C1: migrate homepage dashboard from minikube to ringtail (nix-built amd64) #348

Merged

eblume merged 2 commits from homepage-to-ringtail into main

2026-05-10 20:40:34 -07:00

eblume commented

2026-05-10 20:37:57 -07:00

Owner

Summary

Move the homepage dashboard off minikube (indri/arm64) onto ringtail's k3s
(amd64) to relieve indri pressure, and switch the container build from a
hand-written Dockerfile to a nix derivation adapted from nixpkgs
homepage-dashboard.

Pinned to v1.11.0 (current production version).

Changes

containers/homepage/default.nix (new): adapts the upstream nixpkgs
derivation to fetch from our forge mirror, includes the upstream Next.js
file-system-cache patches (nixpkgs issues #328621 and #458494 — without
these, prerender state breaks after restart). Wrapped with
dockerTools.buildLayeredImage.
containers/homepage/Dockerfile (deleted): replaced by nix.
argocd/apps/homepage.yaml: destination changed from
kubernetes.default.svc → https://ringtail.tail8d86e.ts.net:6443.
argocd/manifests/homepage/kustomization.yaml: image tag bumped to
v1.11.0-b87f62e-nix (built and verified amd64).
argocd/manifests/homepage/services.yaml: reworked for the
autodiscovery shift between clusters (see below).

Autodiscovery shift

Homepage's k8s integration (mode: cluster) discovers Ingresses with
gethomepage.dev/* annotations within its own cluster. Moving clusters
swaps which services autodiscover.

Lost (now manual): ArgoCD, Immich, Kiwix, Mealie, Miniflux (with widget),
Grafana (with widget), Prometheus, Navidrome (with widget), Paperless,
TeslaMate, Transmission. All widgets preserved verbatim.

Gained (now autodiscovered): Frigate→NVR, Authentik, Ntfy, Ollama. Their
prior manual entries (NVR, Authentik, Ntfy) were removed from services.yaml
to avoid duplicates.

A new "Content" group was added for Immich/Kiwix/Miniflux to preserve their
prior grouping.

Cutover plan (post-merge)

Sync apps ArgoCD application from main to pick up the destination change.
ArgoCD will start syncing homepage on ringtail. The new Tailscale Ingress
will try to register hostname go — but indri's tailscale operator
currently owns it. Expect the new device to fail or get a -1 suffix
until the old one is freed.
Delete the old homepage application state on minikube:
kubectl --context=minikube-indri delete namespace homepage (this frees
the Tailscale device after a short delay).
Re-sync homepage on ringtail. The Tailscale Ingress should now register
go.tail8d86e.ts.net cleanly.
Verify at https://go.ops.eblu.me — the autodiscovered ringtail services
(NVR/Authentik/Ntfy/Ollama) should populate; the manually-added minikube
services should appear with widgets working.

Brief outage expected during the device handoff.

Test plan

ArgoCD shows homepage healthy on ringtail destination
go.ops.eblu.me loads (Caddy → Tailscale Ingress → ringtail pod)
Autodiscovered services appear: NVR, Authentik, Ntfy, Ollama
Manual services appear with intact widgets: Forgejo, Jellyfin, DJ
(Navidrome), Grafana, Miniflux
Old homepage namespace on minikube is gone
Indri load average drops noticeably

## Summary Move the homepage dashboard off minikube (indri/arm64) onto ringtail's k3s (amd64) to relieve indri pressure, and switch the container build from a hand-written Dockerfile to a nix derivation adapted from nixpkgs `homepage-dashboard`. Pinned to v1.11.0 (current production version). ## Changes - **`containers/homepage/default.nix`** (new): adapts the upstream nixpkgs derivation to fetch from our forge mirror, includes the upstream Next.js file-system-cache patches (nixpkgs issues #328621 and #458494 — without these, prerender state breaks after restart). Wrapped with `dockerTools.buildLayeredImage`. - **`containers/homepage/Dockerfile`** (deleted): replaced by nix. - **`argocd/apps/homepage.yaml`**: destination changed from `kubernetes.default.svc` → `https://ringtail.tail8d86e.ts.net:6443`. - **`argocd/manifests/homepage/kustomization.yaml`**: image tag bumped to `v1.11.0-b87f62e-nix` (built and verified amd64). - **`argocd/manifests/homepage/services.yaml`**: reworked for the autodiscovery shift between clusters (see below). ## Autodiscovery shift Homepage's k8s integration (`mode: cluster`) discovers Ingresses with `gethomepage.dev/*` annotations within its **own** cluster. Moving clusters swaps which services autodiscover. **Lost (now manual):** ArgoCD, Immich, Kiwix, Mealie, Miniflux (with widget), Grafana (with widget), Prometheus, Navidrome (with widget), Paperless, TeslaMate, Transmission. All widgets preserved verbatim. **Gained (now autodiscovered):** Frigate→NVR, Authentik, Ntfy, Ollama. Their prior manual entries (NVR, Authentik, Ntfy) were removed from `services.yaml` to avoid duplicates. A new "Content" group was added for Immich/Kiwix/Miniflux to preserve their prior grouping. ## Cutover plan (post-merge) 1. Sync `apps` ArgoCD application from main to pick up the destination change. 2. ArgoCD will start syncing homepage on ringtail. The new Tailscale Ingress will try to register hostname `go` — but indri's tailscale operator currently owns it. Expect the new device to fail or get a `-1` suffix until the old one is freed. 3. Delete the old homepage application state on minikube: `kubectl --context=minikube-indri delete namespace homepage` (this frees the Tailscale device after a short delay). 4. Re-sync homepage on ringtail. The Tailscale Ingress should now register `go.tail8d86e.ts.net` cleanly. 5. Verify at https://go.ops.eblu.me — the autodiscovered ringtail services (NVR/Authentik/Ntfy/Ollama) should populate; the manually-added minikube services should appear with widgets working. Brief outage expected during the device handoff. ## Test plan - [ ] ArgoCD shows homepage healthy on ringtail destination - [ ] `go.ops.eblu.me` loads (Caddy → Tailscale Ingress → ringtail pod) - [ ] Autodiscovered services appear: NVR, Authentik, Ntfy, Ollama - [ ] Manual services appear with intact widgets: Forgejo, Jellyfin, DJ (Navidrome), Grafana, Miniflux - [ ] Old `homepage` namespace on minikube is gone - [ ] Indri load average drops noticeably

eblume added 2 commits

2026-05-10 20:37:58 -07:00

C1: nix-build homepage container for amd64 ringtail migration b87f62e0f5

Replace Dockerfile (arm64-only, indri-built) with a nix derivation
adapted from nixpkgs pkgs/by-name/ho/homepage-dashboard. Built via the
nix-container-builder runner on ringtail, producing an amd64 image
suitable for k3s.

Includes the upstream Next.js file-system-cache patch to avoid
prerender cache write failures on a read-only nix store path
(nixpkgs issues #328621 and #458494).

Pinned to v1.11.0 (current production version).

C1: migrate homepage dashboard to ringtail k3s be54cc3411

Repoint the ArgoCD Application destination from minikube to ringtail and
bump the image tag to the new amd64 nix-built v1.11.0-b87f62e-nix.

Rework services.yaml for the autodiscovery shift: 11 services that
previously auto-populated via minikube Ingress annotations (ArgoCD,
Immich, Kiwix, Mealie, Miniflux, Grafana, Prometheus, Navidrome,
Paperless, TeslaMate, Transmission) become explicit static entries with
their widget configs preserved. Conversely, the ringtail services that
will now auto-populate (Frigate/NVR, Authentik, Ntfy) are removed from
the static list to avoid duplicates; Ollama becomes newly visible.

Add a Content group for Immich/Kiwix/Miniflux which previously lived
under the autodiscovered "Content" group from annotations.