-08 16:43:06 +03:00
samba cold-backups: enable volsync privileged movers on s3/srhtgit/samba ns 2026-05-03 19:17:16 +03:00
sops docs: drop manual helm/kubectl-apply, document GitOps-only flow 2026-04-27 00:28:52 +03:00
synapse synapse: SSO-only login, disable password auth 2026-05-09 03:51:23 +03:00
synapse-extras add authentik OIDC provider for Synapse (Matrix) 2026-05-09 03:41:08 +03:00
victoria-logs logging: add VictoriaLogs + Fluent Bit, wire datasource and dashboard into Grafana 2026-04-28 16:59:06 +03:00
victoria-metrics metrics: add VictoriaMetrics + vmagent, node-exporter, kube-state-metrics with Grafana dashboards 2026-04-28 21:08:06 +03:00
volsync volsync: add Volsync operator with CRDs split 2026-05-03 18:24:57 +03:00
volsync-crds volsync: add Volsync operator with CRDs split 2026-05-03 18:24:57 +03:00
.sops.yaml srhtmeta: split config into ConfigMap + SOPS-encrypted Secret 2026-04-19 23:33:38 +03:00
CLAUDE.md docs: warn about restarting clients after Secret/ConfigMap change 2026-05-04 01:23:14 +03:00
NETWORK.md docs+lb+calico: edge-ingress post-mortem, return to HAProxy+WG 2026-05-02 23:54:14 +03:00
NODE.md docs: record k3s OIDC issuer + username-claim change in NODE.md 2026-05-09 00:05:26 +03:00
root.yaml migrate git 2026-05-09 02:39:41 +03:00
ROUTER.md docs+lb+calico: edge-ingress post-mortem, return to HAProxy+WG 2026-05-02 23:54:14 +03:00