f8009989fc
🤖 ci(argocd): enroll dance-lessons-coach + per-app org override in apps template
...
Adds dance-lessons-coach to the ArgoCD-managed gitea_applications. Extends apps.yaml template with a per-app org override (default arcodange-org) since dance-lessons-coach lives in the arcodange org rather than arcodange-org. Backward-compatible: existing apps render identically. After merge, ArgoCD will sync the chart/ folder of dance-lessons-coach into the dance-lessons-coach namespace on k3s.
Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai >
2026-05-06 08:00:45 +02:00
fc9164f11e
Update README with detailed playbook execution sequence
...
This commit updates the README to include a detailed timeline of the playbook execution sequence, organized into sections for system setup, application setup, CI/CD, tools, and backups.
Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai >
2026-04-08 11:04:11 +02:00
c751b621ba
Enable PostgreSQL backup in backup playbook
...
This commit uncomments the PostgreSQL backup section in the backup playbook to enable regular backups of the PostgreSQL database.
Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai >
2026-04-08 11:04:07 +02:00
07a619b274
Fix step-issuer ARM64 compatibility on pi3
...
The default kube-rbac-proxy image (gcr.io/kubebuilder/kube-rbac-proxy:v0.15.0) is AMD64-only and fails on pi3 (ARM64). This commit overrides the image to use quay.io/brancz/kube-rbac-proxy:v0.15.0, which supports ARM64.
Note: pi2 (ARMv7) may work with AMD64 images, but pi3 (ARM64) requires an ARM64-compatible image.
Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai >
2026-04-08 11:04:03 +02:00
9931f81998
Update Docker storage configuration and revoke token task
2026-04-07 19:19:03 +02:00
437fd506ed
Fix Vault Gitea OIDC setup: remove trailing slash from bound_issuer and pass CA certificate
2026-04-07 19:17:47 +02:00
943915be74
gitea act runner: reuse docker images
2026-04-07 09:20:30 +02:00
8a82d14797
upgrade gitea version to 1.25.5
2026-04-06 10:55:20 +02:00
0285d171ff
tweack backup and setup cronjob to fix pg table ownership
2026-03-15 22:14:12 +01:00
55d137132f
backup k3s volumes
2026-01-23 18:26:28 +01:00
451dfa5133
restart traefik when editing crowdsec middleware
2026-01-03 20:08:00 +01:00
17e99db641
runner image and setup for gitea workflow with self signed cert
2026-01-03 12:44:27 +01:00
07e5ff460b
use self signed cert
2026-01-02 18:17:53 +01:00
5b3c896a25
use self signed cert for internal domain arcodange.lab
2025-12-31 17:38:04 +01:00
91219c49f1
use exposed webapp.arcodange.fr instead in gitea cicd
2025-12-23 14:23:12 +01:00
74b8676244
auto upgrade webapp image
2025-12-23 14:20:56 +01:00
1fd47e9d97
install pihole to fix failing duckdns name servers
2025-12-23 14:20:04 +01:00
0fbfbd589f
tool plausible CE analytics database
2025-12-11 07:25:04 +01:00
8d6be311ae
argocd: add --enable-helm to kustomize ; enable shell from web ui
2025-12-10 13:48:22 +01:00
2b4aa30a64
use cache redis with crowdsec traefik bouncer
2025-12-06 15:09:36 +01:00
cd3c4d86ff
install socat package to enable kubectl port-forward
2025-12-06 15:09:12 +01:00
45d39d13b4
postgres db for crowdsec
2025-12-03 16:45:43 +01:00
f4cb04c9c9
configure crowdsec captcha with cloudflare turnstile
2025-12-03 16:45:25 +01:00
17a0f23bbb
declare gitea external service
2025-12-01 16:22:44 +01:00
f7bfe2f71d
get cloudflared client real ip and fix crowdsec mw
2025-11-29 17:24:51 +01:00
72628f0f0e
add crowdsec plugin and middleware for traefik
2025-11-26 14:20:09 +01:00
b6d240ce31
configure ovh client and allow cms project to access zoho client
2025-11-07 13:54:52 +01:00
2d8f5de482
add s3 endpoint to cf r2 secret
2025-10-30 10:27:48 +01:00
140dab4f1d
cloudflare management for cms
2025-10-30 10:17:14 +01:00
9b09e6bd86
fixes and set preferred_ip since new interface eth0
2025-10-09 17:27:42 +02:00
83410d9eb1
set cms application argo image updater strategy
2025-10-09 16:12:31 +02:00
fa5bc7e30e
deploy argocd image updater
2025-10-09 15:01:05 +02:00
c19cf7eced
register cms argo application
2025-09-09 09:04:18 +02:00
68fb29357a
add tag to run single arcodange.factory.gitea_sync role
2025-09-09 09:03:51 +02:00
6d3adb5834
setup cron local mail reporting and longhorn recurring backup job
2025-09-08 13:25:02 +02:00
2d4cb5d8a5
setup gcs backup bucket for longhorn
2025-08-31 21:21:03 +02:00
b9a46afb82
renamed iac/main.tf
2025-08-30 18:00:28 +02:00
c6807851c5
edit crontab to store backup for postgres and gitea
2025-08-28 19:35:52 +02:00
c5a8d5ef52
fixes
2025-08-28 10:13:16 +02:00
6ec2d299fc
fix gitea action registration
2025-08-27 18:11:14 +02:00
3cfc5f2bfd
refactor storage and setup shared backup directory
2025-08-27 17:26:05 +02:00
588a6482e9
setup longhorn and prepare nfs server to store backups
2025-08-14 15:42:33 +02:00
b4bde14809
fixes
2025-08-09 17:01:18 +02:00
561331b825
fixes
2025-08-07 15:51:53 +02:00
b8636a6d48
document uv python package manager command for ansible setup - minor fixes in playbook
2025-08-05 12:22:27 +02:00
58aece92b6
disable allowIp middleware while fixing ip filtering - upgrade traefik and fix gitea admin urls by adding prefix
2025-08-04 17:35:11 +02:00
b185999478
add pi3 to inventory + fixes
2024-12-15 22:13:03 +01:00
fa0df6f175
create gitea tofu bot user
2024-11-05 23:31:13 +01:00
66e9ec5091
ERP: declare argocd app and postgresql database
2024-11-04 12:58:49 +01:00
1c22b946d6
role management for postgres synergy with vault dynamic credentials
2024-10-30 12:23:14 +01:00
