chemavx
62abb6134b
registry-cache: switch upstream to mirror.gcr.io (bypass Cloudflare R2 block)
2026-04-22 20:29:11 +00:00
e895fc6104
ci: update polymarket-bot images to adf2917c [skip ci]
2026-04-22 16:38:04 +00:00
chemavx
0bf2e746dd
feat(registry-cache): add Docker Hub pull-through cache + dind mirror config
...
Deploy registry:2 as Docker Hub pull-through cache on chemavx-k8 (hostPort 5000,
ClusterIP 10.43.163.56:5000). Configures dind runner to use local mirror via
daemon.json to eliminate Docker Hub rate limit failures in CI/CD.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-22 11:35:43 +00:00
25ea82f696
ci: update polymarket-bot images to 6d23e804 [skip ci]
2026-04-22 11:31:08 +00:00
bf7ac532de
ci: update polymarket-bot images to 8a56bf77 [skip ci]
2026-04-22 11:11:47 +00:00
47841eef19
ci: update polymarket-bot images to 8479a631 [skip ci]
2026-04-22 07:09:04 +00:00
81b4c30fbb
ci: update polymarket-bot images to 9a5be275 [skip ci]
2026-04-21 17:37:45 +00:00
45495a78c7
ci: update polymarket-bot images to 9b62636a [skip ci]
2026-04-21 17:27:59 +00:00
8ca403f0d3
ci: update polymarket-bot images to 46f8f4b7 [skip ci]
2026-04-21 09:50:40 +00:00
986c74004b
ci: update polymarket-bot images to e2fb697c [skip ci]
2026-04-21 09:41:33 +00:00
chemavx
a5aac4dd83
chore(openclaw): golden config snapshot + RBAC manifest in git
...
- Add openclaw/golden/ with stable copies of openclaw.json, SOUL.md,
TOOLS.md, HOMELAB.md, kubectl-ro
- Fix HOMELAB.md model roles (qwen3-es:14b=primary, llama3.1-es:8b=fallback)
- Add rbac-openclaw-agent.yaml (ClusterRole read-only + binding + SA)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-21 09:18:39 +00:00
chemavx
8592a09bc7
fix(ollama): use Recreate strategy to avoid RWO PVC conflict
...
RollingUpdate caused rollout deadlocks because the PVC (ReadWriteOnce)
cannot be mounted by two pods simultaneously.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-21 09:03:47 +00:00
chemavx
8b7d3c0659
feat(ollama): migrate GPU from AMD ROCm to NVIDIA CUDA (RTX 3060 via OCuLink)
...
Switch from ollama/ollama:rocm + amd.com/gpu to standard CUDA image + nvidia.com/gpu.
RTX 3060 (GA106, 12GB) now used via NVIDIA GPU Operator on chemavx-k8.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-17 17:13:07 +00:00
b805c2c9e5
ci: update polymarket-bot images to d698544f [skip ci]
2026-04-17 10:46:27 +00:00
b0813bad40
ci: update polymarket-bot images to 9add52ab [skip ci]
2026-04-17 10:37:42 +00:00
3076129d5a
ci: update polymarket-bot images to ebdcff5a [skip ci]
2026-04-17 10:29:07 +00:00
0e308d890a
ci: update polymarket-bot images to 0cdb0758 [skip ci]
2026-04-17 10:10:12 +00:00
704301032a
ci: update polymarket-bot images to 411d3462 [skip ci]
2026-04-16 15:57:45 +00:00
a91f6226c2
ci: update polymarket-bot images to 63d9f637 [skip ci]
2026-04-16 15:37:23 +00:00
6fc882f619
ci: update polymarket-bot images to a0cbdc02 [skip ci]
2026-04-16 14:35:02 +00:00
chemavx
72be7ebac8
feat(portfolio): add ChemaVX portfolio with Polymarket live metrics
2026-04-16 10:00:16 +00:00
chemavx
a0d208db63
feat(grafana): add ChemaVX Homelab Overview dashboard as ConfigMap
2026-04-16 09:54:19 +00:00
chemavx
0927658f58
chore: pin ollama and cloudflare-ddns to exact running versions
...
- ollama/ollama:latest → 0.20.7
- favonia/cloudflare-ddns:latest → 1.16.2
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-15 08:13:13 +00:00
chemavx
22ae5d7d4b
chore: pin all floating image tags to exact running versions
...
- vaultwarden/server:latest → 1.35.4
- redis:alpine → 8.6.2-alpine (authentik)
- homarr-labs/homarr:latest → 1.0.0
- gitea/gitea:latest → 1.25.5
- uptime-kuma:1 → 1.23.17
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-15 08:11:22 +00:00
chemavx
c1e57613ed
chore(openclaw): update to 2026.4.12
...
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-15 07:58:37 +00:00
chemavx
0841d6bbe6
fix: add CreateOnly sync option to n8n-secret to prevent ArgoCD from overwriting encryption key
2026-04-14 20:30:36 +00:00
chemavx
7397c1d939
refactor: rewrite n8n manifests as clean GitOps specs, remove server-exported fields
2026-04-14 20:25:16 +00:00
chemavx
192a0bfa7a
fix: delete secret-n8n-tls.yaml — kubernetes.io/tls type requires data fields, cert-manager manages this secret directly
2026-04-14 20:06:32 +00:00
chemavx
f42cdee585
security: remove all REDACTED secrets from repo, add pre-commit guard
...
- Delete 26 secret manifests containing REDACTED placeholder values
(15 cert-manager TLS + 11 app secrets across 8 namespaces)
- REDACTED is valid base64 that decodes to non-UTF-8 bytes — ArgoCD
applying these manifests corrupts live secrets in the cluster
- Add .githooks/pre-commit that rejects any .yaml with REDACTED
- Add README.md documenting secret management policy and manual
creation commands for each service
- n8n secret manifests already fixed in previous commits (618b1e8db04fd2
2026-04-14 20:02:51 +00:00
chemavx
db04fd2cbc
fix: remove REDACTED data from n8n-tls secret manifest, prevent ArgoCD from corrupting cert-manager TLS
2026-04-14 19:58:44 +00:00
chemavx
618b1e8d11
fix: remove sensitive data from secret manifest, prevent ArgoCD from overwriting encryption key
2026-04-14 19:09:41 +00:00
13680d4811
ci: update n8n image to d171ce68 [skip ci]
2026-04-14 18:50:07 +00:00
7c1617b392
ci: update polymarket-bot images to 9bdafaa5 [skip ci]
2026-04-14 17:21:46 +00:00
49e92d64f8
ci: update polymarket-bot images to 324edbe4 [skip ci]
2026-04-14 13:05:21 +00:00
e4a43491be
ci: update polymarket-bot images to 7b9c5751 [skip ci]
2026-04-14 12:55:26 +00:00
aa68b3c8c1
ci: update polymarket-bot images to 5a9c6add [skip ci]
2026-04-14 12:49:56 +00:00
22dfa7bd2d
ci: update polymarket-bot images to 82d6d357 [skip ci]
2026-04-14 12:43:55 +00:00
165026eff6
ci: update polymarket-bot images to 33ad86f3 [skip ci]
2026-04-14 12:35:05 +00:00
831debd5d8
ci: update polymarket-bot images to d642dbd9 [skip ci]
2026-04-14 08:38:24 +00:00
25b38cd1de
ci: update polymarket-bot images to 4dadd3c2 [skip ci]
2026-04-14 08:25:46 +00:00
b7a4542898
ci: update polymarket-bot images to 98e7f5fe [skip ci]
2026-04-14 08:17:46 +00:00
374539f08d
ci: update polymarket-bot images to b8d2b733 [skip ci]
2026-04-14 08:09:50 +00:00
880a535dfd
ci: update polymarket-bot images to f8c4f8b7 [skip ci]
2026-04-13 20:41:55 +00:00
chemavx
c9d4877742
fix(polymarket-bot): remove cert-manager managed TLS secret from repo
...
ArgoCD was overwriting the polymarket-tls secret with REDACTED values,
corrupting the TLS cert. This secret is managed by cert-manager and
must not be tracked in git.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-13 20:33:36 +00:00
chemavx
e59da6b3a9
chore(polymarket-bot): clean up manifests, remove stale kubectl annotations
...
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-13 20:28:27 +00:00
chemavx
45c4dde929
fix(polymarket-bot): fix corrupted secret and migrate to Gitea registry images
...
- Fix bot-secrets: replace corrupted REDACTED base64 values with correct ones
- Update deployment-api and deployment-bot to use git.chemavx.xyz registry images
- Add imagePullSecrets (gitea-registry) to api and bot deployments
- Add secret-gitea-registry.yaml manifest for ArgoCD to manage
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-13 20:27:23 +00:00
83764199b3
ci: update polymarket-bot images to 1dd01e03 [skip ci]
2026-04-13 16:38:12 +00:00
chemavx
ff2e6cc985
feat: export all K8 Plus cluster manifests
...
Namespaces: argocd, authentik, backup-system, cloudflare-ddns,
gitea, homarr, monitoring, n8n, openclaw, polymarket-bot, vaultwarden
Cluster-wide: clusterissuers, namespaces
Secrets: redacted (structure only, data=REDACTED)
2026-04-10 08:57:02 +00:00
chemavx
Gitea CI