Add initial infrastructure and backup scripts for Gitea and homelab deployment
- Create README.md with project layout and quick start instructions - Implement backup scripts for Gitea, including database and repository exports - Add systemd service and timer for automated Gitea backups - Develop bootstrap scripts for homelab and VPS setup - Document architecture and restore procedures - Configure Caddy reverse proxy and Docker Compose for service management - Establish secrets management guidelines
This commit is contained in:
32
docs/ARCHITECTURE.md
Normal file
32
docs/ARCHITECTURE.md
Normal file
@@ -0,0 +1,32 @@
|
||||
# Architecture
|
||||
|
||||
## Model
|
||||
|
||||
- VPS is public edge (Caddy + VPN client).
|
||||
- Homelab hosts internal application stacks.
|
||||
- Traffic path: Internet -> VPS Caddy -> VPN -> homelab service.
|
||||
|
||||
## State Conventions
|
||||
|
||||
- `/srv/ops` cloned repo
|
||||
- `/srv/secrets` decrypted runtime secrets (not committed)
|
||||
- `/srv/data/<stack>` persistent bind mounts
|
||||
- `/srv/backups` backup artifacts
|
||||
|
||||
## Deployment Order
|
||||
|
||||
1. Edge bootstrap on VPS
|
||||
2. Homelab bootstrap
|
||||
3. Bring up proxy/network dependencies
|
||||
4. Bring up core stacks (gitea, db)
|
||||
5. Bring up secondary stacks (kuma, apps)
|
||||
|
||||
## Bootstrap Paradox Mitigation
|
||||
|
||||
Because ops is hosted on Gitea inside the homelab, bootstrap uses three repo sources:
|
||||
|
||||
1. Primary Gitea repo
|
||||
2. Optional fallback mirror (secondary git host)
|
||||
3. Local git bundle backup (`/srv/backups/ops/latest/ops.bundle`)
|
||||
|
||||
Nightly backups include both full Gitea backups and standalone repo exports/bundles.
|
||||
25
docs/RESTORE.md
Normal file
25
docs/RESTORE.md
Normal file
@@ -0,0 +1,25 @@
|
||||
# Restore Runbook
|
||||
|
||||
## VPS Restore
|
||||
|
||||
1. Provision host and SSH access.
|
||||
2. Ensure `ops.bundle` exists at `/srv/backups/ops/latest/ops.bundle` (or set `OPS_BUNDLE_PATH`).
|
||||
3. Run `bootstrap/vps.sh`.
|
||||
4. Confirm VPN up and Caddy healthy.
|
||||
5. Validate DNS + TLS endpoints.
|
||||
|
||||
## Homelab Restore
|
||||
|
||||
1. Provision host and SSH access.
|
||||
2. Ensure `ops.bundle` exists at `/srv/backups/ops/latest/ops.bundle` (or set `OPS_BUNDLE_PATH`).
|
||||
3. Run `bootstrap/homelab.sh`.
|
||||
4. Restore data under `/srv/data/*` and `/srv/backups/*` as needed.
|
||||
5. Start stacks with `docker compose up -d` per stack.
|
||||
6. Run health checks and verify service endpoints.
|
||||
|
||||
## Data Priorities
|
||||
|
||||
- Gitea app data + DB dump
|
||||
- Repo mirror exports
|
||||
- Proxy config and certificates
|
||||
- Encrypted secret source files
|
||||
Reference in New Issue
Block a user