From 0f2da47321fbcd4acae3c3e56c76f467d813ece7 Mon Sep 17 00:00:00 2001 From: Kenneth Reitz Date: Fri, 5 Jun 2026 02:29:07 -0400 Subject: [PATCH] Split MinIO into media + infra-backup instances; add Gitea - photos minio -> media.kennethreitz.org (media-minio console) - new infra project: minio-backups on s3.kennethreitz.org (Dokploy backup destination), gitea on git.kennethreitz.org mirroring all github.com/kennethreitz repos every 8h - note the compose-domains-are-deploy-time-labels gotcha Co-Authored-By: Claude Opus 4.8 (1M context) --- docs/inventory.md | 48 ++++++++++++++++++++++++++++++++++++----------- 1 file changed, 37 insertions(+), 11 deletions(-) diff --git a/docs/inventory.md b/docs/inventory.md index 90d3754..e5d967b 100644 --- a/docs/inventory.md +++ b/docs/inventory.md @@ -180,25 +180,51 @@ Redeploy: `scripts/api.sh application.deploy '{"applicationId":"arptPVNJZU0SIsk7 Redeploy: `scripts/api.sh compose.deploy '{"composeId":"WICLbVwy5JEbHz2SPb4tR"}'` -#### Compose: minio (in the photos project) +#### Compose: minio (photos media store) -> MinIO object storage — S3-compatible, self-hosted. Lives in the photos project -> (it's primarily photos' media store) but also serves as the Dokploy backup target. +> MinIO for photo media. Lives in the photos project. A *separate* MinIO in the +> infra project handles backups — see below. | | | |---|---| | Compose ID | `UK8pWczw8d9GSmyLjZJiP` (appName `minio-q3xgqx`, sourceType raw, env `production` of photos) | -| S3 API | https://s3.kennethreitz.org (container port 9000) | -| Console | https://minio.kennethreitz.org (container port 9001) | +| S3 API | https://media.kennethreitz.org (container port 9000) | +| Console | https://media-minio.kennethreitz.org (container port 9001) | | Data dir | `/mnt/objects/minio` — bind mount on the 250 GB `mercury-objects` Hetzner volume | | Root user | `exiftree-admin` (password in Dokploy compose env) | -| Buckets | `exiftree-media` (anonymous download enabled), `dokploy-backups` (private) | -| Service account | access key `HU3BA5QMX2AZ67LYSKOQ` (secret in Dokploy destination + app env) | +| Buckets | `exiftree-media` (anonymous download enabled) | +| Service account | access key `HU3BA5QMX2AZ67LYSKOQ` | -Note: this compose was originally its own project; moved under photos 2026-06-05. -Moving a raw compose between projects = delete + recreate; the bind-mounted data -is untouched. Domains and Dokploy backup destination reference the endpoint URL, -so they survive moves unchanged (domains were recreated on the new composeId). +⚠️ Gotcha learned the hard way: Dokploy compose domains are applied as **container +labels at deploy time** — `domain.create`/`delete` alone changes nothing until the +compose is redeployed. Stale labels keep routing the old hostname. + +### infra + +> Infrastructure services (own project) + +#### Compose: minio-backups + +| | | +|---|---| +| Compose ID | `o5LlW9tAugh9K3nf5CTh5` (appName `minio-backups-o5fjyf`, raw) | +| S3 API | https://s3.kennethreitz.org (port 9000) | +| Console | https://minio.kennethreitz.org (port 9001) | +| Data dir | `/mnt/objects/minio-infra` (on the volume) | +| Root user | `infra-admin` (password in Dokploy compose env) | +| Buckets | `dokploy-backups` (private) | +| Service account | access key `6XXKL051TW9ENNKE14DM` (used by the Dokploy destination) | + +#### Compose: gitea + +| | | +|---|---| +| Compose ID | `PV7bUFe4wV-2G1WD8H57e` (appName `gitea-qdogok`, raw) | +| URL | https://git.kennethreitz.org (container port 3000) | +| Git SSH | `git.kennethreitz.org:2222` (host port 2222 → container 22) | +| Data dir | `/var/lib/gitea` (root disk; sqlite DB) | +| Admin | `kennethreitz` (password noted at setup; registration disabled) | +| Mirrors | Pull-mirrors of all github.com/kennethreitz repos (public + private), refreshed every 8h, created via `/api/v1/repos/migrate` with a GitHub token for private clones | ### Backups