diff --git a/Brewfile b/Brewfile index 64592c8..5aa1402 100644 --- a/Brewfile +++ b/Brewfile @@ -2,5 +2,5 @@ brew "actionlint" # GitHub/Forgejo Actions workflow linter brew "argocd" # ArgoCD CLI for GitOps management brew "bat" # Syntax-highlighted file concatenation -brew "tea" # Gitea/Forgejo CLI for forge.tail8d86e.ts.net +brew "tea" # Gitea/Forgejo CLI for forge.ops.eblu.me brew "podman" # Container CLI (uses VM on macOS, for building/pushing images) diff --git a/CLAUDE.md b/CLAUDE.md index e5c0a50..839cced 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -143,7 +143,7 @@ mise run container-release runner v1.0.0 # Tag and trigger build workflow ## Third-Party Projects When a task requires cloning or using a third-party git repository (e.g., for building from source), **ask the user to mirror it on forge first**, then clone from the mirror: -- Mirror location: `https://forge.tail8d86e.ts.net/eblume/.git` +- Mirror location: `https://forge.ops.eblu.me/eblume/.git` - Clone to: `~/code/3rd//` This avoids external dependencies and ensures the project is available even if the upstream is unreachable. diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 4559aef..a9f303d 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -1,2 +1,2 @@ --- -ansible_managed: "Managed by ansible - do not edit. Source: ssh://forgejo@forge.tail8d86e.ts.net/eblume/blumeops.git" +ansible_managed: "Managed by ansible - do not edit. Source: ssh://forgejo@forge.ops.eblu.me:2222/eblume/blumeops.git" diff --git a/ansible/roles/alloy/defaults/main.yml b/ansible/roles/alloy/defaults/main.yml index afb14e7..4f0b777 100644 --- a/ansible/roles/alloy/defaults/main.yml +++ b/ansible/roles/alloy/defaults/main.yml @@ -10,7 +10,7 @@ # Build on dev machine (gilbert), then copy to indri: # # 1. Clone from forge mirror: -# git clone ssh://forgejo@forge.tail8d86e.ts.net/eblume/alloy.git ~/code/3rd/alloy +# git clone ssh://forgejo@forge.ops.eblu.me:2222/eblume/alloy.git ~/code/3rd/alloy # # 2. Set up build tools via mise: # cd ~/code/3rd/alloy && mise use go@1.25 node yarn diff --git a/argocd/manifests/tailscale-operator/README.md b/argocd/manifests/tailscale-operator/README.md index 44c5089..ee8ce1e 100644 --- a/argocd/manifests/tailscale-operator/README.md +++ b/argocd/manifests/tailscale-operator/README.md @@ -86,5 +86,5 @@ kubectl logs -n tailscale -l app.kubernetes.io/name=operator annotations: tailscale.com/proxy-class: "default" ``` -- The egress proxy for forge targets `indri.tail8d86e.ts.net` directly (not `forge.tail8d86e.ts.net`) - because Tailscale Serve hostnames are virtual and only work via the Tailscale client. +- The egress proxy for forge is **deprecated**. Forge is now accessible via Caddy at + `forge.ops.eblu.me` (HTTPS) and `forge.ops.eblu.me:2222` (SSH), which pods can reach directly. diff --git a/argocd/manifests/tailscale-operator/egress-forge.yaml b/argocd/manifests/tailscale-operator/egress-forge.yaml index 8705eea..4dc982b 100644 --- a/argocd/manifests/tailscale-operator/egress-forge.yaml +++ b/argocd/manifests/tailscale-operator/egress-forge.yaml @@ -1,7 +1,10 @@ -# Egress proxy to expose Forgejo (forge) to the cluster -# Forge runs on indri:3001, exposed via Tailscale Serve as forge.tail8d86e.ts.net -# We target indri directly since egress can't reach Tailscale Serve hostnames +# DEPRECATED: This egress proxy is no longer needed. +# Forge is now accessible via Caddy at forge.ops.eblu.me (HTTPS) and +# forge.ops.eblu.me:2222 (SSH), which pods can reach directly. # +# Keeping this file for reference during migration. Remove once verified. +# +# Original purpose: Egress proxy to expose Forgejo (forge) to the cluster # See: https://tailscale.com/kb/1438/kubernetes-operator-cluster-egress --- apiVersion: v1 diff --git a/containers/nettest/test-connectivity.sh b/containers/nettest/test-connectivity.sh index d1fb6e4..e97f417 100644 --- a/containers/nettest/test-connectivity.sh +++ b/containers/nettest/test-connectivity.sh @@ -14,8 +14,8 @@ echo "Hostname: $(hostname)" echo "" # Test targets -FORGE_HOST="forge.tail8d86e.ts.net" -REGISTRY_HOST="registry.tail8d86e.ts.net" +FORGE_HOST="forge.ops.eblu.me" +REGISTRY_HOST="registry.ops.eblu.me" test_dns() { local host="$1" diff --git a/mise-tasks/container-tag-and-release b/mise-tasks/container-tag-and-release index 6f37d4e..2b3653e 100755 --- a/mise-tasks/container-tag-and-release +++ b/mise-tasks/container-tag-and-release @@ -71,4 +71,4 @@ echo "The workflow will now build and push:" echo " registry.tail8d86e.ts.net/$IMAGE:$VERSION" echo "" echo "Monitor the build at:" -echo " https://forge.tail8d86e.ts.net/eblume/blumeops/actions" +echo " https://forge.ops.eblu.me/eblume/blumeops/actions" diff --git a/mise-tasks/indri-runner-logs b/mise-tasks/indri-runner-logs index 0240405..a61454a 100755 --- a/mise-tasks/indri-runner-logs +++ b/mise-tasks/indri-runner-logs @@ -12,7 +12,7 @@ if [[ -z "$RUN_ID" ]]; then echo "Only works for runs executed by the indri-host-runner." echo "" echo "Recent runs:" - curl -sf "https://forge.tail8d86e.ts.net/api/v1/repos/eblume/blumeops/actions/tasks" | \ + curl -sf "https://forge.ops.eblu.me/api/v1/repos/eblume/blumeops/actions/tasks" | \ jq -r '.workflow_runs[:10] | .[] | " \(.id)\t\(.status)\t\(.workflow_id)\t\(.display_title | .[0:50])"' exit 1 fi diff --git a/mise-tasks/indri-services-check b/mise-tasks/indri-services-check index a6b6944..f89d506 100755 --- a/mise-tasks/indri-services-check +++ b/mise-tasks/indri-services-check @@ -70,7 +70,7 @@ check_http "Prometheus" "https://prometheus.tail8d86e.ts.net/-/healthy" check_http "Loki" "https://loki.tail8d86e.ts.net/ready" check_http "Grafana" "https://grafana.tail8d86e.ts.net/api/health" check_http "ArgoCD" "https://argocd.tail8d86e.ts.net/healthz" -check_http "Forgejo" "https://forge.tail8d86e.ts.net/" +check_http "Forgejo" "https://forge.ops.eblu.me/" check_http "Zot Registry" "https://registry.tail8d86e.ts.net/v2/_catalog" check_http "Kiwix" "https://kiwix.tail8d86e.ts.net/" check_http "Miniflux" "https://feed.tail8d86e.ts.net/healthcheck" diff --git a/mise-tasks/pr-comments b/mise-tasks/pr-comments index be8d25b..933f432 100755 --- a/mise-tasks/pr-comments +++ b/mise-tasks/pr-comments @@ -20,7 +20,7 @@ import httpx from rich.console import Console from rich.text import Text -FORGE_API_BASE = "https://forge.tail8d86e.ts.net/api/v1" +FORGE_API_BASE = "https://forge.ops.eblu.me/api/v1" REPO_OWNER = "eblume" REPO_NAME = "blumeops"