bluejay-infra

Author	SHA1	Message	Date
Claude Code	efc3dc5b4e	Increase Zabbix web probe timeouts to 5s (prevents 502 during heavy dashboard queries)	2026-03-12 20:40:09 -05:00
Claude Code	518340b373	Tune Zabbix stack: PostgreSQL, web PHP-FPM, server caches PostgreSQL 16: - shared_buffers 128MB→256MB, work_mem 4MB→16MB - random_page_cost 4→1.1 (SSD/Longhorn), effective_io_concurrency→200 - maintenance_work_mem→128MB, wal_buffers→8MB - max_connections 100→50, memory limit 512Mi→1Gi Zabbix Web: - PHP_FPM_PM_MAX_CHILDREN 50→10 (fixes 68x OOMKill) - ZBX_MEMORYLIMIT 128M→256M, PM_MAX_REQUESTS→500 - Memory limit 512Mi→768Mi, request 128Mi→256Mi Zabbix Server: - ZBX_CACHESIZE→64M, ZBX_VALUECACHESIZE→64M - ZBX_HISTORYCACHESIZE→32M, ZBX_TRENDCACHESIZE→8M - ZBX_STARTPOLLERS→10, ZBX_STARTPOLLERSUNREACHABLE→3	2026-03-12 19:21:15 -05:00
Andrew Stoltz	3199c509c0	Wire Zabbix/Matrix credentials to 1Password-synced secrets, add OnePasswordItem CRDs - Zabbix: Remove hardcoded zabbix-db-secret and zabbix-admin-secret, reference zabbix-credentials (1Password) for DB-User, DB-Password, and admin password - Matrix: Remove hardcoded matrix-db-secret, reference matrix-credentials for Postgres user/password. Convert ConfigMap homeserver.yaml to template with __DB_PASSWORD__/__DB_USER__ placeholders, inject via busybox init container - Guacamole: Add OnePasswordItem CRD for future use. MySQL DB creds remain in guac-db-secret (1Password item lacks DB-specific fields — gap documented) - All three services now include OnePasswordItem CRD manifests for ArgoCD mgmt	2026-03-09 18:28:38 -05:00
Blue Jay	ef442e29eb	Add infrastructure manifests for 9 services Zabbix, IRC, Mail, Guacamole, Matrix, TeamSpeak, Intranet, PKI Web, FC Landing. All with cert-manager TLS, Traefik IngressRoutes, Longhorn PVCs.	2026-03-09 16:35:04 -05:00

4 Commits