Erich Blume
14ca0160ba
## Summary Devpi was crash-looping under memory pressure on the minikube StatefulSet, breaking the Python toolchain across the repo (`mise run docs-mikado`, `prek`, every `uv pip install`). It moves to indri as a native LaunchAgent. ## What changed - **New ansible role** `ansible/roles/devpi/`: installs `devpi-server` + `devpi-web` into a uv-managed venv, initializes the server-dir on first run via 1Password root password, runs as a LaunchAgent (`mcquack.eblume.devpi`) bound to `127.0.0.1:3141`. Bootstraps from upstream PyPI (so devpi can install itself on a fresh box). - **Caddy**: `pypi.ops.eblu.me` now proxies to `http://localhost:3141`. - **Playbook**: `indri.yml` gains pre_tasks for the root password and the new role. - **service-versions.yaml**: devpi flipped from `type: argocd` to `type: ansible`. - **ArgoCD**: removed `apps/devpi.yaml` and `manifests/devpi/`. The in-cluster Application, namespace, and PVC have been deleted. - **Docs**: new how-to `docs/how-to/operations/devpi-on-indri.md`; `restart-indri.md` lists devpi in the LaunchAgent stop list. ## Already deployed (live on indri) - Service running: `launchctl list mcquack.eblume.devpi` → PID 53888 - `curl https://pypi.ops.eblu.me/+api` returns 200 ✅ - `mise run docs-mikado` works again ✅ - 1.0G of cached PyPI data was migrated from the PVC to `~erichblume/devpi/server-dir/` - Minikube namespace and PVC fully reclaimed ## Test plan - [ ] `mise run services-check` (after merge) - [ ] CI workflows that use devpi succeed - [ ] No regressions in tools that depend on `pypi.ops.eblu.me` (prek, uv-script tasks, dagger pipelines) ## Context This is the C1 prelude to a planned C2 chain (`mikado/retire-minikube-indri`) to retire minikube on indri entirely. Doing devpi as a standalone C1 was the right call because (a) it was urgent — it was breaking the toolchain — and (b) it shakes out the migration recipe before we commit to a multi-leaf chain. Reviewed-on: #341 |
||
|---|---|---|
| .. | ||
| 1password-connect | ||
| alloy-k8s | ||
| alloy-ringtail | ||
| alloy-tracing-ringtail | ||
| argocd | ||
| authentik | ||
| cloudnative-pg | ||
| cv | ||
| databases | ||
| docs | ||
| external-secrets | ||
| forgejo-runner | ||
| frigate | ||
| grafana | ||
| grafana-config | ||
| homepage | ||
| immich | ||
| kingfisher | ||
| kiwix | ||
| kube-state-metrics | ||
| kube-state-metrics-ringtail | ||
| loki | ||
| mealie | ||
| miniflux | ||
| navidrome | ||
| ntfy | ||
| nvidia-device-plugin | ||
| ollama | ||
| paperless | ||
| prometheus | ||
| prowler | ||
| tailscale-operator | ||
| tailscale-operator-base | ||
| tailscale-operator-ringtail | ||
| tempo | ||
| teslamate | ||
| torrent | ||
| unpoller | ||