bd815e96c6
Complete migration now that the changes are applied.
2025-10-22 22:04:37 +11:00
92f60a7572
Sort parts of the nomad intra into folders
...
This should make finding things easier
2025-10-22 22:02:25 +11:00
8869bd1cb2
Stop terraform thinking some settings are inconsistent
2025-10-21 21:47:39 +11:00
c473ef68fd
Move secrets to subfolder
2025-10-21 21:47:05 +11:00
fd7fdd00f3
Add more nodes and update them all to the latest config
2025-10-21 21:41:15 +11:00
8a375c0133
Remove noauth setting that is probably wrong as it doesn't work
2025-10-21 21:35:35 +11:00
7302842add
Refine install instructions
2025-10-20 20:52:15 +11:00
50cddcd033
Add new servers to consul retry join list
2025-10-20 20:51:22 +11:00
307f27a10b
Use ipv4 for nomad and consul to reduce connectivity issues on my network
2025-10-20 20:25:58 +11:00
700046cfd1
Remove unused strip-magic-token middleware from Traefik configuration
2025-10-20 20:25:19 +11:00
c3f25d1bc5
Prepare for adding LattePanda IOTA based cluster hosts.
...
This required the option to configure the available CPU as nomad assumes that we should only allocate based on the base CPU frequency but the N150 reports 800Mhz base but has a boost frequency more than 4x higher at 3.6GHz which would leave the CPU under utilised, instead we allocate at 1.8GHz (x4 cores).
2025-10-15 23:38:11 +11:00
cdf2a6b72e
Fixup: traefik requires the certificate secrets to be protected. Made the same change on the actual storage host.
2025-10-14 22:07:48 +11:00
f7c2752192
Explicitly enable info level logging in traefik to make it easier to find where to set it to debug level
2025-10-14 20:11:56 +11:00
bf98fb84be
Make sure there is always one traefik instance up when changing the configuration so we can still access nomad via it
2025-10-14 20:11:22 +11:00
2d931f9cfa
Add kopia access to traefik
2025-10-14 20:10:32 +11:00
3cc6f4827d
Route to traefik directly via localhost due to in ability to route via the external port
2025-10-13 21:23:42 +11:00
4a5ad8d36b
Setup storage of immich resouces and add tailscale access to allow uploading files too large to go over cloudflare (<100mb) See https://github.com/immich-app/immich/issues/17729 and https://github.com/immich-app/immich/pull/22385
2025-10-13 20:48:35 +11:00
e6c6bb0c91
Resolve authelia via consul service mesh
2025-10-12 20:58:58 +11:00
e2562ce4b0
Add an immich server
2025-10-11 14:54:07 +11:00
b53bfe4075
Improve resilience by changing routing to traefik and setting up more servers.
...
Some changes were required to set 3 VMs as the cluster since the NUC failed and we are waiting for new hardware to arrive.
The ingest routing from the internet was changed to use cloudflared tunnel to traefik instead of via a specific host.
2025-10-11 14:46:06 +11:00
7f3161b2bb
Add magic token domain for hass to allow app access
2025-10-04 14:36:58 +10:00
facc3c64b2
Route frigate.othrayte.one to internal frigate instance
2025-10-04 14:18:16 +10:00
d64fec4bc0
Disable Nomad job configuration for Teams Status
2025-10-04 13:58:44 +10:00
8b234b8322
Fix bug in teams status (was fixed long ago)
2025-10-04 13:51:26 +10:00
612d322c4f
Update session management settings for Authelia: extend inactivity duration, adjust expiration time, and set remember_me period.
2025-10-04 13:46:56 +10:00
bc2bd41018
Add camera locations and IP addresses to documentation
2025-10-04 13:46:29 +10:00
786b2c6670
Switch from tailscale authkeys to an oauth client to fix issues with key expirey
2025-09-06 22:17:24 +10:00
2d497e5195
Add Nomad job configuration for Teams Status Updater
2025-06-07 09:07:48 +10:00
8920be1ba0
Fix use of wrong port in traefik service definition
2025-05-28 00:05:46 +10:00
525e0eaf9f
Bind consul on all interfaces to fix issues with nodes finding each other. Also expose traefik to make diagnostics of issues easier.
2025-05-27 23:23:25 +10:00
234c6d075c
Improve use of postgres from terraform
2025-05-27 23:22:08 +10:00
e52c2c1fc5
Ensure that host volumes are only on the required nodes
2025-05-25 23:35:36 +10:00
8b0b7c1e73
Fix some networking issues and setup a second nomad host
2025-05-25 22:40:41 +10:00
376c278c11
Cleanup credentials and db use
2025-05-25 18:01:47 +10:00
ffbd240453
Fix pgbackup cron to only run once per day
2025-05-23 01:01:32 +10:00
8e586b3352
Move each service to it's own tf file
2025-05-23 00:43:59 +10:00
c1aeb11354
Use tailscale to allow ssh access to gitea
2025-05-23 00:15:04 +10:00
3f70bc62d3
Disable tailscale on the nomad host
2025-05-22 23:25:35 +10:00
f7c4defe7d
Add gitea
2025-05-19 22:45:33 +10:00
3ab392b50b
Move nomad var secrets to secrets.enc.json
2025-05-18 23:44:24 +10:00
d2279028be
Remove the hello world services initially added for testing
2025-05-18 21:53:44 +10:00
9cdd529633
Format terraform and nomad files
2025-05-18 21:50:04 +10:00
837cfdae68
Remove comment about terraform access to nomad
...
it was orignally only working over tailscale, but it turned out it was just being blocked by the host firewall, that tailscale was bypassing. This was fixed back in the initial commit using nix by setting networking.firewall.allowedTCPPorts to include 4646.
2025-05-18 21:50:04 +10:00
021d22048d
Cleanup terraform files
...
by moving core infra into it's own file
2025-05-18 21:50:04 +10:00
b10df52f1c
Allow login sessions to last longer than 1hr
2025-05-18 20:45:26 +10:00
08a2e458b2
Initial work on db backups
2025-05-18 20:18:48 +10:00
c6925362a6
Add initial PostgreSQL and pgAdmin services with Nomad configuration
2025-05-16 22:43:45 +10:00
805636f44c
Properly persistent configs
2025-05-15 19:06:09 +10:00
b13a52233a
Cleanup volume handling and fix write access
2025-05-15 19:06:09 +10:00
66306e2428
Change from nomad_volume to nomad_csi_volume_registration
...
as the later is deprecated
2025-05-15 19:06:09 +10:00
