will.anderson/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
323 Commits 10 Branches 0 Tags
e69052d89e37e0f8eb7f63636f89d536d8cc74e4
Commit Graph

323 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Will Anderson e69052d89e fix(ci-runner): use external Gitea URL now that REQUIRE_SIGNIN_VIEW is disabled 2026-04-23 12:58:51 -05:00
Will Anderson 28fb4e29f4 fix(ci-runner): use internal cluster URL for runner registration (gRPC) 2026-04-23 12:57:11 -05:00
Will Anderson b1898a7a0f fix(ci-runner): revert to external Gitea URL for git clone compatibility 2026-04-23 12:53:41 -05:00
Will Anderson 39808ab964 fix(ci-runner): add extra_hosts for cluster DNS in CI Docker containers 2026-04-23 12:50:53 -05:00
Will Anderson 521079590b chore(ci-runner): restore ESO refresh interval to 1h 2026-04-23 12:45:34 -05:00
Will Anderson 0d9f74f68f fix(ci-runner): use internal cluster URL for Gitea to bypass Cloudflare Access 2026-04-23 12:45:00 -05:00
Will Anderson 5a62077b99 fix(gitea): allow unauthenticated API ping for runner registration 2026-04-23 12:43:47 -05:00
Will Anderson 415ee9eb68 chore(ci): restore ESO refresh interval to 1h after token sync 2026-04-23 12:33:01 -05:00
Will Anderson b31aad85a7 chore(ci): shorten ESO refresh to 10s to force runner token update 2026-04-23 12:31:11 -05:00
Will Anderson e84c586282 chore(ci): force ESO resync for gitea-runner-secret with fresh registration token 2026-04-23 12:29:58 -05:00
Will Anderson 3234d9cee6 route vpn.neuralplatform.ai tunnel directly to headscale, bypass traefik 2026-04-22 01:38:28 -05:00
Will Anderson 075a25fb10 fix vpn.neuralplatform.ai: replace A record with proxied CNAME through Cloudflare tunnel 2026-04-22 01:34:26 -05:00
Will Anderson fb3b5ff564 Add vpn.neuralplatform.ai to Cloudflare tunnel for Headscale access 2026-04-22 01:22:45 -05:00
Will Anderson 095d874552 Remove docuseal-old temp instance 2026-04-21 18:15:49 -05:00
Will Anderson 7ba730324f Restore HOST env var for Docuseal registration 2026-04-21 18:13:31 -05:00
Will Anderson bfe59cafac Remove explicit HOST env var, let Traefik Host header handle registration 2026-04-21 18:00:17 -05:00
Will Anderson a5c8e78c1f Set HOST env var so Docuseal registers correct public hostname 2026-04-21 17:43:15 -05:00
Will Anderson 69431f8823 Restore sign.neuralplatform.ai tunnel rule for license transfer 2026-04-21 17:40:22 -05:00
Will Anderson 0cbb06660a Add temporary docuseal-old at sign.neuralplatform.ai for license transfer 2026-04-21 17:33:40 -05:00
Will Anderson 8e87077bf0 Move Docuseal to sign.neurontechnologies.ai 2026-04-21 17:24:10 -05:00
Will Anderson e7fda0c9ee Upgrade Docuseal to Pro image (ee.docuseal.com/lip5viwf/ds-ee) 2026-04-21 16:40:06 -05:00
Will Anderson 85e5cca571 Scale down Mudcraft to free memory on Legion 2026-04-21 16:21:10 -05:00
Will Anderson 5b739b3217 Add Gmail SMTP config to Docuseal via Vault ExternalSecret 2026-04-21 16:17:50 -05:00
Will Anderson d18dd66f0c Fix Docuseal crash: remove invalid DATABASE_URL, let it default to SQLite 2026-04-21 14:53:32 -05:00
Will Anderson d40fb8c3f1 Add Docuseal e-signature service at sign.neuralplatform.ai 
- k8s manifests: Deployment, Service, PVC, Ingress, ExternalSecret
- Argo CD app watching servers/legion/k8s/docuseal
- CF tunnel ingress rule for sign.neuralplatform.ai
- Vault secret at secret/docuseal (secret_key_base seeded)
 2026-04-21 14:26:01 -05:00
Will Anderson 3b3811942c Update Legion LAN IP from 192.168.68.77 to 192.168.8.148 
Static IP assigned on new network segment. Updates:
- variables.tf default legion_ip
- headscale nameserver config
- bootstrap.sh default target
- README/RUNBOOK documentation
- media ingress comment
 2026-04-21 10:32:39 -05:00
Gitea CI 26c7d2259e chore(neuron): deploy efc982c605cacc6929f29382f293e2a2d4a4cf95 2026-04-18 20:28:36 +00:00
Will Anderson 4b548590ef config: add NEURON_DATA_DIR and NEURON_CHROMA_URL to neuron-dev configmap 2026-04-17 11:46:10 -05:00
Neuron CI 2398049678 ci(neuron-dev): deploy neuron@dev-d7a587e2 2026-04-17 16:07:58 +00:00
Neuron CI 313480555d ci(neuron-dev): deploy neuron@dev-057f5cb8 2026-04-17 15:50:36 +00:00
Will Anderson 5c9544246f fix(neuron-dev): use Recreate strategy to avoid OOM during rolling updates 2026-04-17 10:43:39 -05:00
Neuron CI 5c663ab714 ci(neuron-dev): deploy neuron@dev-c370733c 2026-04-17 15:41:57 +00:00
Neuron CI 3d9ead25ef ci(neuron-dev): deploy neuron@dev-4ceb26d0 2026-04-17 15:31:56 +00:00
Will Anderson 939e2574d2 fix(neuron): scale stage/prod to 0 replicas and reduce dev memory requests 
- Stage and prod deployments scaled to 0 — not yet promoted, no need for running pods
- Dev memory requests reduced from 384Mi to 256Mi to allow scheduling on memory-constrained node
 2026-04-17 10:18:50 -05:00
Neuron CI bbe3d14037 ci(neuron-dev): deploy neuron@dev-89280b55 2026-04-17 15:13:03 +00:00
Neuron CI 203b124f9c ci(neuron-dev): deploy neuron@dev- 2026-04-17 15:02:29 +00:00
Will Anderson 193bea7f3f fix(neuron): add ephemeral-storage limits to prevent eviction cascade 2026-04-17 09:59:21 -05:00
Will Anderson 1b8ea63541 feat(neuron): add stage and prod k8s manifests + Argo CD apps 
Completes the three-env setup (dev was added previously). Each env has
deployments, services, ingress, PVC, ConfigMap, and ExternalSecret pulling
from Vault. Prod has larger resource limits and 10Gi PVC. Vault secret at
secret/neuron-technologies/prod seeded separately.
 2026-04-17 09:43:23 -05:00
Will Anderson 912e129e0d feat(neuron-dev): add k8s manifests and Argo CD app for neuron-technologies dev environment 2026-04-17 08:46:47 -05:00
Will Anderson 6046b6ca3e Increase harmonic-wordpress MySQL memory limit to 1Gi for prod sync imports 2026-04-17 06:53:53 -05:00
Will Anderson 8aa01bc840 infra: add neurontechnologies.ai Cloudflare routing and k8s namespaces 
- Add CNAME records for @, www, dev, stage → legion tunnel
- Add tunnel ingress rules for neurontechnologies.ai, www, dev, stage
- Add neuron-dev, neuron-stage, neuron-prod k8s namespaces on Legion
 2026-04-16 21:55:19 -05:00
Will Anderson d1493f9ecd Wire Radarr/Sonarr/Jellyfin into fornax coordinator 
Add service URLs as env vars and pull API keys from Vault via ESO.
The coordinator now has everything it needs to call catalog providers
on torrent delete/complete events.
 2026-04-16 19:40:02 -05:00
Will Anderson ad84443131 add Google Workspace CNAME verification record for neurontechnologies.ai 2026-04-16 18:46:58 -05:00
Will Anderson a199ef3e85 add neurontechnologies.ai DNS records for Google Workspace 2026-04-16 18:45:12 -05:00
Will Anderson 61ea7eaaef add all Cloudflare zones to Terraform, migrate tunnel config to non-deprecated resource 2026-04-16 18:36:16 -05:00
Will Anderson d7205ca1d1 feat(fornax): add CF Access JWT and RBAC env vars to coordinator deployment 2026-04-16 16:22:09 -05:00
Will Anderson 1fd04c104b Add Cloudflare Zero Trust Access for fornax.neuralplatform.ai 
Google OAuth gate on the public dashboard. Allows andersonwilliam85@gmail.com
and 1timlingo@gmail.com. Auto-redirects to Google; 24h session.
Sonarr/Radarr use the internal cluster service so are unaffected.
 2026-04-16 16:08:37 -05:00
Will Anderson e567cbaef4 restart fornax-coordinator — pull #31 image (magnet name fix) 2026-04-15 22:44:24 -05:00
Will Anderson c4b57e2e7e restart fornax-coordinator for magnet name extraction fix 2026-04-15 22:32:51 -05:00
Will Anderson 6830e97c93 restart fornax-coordinator to pull new image with multer fix 2026-04-15 22:22:50 -05:00