b27f3e58ca
Add openreader
2026-04-18 11:37:18 +10:00
5b3f2cf8f4
Move frigate into the cluster and enable GPU detector
2026-03-28 17:13:09 +11:00
68cf58ead5
Remove some state moved declarations
2025-11-20 23:45:56 +11:00
d3ac8a252b
Make appdata and unraid smb modules to reduce duplication
2025-11-20 23:45:16 +11:00
961ec128f1
Setup prowlarr
2025-11-19 20:49:05 +11:00
d84eb73db0
Connect sonarr to deluge
2025-11-19 20:46:38 +11:00
a3eaab5a07
Add deluge bittorrent client
2025-11-10 23:27:50 +11:00
cf4daacab5
Add jellyfin
...
Customised the forward auth in authelia to ignore Authorization headers as authelia was failing to parse the Authorization: MediaBrowser headers that jellyfin uses.
2025-11-10 19:24:21 +11:00
2a038e59e8
Add sonarr
2025-11-09 15:51:25 +11:00
443d614a66
Use the hostname for the unraid server rather than the IP
2025-11-07 19:42:38 +11:00
2803f694e8
Add Unifi Network
2025-11-06 19:30:42 +11:00
bbff0f6692
Remove no longer used teams status job
2025-10-22 22:05:25 +11:00
bd815e96c6
Complete migration now that the changes are applied.
2025-10-22 22:04:37 +11:00
92f60a7572
Sort parts of the nomad intra into folders
...
This should make finding things easier
2025-10-22 22:02:25 +11:00
8869bd1cb2
Stop terraform thinking some settings are inconsistent
2025-10-21 21:47:39 +11:00
c473ef68fd
Move secrets to subfolder
2025-10-21 21:47:05 +11:00
8a375c0133
Remove noauth setting that is probably wrong as it doesn't work
2025-10-21 21:35:35 +11:00
700046cfd1
Remove unused strip-magic-token middleware from Traefik configuration
2025-10-20 20:25:19 +11:00
cdf2a6b72e
Fixup: traefik requires the certificate secrets to be protected. Made the same change on the actual storage host.
2025-10-14 22:07:48 +11:00
f7c2752192
Explicitly enable info level logging in traefik to make it easier to find where to set it to debug level
2025-10-14 20:11:56 +11:00
bf98fb84be
Make sure there is always one traefik instance up when changing the configuration so we can still access nomad via it
2025-10-14 20:11:22 +11:00
2d931f9cfa
Add kopia access to traefik
2025-10-14 20:10:32 +11:00
3cc6f4827d
Route to traefik directly via localhost due to in ability to route via the external port
2025-10-13 21:23:42 +11:00
4a5ad8d36b
Setup storage of immich resouces and add tailscale access to allow uploading files too large to go over cloudflare (<100mb) See https://github.com/immich-app/immich/issues/17729 and https://github.com/immich-app/immich/pull/22385
2025-10-13 20:48:35 +11:00
e6c6bb0c91
Resolve authelia via consul service mesh
2025-10-12 20:58:58 +11:00
e2562ce4b0
Add an immich server
2025-10-11 14:54:07 +11:00
b53bfe4075
Improve resilience by changing routing to traefik and setting up more servers.
...
Some changes were required to set 3 VMs as the cluster since the NUC failed and we are waiting for new hardware to arrive.
The ingest routing from the internet was changed to use cloudflared tunnel to traefik instead of via a specific host.
2025-10-11 14:46:06 +11:00
7f3161b2bb
Add magic token domain for hass to allow app access
2025-10-04 14:36:58 +10:00
facc3c64b2
Route frigate.othrayte.one to internal frigate instance
2025-10-04 14:18:16 +10:00
d64fec4bc0
Disable Nomad job configuration for Teams Status
2025-10-04 13:58:44 +10:00
8b234b8322
Fix bug in teams status (was fixed long ago)
2025-10-04 13:51:26 +10:00
612d322c4f
Update session management settings for Authelia: extend inactivity duration, adjust expiration time, and set remember_me period.
2025-10-04 13:46:56 +10:00
786b2c6670
Switch from tailscale authkeys to an oauth client to fix issues with key expirey
2025-09-06 22:17:24 +10:00
2d497e5195
Add Nomad job configuration for Teams Status Updater
2025-06-07 09:07:48 +10:00
8920be1ba0
Fix use of wrong port in traefik service definition
2025-05-28 00:05:46 +10:00
234c6d075c
Improve use of postgres from terraform
2025-05-27 23:22:08 +10:00
8b0b7c1e73
Fix some networking issues and setup a second nomad host
2025-05-25 22:40:41 +10:00
376c278c11
Cleanup credentials and db use
2025-05-25 18:01:47 +10:00
ffbd240453
Fix pgbackup cron to only run once per day
2025-05-23 01:01:32 +10:00
8e586b3352
Move each service to it's own tf file
2025-05-23 00:43:59 +10:00
c1aeb11354
Use tailscale to allow ssh access to gitea
2025-05-23 00:15:04 +10:00
3f70bc62d3
Disable tailscale on the nomad host
2025-05-22 23:25:35 +10:00
f7c4defe7d
Add gitea
2025-05-19 22:45:33 +10:00
3ab392b50b
Move nomad var secrets to secrets.enc.json
2025-05-18 23:44:24 +10:00
d2279028be
Remove the hello world services initially added for testing
2025-05-18 21:53:44 +10:00
9cdd529633
Format terraform and nomad files
2025-05-18 21:50:04 +10:00
837cfdae68
Remove comment about terraform access to nomad
...
it was orignally only working over tailscale, but it turned out it was just being blocked by the host firewall, that tailscale was bypassing. This was fixed back in the initial commit using nix by setting networking.firewall.allowedTCPPorts to include 4646.
2025-05-18 21:50:04 +10:00
021d22048d
Cleanup terraform files
...
by moving core infra into it's own file
2025-05-18 21:50:04 +10:00
b10df52f1c
Allow login sessions to last longer than 1hr
2025-05-18 20:45:26 +10:00
08a2e458b2
Initial work on db backups
2025-05-18 20:18:48 +10:00
