41 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Ryan Moon	911bc3eb76	fix: ignore default node_pool in cluster lifecycle to prevent recreation	2026-04-03 07:20:55 -05:00
Ryan Moon	35b78f672c	feat: add system and customer node pools, scale default workers to 0	2026-04-03 07:20:00 -05:00
Ryan Moon	10528dd7bb	feat: decommission droplet, point git DNS to cluster LB	2026-04-02 20:44:22 -05:00
Ryan Moon	3471374cb6	feat: add DOKS, managed postgres/redis, WAF rules, external-dns	2026-04-02 17:25:13 -05:00
Ryan Moon	155ef0345e	fix: use catthehacker ubuntu image for runner to include Docker CLI	2026-04-01 21:29:37 -05:00
Ryan Moon	d8528f64dc	fix: use host network for runner containers to enable service DNS	2026-04-01 21:15:43 -05:00
Ryan Moon	a47b5cf50e	feat: add Bun to CI runner image	2026-04-01 20:04:28 -05:00
Ryan Moon	68e6587ea1	Add os-update playbook	2026-03-31 20:34:54 -05:00
Ryan Moon	99348d9eaa	Split playbooks: each service independent, infra.yml only runs backup	2026-03-31 20:28:18 -05:00
Ryan Moon	4c22465a59	Remove vim swap file, ignore *.swp	2026-03-31 20:21:20 -05:00
Ryan Moon	610e68cf40	Split runner into own playbook to prevent self-restart during CI	2026-03-31 20:21:10 -05:00
Ryan Moon	3e055e2c6a	Mark admin_ip as sensitive	2026-03-31 20:18:18 -05:00
Ryan Moon	7eb51120f2	Add gitea_registry_domain to vars	2026-03-31 20:15:56 -05:00
Ryan Moon	d16e73bda8	Track vault.yml in repo (encrypted)	2026-03-31 20:14:30 -05:00
Ryan Moon	8007533ece	Update vault with cloudflare_api_token	2026-03-31 20:14:18 -05:00
Ryan Moon	1ce49a7ed3	Add registry.lunarfront.tech: DNS-only subdomain with Let's Encrypt cert, no CF upload limit	2026-03-31 19:14:03 -05:00
Ryan Moon	c280fb8cbe	Add nodejs to ci-runner image for actions/checkout	2026-03-31 19:05:54 -05:00
Ryan Moon	10471a97af	Slim runner image to Alpine, revert hosts/CA cert complexity	2026-03-31 18:59:38 -05:00
Ryan Moon	8595eac107	Pin gitea domain to private IP in /etc/hosts to avoid Cloudflare egress	2026-03-31 18:54:51 -05:00
Ryan Moon	a81981df87	Remove nginx upload size limit for container registry	2026-03-31 18:47:25 -05:00
Ryan Moon	c1398800c5	Install docker CLI in node:20 base instead of using docker image	2026-03-31 18:41:15 -05:00
Ryan Moon	2c731a6957	Remove duplicate docker socket mount	2026-03-31 18:39:37 -05:00
Ryan Moon	8eeb45cb51	Pass docker socket to job containers, use docker:24 for image builds	2026-03-31 18:37:24 -05:00
Ryan Moon	c16dae8de4	Rename secret to REGISTRY_TOKEN	2026-03-31 18:32:45 -05:00
Ryan Moon	ee9b087154	Rename runner image to ci-runner	2026-03-31 18:31:06 -05:00
Ryan Moon	5c62f90b7f	Add custom runner image with ansible, terraform, community.docker	2026-03-31 18:29:15 -05:00
Ryan Moon	7c2e44d8b6	Fix ansible install: use apt-get	2026-03-31 18:26:03 -05:00
Ryan Moon	311f0df55e	Fix ansible install: use python3 -m pip	2026-03-31 18:24:06 -05:00
Ryan Moon	df307237bd	Upgrade Gitea to 1.25.5	2026-03-31 18:21:52 -05:00
Ryan Moon	6fb6a721a2	Add hello world test workflow	2026-03-31 18:07:56 -05:00
Ryan Moon	ff40e5e79f	Trigger Actions test	2026-03-31 18:07:28 -05:00
Ryan Moon	a6a4a56148	Enable Gitea Actions	2026-03-31 18:05:55 -05:00
Ryan Moon	1910babd97	Remove test file	2026-03-31 18:03:05 -05:00
Ryan Moon	7fa7f0fb69	Trigger Actions test run	2026-03-31 18:00:45 -05:00
Ryan Moon	a3ed2ad56e	Add README	2026-03-31 17:59:21 -05:00
Ryan Moon	9b523994f7	Remove unused Terraform output step from Ansible workflow	2026-03-31 17:47:28 -05:00
Ryan Moon	e480bcc685	Use domain name instead of IP in Ansible workflow	2026-03-31 17:47:05 -05:00
Ryan Moon	289f61bacb	Derive droplet IP from Terraform state in Ansible workflow	2026-03-31 17:46:04 -05:00
Ryan Moon	90d5c51376	Add Gitea Actions workflows for Terraform and Ansible	2026-03-31 17:35:39 -05:00
Ryan Moon	4d7fa1f54f	Add git-ssh DNS record, remove project assignment block	2026-03-31 16:36:24 -05:00
Ryan Moon	d6ff4746d0	Initial infra setup: Terraform, Ansible, backup roles	2026-03-31 08:11:12 -05:00