jack/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
34 commits 1 branch 0 tags 692 KiB
Commit graph

4 commits

Author SHA1 Message Date
jack
05bcbab858 feat: add tools role (Outline wiki) + 3-server architecture
Some checks failed
CI/CD / syntax-check (push) Successful in 59s
Details
CI/CD / deploy (push) Failing after 11m20s
Details 
Services:
- Outline wiki at wiki.csrx.ru → visual-tools:3000
- Outline uses Timeweb S3 (visual-outline bucket) for files

Structure:
- roles/tools/ — docker-compose + env templates for tools server
- playbooks/tools.yml — deploys base+docker+tools to visual-tools

Config changes:
- domain_dashboard: dashboard → dash.csrx.ru
- domain_wiki: wiki.csrx.ru (new)
- domain_mon: mon.csrx.ru (new, for Grafana)
- ip_main/tools/mon vars for cross-server Traefik routing
- outline_* secrets added to vault + main.yml aliases

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-22 05:36:04 +07:00
jack
85a5857a5f infra: add visual-tools and visual-mon servers, fix inventory
Some checks failed
CI/CD / syntax-check (push) Successful in 44s
Details
CI/CD / deploy (push) Has been cancelled
Details 
- Add 2 new Timeweb VPS (1vCPU/2GB/30GB, 550₽/мес each):
  visual-tools  85.193.83.9   — Outline, Uptime Kuma
  visual-mon    188.225.79.34 — Grafana, Prometheus, Loki, AlertManager

- Restructure hosts.ini into groups: [main] [tools] [mon] [all_servers]
- Update bootstrap.yml to target all_servers group
- Fix vault.yml: replace invalid YAML escape \$ with single-quoted string
  in vault_authelia_admin_password_hash (caused YAML parse error)

Budget: ~1000 + 550 + 550 = 2100₽/мес (well within 3000₽ limit)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-22 05:28:07 +07:00
jack
6ebd237894 feat: major infrastructure improvements
Some checks failed
CI/CD / deploy (push) Has been cancelled
Details
CI/CD / syntax-check (push) Successful in 1m7s
Details 
Reliability:
- Add swap role (2GB, swappiness=10, idempotent via /etc/fstab)
- Add mem_limit to plane-worker (512m) and plane-beat (256m)
- Add health checks to all services (traefik, vaultwarden, forgejo,
  plane-*, syncthing, prometheus, grafana, loki)

Code quality:
- Remove Traefik Docker labels (file provider used, labels were dead code)
- Add comment explaining file provider architecture

Observability:
- Add AlertManager with Telegram notifications
- Add Prometheus alert rules: CPU, RAM, disk, swap, container health
- Add Loki + Promtail for centralized log aggregation
- Add Loki datasource to Grafana
- Enable Traefik /ping endpoint for health checks

Backups:
- Add backup role: pg_dump for forgejo + plane DBs, tar for
  vaultwarden and forgejo data
- 7-day retention, daily cron at 03:00
- Backup script at /usr/local/bin/backup-services

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-22 03:28:16 +07:00
jack
a1b97f3e4b Initial commit 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-20 19:39:26 +07:00