2025-10-14 - 2026-04-14
Overview
112 Pull requests merged by 1 user
Merged
#130 fix: ignore stale SSH host keys for ephemeral homelab VMs
Merged
#129 fix: keep DHCP enabled by default on template VM
Merged
#128 stage
Merged
#127 fix: enable cloud-init networking in NixOS template
Merged
#126 fix: wait for SSH readiness after VM provisioning
Merged
#125 ci: speed up Terraform destroy plan by skipping refresh
Merged
#124 fix: vendor Flannel manifest and harden CNI bootstrap timing
Merged
#123 fix: add mount utility to kubelet service PATH
Merged
#122 debug: print detailed Flannel pod diagnostics on rollout timeout
Merged
#121 stage
Merged
#120 fix: point Cilium directly at API server and print rollout diagnostics
Merged
#119 fix: stabilize Cilium install defaults and add rollout diagnostics
Merged
#118 fix: hard-reset nodes before kubeadm join retries
Merged
#117 fix: add heuristic SSH inventory fallback for generic hostnames
Merged
#116 fix: wait for Cilium and node readiness before marking bootstrap success
Merged
#115 fix: add join preflight ignores for homelab control planes
Merged
#114 fix: require kubelet kubeconfig before starting service
Merged
#113 stage
Merged
#112 stage
Merged
#111 fix: recover from kubeadm CRISocket node-registration race
Merged
#110 fix: use kubeadm v1beta4 list format for kubeletExtraArgs
Merged
#109 fix: hard reset kubelet identity before kubeadm init
Merged
#108 fix: pin kubeadm init node identity to flake hostname
Merged
#107 fix: force fresh kubeadm init after rebuild and make kubelet enable-able
Merged
#106 fix: force fresh bootstrap stages after rebuild and stabilize join node identity
Merged
#105 fix: map SSH-discovered nodes by VMID when hostnames are generic
Merged
#104 fix: make SSH inventory discovery more reliable on CI
Merged
#103 fix: run Cilium install with sudo and explicit kubeconfig
Merged
#102 fix: ensure kubelet is enabled for kubeadm init node registration
Merged
#101 fix: rebuild nodes by default on reconcile
Merged
#100 fix: use valid kube-vip log flag value
Merged
#99 refactor: add Python bootstrap controller with resumable state
Merged
#98 fix: preserve kube-vip mount path and only swap hostPath to super-admin
Merged
#97 fix: bootstrap kube-vip without leader election
Merged
#96 fix: run kube-vip in control-plane-only mode during bootstrap
Merged
#95 stage
Merged
#94 fix: stabilize kubeadm bootstrap and reduce Proxmox plan latency
Merged
#93 fix: run kube-vip daemon before kubeadm init
Merged
#92 fix: skip kubeadm wait-control-plane phase, wait for VIP manually
Merged
#91 fix: add image pre-pull and debug output for kubeadm init
Merged
#90 fix: disable webhook authz and clean stale kubelet configs
Merged
#89 fix: disable kubelet webhook auth in kubeadm init config
Merged
#88 fix: kubelet directories and containerd readiness
Merged
#87 fix: remove kubelet ConditionPathExists, add daemon-reload
Merged
#86 fix: mask kubelet before rebuild, unmask in kubeadm helpers
Merged
#85 fix: prevent kubelet auto-start during rebuild
Merged
#84 fix: disable lingering kubelet service before node rebuild
Merged
#83 fix: stop auto-enabling kubelet during base node rebuild
Merged
#82 fix: gate kubelet startup until kubeadm config exists
Merged
#81 fix: align kubelet systemd unit with kubeadm flags
Merged
#80 fix: ignore kubeadm HTTPProxyCIDR preflight in homelab workflow
Merged
#79 fix: run kubeadm init/reset with clean environment
Merged
#78 fix: harden kubeadm scripts for proxy and preflight issues
Merged
#77 fix: avoid sudo env loss for kube-vip image reference
Merged
#76 fix: correctly propagate remote command exit status
Merged
#75 chore: trigger workflows
Merged
#74 fix: require admin kubeconfig before skipping cp init
Merged
#73 fix: make cp-1 init detection and join token generation robust
Merged
#72 fix: recover when admin kubeconfig is missing on primary control plane
Merged
#71 fix: use admin kubeconfig for final cluster node check
Merged
#70 feat: add SSH-based fallback for kubeadm IP inventory
Merged
#69 fix: retry kubeadm inventory generation until VM IPs appear
Merged
#68 fix: fail fast when terraform node IP outputs are empty
Merged
#67 fix: auto-detect kube-vip interface and tighten SSH fallback
Merged
#66 stage
Merged
#65 fix: avoid in-place VM updates on unreliable provider
Merged
#64 perf: speed up first bootstrap with fast-mode defaults
Merged
#63 feat: convert template-base into k8s-ready VM template
Merged
#62 fix: restore use-remote-sudo for nixos-rebuild compatibility
Merged
#61 fix: preserve terraform PATH in destroy plan retry
Merged
#60 fix: enable nix-command for remote gc and use --sudo
Merged
#59 stage
Merged
#58 stage
Merged
#57 fix: force bash for remote kubeadm commands
Merged
#56 fix: preconfigure remote nix trusted-users before rebuild
Merged
#55 stage
Merged
#54 fix: ignore recurrent Proxmox cloud-init drift fields
Merged
#53 fix: allow required VM reboots and serialize apply
Merged
#52 fix: ignore cloud-init ssh drift on existing VMs
Merged
#51 fix: repair SSH key step quoting in workflows
Merged
#50 fix: support base64 SSH private keys in workflows
Merged
#49 fix: normalize escaped SSH private key secrets
Merged
#48 fix: prefer SSH_KEY_PRIVATE and validate keypair fingerprint
Merged
#47 fix: force explicit SSH identity for kubeadm remote operations
Merged
#46 fix: preseed known_hosts for kubeadm SSH operations
Merged
#45 fix: avoid PATH override that hides bash on runners
Merged
#44 fix: load nix profile from root path on act runners
Merged
#43 fix: add nixbld users as explicit group members
Merged
#42 fix: provision nixbld users for root nix install
Merged
#41 fix: create /nix when installing nix on root runners
Merged
#40 stage
Merged
#39 stage
Merged
#38 stage
Merged
#37 update: set wk-3 worker cores to 4
Merged
#36 fix: harden destroy workflow and recover state push
Merged
#35 fix: harden apply workflow for gitea runner
Merged
#34 fix: remove proxmox snippet dependency for cloud-init
Merged
#33 stage
Merged
#32 chore: disable VM tailscale bootstrap for now
Merged
#31 fix: make cloud-init tailscale bootstrap resilient
Merged
#30 refactor: move tailscale join fully into cloud-init
Merged
#29 fix: use POST for Proxmox guest agent ping endpoint
Merged
#28 stage
Merged
#27 stage
Merged
#26 stage
Merged
#25 fix: make tailscale enrollment resilient when guest agent is unavailable
Merged
#24 fix: parse terraform output JSON robustly in enroll step
Merged
#23 feat: enroll tailscale via Proxmox guest agent by VMID
Merged
#22 fix: make tailscale enrollment clone-safe and hostname-aware
Merged
#21 fix: align VM boot disk and add Terraform safety workflows
Merged
#20 stage
Merged
#19 stage