bluejay/bluejay-infra
1
0
Fork 0
Code Issues Pull Requests 14 Actions Packages Projects Releases Wiki Activity
32 Commits 56 Branches 0 Tags
5f30f85569c34840782ae277b80d0f7c8c86551d
Commit Graph

17 Commits

Author SHA1 Message Date
Andrew M. Stoltz
37d6ff2337 Fix Anope db_flatfile path: use relative path (data/ prefix auto-prepended) 2026-03-10 11:06:12 -05:00
Andrew M. Stoltz
4069f51848 Fix Anope 2.0.19 config format: service blocks + module blocks 
Anope 2.0.19 requires:
- Separate service {} blocks for each IRC pseudo-client (nick, user, host, gecos)
- Module config inside module {} blocks with name field (not bare nickserv/chanserv blocks)
- db_flatfile also moved to module {} block syntax
- fork=no to prevent backup crash in containerized environment
 2026-03-10 11:04:59 -05:00
Andrew M. Stoltz
b2d7286179 Fix stale passwords, Anope crash loop, and intranet accuracy 
Intranet:
- Replace all 1qaz@WSX3edc default passwords with current rotated values
- Update service credentials: Grafana, Gitea, Zabbix, ArgoCD, Guacamole, IRC
- Fix noc1 password to harbor-badge-kitten-valley-falcon
- Rotate edge1/edge2 passwords (lemon-torch-ruby-raven / nebula-cipher-indigo-tango)
- Update Harvester references to bare-metal RKE2
- Fix RKE2 node IPs (.118-.120 → .11-.13)
- Update status badge to REBUILD COMPLETE
- Fix ISP /28 from BROKEN to LIVE
- Add Traefik dashboard credentials (basicAuth)
- Update all phase progress to 100% Done

IRC:
- Fix Anope db_flatfile crash: fork=no (forked backup fails in container)
- Add client fields to all service blocks (NickServ, ChanServ, etc.)
- Fix log target path (was getting logs/ prefix mangled)
- Improve fix-perms init container (chmod 666, verbose output)
 2026-03-10 11:01:35 -05:00
Andrew M. Stoltz
4319281bf8 Fix Anope: touch anope.db in init container to prevent backup crash 2026-03-10 01:28:12 -05:00
Andrew Stoltz
2be7bf1279 Wire IRC, mail, teamspeak to 1Password secrets 
- IRC: OnePasswordItem CRD, ConfigMap templates with inject-credentials initContainers
- Mail: OnePasswordItem CRD, inject-accounts initContainer builds postfix-accounts.cf
- TeamSpeak: OnePasswordItem CRD, TS3SERVER_SERVERADMIN_PASSWORD from secret
- Zero hardcoded passwords remain in these manifests
 2026-03-09 20:55:45 -05:00
root
8f405d4df0 IRC: allow plaintext server links (Anope internal cluster) 2026-03-09 17:29:06 -05:00
root
d6c55573b8 IRC: fix UnrealIRCd data dir permissions for ircd user 2026-03-09 17:27:49 -05:00
root
cea19a7ffc IRC: add system CA bundle, define Services Root opertype for Anope 2026-03-09 17:26:30 -05:00
root
7abf9b26d1 IRC: fix TLS key perms (644 for ircd user), add Anope readtimeout 2026-03-09 17:24:34 -05:00
root
a69c91a539 IRC: mixed-alphanum cloak keys, simplified Anope config with proper block syntax 2026-03-09 17:22:51 -05:00
root
07dccb7ecf IRC: fix cloak keys (80+ chars required) 2026-03-09 17:20:47 -05:00
root
5eaffdb2ef IRC: add cloak_sha256 module, fix Anope mount paths (/anope/conf + /anope/data) 2026-03-09 17:19:38 -05:00
root
f0198c2c65 IRC: TLS emptyDir+initContainer, Anope initContainer for permissions 2026-03-09 17:16:00 -05:00
root
388ec876da IRC: fix config paths (/app/conf for UnrealIRCd, initcopy for Anope) 2026-03-09 17:11:56 -05:00
root
b9421582f3 IRC: use djlegolas/unrealircd:6.1.9.1, fix mount paths 2026-03-09 17:08:50 -05:00
root
3c29b0abe5 Fix mail (accounts), matrix (homeserver.yaml), irc (proper image+config) 2026-03-09 17:02:59 -05:00
Blue Jay
ef442e29eb Add infrastructure manifests for 9 services 
Zabbix, IRC, Mail, Guacamole, Matrix, TeamSpeak, Intranet, PKI Web, FC Landing.
All with cert-manager TLS, Traefik IngressRoutes, Longhorn PVCs.
 2026-03-09 16:35:04 -05:00