ec6f552a53
#4 Add nginx container at test.nginx.jafner.net to test DNS challenge
2024-08-15 10:24:17 -07:00
322a79c2f5
#2 Remove unused lines
2024-08-14 14:30:09 -07:00
676da8dca3
#2 Move age files to homelab/.sops/
...
Separate "authors" keys and "deploy" keys.
Add features to setup, encrypt, and decrypt scripts:
- Validate input arguments
- Set age keyfile and recipients dynamically at runtime
2024-08-14 14:26:52 -07:00
383b8b3351
#3 Switch send to dns01 challenge certresolver
2024-08-14 14:10:49 -07:00
1bcc37f70d
#3 Configure lets-encrypt-dns01 certresolver with its own acme.json storage
2024-08-14 14:10:17 -07:00
756225c680
#2 Switch postgress back to password from password file
2024-08-14 00:15:41 -07:00
228b3768cd
#2 Fix typo: extra underscore
2024-08-14 00:10:32 -07:00
b2028a5ad0
#2 Re-encrypt keycloak secrets with fighter's pubkey added to map
2024-08-14 00:05:58 -07:00
9ca38bd52c
#2 Replace Docker secrets with encrypted secrets.env file
...
Add encrypt and decrypt scripts
Add pubkeys file with desktop and fighter pubkeys
2024-08-13 23:34:15 -07:00
8729e02a23
Switch postgres to native password file, remove entrypoint injection
2024-08-13 15:52:02 -07:00
c4cc18835f
Resolve "/bin/sh: 1: source: not found"
2024-08-13 15:39:52 -07:00
8efd7c42a8
Simplify entrypoint
2024-08-13 15:38:57 -07:00
1f5801d31f
Correct entrypoint script name (this is going to be a pain)
2024-08-13 15:32:17 -07:00
aa0fe3365d
Experimental implementation of entrypoint injection to export secrets to env vars
2024-08-13 15:29:04 -07:00
f838aa199f
Remove deprecated HOSTNAME_URL option
2024-08-13 11:37:33 -07:00
d6682073d8
Update keycloak proxy configuration per upgrading guide.
...
https://www.keycloak.org/server/reverseproxy
https://www.keycloak.org/docs/latest/upgrading/index.html#deprecated-proxy-option
2024-08-13 11:27:01 -07:00
037ce905d0
#2 Fix typo in secret filename
2024-08-13 11:15:13 -07:00
e6158be743
#2 Remove leftover env_file block for forwardauth
2024-08-13 11:12:38 -07:00
623470803b
Move manifests to old/ and init Terraform configuration for silver-hand
2024-08-12 16:41:28 -07:00
b01948219f
Init Traefik certresolver for dns01 challenges
2024-08-12 16:40:17 -07:00
3b2c9039c5
#2 Refactor Keycloak secret configuration
2024-08-12 16:39:28 -07:00
526fee4792
Init dungeon-master traefik instance for testing nested Traefik reverse proxies.
2024-08-12 16:38:24 -07:00
10e1fb2d74
Init passthrough router from fighter to dungeon-master
2024-08-12 13:08:28 -07:00
184013dde1
Fix accidental quotes
2024-08-09 16:28:11 -07:00
34fdb75fb7
Fix regexps for router rules
2024-08-09 16:27:25 -07:00
180a4bd14a
Add additional router for silver-hand
...
Per: https://community.traefik.io/t/run-traefik-behind-traefik-reverse-proxy/4044/6
2024-08-09 16:22:19 -07:00
e45dfd64e8
Switch TCP router to point to TLS port
2024-08-09 15:57:08 -07:00
e1f79bcaa8
Configure fighter traefik instance to pass through requests for *.jafner.dev to the k3s cluster
2024-08-09 15:55:24 -07:00
557be69e3f
Fix erroneous protocol prefix
2024-08-08 12:25:36 -07:00
c13727ce56
Init Traefik TCP router for passing *.k3s.jafner.net and k3s.jafner.net through to cluster ingress controller
2024-08-08 12:24:28 -07:00
cfbb22bed0
Document update process for Wizard
2024-08-07 16:23:47 -07:00
4a6f6c3d79
Init k3s cluster with Terraform-provisioned AWS S3 bucket for Jafner.dev
...
- Add Terraform statefiles to gitignore
- Add *.secret.yml to gitignore for k8s secrets manifests
- Init the "sellswords" directory for Terraform code interacting with public cloud providers.
- Provision S3 bucket "Jafner-dev" to store static site files.
- Describe CORS and access policies to apply to the bucket.
- Throw in a budget to prevent nasty surprises.
- Init "silver-hand" directory for Kubernetes manifests to be used with the local K3s cluster.
- Datashim manifest to facilitate abstracted interaction with S3 bucket.
- Kubernetes-dashboard to visualize cluster state.
- Jafner-dev to serve contents of S3 bucket.
2024-08-07 16:23:20 -07:00
b28498c945
Archive nginx, unused
2024-07-22 10:36:12 -07:00
5c6abd693a
Archive megan-portfolio, unused
2024-07-22 10:35:51 -07:00
a632c13eed
Pin images to latest, remove 'version' top-level compose element
2024-07-22 10:35:30 -07:00
541be8dc45
Archive jellyfin, unused
2024-07-22 10:34:55 -07:00
d33f9a93fc
Archive jafner-dev wordpress instance, unused
2024-07-22 10:34:39 -07:00
1faa629c42
Archive gitea runner, currently unused
2024-07-22 10:34:19 -07:00
edf5173f5e
Pin images to latest, remove obsolete 'version' top-level compose element
...
Pinning to digests was resulting in many stacks failing to come online with "manifest unknown" errors. Will look further into this.
2024-07-22 10:26:29 -07:00
3911bdd862
Add quick documentation for connecting fighter to iscsi shares
2024-07-22 10:21:38 -07:00
b9c9cfa287
Fix typo; restore Traefik router rule, update ND_BASEURL envvar
2024-07-21 14:42:25 -07:00
230a86baa3
Add protocol to base URL
2024-07-21 14:40:39 -07:00
88ed7233ea
Pin navidrome image to latest by digest
2024-07-21 14:35:00 -07:00
03f54b62ce
Add web network to stack
2024-07-21 14:31:06 -07:00
e8180e0cd7
Define MUSIC_DIR
2024-07-21 14:29:35 -07:00
6e07c5bf9a
Init navidrome
2024-07-21 14:28:00 -07:00
fb44b723f3
Update autopirate stack to use the UID:GID of admin user
2024-07-19 21:59:17 -07:00
9643d6e307
Add lidarr to autopirate stack
2024-07-19 00:37:50 -07:00
540103b243
New article for Jafner.dev: monorepo
2024-07-18 19:11:08 -07:00
18e1ee001c
Update to latest
2024-07-18 16:22:34 -07:00
