Migrate sigvild-gallery to production environment
- Add multi-environment architecture (homelab + production) - Create production environment (mini-vps) for client projects - Create homelab playbook for arch-vps services - Create production playbook for mini-vps services - Move sigvild-gallery from homelab to production - Restructure variables: group_vars/production + host_vars/arch-vps - Add backup-sigvild.yml playbook with auto-restore functionality - Fix restore logic to check for data before creating directories - Add manual variable loading workaround for Ansible 2.20 - Update all documentation for multi-environment setup - Add ADR-007 documenting multi-environment architecture decision
This commit is contained in:
@@ -1127,3 +1127,120 @@ curl -I http://127.0.0.1:9000/
|
||||
3. **Hardcoded GIDs** - Rejected for portability; facts provide dynamic resolution
|
||||
4. **Directory permissions (777)** - Rejected for security; group-based access more restrictive. This is then later changed again to 777, due to Nextcloud switching from root to www-data, breaking group-based permissions.
|
||||
---
|
||||
|
||||
---
|
||||
## ADR-007: Multi-Environment Infrastructure Architecture
|
||||
|
||||
**Date**: December 2025
|
||||
**Status**: Accepted
|
||||
**Context**: Separation of homelab services from production client projects
|
||||
|
||||
### Decision
|
||||
|
||||
Rick-infra will manage two separate environments with different purposes and uptime requirements:
|
||||
|
||||
1. **Homelab Environment** (arch-vps)
|
||||
- Purpose: Personal services and experimentation
|
||||
- Infrastructure: Full stack (PostgreSQL, Valkey, Podman, Caddy)
|
||||
- Services: Authentik, Nextcloud, Gitea
|
||||
- Uptime requirement: Best effort
|
||||
|
||||
2. **Production Environment** (mini-vps)
|
||||
- Purpose: Client projects requiring high uptime
|
||||
- Infrastructure: Minimal (Caddy only)
|
||||
- Services: Sigvild Gallery
|
||||
- Uptime requirement: High availability
|
||||
|
||||
### Rationale
|
||||
|
||||
**Separation of Concerns**:
|
||||
- Personal experiments don't affect client services
|
||||
- Client services isolated from homelab maintenance
|
||||
- Clear distinction between environments in code
|
||||
|
||||
**Infrastructure Optimization**:
|
||||
- Production runs minimal services (no PostgreSQL/Valkey overhead)
|
||||
- Homelab can be rebooted/upgraded without affecting clients
|
||||
- Cost optimization: smaller VPS for production
|
||||
|
||||
**Operational Flexibility**:
|
||||
- Different backup strategies per environment
|
||||
- Different monitoring/alerting levels
|
||||
- Independent deployment schedules
|
||||
|
||||
### Implementation
|
||||
|
||||
**Variable Organization**:
|
||||
```
|
||||
rick-infra/
|
||||
├── group_vars/
|
||||
│ └── production/ # Production environment config
|
||||
│ ├── main.yml
|
||||
│ └── vault.yml
|
||||
├── host_vars/
|
||||
│ └── arch-vps/ # Homelab host config
|
||||
│ ├── main.yml
|
||||
│ └── vault.yml
|
||||
└── playbooks/
|
||||
├── homelab.yml # Homelab deployment
|
||||
├── production.yml # Production deployment
|
||||
└── site.yml # Orchestrates both
|
||||
```
|
||||
|
||||
**Playbook Structure**:
|
||||
- `site.yml` imports both homelab.yml and production.yml
|
||||
- Each playbook manually loads variables (Ansible 2.20 workaround)
|
||||
- Services deploy only to their designated environment
|
||||
|
||||
**Inventory Groups**:
|
||||
```yaml
|
||||
homelab:
|
||||
hosts:
|
||||
arch-vps:
|
||||
ansible_host: 69.62.119.31
|
||||
|
||||
production:
|
||||
hosts:
|
||||
mini-vps:
|
||||
ansible_host: 72.62.91.251
|
||||
```
|
||||
|
||||
### Migration Example
|
||||
|
||||
**Sigvild Gallery Migration** (December 2025):
|
||||
- **From**: arch-vps (homelab)
|
||||
- **To**: mini-vps (production)
|
||||
- **Reason**: Client project requiring higher uptime
|
||||
- **Process**:
|
||||
1. Created backup on arch-vps
|
||||
2. Deployed to mini-vps with automatic restore
|
||||
3. Updated DNS (5 min downtime)
|
||||
4. Removed from arch-vps configuration
|
||||
|
||||
### Consequences
|
||||
|
||||
**Positive**:
|
||||
- Clear separation of personal vs. client services
|
||||
- Reduced blast radius for experiments
|
||||
- Optimized resource usage per environment
|
||||
- Independent scaling and management
|
||||
|
||||
**Negative**:
|
||||
- Increased complexity in playbook organization
|
||||
- Need to manage multiple VPS instances
|
||||
- Ansible 2.20 variable loading requires workarounds
|
||||
- Duplicate infrastructure code (Caddy on both)
|
||||
|
||||
**Neutral**:
|
||||
- Services can be migrated between environments with minimal friction
|
||||
- Backup/restore procedures work across environments
|
||||
- Group_vars vs. host_vars hybrid approach
|
||||
|
||||
### Future Considerations
|
||||
|
||||
- Consider grouping multiple client projects on production VPS
|
||||
- Evaluate if homelab needs full infrastructure stack
|
||||
- Monitor for opportunities to share infrastructure between environments
|
||||
- Document migration procedures for moving services between environments
|
||||
|
||||
---
|
||||
|
||||
Reference in New Issue
Block a user