expertfab-infra

Author	SHA1	Message	Date
Sascha Dodenhöft	296537720d	gongme: Bugfixes oauth2-proxy + web Deployment - secret-oauth2.yaml: Cookie-Secret auf exakt 32 Bytes korrigiert (openssl rand -base64 32 ergibt 44 Zeichen, nicht 32 raw bytes) - web.yaml: PORT=3000 + HOSTNAME=0.0.0.0 explizit gesetzt, damit envFrom gongme-env's PORT=3001 (fuer API) nicht uebernommen wird Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-06-07 13:42:29 +02:00
Sascha Dodenhöft	00c7ec292f	gongme: k8s Manifeste fuer initialen Cluster-Deploy Namespace, StorageClass (Longhorn), Postgres, API, Web, OAuth2-Proxy (Zitadel OIDC) und Traefik-Ingress fuer https://gongme.expertfab.de. Images: git.expertfab.de/expertfab/ef-gongme-{api,web}:latest Auth: Zitadel hinter OAuth2-Proxy v7.7.1 TLS: cert-manager letsencrypt-ClusterIssuer secret-oauth2.yaml enthaelt Platzhalter — CLIENT_ID/SECRET muessen nach Zitadel-App-Anlage eingetragen werden. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-06-07 13:19:46 +02:00
Sascha Dodenhöft	0baab66010	coredns: gongme.expertfab.de → 10.42.71.60 (Hairpin-NAT) Pods im Cluster losen gongme.expertfab.de auf die interne Traefik-LB-IP (10.42.71.60) auf, statt extern ueber die OPNsense zu gehen. Analog zu den bestehenden Eintraegen (docs, note, signing, auth, etc.). Cloudflare A-Record (oeffentlich): gongme.expertfab.de → 109.230.227.34 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-06-07 13:02:47 +02:00
Sascha Dodenhöft	c48ab60392	Migrate Joplin to K3s and add existing k8s manifests - New k8s/joplin/ deployment for note.expertfab.de (Postgres + Server + Traefik ingress with cert-manager), replicas=2 to match cluster size - coredns-custom.yaml: route note.expertfab.de internally to Traefik LB - Commit previously-built k8s manifests (documenso, erpnext oauth2-proxy, paperless oauth2-proxy) that were running but not in git - docs/access.md: add Joplin section and Documenso/Cloudflare entries Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-28 20:17:19 +02:00
Sascha Dodenhöft	314a512231	Add bingx-trading StorageClass (longhorn-bingx, Retain) Used by the bingx-trading deployment at trade.expertfab.de. Full manifests in git.expertfab.de/expertfab/bingx-trading k8s/. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-07 08:53:41 +02:00

5 Commits