Journal

What Changed # Pinned Graylog’s JVM heap to 1GB by adding explicit GRAYLOG_SERVER_JAVA_OPTS to docker-compose.yml: 1 GRAYLOG_SERVER_JAVA_OPTS: "-Xms1g -Xmx1g -XX:NewRatio=1 -server -XX:+UseG1GC" Why # Noticed high memory usage on the Graylog VM. JVM ergonomics was auto-allocating ~2GB for Graylog, leaving insufficient RAM for OS filesystem cache. OpenSearch query performance suffers without cache headroom.

What Changed # Upgraded the Graylog logging stack: Graylog: 6.x → 7.0.3 MongoDB: 6.x → 7.0 Why # Graylog 7 brings improved dashboard performance, better pipeline rule debugging, and updated API. MongoDB 7.0 is the new LTS release with better aggregation performance. Details # Service: Graylog (Log-Server VM) Method: Updated version tags in docker-compose.yml, deployed via Portainer Downtime: ~5 minutes during container recreation Key changes in Graylog 7:

What Changed # Upgraded Watchtower notifications from plain text to Discord embeds using Shoutrrr URL parameters: Added colored sidebar (green for updates) Suppressed noisy startup messages Cleaner, more readable notifications Why # Plain text Watchtower notifications were hard to scan in busy Discord channels. Embeds provide visual structure and color-coding.

What Changed # Added Ansible playbooks to Semaphore for automated Proxmox cluster power management: Night Sleep: Gracefully shuts down non-essential VMs/LXCs at night Day On: Wakes up the cluster in the morning Scheduled via Semaphore cron Why # Running all VMs 24/7 wastes power when they’re not needed. Automated scheduling reduces energy costs and wear on hardware.

What Changed # Added three Ansible playbooks to Semaphore for managing Caddy reverse proxy domains: Add Domain: Creates new reverse proxy entry on both HA nodes Remove Domain: Removes domain from both nodes List Domains: Shows all configured domains across the cluster Why # Manual Caddy config edits were error-prone and required SSH to both nodes. Semaphore templates provide a UI for common operations with built-in validation.