Adds vaultwarden, mattermost, nats (leafnode+JetStream), redis,
garage (S3+webui), mediawiki, and the NFS subdir provisioner to
the tracked service list. Remaining-to-deploy list trimmed to
what's actually left.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- Listmonk: newsletter/mailing list manager with PostgreSQL backend,
NodePort 32375, Postmark SMTP. Replaces Ghost's broken Mailgun-only
newsletter sending via n8n automation pipeline.
- Mattermost: team messaging manifest, NodePort 32374, PostgreSQL backend.
- Ghost: added Postmark SMTP config for transactional email, disabled
staffDeviceVerification on all three instances (Ghost has no TOTP,
only email-based verification which requires working SMTP).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replaced Headscale (too buggy in 0.28.x — random node drops) with direct
WireGuard hub-and-spoke + full mesh. 7 Proxmox VMs across 3 hosts form a
K3s v1.34.6 cluster: 3 control-plane/etcd nodes, 4 workers.
Running services: postgres, mariadb, ghost (x3), forgejo, authentik.
All unpinned services use local-path StorageClass. Databases pinned to
pve-worker and adder-worker with local PVs.
Includes VM provisioning scripts (create-debian-template.sh, clone-vm.sh),
K3s manifests for all services, and full deployment docs in k3s/README.md.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
