P6: Migrate Kiwix and Transmission to Kubernetes (#39)

## Summary - Add Transmission BitTorrent daemon to k8s (torrent namespace) - Add Kiwix ZIM archive server to k8s (kiwix namespace) - NFS storage from sifaka for shared torrent/ZIM data - Torrent-sync sidecar in kiwix deployment to manage declarative ZIM list - ZIM-watcher CronJob to auto-restart kiwix when new archives appear - Remove transmission, transmission_metrics, and kiwix ansible roles from indri - Remove svc:kiwix from tailscale_serve defaults ## Key Decisions - Direct NFS mount for kiwix (no PVC) since it shares storage with transmission - Shell wrapper for kiwix-serve command (glob expansion) - Accept HTTP 409 as "ready" in torrent sync (transmission session ID mechanism) - Completed downloads stored in `/downloads/complete/` on sifaka ## Deployment and Testing - [x] Deployed transmission to k8s - [x] Verified transmission web UI at torrent.tail8d86e.ts.net - [x] Moved existing ZIM files to complete folder - [x] Deployed kiwix to k8s - [x] Verified kiwix web UI at kiwix.tail8d86e.ts.net - [x] Stopped old services on indri - [x] Cleared svc:kiwix from Tailscale serve on indri - [x] Updated zk documentation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: https://forge.tail8d86e.ts.net/eblume/blumeops/pulls/39
2026-01-21 18:07:40 -08:00 · 2026-01-21 18:07:40 -08:00 · 7ec98210a9
commit 7ec98210a9
parent 89eff26301
17 changed files with 531 additions and 17 deletions
--- a/ansible/playbooks/indri.yml
+++ b/ansible/playbooks/indri.yml
@ -29,20 +29,12 @@
      tags: alloy
    - role: prometheus
      tags: prometheus
-    # NOTE: grafana role removed - now hosted in k8s (see argocd/apps/grafana.yaml)
-    - role: transmission
-      tags: transmission
-    - role: transmission_metrics
-      tags: transmission_metrics
-    - role: kiwix
-      tags: kiwix
    - role: borgmatic
      tags: borgmatic
    - role: borgmatic_metrics
      tags: borgmatic_metrics
    - role: forgejo
      tags: forgejo
-    # NOTE: devpi and devpi_metrics roles removed - now hosted in k8s (see argocd/apps/devpi.yaml)
    - role: zot
      tags: zot
    - role: zot_metrics
@ -53,6 +45,5 @@
      tags: minikube_metrics
    - role: plex_metrics
      tags: plex_metrics
-    # NOTE: postgresql and miniflux roles removed - now hosted in k8s
    - role: tailscale_serve
      tags: tailscale-serve
--- a/ansible/roles/tailscale_serve/defaults/main.yml
+++ b/ansible/roles/tailscale_serve/defaults/main.yml
@ -3,9 +3,6 @@
 # Each service maps a Tailscale service name to local endpoints

 tailscale_serve_services:
-  # NOTE: svc:grafana, svc:pg, svc:feed, svc:pypi removed - now hosted in k8s
-  # NOTE: svc:k8s is configured by the minikube role (port is dynamic with docker driver)
-
  - name: svc:forge
    https:
      port: 443
@ -14,11 +11,6 @@ tailscale_serve_services:
      port: 22
      upstream: tcp://localhost:2200

-  - name: svc:kiwix
-    https:
-      port: 443
-      upstream: http://localhost:5501
-
  - name: svc:registry
    https:
      port: 443