summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2026-01-27fixPaul Buetow
2026-01-27gogios: enable 1h minimum notification intervalPaul Buetow
Set MinNotifyIntervalS to 3600 (1 hour) to batch email notifications. Gogios will only send emails when both the interval has elapsed AND there's been a state change. HTML reports continue updating on every run. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-26UpdatePaul Buetow
2026-01-24Add f3s hosts to ACME certificate managementPaul Buetow
- Add all 18 f3s hosts to @acme_hosts for certificate issuance - Skip standby certificate variants for f3s hosts (not needed for k3s cluster) - Add port 80 ACME challenge blocks to httpd for all f3s hosts - Add port 8080 fallback page blocks to httpd for f3s hosts (when cluster is down) - Update relayd.conf.tpl to skip standby keypairs for f3s hosts - Update acme-client.conf.tpl to skip standby certificates for f3s hosts Fixes missing certificates on flux.f3s.buetow.org, anki.f3s.buetow.org, and other f3s services
2026-01-23more on hypserstackPaul Buetow
2026-01-22UpdatePaul Buetow
2026-01-21mute gogios for a dayPaul Buetow
2026-01-21remove paul.cyouPaul Buetow
2026-01-21UpdatePaul Buetow
2026-01-21Add solarcat.buetow.org and cleanup configPaul Buetow
- Add solarcat DNS records, httpd server block, and ACME host - Re-enable Prometheus and WG0 ping notifications in gogios - Remove paul.cyou from DNS zones - Cleanup duplicate definitions in Rexfile Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-21adjust cPaul Buetow
2026-01-21disable notifyPaul Buetow
2026-01-20UpdatePaul Buetow
2026-01-19resolve merge conflict in argocd dashboardPaul Buetow
Kept the version with the additional "Unhealthy Applications" panel which provides better visibility into problematic applications. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-19fix radicale scrape config causing TargetDown alertPaul Buetow
Radicale does not expose Prometheus metrics. The previous config tried to scrape /.web/ which returns HTML, causing parse errors. Synced with additional-scrape-configs.yaml which properly drops radicale from scraping. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-19Merge branch 'master' of codeberg.org:snonux/confPaul Buetow
2026-01-18Add unhealthy applications panel to ArgoCD dashboardPaul Buetow
Adds a dedicated table panel showing only applications with health_status != "Healthy" for quick identification of issues. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-18fix alertsPaul Buetow
2026-01-18addPaul Buetow
2026-01-17adjust monitoring checksPaul Buetow
2026-01-17fix tlsPaul Buetow
2026-01-17add daemonPaul Buetow
2026-01-17fixPaul Buetow
2026-01-17updatePaul Buetow
2026-01-17Add security policy to AGENTS.mdPaul Buetow
Never commit secrets (SSH keys, tokens, passwords) to git. Deploy them as Kubernetes Secrets and rotate if exposed. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-17Remove private SSH key from repo credentialsPaul Buetow
The ArgoCD SSH private key should not be stored in git. Deploy it as a Kubernetes secret instead: kubectl create secret generic git-server-repo-creds ... Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-16Add WireGuard mesh hosts file templatePaul Buetow
Created hosts.wg.append with IPv4 and IPv6 addresses for all 10 WireGuard mesh hosts (blowfish, fishfinger, f0-f2, r0-r2, earth, pixel7pro). This file can be appended to /etc/hosts on mesh participants to enable hostname resolution for WireGuard mesh addresses. Applied to blowfish and fishfinger OpenBSD gateways. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-16Add IPv6 monitoring and fix syntax in gogios configPaul Buetow
- Add IPv6 (proto 6) ping monitoring for all WireGuard mesh hosts - Fix syntax error in protocol list (4 6 -> 4, 6) - Update AGENTS.md path format to file:// URL Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-15add ipv6Paul Buetow
2026-01-15cleanupPaul Buetow
2026-01-15cleanupPaul Buetow
2026-01-15Merge branch 'master' of codeberg.org:snonux/confPaul Buetow
2026-01-15docs: add DEMO-SCRIPTS.md guidePaul Buetow
2026-01-15feat: add automated demo scripts for Argo RolloutsPaul Buetow
2026-01-15fix: scope ignoreDifferences to only tracing-demo-frontend RolloutPaul Buetow
2026-01-15feat: add ignoreDifferences for Argo Rollouts to prevent ArgoCD conflictsPaul Buetow
2026-01-15docs: update all ROLLOUT*.md files with 1-min 33% canary detailsPaul Buetow
2026-01-15docs: update README-ROLLOUTS.md and ARGO-ROLLOUTS-SUMMARY.md for 1-min 33% ↵Paul Buetow
canary
2026-01-15chore: auto-promote canary after 1 minutePaul Buetow
2026-01-15chore: switch from canary to blue-green strategy for clearer demoPaul Buetow
2026-01-15chore: reduce canary pause from 2m to 1mPaul Buetow
2026-01-15fix: Justfile syntax for Helm values flagPaul Buetow
2026-01-15feat: add Argo Rollouts controller and tracing-demo canary rollout demoPaul Buetow
2026-01-15Update monitoring and gogios configurationPaul Buetow
- Add node resources multi-select dashboard for Prometheus - Update gogios cron schedule and add HTML status file output - Update Prometheus scrape configs - Add gogios documentation Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-15Add IPv6 NAT and firewall rules to OpenBSD PF configurationPaul Buetow
Enable IPv6 support for WireGuard mesh network on OpenBSD gateways: - Added NAT66 rule using NPTv6 to translate ULA addresses to public IPv6 - Added IPv6 UDP pass rule for WireGuard port 56709 - Maintains existing IPv4 NAT and firewall rules This allows roaming clients to route IPv6 traffic through the VPN gateways and access IPv6 internet resources using the gateway's public IPv6 address. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-15Update monitoring and gogios configurationPaul Buetow
- Add node resources multi-select dashboard for Prometheus - Update gogios cron schedule and add HTML status file output - Update Prometheus scrape configs - Add gogios documentation Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-15Add IPv6 NAT and firewall rules to OpenBSD PF configurationPaul Buetow
Enable IPv6 support for WireGuard mesh network on OpenBSD gateways: - Added NAT66 rule using NPTv6 to translate ULA addresses to public IPv6 - Added IPv6 UDP pass rule for WireGuard port 56709 - Maintains existing IPv4 NAT and firewall rules This allows roaming clients to route IPv6 traffic through the VPN gateways and access IPv6 internet resources using the gateway's public IPv6 address. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-15Disable Prometheus scraping of radicale service - add ↵Paul Buetow
prometheus.io/scrape=false annotation and rename port to http
2026-01-15Disable Prometheus scraping of radicale service - add ↵Paul Buetow
prometheus.io/scrape=false annotation and rename port to http
2026-01-121 replicatPaul Buetow
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-10 19:50:17 +0000