# Changelog
## 2026-01-19 (NetBox Deployment)
- [SERVICE] NetBox DCIM/IPAM deployed - netbox.xtrm-lab.org - COMPLETED
- [SERVICE] netbox-postgres: PostgreSQL 16 Alpine, dedicated database
- [SERVICE] netbox-redis: Redis 7 Alpine, background tasks
- [SERVICE] netbox-redis-cache: Redis 7 Alpine, caching
- [SERVICE] netbox-worker: RQ worker for background jobs
- [SERVICE] netbox-housekeeping: Daily housekeeping tasks
- [NETWORK] Created dedicated 'netbox' Docker network (172.24.0.0/16)
- [TRAEFIK] Added route for netbox.xtrm-lab.org with Authentik forward-auth
- [DNS] DNS record for netbox.xtrm-lab.org pre-configured
- [CREDS] Admin user: admin / M0stW4nt3d@xtrm


## 2026-01-18

- [PHASE 1] DNS Portability - COMPLETED
  - Added DoH route to Traefik dynamic.yml (doh.xtrm-lab.org)
  - Verified DoH endpoint working with ad-blocking
  - Updated verification checklist - all items complete
  - Fixed hostname in docs: dns.xtrm-lab.org → doh.xtrm-lab.org
  - Updated nebula-sync status: unhealthy → healthy
- [SERVICE] DoH-Server: Now routed via Traefik at doh.xtrm-lab.org
- [SERVICE] stunnel-dot: Confirmed running for DoT on port 853
- [ISSUE] Certificate renewal failing - Cloudflare API token needs Zone:DNS:Edit permission (certs expire Feb 11, 2026)
- [PHASE 1] DNS Redundancy verified:
  - 2x Pi-hole: MikroTik (172.17.0.2) + Unraid (192.168.31.4)
  - 2x Unbound: MikroTik (172.17.0.3) + Unraid (192.168.31.5)
  - nebula-sync: Healthy, syncing every 5 minutes
  - NAT rules: Properly configured for failover
  - Added DNS Redundancy Architecture section to Phase 1 doc
- [DOC] Rewrote 01-PHASE1-DNS-PORTABILITY.md - removed implementation guides, kept only current state

## 2026-01-18
- [INFRA] Updated static IP proposal: dockersocket→172.18.0.2, traefik→172.18.0.3, vaultwarden→172.18.0.15
- [INFRA] Static IP assignment for critical services - COMPLETED

## 2026-01-18 (Phase 7 Deployment)
- [PHASE 7] Gitea deployed - git.xtrm-lab.org - COMPLETED
- [PHASE 7] Woodpecker CI Server deployed - ci.xtrm-lab.org - COMPLETED  
- [PHASE 7] Woodpecker CI Agent deployed and connected - COMPLETED
- [SERVICE] gitea: PostgreSQL database (gitea_db) created
- [SERVICE] woodpecker-server: Port 8008, OAuth via Gitea
- [SERVICE] woodpecker-agent: Connected to server, 2 parallel workflows
- [DNS] Added git.xtrm-lab.org and ci.xtrm-lab.org A records

## 2026-01-18 (Woodpecker Update)
- [PHASE 7] Woodpecker Server updated to v3.13.0
- [PHASE 7] Woodpecker Agent updated to v3.13.0
- [SERVICE] Fixed SQLite database permissions for migration
- [CI] First pipeline test successful (infrastructure repo)

## 2026-01-18 (Documentation Migration)
- [DOCS] Infrastructure documentation migrated to Git (git.xtrm-lab.org/jazzymc/infrastructure)
- [DOCS] Updated local CLAUDE.md to point to Git repo
- [DOCS] Updated Unraid CLAUDE.md to point to Git repo
- [PHASE 7] Phase 7 fully completed - GitOps workflow operational