roger/k3s-cluster
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
86 Commits 1 Branch 0 Tags
b43874bdcdc33952db9245053796b5a51a8d94a0
Commit Graph

86 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Roger Oriol
b43874bdcd Expose minecraft server over TCP via MetalLB 
Minecraft Java Edition uses raw TCP on port 25565, not HTTP. The previous
ClusterIP Service + HTTP Ingress (Traefik 80/443) could not carry TCP 25565
traffic, so minecraft.rogi.casa:25565 was unreachable.

- Change Service to LoadBalancer with fixed IP 10.88.20.103 (dmz-pool),
  matching the pihole-dns pattern, so port 25565 is exposed directly.
- Remove the dead HTTP ingress (it routed HTTP to a TCP game port).
 2026-06-26 13:38:43 +02:00
Roger Oriol
da2bae6fa5 Merge branch 'main' of https://git.rogi.casa/roger/k3s-cluster 2026-06-26 12:01:29 +02:00
Roger Oriol
e77e170421 fix(homeassistant): trust k3s pod/service CIDRs as X-Forwarded-For proxies 
HA runs with hostNetwork on roger-nucbox-evo-x2 while Traefik runs on the
raspberrypi node, so requests arrive at HA from 10.88.20.11. The previous
trusted_proxies entry (10.88.88.0/24) did not include this address, causing
HA to reject X-Forwarded-For and return 400 on every ingress request.
 2026-06-26 11:58:46 +02:00
Gitea Actions
ec947bd58a Update gym-tracker image to 945910a 2026-06-25 19:03:07 +00:00
Gitea Actions
3e57da467d Update myorg-assistant image to fcf79bf 2026-06-25 11:15:19 +00:00
Gitea Actions
9eecedc396 Update gym-tracker image to 0411783 2026-06-25 10:13:21 +00:00
Roger Oriol
ab6b5dc407 fix container registry url 2026-06-25 11:55:35 +02:00
Roger Oriol
723693eb07 take out gitea runner secret 2026-06-24 22:30:44 +02:00
Roger Oriol
3ed4acd7ec change gitea runner token 2026-06-24 22:20:53 +02:00
Roger Oriol
1bcfc13047 fix gitea config 2026-06-24 20:38:28 +02:00
Roger Oriol
b49918ed67 fix(phoenix): remove ServiceMonitor (no Prometheus Operator in cluster) 
The ServiceMonitor CRD (monitoring.coreos.com) is not installed because this
cluster runs a standalone Prometheus deployment, not the Prometheus Operator.
The manifest itself noted 'only apply if Prometheus Operator is installed'.
Removing it unblocks the phoenix app sync.
 2026-06-23 12:04:12 +02:00
Roger Oriol
66433ff0b1 fix tls: use letsencrypt-prod cluster-issuer for jellyfin/n8n/qbittorrent/myorg/phoenix/fava 
The ingresses referenced a Cloudflare OriginIssuer 'prod-issuer' whose CRD
and controller are not installed in the cluster, so cert-manager could not
issue certs and Traefik served a default cert (invalid SSL). Switch to the
existing letsencrypt-prod ClusterIssuer with specific hostnames + per-app
secrets, matching the working ingresses (http-01 cannot issue wildcards).
 2026-06-23 11:46:38 +02:00
Roger Oriol
872d2d0622 fix nas nfs server: use LAN IP 10.88.30.10 (pv nfs source is immutable + nodes dont use pihole) 2026-06-23 11:12:00 +02:00
Roger Oriol
67732d0898 fix contabilitat git url 2026-06-23 10:47:10 +02:00
Roger Oriol
47ab20dd55 fix qbittorrent nas url 2026-06-23 10:37:12 +02:00
Roger Oriol
c5e2a06c54 fix git url in fava 2026-06-23 10:34:36 +02:00
Roger Oriol
a6ac71c6b5 fix nas ip 2026-06-23 10:31:02 +02:00
Roger Oriol
139bb366bb gitea subdomain 2026-06-23 01:22:46 +02:00
Roger Oriol
f6562df066 create argocd apps declaratively 2026-06-23 01:03:06 +02:00
Roger Oriol
01321bf50c nas ingress 2026-06-23 00:31:04 +02:00
Roger Oriol
153cf16194 refactor ingresses 2026-06-23 00:26:29 +02:00
Roger Oriol
ce178d06c0 pihole namespace 2026-06-22 23:54:47 +02:00
Roger Oriol
e359984c73 pihole ingress 2026-06-22 23:51:35 +02:00
Roger Oriol
fe2f1b85f8 argocd and cert-manager 2026-06-22 23:40:37 +02:00
Roger Oriol
12c2832ec0 change traefik file size limit to 5gb for nas.rogi.casa 2026-03-10 19:59:54 +01:00
Roger Oriol
3ff8312e35 fix liveness proba for myorg-assistant app 2026-02-14 12:04:37 +01:00
Roger Oriol
4fa91f8724 git init script 2026-02-10 23:49:54 +01:00
Roger Oriol
a0976f4731 myorg ingress 2026-02-10 23:40:42 +01:00
Gitea Actions
83d4d68719 Update myorg-assistant image to 5215cd9 2026-02-08 14:25:46 +00:00
Gitea Actions
44234982b7 Update myorg-assistant image to 0060430 2026-02-08 11:14:55 +00:00
Roger Oriol
4007b102e8 upgrade myorg-assitant image to latest 2026-02-07 18:54:32 +01:00
Roger Oriol
6f00fd1e51 use gitea imatge pull secret for myorg assistant 2026-02-07 18:03:19 +01:00
Roger Oriol
51c8daeb0c use gitea imatge pull secret for myorg assistant 2026-02-07 17:56:57 +01:00
Gitea Actions
7205f57028 Update myorg-assistant image to 518b350 2026-02-07 16:21:06 +00:00
Roger Oriol
83b2dbda38 myorg-assitant image 2026-02-07 17:18:00 +01:00
Roger Oriol
a895d4cf33 myorg assistant 2026-02-03 23:56:31 +01:00
Roger Oriol
aa4793dd51 memory fixes 2026-02-02 20:47:09 +01:00
Roger Oriol
b6284bec1f fava service 2026-01-31 12:12:31 +01:00
Roger Oriol
5f1dc8bd2c fava service 2026-01-31 12:06:27 +01:00
Roger Oriol
6ff7ee5511 fava service 2026-01-31 12:05:51 +01:00
Roger Oriol
7124b6aa95 fava service 2026-01-31 11:39:30 +01:00
Roger Oriol
01c07d50c3 fava service 2026-01-31 11:06:54 +01:00
Roger Oriol
b15ed39cff fava service 2026-01-31 01:18:55 +01:00
Roger Oriol
f5fed81fab fava service 2026-01-31 01:12:13 +01:00
Gitea Actions
52cfdd47ef Update gym-tracker image to 3ba68d6 2026-01-30 23:37:01 +00:00
Roger Oriol
a511d95dbf gym-tracker deployment 2026-01-31 00:28:54 +01:00
Roger Oriol
96ff909a0a gym-tracker deployment 2026-01-30 23:57:07 +01:00
Roger Oriol
60b1c70b16 gym-tracker deployment 2026-01-30 23:54:06 +01:00
Roger Oriol
dd1bd118e3 update readme 2026-01-30 23:53:31 +01:00
Roger Oriol
72af2644a8 fix storageclassname of jellyfin media pv 2026-01-30 23:00:27 +01:00