Files

Sascha Dodenhöft c48ab60392 Migrate Joplin to K3s and add existing k8s manifests

- New k8s/joplin/ deployment for note.expertfab.de (Postgres + Server +
  Traefik ingress with cert-manager), replicas=2 to match cluster size
- coredns-custom.yaml: route note.expertfab.de internally to Traefik LB
- Commit previously-built k8s manifests (documenso, erpnext oauth2-proxy,
  paperless oauth2-proxy) that were running but not in git
- docs/access.md: add Joplin section and Documenso/Cloudflare entries

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-28 20:17:19 +02:00

5.3 KiB

Raw Permalink Blame History

ExpertFab – Zugangsdaten & Verbindungen

SSH-Key: ~/.ssh/hetzner_key (für alle Server)

Cloudflare

Parameter	Wert
API Token	`euknQxray528vidJ2beVxYZ4auN4gbQxHvxpJ5iz`
Zone ID	`c587e1538c5121b4985938551b96dc9c` (expertfab.de)
Berechtigungen	DNS:Edit für Zone expertfab.de

Proxmox

Zugang	Wert
Web-UI	https://95.156.232.42:8006
SSH (Node 1)	`ssh -i ~/.ssh/hetzner_key root@10.42.70.1`
SSH (Node 2)	`ssh -i ~/.ssh/hetzner_key root@10.42.70.2`
Benutzer	`root`

K3s Cluster

Zugang	Wert
SSH Control Plane	`ssh -i ~/.ssh/hetzner_key sd@10.42.71.50`
kubectl (am Node)	`sudo KUBECONFIG=/etc/rancher/k3s/k3s.yaml kubectl …`
kubectl via Proxmox	`ssh root@10.42.70.1 "qm guest exec 119 -- bash -c 'KUBECONFIG=/etc/rancher/k3s/k3s.yaml kubectl …'"`

K3s Version: v1.34.6+k3s1
Container Runtime: containerd 2.2.2
OS: Ubuntu 24.04.4 LTS

Nodes

Node	IP	Rolle
efsckubadm	10.42.71.50	control-plane
efsckubnode1	10.42.71.51	worker
efsckubnode2	10.42.71.52	worker

Proxmox-VM efsckubctl = K3s-Node efsckubadm

Paperless-NGX

Zugang	Wert
URL	https://docs.expertfab.de
API Token	`3960b56c7c56d21af06af7d32e49613d8e7f78c8`
API Header	`Authorization: Token <token>`

Documenso (Document Signing)

Zugang	Wert
URL	https://signing.expertfab.de
Namespace	`documenso`
Image	docker.io/documenso/documenso:latest
Database	Eigene Postgres im Namespace
StorageClass	`longhorn-documenso` (Retain)
Signing-Zertifikat	Self-signed P12, passphrase `documenso`, gültig 10 Jahre
SMTP	smtprelay.expertfab.de:587 / it-admin@expertfab.de
Auth	Documenso-eigene Auth (kein Zitadel SSO)

Joplin (Notes Server)

Zugang	Wert
URL	https://note.expertfab.de
Namespace	`joplin`
Image	docker.io/joplin/server:latest
Database	Eigene Postgres im Namespace
StorageClass	`longhorn-joplin` (Retain)
SMTP	smtprelay.expertfab.de:587 / it-admin@expertfab.de
Auth	Joplin-eigene Auth (kein Zitadel SSO)

ERPNext

Zugang	Wert
URL	https://expertfab.de / https://www.expertfab.de
Helm Chart	frappe/erpnext 8.0.14 (ERPNext v15)
Namespace	`erpnext`
Auth Token	Airflow Variable: `ErpnextAuthToken`
Base URL	Airflow Variable: `ErpnextBaseurl`
Docker Image	git.expertfab.de/expertfab/customdocker:1.0.2
Image Pull	Secret `gitea-registry` im Namespace `erpnext`

Gitea

Zugang	Wert
URL	https://git.expertfab.de
VM	efgit01 (Proxmox n01 / 110)

SMTP (Accounting)

Parameter	Airflow Variable
Server	`smtpAccountingServer`
Port	`smtpAccountingPort`
User	`smtpAccountingUser`
Password	`smtpAccountingPassword`
Sender	`smtpAccountingSenderName`

Öffentlich erreichbare Dienste

Dienst	URL	Namespace
ERPNext	https://expertfab.de	erpnext
ERPNext	https://www.expertfab.de	erpnext
Paperless	https://docs.expertfab.de	paperless
Zitadel SSO	https://auth.expertfab.de	zitadel
Documenso	https://signing.expertfab.de	documenso
Joplin	https://note.expertfab.de	joplin
FastAPI	https://api.expertfab.de	rabbitmq
Coworkbase	https://coworkbase.de	coworkbase
Qubicticker	https://qubicticker.qchief.io	qubicticker
Gitea	https://git.expertfab.de	–

5.3 KiB Raw Permalink Blame History Unescape Escape

ExpertFab – Zugangsdaten & Verbindungen

Cloudflare

Proxmox

K3s Cluster

Nodes

Paperless-NGX

Documenso (Document Signing)

Joplin (Notes Server)

ERPNext

Gitea

SMTP (Accounting)

Öffentlich erreichbare Dienste

5.3 KiB

Raw Permalink Blame History