Nikholas Pcenicni
|
032ffee866
|
Enable Authentik installation and add support for extra public hostnames in the configuration. Updated README and values files to reflect changes for improved deployment flexibility and documentation clarity.
|
2026-05-14 19:58:56 -04:00 |
|
Nikholas Pcenicni
|
2321209626
|
Update Helm chart versions across multiple components to latest stable releases, including Argo CD (9.5.14), cert-manager (v1.20.2), Cilium (1.19.4), kube-prometheus-stack (85.0.3), Loki (7.0.0), Fluent Bit (0.57.5), Headlamp (0.42.0), Traefik (40.2.0), and Kyverno (3.8.0). Adjusted related documentation and values files to reflect these changes for improved deployment consistency and compatibility.
|
2026-05-14 18:55:18 -04:00 |
|
Nikholas Pcenicni
|
e48283fc43
|
Update Trivy configuration paths in Ansible tasks and Argo CD application manifests to reflect new directory structure. Adjust references in values.yaml and dashboard-values.yaml for consistency and clarity in deployment processes.
|
2026-05-14 17:21:49 -04:00 |
|
Nikholas Pcenicni
|
c347416668
|
Refactor Argo CD application management by removing the obsolete root-application.yaml and updating the bootstrap-root-application.yaml to include optional add-on Application manifests from clusters/noble/apps. Adjust documentation to clarify the deployment order and resource ownership, ensuring a streamlined GitOps process with Ansible and Argo CD.
|
2026-05-14 17:18:41 -04:00 |
|
Nikholas Pcenicni
|
a5869c242a
|
Update documentation and playbook to clarify Trivy Operator installation via Argo CD, removing direct Ansible role references. Adjust README and related files to reflect the new deployment order and ensure proper resource ownership, enhancing overall clarity for users.
|
2026-05-14 17:04:25 -04:00 |
|
Nikholas Pcenicni
|
c3c89b8f0a
|
Add Ansible getting started guide for Proxmox to Talos deployment process and update README with narrative walkthrough. This enhances documentation clarity and provides a structured approach for users to set up the noble cluster.
|
2026-05-14 16:58:23 -04:00 |
|
Nikholas Pcenicni
|
1e6d84f0f3
|
Refactor noble.yml playbook to apply Argo CD Application manifests after all Helm roles, ensuring proper resource ownership and avoiding SSA conflicts. Update related documentation to reflect the new execution order and clarify the role of Argo CD in the deployment process.
|
2026-05-14 16:46:45 -04:00 |
|
Nikholas Pcenicni
|
1a50599cb4
|
Enhance Authentik role by updating README with detailed troubleshooting steps for Headlamp OIDC integration, including handling of scopes and PKCE settings. Adjust default variables for Headlamp OIDC scopes and ensure proper application of Kubernetes RBAC for OIDC groups. Update Helm tasks to apply necessary static manifests for Headlamp, improving overall deployment and authentication reliability.
|
2026-05-14 16:11:57 -04:00 |
|
Nikholas Pcenicni
|
4bc8da0225
|
Enhance Authentik role by adding Helm wait timeout for oauth2-proxy and improving task conditions for admin access and OAuth2 provider upserts. Update README with new variable descriptions and adjust Longhorn deployment tasks to ensure proper rollout before Loki installation, enhancing overall deployment reliability.
|
2026-05-14 15:52:42 -04:00 |
|
Nikholas Pcenicni
|
5e5c6ef671
|
Enhance Authentik role in noble cluster setup by adding support for resolving OAuth2 flow, signing key, and scope mapping UUIDs from the worker database, improving API access under 2026+ RBAC. Update README with troubleshooting steps for common OAuth2 provider issues and adjust default variables for better configuration management. Ensure seamless integration with oauth2-proxy by allowing unverified email handling in development environments.
|
2026-05-14 14:26:43 -04:00 |
|
Nikholas Pcenicni
|
c392ce1e5a
|
Enhance Authentik integration in noble cluster setup by adding support for OAuth2 flow primary keys in configuration. Update README with troubleshooting steps for common API errors and improve deployment reliability with tasks to wait for Authentik worker rollout and API readiness. Adjust Helm chart values for Grafana and Headlamp to accommodate new OIDC settings, ensuring seamless authentication and authorization processes.
|
2026-05-14 01:29:49 -04:00 |
|
Nikholas Pcenicni
|
15d0e120d3
|
Update Ansible configuration and documentation to reflect new inventory structure. Migrate group_vars to inventory/group_vars/ and enhance README with updated paths for variable files, improving clarity for users.
|
2026-05-14 00:39:29 -04:00 |
|
Nikholas Pcenicni
|
78b524a044
|
Add Authentik and oauth2-proxy support to noble cluster setup, including environment variables, playbook tags, and landing URLs. Update README and kustomization.yaml to reflect new OIDC integration, enhancing security and user authentication capabilities.
|
2026-05-14 00:23:48 -04:00 |
|
Nikholas Pcenicni
|
663ebc5001
|
Add Trivy integration to noble cluster setup, including namespace and application configurations. Update README and playbook tags to reflect new security scanning capabilities. Enhance Longhorn and kube-prometheus-stack deployment reliability with increased timeout settings and retry mechanisms.
|
2026-05-13 23:48:12 -04:00 |
|
Nikholas Pcenicni
|
774b97894c
|
Add tasks to wait for Kyverno admission controller rollout and webhook service endpoints, enhancing deployment reliability and ensuring successful policy validation.
|
2026-05-13 21:08:56 -04:00 |
|
Nikholas Pcenicni
|
70cb74d8bd
|
Add noble_helm_cert_manager_wait_timeout variable and update Helm upgrade task to include --timeout option for improved deployment reliability
|
2026-05-13 20:42:57 -04:00 |
|
Nikholas Pcenicni
|
07de0ec629
|
Add --timeout option to Longhorn Helm upgrade tasks for improved deployment control
|
2026-05-13 20:28:48 -04:00 |
|
Nikholas Pcenicni
|
0acb5856b4
|
Update Longhorn Helm chart version to 1.11.2 in Argo CD configuration and tasks, ensuring compatibility and consistency across deployments.
|
2026-05-13 18:41:57 -04:00 |
|
Nikholas Pcenicni
|
5833e421c0
|
Add --force-conflicts option to Helm upgrade commands across multiple roles to ensure proper handling of conflicts during deployments.
|
2026-05-13 17:14:22 -04:00 |
|
Nikholas Pcenicni
|
fc70c68c26
|
Add tasks to manage kyverno-admission-controller FlowSchema for Argo CD compatibility, addressing server-side applied conflicts and ensuring proper Helm SSA conflict recovery.
|
2026-05-13 17:11:11 -04:00 |
|
Nikholas Pcenicni
|
d206a590ab
|
Enhance hubble-server-certs management for Argo CD by adding a new configuration option and updating tasks to ensure compatibility with older kubectl versions. This includes improved handling of managed fields for Helm SSA conflict resolution.
|
2026-05-13 17:06:37 -04:00 |
|
Nikholas Pcenicni
|
b98fcfa471
|
Add task to manage hubble-server-certs Secret for Argo CD compatibility, ensuring proper Helm SSA conflict resolution during deployment.
|
2026-05-13 17:02:32 -04:00 |
|
Nikholas Pcenicni
|
c4e000d2d5
|
Refactor Argo CD application deployment by removing obsolete tasks and updating README for clarity. Introduce new task inclusion for Argo CD applications post-platform Helm installation, ensuring proper application order and synchronization.
|
2026-05-13 16:57:51 -04:00 |
|
Nikholas Pcenicni
|
f259285f6e
|
Enhance Argo CD integration by adding support for a bootstrap root application. Update group_vars/all.yml and role defaults to include noble_argocd_apply_bootstrap_root_application. Modify tasks to apply the bootstrap application conditionally. Revise documentation to clarify the GitOps workflow and the relationship between the core platform and optional applications. Remove outdated references and streamline the README for better user guidance.
|
2026-04-01 01:55:41 -04:00 |
|
Nikholas Pcenicni
|
c15bf4d708
|
Enhance Ansible playbooks and documentation for Debian and Proxmox management. Add new playbooks for Debian hardening, maintenance, SSH key rotation, and Proxmox cluster setup. Update README.md with quick start instructions for Debian and Proxmox operations. Modify group_vars to include Argo CD application settings, improving deployment flexibility and clarity.
|
2026-04-01 01:19:50 -04:00 |
|
Nikholas Pcenicni
|
3a6e5dff5b
|
Update Ansible configuration to integrate SOPS for managing secrets. Enhance README.md with SOPS usage instructions and prerequisites. Remove External Secrets Operator references and related configurations from the bootstrap process, streamlining the deployment. Adjust playbooks and roles to apply SOPS-encrypted secrets automatically, improving security and clarity in secret management.
|
2026-03-30 22:42:52 -04:00 |
|
Nikholas Pcenicni
|
544f75b0ee
|
Enhance documentation and configuration for Velero integration. Update README.md to clarify Velero's lack of web UI and usage instructions for CLI. Add CSI Volume Snapshot support in playbooks and roles, and include Velero service details in noble_landing_urls. Adjust kustomization.yaml to include VolumeSnapshotClass configuration, ensuring proper setup for backups. Improve overall clarity in related documentation.
|
2026-03-28 19:34:43 -04:00 |
|
Nikholas Pcenicni
|
33a10dc7e9
|
Add Velero configuration to .env.sample, README.md, and Ansible playbooks. Update group_vars to include noble_velero_install variable. Enhance documentation for optional Velero installation and S3 integration, improving clarity for backup and restore processes.
|
2026-03-28 18:39:22 -04:00 |
|
Nikholas Pcenicni
|
f6647056be
|
Add homepage entry to noble_landing_urls and update kustomization.yaml to include homepage resource
|
2026-03-28 17:07:06 -04:00 |
|
Nikholas Pcenicni
|
76eb7df18c
|
Refactor noble cluster configurations to transition from the deprecated apps structure to a streamlined bootstrap approach. Update paths in various YAML files and README documentation to reflect the new organization under clusters/noble/bootstrap. This change enhances clarity and consistency across the deployment process, ensuring that all components are correctly referenced and documented for user guidance.
|
2026-03-28 17:03:15 -04:00 |
|
Nikholas Pcenicni
|
7a62489ad6
|
Enhance noble_landing_urls role by adding support for generating a Headlamp ServiceAccount token with a configurable duration. Update documentation to reflect changes in the markdown output for Headlamp sign-in. Modify fetch_credentials task to include token generation alongside existing credential fetching. These updates improve the usability and security of the Headlamp integration.
|
2026-03-28 16:38:47 -04:00 |
|
Nikholas Pcenicni
|
0e8eaa2f0d
|
Update .gitignore to include generated noble-lab-ui-urls.md and enhance README.md with new role documentation. Refactor noble.yml to incorporate noble_landing_urls role for improved URL management. Add ingress configurations for alertmanager, prometheus, longhorn, and vault to support TLS termination via Traefik. Update network policies and values.yaml for vault to allow traffic from Traefik. These changes aim to streamline deployment and enhance service accessibility.
|
2026-03-28 16:32:21 -04:00 |
|
Nikholas Pcenicni
|
a48ac16c14
|
Update .gitignore to include .env file and enhance README.md with instructions for deploying secrets. Refactor noble.yml to improve Kubernetes health check handling and update templates for error reporting. Modify cert-manager and metallb tasks to apply secrets from .env and adjust timeout settings. Clarify Newt installation requirements in tasks. These changes aim to streamline deployment processes and improve documentation clarity.
|
2026-03-28 15:36:52 -04:00 |
|
Nikholas Pcenicni
|
46cedc965f
|
Refactor Argo CD application management by removing noble-kyverno and noble-platform configurations, transitioning to Ansible-driven installations. Update documentation to clarify the optional nature of app-of-apps and the role of kustomization.yaml as an empty resource holder. Ensure users are informed about the need to delete stale Applications when migrating from previous configurations.
|
2026-03-28 15:17:54 -04:00 |
|
Nikholas Pcenicni
|
906c24b1d5
|
Remove obsolete Ansible configuration files and playbooks for Proxmox VM management, including ansible.cfg, README.md, inventory samples, and various playbooks. This cleanup eliminates unused roles and tasks, streamlining the project structure.
|
2026-03-28 01:43:25 -04:00 |
|
Nikholas Pcenicni
|
51d55af86e
|
Update .gitignore and refactor Ubuntu template playbook to use role for Proxmox template management
|
2026-03-27 03:48:32 -04:00 |
|
Nikholas Pcenicni
|
fcb2119859
|
feat: Introduce an Ansible common role for base system configuration, including packages, users, and Netplan networking, alongside Semaphore playbooks for system bootstrapping and Proxmox management.
|
2026-01-19 03:47:55 -05:00 |
|
Nikholas Pcenicni
|
d5dd912255
|
chore: untrack hosts.ini and add sample
|
2026-01-19 03:16:59 -05:00 |
|
Nikholas Pcenicni
|
75b2702c9a
|
feat: Integrate Authentik OIDC into Semaphore and enhance Proxmox VM template creation with image list selection and SSH key management.
|
2026-01-19 03:14:49 -05:00 |
|
Nikholas Pcenicni
|
91cb5ba36f
|
feat: add roles_path to ansible.cfg and rename Mastodon's compose.yml to compose.yaml
|
2026-01-19 03:14:49 -05:00 |
|
Nikholas Pcenicni
|
a7dde5c9fa
|
docs: Add documentation for the manage_vm.yml playbook.
|
2026-01-19 03:14:49 -05:00 |
|
Nikholas Pcenicni
|
f8591ccae6
|
feat: Implement Ansible for Proxmox VM management and refactor Mastodon Docker Compose, removing outdated service definitions.
|
2026-01-19 03:14:39 -05:00 |
|