K3S-HOME/storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
110 Commits 1 Branch 0 Tags
b5f93b3812f2be1eb9b0aa284862d3e32dddedbc
Commit Graph

26 Commits

Author SHA1 Message Date
Mayne0213
b5f93b3812 REFACTOR(repo): move vault/ to manifests/ 
- Move ExternalSecret files from vault/ to manifests/secret.yaml
- Merge multiple secrets with --- separator (postgresql)
- Update kustomization.yaml references
- Remove vault/ folders

Apps: postgresql, postgresql-dev, pgweb, minio, velero
 2026-01-06 16:42:24 +09:00
Mayne0213
44f773b827 REFACTOR(storage): storage repo structure 
- Add application.yaml for ArgoCD app-of-apps
- Add kustomization.yaml with storage components
- Add renovate.json for automated updates
- Update all component argocd.yaml repoURLs to storage repo

Components: longhorn, minio, postgresql, postgresql-dev, pgweb, cnpg,
velero
 2026-01-05 00:39:12 +09:00
Mayne0213
e1a10ff954 PERF(postgresql): reduce postgresql memory usage 
- shared_buffers: 512MB -> 128MB
- effective_cache_size: 1536MB -> 384MB
- memory requests: 512Mi -> 256Mi
- memory limits: 2Gi -> 512Mi

Database size is only 7.5MB, previous settings were excessive.
 2026-01-05 00:39:12 +09:00
Mayne0213
3607f521e0 CHORE(postgresql): reset PostgreSQL cluster 
- Reset cluster with local-path-retain storageClass
- Reconfigure database storage
 2026-01-05 00:39:12 +09:00
Mayne0213
0935908d0f REFACTOR(postgresql): migrate PostgreSQL storage 
- Migrate to local-path-retain storageClass
- Update storage configuration
 2026-01-05 00:39:12 +09:00
Mayne0213
c2cda8ee36 REFACTOR(repo): migrate repoURL to K3S-HOME 
- Update repository URL to K3S-HOME organization
- Change from personal to organization repo
 2026-01-05 00:39:12 +09:00
Mayne0213
bc8d0dd521 REFACTOR(postgresql): change pg anti-affinity 
- from hard to soft
- Use podAntiAffinityType: preferred instead of required
- Allows pods to be scheduled on same node if necessary
 2026-01-05 00:39:12 +09:00
Mayne0213
bc3b9cb628 FEAT(vault): integrate Vault secrets 
- Add ExternalSecret configuration
- Enable Vault integration for secrets
 2026-01-05 00:39:12 +09:00
Mayne0213
196c941db9 REVERT(storage): revert storageClass to local-path 
- Will patch existing PVs manually
- Revert storage configuration
 2026-01-05 00:39:12 +09:00
Mayne0213
2b315deac5 FEAT(cnpg): add local-path-retain StorageClass 
- for CNPG data protection
 2026-01-05 00:39:12 +09:00
Mayne0213
a8e2034766 PERF(postgresql): reduce PostgreSQL CPU request from 150m to 30m 
- Reduce based on actual usage
- Optimize resource allocation
 2026-01-05 00:39:12 +09:00
Mayne0213
e0143b153f FEAT(postgresql): add master node toleration 
- to PostgreSQL
- Allows postgresql pods to run on master with NoExecute taint
- Required because PV is on master node
 2026-01-05 00:39:12 +09:00
Mayne0213
09e841d025 FEAT(authelia): add authelia 
- to manually created databases list
 2026-01-05 00:39:12 +09:00
Mayne0213
bc3445e170 REFACTOR(cnpg): remove managed databases section 
- (not supported by CN...
- CNPG operator version doesn't support spec.managed.databases
- authentik database created manually via psql
 2026-01-05 00:39:12 +09:00
Mayne0213
72f1ae1e11 FEAT(postgresql): add authentik database 
- to main pg cluster
- Add managed database 'authentik' owned by 'app' user
- Consolidate from separate authentik-postgres CNPG cluster
 2026-01-05 00:39:12 +09:00
Mayne0213
4a4dbb7937 REFACTOR(argocd): remove serversideapply 
- from argocd applications
- Fixes OutOfSync issues caused by operator-added default values
- ServerSideApply causes stricter field management that conflicts with
  CRD defaults
 2026-01-05 00:39:12 +09:00
Mayne0213
588861a53b REFACTOR(vault): remove Vault database and user 
- Vault uses file storage instead
- Remove database dependencies
 2026-01-05 00:39:12 +09:00
Mayne0213
ab80e14e0a CHORE(external-secrets): update ESO API version from v1beta1 to v1 
- Update ExternalSecret API version
- Migrate to stable API
 2026-01-05 00:39:12 +09:00
Mayne0213
eee7b68c6b REFACTOR(postgresql): rename pg-cnpg.yaml to pg.yaml 
- Standardize file naming
- Simplify configuration
 2026-01-05 00:39:12 +09:00
Mayne0213
75a165b474 REFACTOR(postgresql): rename pg-cnpg namespace and folder 
- Rename to postgresql
- Standardize naming convention
 2026-01-05 00:39:12 +09:00
Mayne0213
de0a0f6629 REFACTOR(postgresql): remove bitnami pg after 
- successful migr...
All applications (gitea, jaejadle, todo, mas, umami) have been
successfully
migrated to CloudNativePG. All databases verified working on CNPG
cluster.
 2026-01-04 23:47:13 +09:00
Mayne0213
a15cb1510f PERF(grafana): optimize cpu requests based on 
- actual usage from grafa...
- external-secrets: 20m → 5m (actual: 1m)
- external-secrets-webhook: 10m → 2m (actual: 1m)
- external-secrets-cert: 10m → 2m (actual: 1m)
- cnpg: 100m → 5m (actual: 2m)
- haproxy-ingress: 100m → 15m (actual: 9-10m)
 2026-01-04 23:47:13 +09:00
Mayne0213
b0cd9274b1 FEAT(velero): configure velero 
- for full k3s cluster backup
- Enable node-agent for PV file-system backups
- Add defaultVolumesToFsBackup configuration
- Optimize backup schedule (daily, 7-day retention)
- Exclude non-essential namespaces (postgresql-dev, harbor)
- Update Velero to v1.17.1
- Update velero-plugin-for-aws to v1.13.1

Full cluster disaster recovery backup now active.
 2026-01-04 23:47:13 +09:00
Mayne0213
b6802a45e6 REFACTOR(vault): update Vault secret paths 
- Update secret paths for databases/*
- Reorganize secret structure
 2025-12-17 21:32:31 +09:00
Mayne0213
a096efe80d CHORE(argocd): update ArgoCD applications to point to databases repo 
- Update repoURL to databases repo
- Change source repository reference
 2025-12-17 15:13:05 +09:00
Mayne0213
27838e5bad INIT(postgresql): databases setup 
- with pg and pg-dev
 2025-12-17 15:09:48 +09:00