update image

Update renovate/renovate Docker tag to v38 (#62 )
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-19 16:41:19 -05:00 · 2024-08-19 16:40:33 -05:00 · 2024-08-19 16:40:16 -05:00 · 2024-08-19 15:31:01 -05:00 · 2024-07-08 12:09:29 -05:00 · 2024-07-04 22:52:02 -05:00
155 changed files with 319 additions and 6098 deletions
--- a/.github/renovate-update-notification/Dockerfile
+++ b/.github/renovate-update-notification/Dockerfile
@@ -1,2 +1,2 @@
 # This file is processed by Renovate bot so that it creates a PR on new major Renovate versions
-FROM renovate/renovate:37
+FROM renovate/renovate:38
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -5,7 +5,7 @@
        "mergeConfidence:all-badges",
        ":rebaseStalePrs"
    ],
-    "timezone": "US/Mountain",
+    "timezone": "US/Central",
    "schedule": [
        "every weekday"
    ],
@@ -39,70 +39,22 @@
            "automerge": false
        },
        {
-            "description": "Label service images",
+            "description": "Label images",
            "matchPackageNames": [
                "ghcr.io/alex1989hu/kubelet-serving-cert-approver",
                "ghcr.io/cloudnative-pg/postgresql",
                "redis/redis-stack-server"
            ],
            "matchDatasources": [
                "docker"
            ],
            "addLabels": [
                "service",
                "image"
            ],
            "automerge": false,
            "minimumReleaseAge": "3 days"
        },
        {
-            "description": "Label service charts",
+            "description": "Label charts",
            "matchPackageNames": [
                "elasticsearch",
                "redis"
            ],
            "matchDatasources": [
                "helm"
            ],
            "addLabels": [
                "serivce",
                "chart"
            ],
            "automerge": false,
            "minimumReleaseAge": "3 days"
        },
        {
            "description": "Label application images",
            "matchPackageNames": [
                "bbilly1/tubearchivist-jf",
                "bbilly1/tubearchivist",
                "freshrss/freshrss",
                "ghcr.io/gethomepage/homepage",
                "homeassistant/home-assistant",
                "linuxserver/calibre",
                "linuxserver/code-server",
                "linuxserver/cops",
                "outlinewiki/outline",
                "rmcrackan/libation"
            ],
            "matchDatasources": [
                "docker"
            ],
            "addLabels": [
                "application",
                "image"
            ],
            "automerge": false,
            "minimumReleaseAge": "3 days"
        },
        {
            "description": "Label application charts",
            "matchPackageNames": [],
            "matchDatasources": [
                "helm"
            ],
            "addLabels": [
                "application",
                "chart"
            ],
            "automerge": false,
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,6 @@
 # Archived
 charts/**/archive
 # Compiled Helm chart dependencies
 charts/**/Chart.lock
 charts/**/charts/
--- a/charts/calibre-server/Chart.yaml
+++ b/charts/calibre-server/Chart.yaml
@@ -1,13 +0,0 @@
 apiVersion: v2
 name: calibre-server
 version: 0.0.6
 description: Chart for Calibre content database
 keywords:
  - media
  - books
 sources:
  - https://github.com/kovidgoyal/calibre
 maintainers:
  - name: alexlebens
 icon: https://raw.githubusercontent.com/kovidgoyal/calibre/master/resources/images/lt.png
 appVersion: 7.5.1
--- a/charts/calibre-server/README.md
+++ b/charts/calibre-server/README.md
@@ -1,18 +0,0 @@
 ## Introduction
 [Calibre](https://calibre-ebook.com/)
 calibre is an e-book manager. It can view, convert, edit and catalog e-books in all of the major e-book formats. It can also talk to e-book reader devices. It can go out to the internet and fetch metadata for your books. It can download newspapers and convert them into e-books for convenient reading.
 This chart bootstraps a [Calibre](https://github.com/home-assistant) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 ## Prerequisites
 - Kubernetes
 - Helm
 - Traefik v2 / IngressRoute
 - Authentik / Auth
 ## Parameters
 See the [values files](values.yaml).
--- a/charts/calibre-server/templates/deployment.yaml
+++ b/charts/calibre-server/templates/deployment.yaml
@@ -1,83 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: calibre-server
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: calibre-server
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  revisionHistoryLimit: 3
  replicas: {{ .Values.deployment.replicas }}
  strategy:
    type: {{ .Values.deployment.strategy }}
  selector:
    matchLabels:
      app.kubernetes.io/name: calibre-server
      app.kubernetes.io/instance: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app.kubernetes.io/name: calibre-server
        app.kubernetes.io/instance: {{ .Release.Name }}
    spec:
      serviceAccountName: calibre-server
      automountServiceAccountToken: true
      containers:
        - name: calibre-server
          image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
          imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.http.port }}
              protocol: TCP
            - name: content
              containerPort: {{ .Values.service.content.port }}
              protocol: TCP
          env:
          {{- range $k,$v := .Values.deployment.env }}
            - name: {{ $k }}
              value: {{ $v | quote }}
          {{- end }}
          {{- with .Values.deployment.envFrom }}
          envFrom:
            {{- toYaml . | nindent 12 }}
          {{- end }}
          volumeMounts:
            - mountPath: /config
              name: calibre-server-config
            - mountPath: /books
              name: calibre-server-books
          resources:
            {{- toYaml .Values.deployment.resources | nindent 12 }}
          livenessProbe:
            tcpSocket:
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 0
            failureThreshold: 3
            timeoutSeconds: 1
            periodSeconds: 10
          readinessProbe:
            tcpSocket:
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 0
            failureThreshold: 3
            timeoutSeconds: 1
            periodSeconds: 10
          startupProbe:
            tcpSocket:
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 0
            failureThreshold: 30
            timeoutSeconds: 1
            periodSeconds: 5
      volumes:
        - name: calibre-server-config
          persistentVolumeClaim:
            claimName: calibre-server-config
        - name: calibre-server-books
          persistentVolumeClaim:
            claimName: {{ .Values.persistence.books.claimName }}
--- a/charts/calibre-server/templates/ingress-route.yaml
+++ b/charts/calibre-server/templates/ingress-route.yaml
@@ -1,34 +0,0 @@
 {{- if .Values.ingressRoute.enabled }}
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
  name: calibre-server
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: calibre-server
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: calibre-server
 spec:
  entryPoints:
    - websecure
  routes:
    - kind: Rule
      match: "Host(`{{ .Values.ingressRoute.http.host }}`)"
      middlewares:
        - name: "authentik-{{ .Release.Name }}"
          namespace: {{ .Release.Namespace }}
      priority: 10
      services:
        - kind: Service
          name: calibre-server
          port: {{ .Values.service.http.port }}
    - kind: Rule
      match: "Host(`{{ .Values.ingressRoute.http.host }}`) && PathPrefix(`/outpost.goauthentik.io/`)"
      priority: 15
      services:
        - kind: Service
          name: {{ .Values.ingressRoute.authentik.outpost }}
          port: {{ .Values.ingressRoute.authentik.port }}
 {{- end }}
--- a/charts/calibre-server/templates/middleware.yaml
+++ b/charts/calibre-server/templates/middleware.yaml
@@ -1,29 +0,0 @@
 {{- if .Values.ingressRoute.enabled }}
 apiVersion: traefik.containo.us/v1alpha1
 kind: Middleware
 metadata:
  name: "authentik-{{ .Release.Name }}"
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: auth
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  forwardAuth:
    address: "http://{{ .Values.ingressRoute.authentik.outpost }}.authentik:{{ .Values.ingressRoute.authentik.port }}/outpost.goauthentik.io/auth/traefik"
    trustForwardHeader: true
    authResponseHeaders:
      - X-authentik-username
      - X-authentik-groups
      - X-authentik-email
      - X-authentik-name
      - X-authentik-uid
      - X-authentik-jwt
      - X-authentik-meta-jwks
      - X-authentik-meta-outpost
      - X-authentik-meta-provider
      - X-authentik-meta-app
      - X-authentik-meta-version
 {{- end }}
--- a/charts/calibre-server/templates/persistant-volume-claim.yaml
+++ b/charts/calibre-server/templates/persistant-volume-claim.yaml
@@ -1,19 +0,0 @@
 kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
  name: calibre-server-config
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: calibre-server
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: {{ .Values.persistence.config.storageSize }}
  storageClassName: {{ .Values.persistence.config.storageClassName }}
  volumeMode: {{ .Values.persistence.config.volumeMode }}
--- a/charts/calibre-server/templates/service-account.yaml
+++ b/charts/calibre-server/templates/service-account.yaml
@@ -1,11 +0,0 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: calibre-server
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: calibre-server
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: calibre-server
--- a/charts/calibre-server/templates/service.yaml
+++ b/charts/calibre-server/templates/service.yaml
@@ -1,44 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: calibre-server
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: calibre-server
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  type: ClusterIP
  ports:
    - port: {{ .Values.service.http.port }}
      targetPort: http
      protocol: TCP
      name: http
  selector:
    app.kubernetes.io/name: calibre-server
    app.kubernetes.io/instance: {{ .Release.Name }}
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: calibre-server-content
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: calibre-server
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  type: ClusterIP
  ports:
    - port: {{ .Values.service.content.port }}
      targetPort: content
      protocol: TCP
      name: content
  selector:
    app.kubernetes.io/name: calibre-server
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/calibre-server/values.yaml
+++ b/charts/calibre-server/values.yaml
@@ -1,42 +0,0 @@
 deployment:
  replicas: 1
  strategy: Recreate
  image:
    repository: linuxserver/calibre
    tag: v7.5.1-ls269
    imagePullPolicy: IfNotPresent
  env:
    PGID: "1001"
    PUID: "1001"
    TZ: UTC
    UMASK_SET: "022"
    CUSTOM_USER: calibre
    TITLE: Calibre Server
    NO_DECOR: true
  envFrom:
  resources:
    requests:
      memory: 256Mi
      cpu: 50m
    limits:
      memory: 1Gi
      cpu: 500m
 service:
  http:
    port: 8080
  content:
    port: 8081
 ingressRoute:
  enabled: true
  http:
    host:
  authentik:
    outpost:
    port: 9000
 persistence:
  config:
    storageClassName: default
    storageSize: 5Gi
    volumeMode: Filesystem
  books:
    claimName:
--- a/charts/cloudflared/Chart.yaml
+++ b/charts/cloudflared/Chart.yaml
@@ -0,0 +1,18 @@
 apiVersion: v2
 name: cloudflared
 version: 1.6.0
 description: Cloudflared Tunnel
 keywords:
  - cloudflare
  - tunnel
 sources:
  - https://github.com/cloudflare/cloudflared
  - https://github.com/bjw-s/helm-charts/tree/main/charts/library/common
 maintainers:
  - name: alexlebens
 dependencies:
  - name: common
    repository: https://bjw-s.github.io/helm-charts/
    version: 3.3.2
 icon: https://avatars.githubusercontent.com/u/314135?s=48&v=4
 appVersion: "2024.8.2"
--- a/charts/cloudflared/README.md
+++ b/charts/cloudflared/README.md
@@ -0,0 +1,16 @@
 ## Introduction
 [Cloudflared](https://github.com/cloudflare/cloudflared)
 Contains the command-line client for Cloudflare Tunnel, a tunneling daemon that proxies traffic from the Cloudflare network to your origins.
 This chart bootstraps a [Cloudflared](https://github.com/cloudflare/cloudflared) tunnel on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 ## Prerequisites
 - Kubernetes
 - Helm
 ## Parameters
 See the [values files](values.yaml).
--- a/charts/cloudflared/templates/common.yaml
+++ b/charts/cloudflared/templates/common.yaml
@@ -0,0 +1,41 @@
 {{- include "bjw-s.common.loader.init" . }}
 {{- define "cloudflared.hardcodedValues" -}}
 {{ if not .Values.global.nameOverride }}
 global:
  nameOverride: {{ .Values.name }}
 {{ end }}  
 controllers:
  main:
    type: deployment
    strategy: Recreate
    containers:
      main:
        image:
          repository: {{ .Values.image.repository }}
          tag: {{ .Values.image.tag }}
          pullPolicy: {{ .Values.image.pullPolicy }}
        args:
          - tunnel
          - --protocol
          - http2
          - --no-autoupdate
          - run
          - --token
          - $(CF_MANAGED_TUNNEL_TOKEN)
        env:
          - name: CF_MANAGED_TUNNEL_TOKEN
            valueFrom:
              secretKeyRef:
                name: {{ .Values.existingSecretName }}
                key: {{ .Values.existingSecretKey }}
        resources:
        {{- with .Values.resources }}
        resources:
          {{- toYaml . | nindent 10 }}
        {{ end }}
 {{- end -}}
 {{- $_ := mergeOverwrite .Values (include "cloudflared.hardcodedValues" . | fromYaml) -}}
 {{/* Render the templates */}}
 {{ include "bjw-s.common.loader.generate" . }}
--- a/charts/cloudflared/values.yaml
+++ b/charts/cloudflared/values.yaml
@@ -0,0 +1,11 @@
 name: cloudflared
 existingSecretName: cloudflared-secret
 existingSecretKey: cf-tunnel-token
 image:
  repository: cloudflare/cloudflared
  tag: "2024.8.2"
  pullPolicy: IfNotPresent
 resources:
  requests:
    cpu: 100m
    memory: 128Mi
--- a/charts/cops/Chart.yaml
+++ b/charts/cops/Chart.yaml
@@ -1,12 +0,0 @@
 apiVersion: v2
 name: cops
 version: 0.0.3
 description: Chart for Calibre OPDS (and HTML) PHP Server
 keywords:
  - calibre
  - OPDS
 sources:
  - https://github.com/seblucas/cops
 maintainers:
  - name: alexlebens
 appVersion: 1.1.3
--- a/charts/cops/README.md
+++ b/charts/cops/README.md
@@ -1,22 +0,0 @@
 ## Introduction
 [Calibre OPDS (and HTML) PHP Server](https://github.com/seblucas/cops)
 COPS's main advantages are :
 - No need for many dependencies.
 - No need for a lot of CPU or RAM.
 - Not much code.
 - Search is available.
 - It was fun to code.
 This chart bootstraps a [COPS](https://github.com/seblucas/cops) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 ## Prerequisites
 - Kubernetes
 - Helm
 ## Parameters
 See the [values files](values.yaml).
--- a/charts/cops/templates/deployment.yaml
+++ b/charts/cops/templates/deployment.yaml
@@ -1,82 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  revisionHistoryLimit: 3
  replicas: {{ .Values.deployment.replicas }}
  strategy:
    type: {{ .Values.deployment.strategy }}
  selector:
    matchLabels:
      app.kubernetes.io/name: {{ .Release.Name }}
      app.kubernetes.io/instance: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app.kubernetes.io/name: {{ .Release.Name }}
        app.kubernetes.io/instance: {{ .Release.Name }}
    spec:
      serviceAccountName: {{ .Release.Name }}
      containers:
        - name: {{ .Release.Name }}
          image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
          imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.http.port }}
              protocol: TCP
          volumeMounts:
            - mountPath: /config
              name: cops-config
            - mountPath: /books
              name: cops-books
          resources:
            {{- toYaml .Values.deployment.resources | nindent 12 }}
          env:
          {{- range $k,$v := .Values.deployment.env }}
            - name: {{ $k }}
              value: {{ $v | quote }}
          {{- end }}
          {{- with .Values.deployment.envFrom }}
          envFrom:
            {{- toYaml . | nindent 12 }}
          {{- end }}            
          livenessProbe:
            httpGet:
              path: /
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 0
            failureThreshold: 5
            timeoutSeconds: 1
            periodSeconds: 10
          readinessProbe:
            httpGet:
              path: /
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 0
            failureThreshold: 5
            timeoutSeconds: 1
            periodSeconds: 10
          startupProbe:
            httpGet:
              path: /
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 5
            failureThreshold: 30
            periodSeconds: 10
            timeoutSeconds: 1
      volumes:
        - name: cops-config
          persistentVolumeClaim:
            claimName: cops-config
        - name: cops-books
          persistentVolumeClaim:
            claimName: {{ .Values.persistence.books.claimName }}
--- a/charts/cops/templates/ingress.yaml
+++ b/charts/cops/templates/ingress.yaml
@@ -1,32 +0,0 @@
 {{- if .Values.ingress.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  annotations:
    {{- toYaml .Values.ingress.annotations | nindent 4 }}
 spec:
  ingressClassName: {{ .Values.ingress.className }}
  tls:
    - hosts:
      - {{ .Values.ingress.host }}
      secretName: {{ .Release.Name }}-secret-tls
  rules:
    - host: {{ .Values.ingress.host }}
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: {{ .Release.Name }}
                port:
                  name: http
 {{- end }}
--- a/charts/cops/templates/persistant-volume-claim.yaml
+++ b/charts/cops/templates/persistant-volume-claim.yaml
@@ -1,19 +0,0 @@
 kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
  name: cops-config
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: storage
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: {{ .Values.persistence.config.storageSize }}
  storageClassName: {{ .Values.persistence.config.storageClassName }}
  volumeMode: {{ .Values.persistence.config.volumeMode }}
--- a/charts/cops/templates/pod.yaml
+++ b/charts/cops/templates/pod.yaml
@@ -1,26 +0,0 @@
 apiVersion: v1
 kind: Pod
 metadata:
  name: "{{ .Release.Name }}-test-connection"
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  annotations:
    "helm.sh/hook": test-success
 spec:
  restartPolicy: Never
  containers:
    - name: wget
      image: busybox
      command: ['wget']
      args: ['{{ .Release.Name }}:{{ .Values.service.http.port }}']
      resources:
        limits:
          cpu: 500m
          memory: 1Gi
        requests:
          cpu: 50m
          memory: 256Mi
--- a/charts/cops/templates/service-account.yaml
+++ b/charts/cops/templates/service-account.yaml
@@ -1,11 +0,0 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
--- a/charts/cops/templates/service.yaml
+++ b/charts/cops/templates/service.yaml
@@ -1,22 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  type: ClusterIP
  externalTrafficPolicy:
  ports:
    - port: {{ .Values.service.http.port }}
      targetPort: http
      protocol: TCP
      name: http
  selector:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/cops/values.yaml
+++ b/charts/cops/values.yaml
@@ -1,36 +0,0 @@
 deployment:
  replicas: 1
  strategy: Recreate
  image:
    repository: linuxserver/cops
    tag: 2.3.1-ls185
    imagePullPolicy: IfNotPresent
  env:
    PGID: "1000"
    PUID: "1000"
    TZ: UTC
  envFrom:        
  resources:    
    limits:
      cpu: 500m
      memory: 1Gi
    requests:
      cpu: 50m
      memory: 256Mi
 serviceAccount:
  create: true
 service:
  http:
    port: 80
 ingress:
  enabled: false
  annotations:
  className:
  host:
 persistence:
  config:
    storageClassName: default
    storageSize: 5Gi
    volumeMode: Filesystem
  books:
    claimName:
--- a/charts/freshrss/Chart.yaml
+++ b/charts/freshrss/Chart.yaml
@@ -1,12 +0,0 @@
 apiVersion: v2
 name: freshrss
 version: 0.0.3
 description: Chart for Freshrss
 keywords:
  - rss
 sources:
  - https://github.com/FreshRSS/FreshRSS
 maintainers:
  - name: alexlebens
 icon: https://avatars.githubusercontent.com/u/9414285?s=48&v=4
 appVersion: "1.23.1"
--- a/charts/freshrss/README.md
+++ b/charts/freshrss/README.md
@@ -1,18 +0,0 @@
 ## Introduction
 [FreshRSS](https://github.com/FreshRSS/FreshRSS)
 FreshRSS is a self-hosted RSS feed aggregator.
 It is lightweight, easy to work with, powerful, and customizable.
 This chart bootstraps a [FreshRSS](https://github.com/FreshRSS/FreshRSS) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 ## Prerequisites
 - Kubernetes
 - Helm
 ## Parameters
 See the [values files](values.yaml).
--- a/charts/freshrss/templates/deployment.yaml
+++ b/charts/freshrss/templates/deployment.yaml
@@ -1,76 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  revisionHistoryLimit: 3
  replicas: {{ .Values.deployment.replicas }}
  strategy:
    type: {{ .Values.deployment.strategy }}
  selector:
    matchLabels:
      app.kubernetes.io/name: {{ .Release.Name }}
      app.kubernetes.io/instance: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app.kubernetes.io/name: {{ .Release.Name }}
        app.kubernetes.io/instance: {{ .Release.Name }}
    spec:
      serviceAccountName: {{ .Release.Name }}
      containers:
        - name: {{ .Release.Name }}
          image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
          imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.http.port }}
              protocol: TCP
          volumeMounts:
            - name: {{ .Release.Name }}-config
              mountPath: /config
          resources:
            {{- toYaml .Values.deployment.resources | nindent 12 }}
          env:
            - name: LISTEN
              value: "0.0.0.0:{{ .Values.service.http.port }}"
          {{- range $k,$v := .Values.deployment.env }}
            - name: {{ $k }}
              value: {{ $v | quote }}
          {{- end }}
          {{- with .Values.deployment.envFrom }}
          envFrom:
            {{- toYaml . | nindent 12 }}
          {{- end }}
          livenessProbe:
            tcpSocket:
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 0
            failureThreshold: 3
            timeoutSeconds: 1
            periodSeconds: 10
          readinessProbe:
            tcpSocket:
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 0
            failureThreshold: 3
            timeoutSeconds: 1
            periodSeconds: 10
          startupProbe:
            tcpSocket:
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 0
            failureThreshold: 30
            timeoutSeconds: 1
            periodSeconds: 5
      volumes:
        - name: {{ .Release.Name }}-config
          persistentVolumeClaim:
            claimName: {{ .Release.Name }}-config
--- a/charts/freshrss/templates/ingress.yaml
+++ b/charts/freshrss/templates/ingress.yaml
@@ -1,32 +0,0 @@
 {{- if .Values.ingress.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  annotations:
    {{- toYaml .Values.ingress.annotations | nindent 4 }}
 spec:
  ingressClassName: {{ .Values.ingress.className }}
  tls:
    - hosts:
      - {{ .Values.ingress.host }}
      secretName: {{ .Release.Name }}-secret-tls
  rules:
    - host: {{ .Values.ingress.host }}
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: {{ .Release.Name }}
                port:
                  name: http
 {{- end }}
--- a/charts/freshrss/templates/persistant-volume-claim.yaml
+++ b/charts/freshrss/templates/persistant-volume-claim.yaml
@@ -1,19 +0,0 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: {{ .Release.Name }}-config
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: storage
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: {{ .Values.persistence.config.storageSize }}
  storageClassName: {{ .Values.persistence.config.storageClassName }}
  volumeMode: {{ .Values.persistence.config.volumeMode }}
--- a/charts/freshrss/templates/pod.yaml
+++ b/charts/freshrss/templates/pod.yaml
@@ -1,26 +0,0 @@
 apiVersion: v1
 kind: Pod
 metadata:
  name: "{{ .Release.Name }}-test-connection"
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  annotations:
    "helm.sh/hook": test-success
 spec:
  restartPolicy: Never
  containers:
    - name: wget
      image: busybox
      command: ['wget']
      args: ['{{ .Release.Name }}:{{ .Values.service.http.port }}']
      resources:
        limits:
          cpu: 500m
          memory: 1Gi
        requests:
          cpu: 50m
          memory: 256Mi
--- a/charts/freshrss/templates/service-account.yaml
+++ b/charts/freshrss/templates/service-account.yaml
@@ -1,11 +0,0 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
--- a/charts/freshrss/templates/service.yaml
+++ b/charts/freshrss/templates/service.yaml
@@ -1,21 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  type: ClusterIP
  ports:
    - port: {{ .Values.service.http.port }}
      targetPort: http
      protocol: TCP
      name: http
  selector:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/freshrss/values.yaml
+++ b/charts/freshrss/values.yaml
@@ -1,33 +0,0 @@
 deployment:
  replicas: 1
  strategy: Recreate
  image:
    repository: freshrss/freshrss
    tag: 1.23.1
    imagePullPolicy: IfNotPresent
  env:
    PGID: "568"
    PUID: "568"
    TZ: UTC
    FRESHRSS_ENV: production
  envFrom:
  resources:
    limits:
      cpu: 500m
      memory: 1Gi
    requests:
      cpu: 50m
      memory: 256Mi
 service:
  http:
    port: 80
 ingress:
  enabled: true
  className:
  annotations:
  host:
 persistence:
  config:
    storageClassName: default
    storageSize: 5Gi
    volumeMode: Filesystem
--- a/charts/home-assistant/Chart.yaml
+++ b/charts/home-assistant/Chart.yaml
@@ -1,12 +0,0 @@
 apiVersion: v2
 name: home-assistant
 version: 0.1.9
 description: Chart for Home Assistant
 keywords:
  - home-automation
 sources:
  - https://github.com/home-assistant
 maintainers:
  - name: alexlebens
 icon: https://avatars.githubusercontent.com/u/13844975?s=200&v=4
 appVersion: v2024.4.3
--- a/charts/home-assistant/README.md
+++ b/charts/home-assistant/README.md
@@ -1,18 +0,0 @@
 ## Introduction
 [Home Assistant](https://www.home-assistant.io/)
 Open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts. Perfect to run on a Raspberry Pi or a local server. 
 This chart bootstraps a [Home-Assistant](https://github.com/home-assistant) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 ## Prerequisites
 - Kubernetes
 - Helm
 - Traefik v2 / IngressRoute
 - Authentik / Auth
 ## Parameters
 See the [values files](values.yaml).
--- a/charts/home-assistant/templates/deployment.yaml
+++ b/charts/home-assistant/templates/deployment.yaml
@@ -1,98 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: home-assistant
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  revisionHistoryLimit: 3
  replicas: {{ .Values.deployment.replicas }}
  strategy:
    type: {{ .Values.deployment.strategy }}
  selector:
    matchLabels:
      app.kubernetes.io/name: {{ .Release.Name }}
      app.kubernetes.io/instance: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app.kubernetes.io/name: {{ .Release.Name }}
        app.kubernetes.io/instance: {{ .Release.Name }}
    spec:
      serviceAccountName: {{ .Release.Name }}
      automountServiceAccountToken: true
      containers:
        - name: {{ .Release.Name }}
          image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
          imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.http.port }}
              protocol: TCP
          env:
          {{- range $k,$v := .Values.deployment.env }}
            - name: {{ $k }}
              value: {{ $v | quote }}
          {{- end }}
          {{- with .Values.deployment.envFrom }}
          envFrom:
            {{- toYaml . | nindent 12 }}
          {{- end }}
          volumeMounts:
            - mountPath: /config
              name: home-assistant-config
          resources:
            {{- toYaml .Values.deployment.resources | nindent 12 }}
          livenessProbe:
            tcpSocket:
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 0
            failureThreshold: 3
            timeoutSeconds: 1
            periodSeconds: 10
          readinessProbe:
            tcpSocket:
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 0
            failureThreshold: 3
            timeoutSeconds: 1
            periodSeconds: 10
          startupProbe:
            tcpSocket:
              port: {{ .Values.service.http.port }}
            initialDelaySeconds: 0
            failureThreshold: 30
            timeoutSeconds: 1
            periodSeconds: 5
        {{- if .Values.codeserver.enabled }}
        - name: codeserver
          image: "{{ .Values.codeserver.image.repository }}:{{ .Values.codeserver.image.tag }}"
          imagePullPolicy: {{ .Values.codeserver.image.imagePullPolicy }}
          ports:
            - containerPort: {{ .Values.codeserver.service.http.port }}
              name: codeserver-http
              protocol: TCP
          env:
          {{- range $k,$v := .Values.codeserver.env }}
            - name: {{ $k }}
              value: {{ $v | quote }}
          {{- end }}
          {{- with .Values.codeserver.envFrom }}
          envFrom:
            {{- toYaml . | nindent 12 }}
          {{- end }}
          securityContext:
            {{- toYaml .Values.codeserver.securityContext | nindent 12 }}
          volumeMounts:
            - mountPath: /config/home-assistant
              name: home-assistant-config
        {{- end }}
      volumes:
        - name: home-assistant-config
          persistentVolumeClaim:
            claimName: "{{ .Release.Name }}-config"
--- a/charts/home-assistant/templates/ingress-route.yaml
+++ b/charts/home-assistant/templates/ingress-route.yaml
@@ -1,70 +0,0 @@
 {{- if .Values.ingressRoute.enabled }}
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  entryPoints:
    - websecure
  routes:
    - kind: Rule
      match: "Host(`{{ .Values.ingressRoute.host }}`)"
      middlewares:
        - name: "authentik-{{ .Release.Name }}"
          namespace: {{ .Release.Namespace }}           
      priority: 10
      services:
        - kind: Service
          name: {{ .Release.Name }}
          port: {{ .Values.service.http.port }}
    - kind: Rule
      match: "Host(`{{ .Values.ingressRoute.host }}`) && PathPrefix(`/outpost.goauthentik.io/`)"
      priority: 15
      services:
        - kind: Service
          name: {{ .Values.ingressRoute.authentik.outpost }}
          port: {{ .Values.ingressRoute.authentik.port }}    
 {{- end }}
 ---
 {{- if and .Values.codeserver.ingressRoute.enabled .Values.codeserver.enabled }}
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
  name: "{{ .Release.Name }}-codeserver"
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  entryPoints:
    - websecure
  routes:
    - kind: Rule
      match: "Host(`{{ .Values.codeserver.ingressRoute.host }}`)"
      middlewares:
        - name: "authentik-{{ .Release.Name }}"
          namespace: {{ .Release.Namespace }}      
      priority: 10
      services:
        - kind: Service
          name: "{{ .Release.Name }}-codeserver"
          port: {{ .Values.codeserver.service.http.port }}
    - kind: Rule
      match: "Host(`{{ .Values.ingressRoute.host }}`) && PathPrefix(`/outpost.goauthentik.io/`)"
      priority: 15
      services:
        - kind: Service
          name: {{ .Values.ingressRoute.authentik.outpost }}
          port: {{ .Values.ingressRoute.authentik.port }}          
 {{- end }}
--- a/charts/home-assistant/templates/middleware.yaml
+++ b/charts/home-assistant/templates/middleware.yaml
@@ -1,29 +0,0 @@
 {{- if .Values.ingressRoute.enabled }}
 apiVersion: traefik.containo.us/v1alpha1
 kind: Middleware
 metadata:
  name: "authentik-{{ .Release.Name }}"
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: auth
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  forwardAuth:
    address: "http://{{ .Values.ingressRoute.authentik.outpost }}.authentik:{{ .Values.ingressRoute.authentik.port }}/outpost.goauthentik.io/auth/traefik"
    trustForwardHeader: true
    authResponseHeaders:
      - X-authentik-username
      - X-authentik-groups
      - X-authentik-email
      - X-authentik-name
      - X-authentik-uid
      - X-authentik-jwt
      - X-authentik-meta-jwks
      - X-authentik-meta-outpost
      - X-authentik-meta-provider
      - X-authentik-meta-app
      - X-authentik-meta-version
 {{- end }}
--- a/charts/home-assistant/templates/persistant-volume-claim.yaml
+++ b/charts/home-assistant/templates/persistant-volume-claim.yaml
@@ -1,19 +0,0 @@
 kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
  name: "{{ .Release.Name }}-config"
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: {{ .Values.persistence.config.storageSize }}
  storageClassName: {{ .Values.persistence.config.storageClassName }}
  volumeMode: {{ .Values.persistence.config.volumeMode }}
--- a/charts/home-assistant/templates/prometheus-rule.yaml
+++ b/charts/home-assistant/templates/prometheus-rule.yaml
@@ -1,18 +0,0 @@
 {{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }}
 apiVersion: monitoring.coreos.com/v1
 kind: PrometheusRule
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  groups:
    - name: {{ .Release.Name }}
      rules:
        {{- toYaml .Values.metrics.prometheusRule.rules | nindent 8 }}
 {{- end }}
--- a/charts/home-assistant/templates/service-account.yaml
+++ b/charts/home-assistant/templates/service-account.yaml
@@ -1,11 +0,0 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
--- a/charts/home-assistant/templates/service-monitor.yaml
+++ b/charts/home-assistant/templates/service-monitor.yaml
@@ -1,26 +0,0 @@
 {{- if .Values.metrics.enabled }}
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: {{ .Release.Name }}
      app.kubernetes.io/instance: {{ .Release.Name }}
  endpoints:
    - port: http
      interval: {{ .Values.metrics.serviceMonitor.interval }}
      scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }}
      path: /api/prometheus
      bearerTokenSecret:
        name: {{ .Values.metrics.serviceMonitor.bearerTokenSecret.name }}
        key: {{ .Values.metrics.serviceMonitor.bearerTokenSecret.key }}
 {{- end }}
--- a/charts/home-assistant/templates/service.yaml
+++ b/charts/home-assistant/templates/service.yaml
@@ -1,46 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  type: ClusterIP
  ports:
    - port: {{ .Values.service.http.port }}
      targetPort: http
      protocol: TCP
      name: http
  selector:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
 ---
 {{- if .Values.codeserver.enabled }}
 apiVersion: v1
 kind: Service
 metadata:
  name: "{{ .Release.Name }}-codeserver"
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  type: ClusterIP
  ports:
    - port: {{ .Values.codeserver.service.http.port }}
      targetPort: codeserver-http
      protocol: TCP
      name: codeserver-http
  selector:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
--- a/charts/home-assistant/values.yaml
+++ b/charts/home-assistant/values.yaml
@@ -1,74 +0,0 @@
 deployment:
  replicas: 1
  strategy: Recreate
  image:
    repository: homeassistant/home-assistant
    tag: 2024.4.3
    imagePullPolicy: IfNotPresent
  env:
    TZ: UTC
  envFrom:
  resources:
    requests:
      memory: 512Mi
      cpu: 50m
    limits:
      memory: 1Gi
      cpu: 500m
 service:
  http:
    port: 8123
 ingressRoute:
  enabled: true
  host:
  authentik:
    outpost:
    port: 9000
 metrics:
  enabled: false
  serviceMonitor:
    interval: 1m
    scrapeTimeout: 30s
    ## See https://www.home-assistant.io/docs/authentication/ for where to find
    ## long lived access token creation under your account profile, which is
    ## needed to monitor Home Assistant
    bearerTokenSecret:
      name: ""
      key: ""
  prometheusRule:
    enabled: false
    rules:
      - alert: HomeAssistantAbsent
        annotations:
          description: Home Assistant has disappeared from Prometheus service discovery.
          summary: Home Assistant is down.
        expr: |
          absent(up{job=~".*home-assistant.*"} == 1)
        for: 5m
        labels:
          severity: critical
 persistence:
  config:
    storageClassName: default
    storageSize: 1Gi
    volumeMode: Filesystem
 codeserver:
  enabled: false
  image:
    repository: linuxserver/code-server
    tag: 4.23.0
    imagePullPolicy: IfNotPresent
  env:
    TZ: UTC
    PUID: 1000
    PGID: 1000
    DEFAULT_WORKSPACE: /config
  envFrom:
  securityContext:
    runAsUser: 0
  service:
    http:
      port: 8443
  ingressRoute:
    enabled: false
    host:
--- a/charts/homepage/Chart.yaml
+++ b/charts/homepage/Chart.yaml
@@ -1,12 +0,0 @@
 apiVersion: v2
 name: homepage
 version: 0.0.10
 description: Chart for benphelps homepage
 keywords:
  - dashboard
 sources:
  - https://github.com/gethomepage/homepage
 maintainers:
  - name: alexlebens
 icon: https://github.com/benphelps/homepage/blob/de584eae8f12a0d257e554e9511ef19bd2a1232c/public/mstile-150x150.png
 appVersion: v0.8.11
--- a/charts/homepage/README.md
+++ b/charts/homepage/README.md
@@ -1,18 +0,0 @@
 ## Introduction
 [Homepage](https://github.com/benphelps/homepage)
 A modern (fully static, fast), secure (fully proxied), highly customizable application dashboard with integrations for more than 25 services and translations for over 15 languages. Easily configured via YAML files (or discovery via docker labels).
 This chart bootstraps a [Homepage](https://github.com/benphelps/homepage) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 ## Prerequisites
 - Kubernetes
 - Helm
 - Traefik v2 / IngressRoute
 - Authentik / Auth
 ## Parameters
 See the [values files](values.yaml).
--- a/charts/homepage/templates/cluster-role-binding.yaml
+++ b/charts/homepage/templates/cluster-role-binding.yaml
@@ -1,19 +0,0 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: {{ .Release.Name }}
 subjects:
  - kind: ServiceAccount
    name: homepage
    namespace: {{ .Release.Namespace }}
--- a/charts/homepage/templates/cluster-role.yaml
+++ b/charts/homepage/templates/cluster-role.yaml
@@ -1,51 +0,0 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 rules:
  - apiGroups:
      - ""
    resources:
      - namespaces
      - pods
      - nodes
    verbs:
      - get
      - list
  - apiGroups:
      - extensions
      - networking.k8s.io
    resources:
      - ingresses
    verbs:
      - get
      - list
  - apiGroups:
      - traefik.containo.us
      - traefik.io
    resources:
      - ingressroutes
    verbs:
      - get
      - list
  - apiGroups:
      - metrics.k8s.io
    resources:
      - nodes
      - pods
    verbs:
      - get
      - list
  - apiGroups:
      - apiextensions.k8s.io
    resources:
      - customresourcedefinitions/status
    verbs:
      - get
--- a/charts/homepage/templates/config-map.yaml
+++ b/charts/homepage/templates/config-map.yaml
@@ -1,36 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: homepage-config
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: homepage
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: homepage
 data:
  bookmarks.yaml: {{- if .Values.config.bookmarks }} |
 {{- .Values.config.bookmarks | toYaml | nindent 4}}
 {{- else }} ""
 {{- end }}
  docker.yaml: {{- if .Values.config.docker }} |
 {{- .Values.config.docker | toYaml | nindent 4 }}
 {{- else }} ""
 {{- end }}
  kubernetes.yaml: {{- if .Values.config.kubernetes }} |
 {{- .Values.config.kubernetes | toYaml | nindent 4 }}
 {{- else }} ""
 {{- end }}
  services.yaml: {{- if .Values.config.services }} |
 {{- .Values.config.services | toYaml | nindent 4 }}
 {{- else }} ""
 {{- end }}
  settings.yaml: {{- if .Values.config.settings }} |
 {{- .Values.config.settings | toYaml | nindent 4 }}
 {{- else }} ""
 {{- end }}
  widgets.yaml: {{- if .Values.config.widgets }} |
 {{- .Values.config.widgets | toYaml | nindent 4 }}
 {{- else }} ""
 {{- end }}
--- a/charts/homepage/templates/deployment.yaml
+++ b/charts/homepage/templates/deployment.yaml
@@ -1,95 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: homepage
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: homepage
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: homepage
 spec:
  revisionHistoryLimit: 3
  replicas: {{ .Values.deployment.replicas }}
  strategy:
    type: {{ .Values.deployment.strategy }}
  selector:
    matchLabels:
      app.kubernetes.io/name: homepage
      app.kubernetes.io/instance: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app.kubernetes.io/name: homepage
        app.kubernetes.io/instance: {{ .Release.Name }}
    spec:
      serviceAccountName: homepage
      automountServiceAccountToken: true
      containers:
        - name: {{ .Release.Name }}
          image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
          imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.http.port }}
              protocol: TCP
          env:
          {{- range $k,$v := .Values.deployment.env }}
            - name: {{ $k }}
              value: {{ $v | quote }}
          {{- end }}
          {{- with .Values.deployment.envFrom }}
          envFrom:
            {{- toYaml . | nindent 12 }}
          {{- end }}
          volumeMounts:
            - name: homepage-config
              subPath: bookmarks.yaml
              mountPath: /app/config/bookmarks.yaml
            - name: homepage-config
              subPath: docker.yaml
              mountPath: /app/config/docker.yaml
            - name: homepage-config
              subPath: kubernetes.yaml
              mountPath: /app/config/kubernetes.yaml
            - name: homepage-config
              subPath: services.yaml
              mountPath: /app/config/services.yaml
            - name: homepage-config
              subPath: settings.yaml
              mountPath: /app/config/settings.yaml
            - name: homepage-config
              subPath: widgets.yaml
              mountPath: /app/config/widgets.yaml
            - name: logs
              mountPath: /app/config/logs
          resources:
            {{- toYaml .Values.deployment.resources | nindent 12 }}
          livenessProbe:
            failureThreshold: 3
            initialDelaySeconds: 0
            periodSeconds: 10
            tcpSocket:
              port: {{ .Values.service.http.port }}
            timeoutSeconds: 1
          readinessProbe:
            failureThreshold: 3
            initialDelaySeconds: 0
            periodSeconds: 10
            tcpSocket:
              port: {{ .Values.service.http.port }}
            timeoutSeconds: 1
          startupProbe:
            failureThreshold: 30
            initialDelaySeconds: 0
            periodSeconds: 5
            tcpSocket:
              port: {{ .Values.service.http.port }}
            timeoutSeconds: 1
      volumes:
        - name: homepage-config
          configMap:
            name: homepage-config
        - name: logs
          emptyDir: {}
--- a/charts/homepage/templates/ingress-route.yaml
+++ b/charts/homepage/templates/ingress-route.yaml
@@ -1,32 +0,0 @@
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
  name: homepage
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: homepage
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: homepage
 spec:
  entryPoints:
    - websecure
  routes:
    - kind: Rule
      match: "Host(`{{ .Values.ingressRoute.host }}`)"
      middlewares:
        - name: "authentik-{{ .Release.Name }}"
          namespace: {{ .Release.Namespace }}
      priority: 10
      services:
        - kind: Service
          name: homepage
          port: {{ .Values.service.http.port }}
    - kind: Rule
      match: "Host(`{{ .Values.ingressRoute.host }}`) && PathPrefix(`/outpost.goauthentik.io/`)"
      priority: 15
      services:
        - kind: Service
          name: {{ .Values.ingressRoute.authentik.outpost }}
          port: {{ .Values.ingressRoute.authentik.port }}
--- a/charts/homepage/templates/middleware.yaml
+++ b/charts/homepage/templates/middleware.yaml
@@ -1,27 +0,0 @@
 apiVersion: traefik.containo.us/v1alpha1
 kind: Middleware
 metadata:
  name: "authentik-{{ .Release.Name }}"
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ .Release.Name }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: auth
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  forwardAuth:
    address: "http://{{ .Values.ingressRoute.authentik.outpost }}.authentik:{{ .Values.ingressRoute.authentik.port }}/outpost.goauthentik.io/auth/traefik"
    trustForwardHeader: true
    authResponseHeaders:
      - X-authentik-username
      - X-authentik-groups
      - X-authentik-email
      - X-authentik-name
      - X-authentik-uid
      - X-authentik-jwt
      - X-authentik-meta-jwks
      - X-authentik-meta-outpost
      - X-authentik-meta-provider
      - X-authentik-meta-app
      - X-authentik-meta-version
--- a/charts/homepage/templates/secret.yaml
+++ b/charts/homepage/templates/secret.yaml
@@ -1,14 +0,0 @@
 apiVersion: v1
 kind: Secret
 type: kubernetes.io/service-account-token
 metadata:
  name: "{{ .Release.Name }}-sa-token"
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: homepage
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: homepage
  annotations:
    kubernetes.io/service-account.name: homepage
--- a/charts/homepage/templates/service-account.yaml
+++ b/charts/homepage/templates/service-account.yaml
@@ -1,13 +0,0 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: homepage
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: homepage
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: homepage
 secrets:
  - name: "{{ .Release.Name }}-sa-token"
--- a/charts/homepage/templates/service.yaml
+++ b/charts/homepage/templates/service.yaml
@@ -1,21 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: homepage
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: homepage
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: homepage
 spec:
  type: ClusterIP
  ports:
    - port: {{ .Values.service.http.port }}
      targetPort: http
      protocol: TCP
      name: http
  selector:
    app.kubernetes.io/name: homepage
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/homepage/values.yaml
+++ b/charts/homepage/values.yaml
@@ -1,32 +0,0 @@
 deployment:
  replicas: 1
  strategy: Recreate
  image:
    repository: ghcr.io/gethomepage/homepage
    tag: v0.8.11
    imagePullPolicy: IfNotPresent
  env:
  envFrom:
  resources:
    requests:
      memory: 256Mi
      cpu: 50m
    limits:
      memory: 512Mi
      cpu: 500m
 service:
  http:
    port: 3000
 ingressRoute:
  host:
  authentik:
    outpost:
    port: 9000
 config:
  bookmarks:
  services:
  widgets:
  kubernetes:
    mode: cluster
  docker:
  settings:
--- a/charts/kubelet-serving-cert-approver/Chart.yaml
+++ b/charts/kubelet-serving-cert-approver/Chart.yaml
@@ -1,13 +0,0 @@
 apiVersion: v2
 name: kubelet-serving-cert-approver
 version: 0.0.4
 description: Kubelet Serving TLS Certificate Signing Request Approver
 keywords:
  - kubernetes
  - certificate
 sources:
  - https://github.com/alex1989hu/kubelet-serving-cert-approver
  - https://github.com/alexlebens/helm-charts/charts/homepage
 maintainers:
  - name: alexlebens
 appVersion: 0.8.1
--- a/charts/kubelet-serving-cert-approver/README.md
+++ b/charts/kubelet-serving-cert-approver/README.md
@@ -1,16 +0,0 @@
 ## Introduction
 [Kubelet Serving Certificate Approver](https://github.com/alex1989hu/kubelet-serving-cert-approver)
 Kubelet Serving Certificate Approver is a custom approving controller which approves kubernetes.io/kubelet-serving Certificate Signing Request that kubelet use to serve TLS endpoints.
 This chart bootstraps a [Kubelet Serving Certificate Approver](https://github.com/alex1989hu/kubelet-serving-cert-approver) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 ## Prerequisites
 - Kubernetes
 - Helm
 ## Parameters
 See the [values files](values.yaml).
--- a/charts/kubelet-serving-cert-approver/templates/cluster-role-binding.yaml
+++ b/charts/kubelet-serving-cert-approver/templates/cluster-role-binding.yaml
@@ -1,19 +0,0 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  name: kubelet-serving-cert-approver
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: kubelet-serving-cert-approver
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: server
    app.kubernetes.io/part-of: kubelet-serving-cert-approver
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: "certificates:{{ .Release.Name }}"
 subjects:
  - kind: ServiceAccount
    name: {{ .Release.Name }}
    namespace: {{ .Release.Namespace }}
--- a/charts/kubelet-serving-cert-approver/templates/cluster-role.yaml
+++ b/charts/kubelet-serving-cert-approver/templates/cluster-role.yaml
@@ -1,61 +0,0 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: "certificates:{{ .Release.Name }}"
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: kubelet-serving-cert-approver
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: server
    app.kubernetes.io/part-of: kubelet-serving-cert-approver
 rules:
  - apiGroups:
      - certificates.k8s.io
    resources:
      - certificatesigningrequests
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - certificates.k8s.io
    resources:
      - certificatesigningrequests/approval
    verbs:
      - update
  - apiGroups:
      - authorization.k8s.io
    resources:
      - subjectaccessreviews
    verbs:
      - create
  - apiGroups:
      - certificates.k8s.io
    resourceNames:
      - kubernetes.io/kubelet-serving
    resources:
      - signers
    verbs:
      - approve
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: "events:{{ .Release.Name }}"
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: kubelet-serving-cert-approver
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: server
    app.kubernetes.io/part-of: kubelet-serving-cert-approverv
 rules:
  - apiGroups:
      - ""
    resources:
      - events
    verbs:
      - create
      - patch
--- a/charts/kubelet-serving-cert-approver/templates/deployment.yaml
+++ b/charts/kubelet-serving-cert-approver/templates/deployment.yaml
@@ -1,88 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: kubelet-serving-cert-approver
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: kubelet-serving-cert-approver
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: server
    app.kubernetes.io/part-of: kubelet-serving-cert-approver
 spec:
  revisionHistoryLimit: 3
  replicas: {{ .Values.deployment.replicas }}
  strategy:
    type: {{ .Values.deployment.strategy }}
  selector:
    matchLabels:
      app.kubernetes.io/name: kubelet-serving-cert-approver
      app.kubernetes.io/instance: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app.kubernetes.io/name: kubelet-serving-cert-approver
        app.kubernetes.io/instance: {{ .Release.Name }}
    spec:
      affinity:
        nodeAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - preference:
                matchExpressions:
                  - key: node-role.kubernetes.io/master
                    operator: DoesNotExist
                  - key: node-role.kubernetes.io/control-plane
                    operator: DoesNotExist
              weight: 100
      containers:
        - name: {{ .Release.Name }}
          image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
          imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
          ports:
            - containerPort: 8080
              name: health
            - containerPort: 9090
              name: metrics
          args:
            - serve
          env:
            - name: NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
          resources:
            {{- toYaml .Values.deployment.resources | nindent 12 }}
          livenessProbe:
            httpGet:
              path: /healthz
              port: health
            initialDelaySeconds: 6
          readinessProbe:
            httpGet:
              path: /readyz
              port: health
            initialDelaySeconds: 3
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
              drop:
                - ALL
            privileged: false
            readOnlyRootFilesystem: true
            runAsNonRoot: true
      priorityClassName: {{ .Values.deployment.priorityClassName }}
      securityContext:
        fsGroup: 65534
        runAsGroup: 65534
        runAsUser: 65534
        seccompProfile:
          type: RuntimeDefault
      serviceAccountName: kubelet-serving-cert-approver
      tolerations:
        - effect: NoSchedule
          key: node-role.kubernetes.io/master
          operator: Exists
        - effect: NoSchedule
          key: node-role.kubernetes.io/control-plane
          operator: Exists
--- a/charts/kubelet-serving-cert-approver/templates/namespace.yaml
+++ b/charts/kubelet-serving-cert-approver/templates/namespace.yaml
@@ -1,10 +0,0 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: kubelet-serving-cert-approver
  labels:
    app.kubernetes.io/name: kubelet-serving-cert-approver
    app.kubernetes.io/instance: {{ .Release.Name }}
    pod-security.kubernetes.io/audit: restricted
    pod-security.kubernetes.io/enforce: restricted
    pod-security.kubernetes.io/warn: restricted
--- a/charts/kubelet-serving-cert-approver/templates/role-binding.yaml
+++ b/charts/kubelet-serving-cert-approver/templates/role-binding.yaml
@@ -1,19 +0,0 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: "events:{{ .Release.Name }}"
  namespace: default
  labels:
    app.kubernetes.io/name: kubelet-serving-cert-approver
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: server
    app.kubernetes.io/part-of: kubelet-serving-cert-approver
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: "events:{{ .Release.Name }}"
 subjects:
  - kind: ServiceAccount
    name: kubelet-serving-cert-approver
    namespace: {{ .Release.Name }}
--- a/charts/kubelet-serving-cert-approver/templates/service-account.yaml
+++ b/charts/kubelet-serving-cert-approver/templates/service-account.yaml
@@ -1,11 +0,0 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: kubelet-serving-cert-approver
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: kubelet-serving-cert-approver
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: server
    app.kubernetes.io/part-of: kubelet-serving-cert-approver
--- a/charts/kubelet-serving-cert-approver/templates/service.yaml
+++ b/charts/kubelet-serving-cert-approver/templates/service.yaml
@@ -1,20 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: kubelet-serving-cert-approver
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: kubelet-serving-cert-approver
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: server
    app.kubernetes.io/part-of: kubelet-serving-cert-approver
 spec:
  ports:
    - name: metrics
      port: 9090
      protocol: TCP
      targetPort: metrics
  selector:
    app.kubernetes.io/name: kubelet-serving-cert-approver
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/kubelet-serving-cert-approver/values.yaml
+++ b/charts/kubelet-serving-cert-approver/values.yaml
@@ -1,15 +0,0 @@
 deployment:
  replicas: 1
  strategy: Recreate
  priorityClassName: system-cluster-critical
  image:
    repository: ghcr.io/alex1989hu/kubelet-serving-cert-approver
    tag: main
    imagePullPolicy: Always
  resources:
    limits:
      cpu: 250m
      memory: 32Mi
    requests:
      cpu: 10m
      memory: 16Mi
--- a/charts/libation/Chart.yaml
+++ b/charts/libation/Chart.yaml
@@ -1,13 +0,0 @@
 apiVersion: v2
 name: libation
 version: 0.0.6
 description: Import library from audible
 keywords:
  - audiobooks
  - job
 sources:
  - https://github.com/rmcrackan/Libation
 maintainers:
  - name: alexlebens
 icon: https://getlibation.com/images/libation-logo.png
 appVersion: "11.1.0"
--- a/charts/libation/README.md
+++ b/charts/libation/README.md
@@ -1,18 +0,0 @@
 ## Introduction
 [Libation](https://github.com/rmcrackan/Libation)
 Libation: Liberate your Library. Import library from audible, including cover art
 This chart bootstraps a [Libation](https://github.com/benphelps/homepage) CronJob on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 ## Prerequisites
 - Kubernetes
 - Helm
 - CronJob
 ## Parameters
 See the [values files](values.yaml).
--- a/charts/libation/templates/job.yaml
+++ b/charts/libation/templates/job.yaml
@@ -1,39 +0,0 @@
 apiVersion: batch/v1
 kind: CronJob
 metadata:
  name: libation
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: libation
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: job
    app.kubernetes.io/part-of: libation
 spec:
  schedule: {{ .Values.job.schedule }}
  successfulJobsHistoryLimit: 3
  failedJobsHistoryLimit: 3
  jobTemplate:
    spec:
      template:
        spec:
          restartPolicy: Never
          containers:
            - name: libation
              image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
              imagePullPolicy: {{ .Values.image.pullPolicy }}
              env:
                - name: SLEEP_TIME
                  value: "-1"
              volumeMounts:
                - name: libation-config
                  mountPath: /config
                - name: libation-books
                  mountPath: /data
          volumes:
            - name: libation-config
              persistentVolumeClaim:
                claimName: libation-config
            - name: libation-books
              persistentVolumeClaim:
                claimName: {{ .Values.persistence.books.claimName }}
--- a/charts/libation/templates/persistent-volume-claim.yaml
+++ b/charts/libation/templates/persistent-volume-claim.yaml
@@ -1,19 +0,0 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: libation-config
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: libation
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: storage
    app.kubernetes.io/part-of: libation
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: {{ .Values.persistence.config.storageSize }}
  storageClassName: {{ .Values.persistence.config.storageClassName }}
  volumeMode: {{ .Values.persistence.config.volumeMode }}
--- a/charts/libation/values.yaml
+++ b/charts/libation/values.yaml
@@ -1,13 +0,0 @@
 job:
  schedule: "0 * * * *"
 image:
  repository: rmcrackan/libation
  tag: "11.1.0"
  pullPolicy: IfNotPresent
 persistence:
  config:
    storageClassName: default
    storageSize: 1Gi
    volumeMode: Filesystem
  books:
    claimName:
--- a/charts/matrix-hookshot/Chart.yaml
+++ b/charts/matrix-hookshot/Chart.yaml
@@ -1,14 +0,0 @@
 apiVersion: v2
 name: matrix-hookshot
 version: 0.1.0
 description: Chart for Matrix Hookshot
 keywords:
  - matrix
  - matrix-hookshot
  - webhook
 sources:
  - https://github.com/matrix-org/matrix-hookshot
 maintainers:
  - name: alexlebens
 icon: https://avatars.githubusercontent.com/u/8418310?s=48&v=4
 appVersion: "5.2.1"
--- a/charts/matrix-hookshot/templates/_helpers.tpl
+++ b/charts/matrix-hookshot/templates/_helpers.tpl
@@ -1,43 +0,0 @@
 {{/*
 Helper for secret name
 */}}
 {{- define "hookshot.secretName" -}}
 {{- if .Values.hookshot.existingSecret }}
 {{- printf "%s" .Values.hookshot.existingSecret -}}
 {{- else }}
 {{- printf "matrix-hookshot-config-secret" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{/*
 Helper for registration secret name
 */}}
 {{- define "hookshot.registrationSecretName" -}}
 {{- if .Values.hookshot.existingRegistrationSecret }}
 {{- printf "%s" .Values.hookshot.existingRegistrationSecret -}}
 {{- else }}
 {{- printf "matrix-hookshot-registration-secret" }}
 {{- end }}
 {{- end }}
 {{/*
 Helper for passkey secret name
 */}}
 {{- define "hookshot.passkeySecretName" -}}
 {{- if .Values.hookshot.existingPasskeySecret }}
 {{- printf "%s" .Values.hookshot.existingPasskeySecret -}}
 {{- else }}
 {{- printf "matrix-hookshot-passkey-secret" }}
 {{- end }}
 {{- end }}
 {{/*
 Helper for passkey file name
 */}}
 {{- define "hookshot.passFile" -}}
 {{- if .Values.hookshot.config.passFile }}
 {{- printf "%s" .Values.hookshot.config.passFile -}}
 {{- else }}
 {{- printf "passkey.pem" }}
 {{- end }}
 {{- end }}
--- a/charts/matrix-hookshot/templates/deployment.yaml
+++ b/charts/matrix-hookshot/templates/deployment.yaml
@@ -1,79 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: matrix-hookshot
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: matrix-hookshot
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  revisionHistoryLimit: 3
  replicas: {{ .Values.deployment.replicas }}
  strategy:
    type: {{ .Values.deployment.strategy }}
  selector:
    matchLabels:
      app.kubernetes.io/name: matrix-hookshot
      app.kubernetes.io/instance: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app.kubernetes.io/name: matrix-hookshot
        app.kubernetes.io/instance: {{ .Release.Name }}
    spec:
      serviceAccountName: matrix-hookshot
      automountServiceAccountToken: true
      containers:
        - name: matrix-hookshot
          image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
          imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
          ports:
            - name: webhook
              containerPort: {{ .Values.service.webhook.port }}
              protocol: TCP
            - name: metrics
              containerPort: {{ .Values.service.metrics.port }}
              protocol: TCP
            - name: appservice
              containerPort: {{ .Values.service.appservice.port }}
              protocol: TCP
            - name: widgets
              containerPort: {{ .Values.service.widgets.port }}
              protocol: TCP              
          env:
          {{- range $k,$v := .Values.deployment.env }}
            - name: {{ $k }}
              value: {{ $v | quote }}
          {{- end }}
          {{- with .Values.deployment.envFrom }}
          envFrom:
            {{- toYaml . | nindent 12 }}
          {{- end }}
          resources:
            {{- toYaml .Values.deployment.resources | nindent 12 }}
          volumeMounts:
            - name: config
              mountPath: /data/config.yml
              subPath: config.yml
              readOnly: true
            - name: registration
              mountPath: /data/registration.yml
              subPath: registration.yml
              readOnly: true
            - name: passkey
              mountPath: "/data/{{ template "hookshot.passFile" . }}"
              subPath: {{ template "hookshot.passFile" . }}
              readOnly: true
      volumes:
        - name: config
          secret:
            secretName: {{ template "hookshot.secretName" . }}
        - name: registration
          secret:
            secretName: {{ template "hookshot.registrationSecretName" . }}
        - name: passkey
          secret:
            secretName: {{ template "hookshot.passkeySecretName" . }}
--- a/charts/matrix-hookshot/templates/ingress.yaml
+++ b/charts/matrix-hookshot/templates/ingress.yaml
@@ -1,100 +0,0 @@
 {{- if .Values.ingress.webhook.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: matrix-hookshot-webhook
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: matrix-hookshot-webhook
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  annotations:
    {{- toYaml .Values.ingress.webhook.annotations | nindent 4 }}
 spec:
  ingressClassName: {{ .Values.ingress.webhook.className }}
  tls:
    - hosts:
        - {{ .Values.ingress.webhook.host }}
      secretName: {{ .Release.Name }}-webhook-secret-tls
  rules:
    - host: {{ .Values.ingress.webhook.host }}
      http:
        paths:
          - path: /webhook/
            pathType: Prefix
            backend:
              service:
                name: {{ .Release.Name }}
                port:
                  name: webhook
 {{- end }}
 ---
 {{- if .Values.ingress.appservice.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: matrix-hookshot-appservice
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: matrix-hookshot-appservice
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  annotations:
    {{- toYaml .Values.ingress.appservice.annotations | nindent 4 }}
 spec:
  ingressClassName: {{ .Values.ingress.appservice.className }}
  tls:
    - hosts:
        - {{ .Values.ingress.appservice.host }}
      secretName: {{ .Release.Name }}-appservice-secret-tls
  rules:
    - host: {{ .Values.ingress.appservice.host }}
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: {{ .Release.Name }}
                port:
                  name: appservice
 {{- end }}
 ---
 {{- if .Values.ingress.widgets.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: matrix-hookshot-widgets
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: matrix-hookshot-widgets
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  annotations:
    {{- toYaml .Values.ingress.widgets.annotations | nindent 4 }}
 spec:
  ingressClassName: {{ .Values.ingress.widgets.className }}
  tls:
    - hosts:
        - {{ .Values.ingress.widgets.host }}
      secretName: {{ .Release.Name }}-widgets-secret-tls
  rules:
    - host: {{ .Values.ingress.widgets.host }}
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: {{ .Release.Name }}
                port:
                  name: widgets
 {{- end }}
--- a/charts/matrix-hookshot/templates/pod.yaml
+++ b/charts/matrix-hookshot/templates/pod.yaml
@@ -1,26 +0,0 @@
 apiVersion: v1
 kind: Pod
 metadata:
  name: matrix-hookshot-test-connection
  labels:
    app.kubernetes.io/name: matrix-hookshot-test-connection
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  annotations:
    "helm.sh/hook": test-success
 spec:
  restartPolicy: Never
  containers:
    - name: wget
      image: busybox
      command: ['wget']
      args: ['matrix-hookshot:{{ .Values.service.webhook.port }}']
      resources:
        limits:
          cpu: 500m
          memory: 1Gi
        requests:
          cpu: 50m
          memory: 256Mi
--- a/charts/matrix-hookshot/templates/secret.yaml
+++ b/charts/matrix-hookshot/templates/secret.yaml
@@ -1,52 +0,0 @@
 {{- if not .Values.hookshot.existingSecret }}
 apiVersion: v1
 kind: Secret
 metadata:
  name: matrix-hookshot-config-secret
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: matrix-hookshot-config
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 data:
  config.yml: |
 {{ toYaml .Values.hookshot.config | indent 4 }}
 {{- end }}
 ---
 {{- if not .Values.hookshot.existingRegistrationSecret }}
 apiVersion: v1
 kind: Secret
 metadata:
  name: matrix-hookshot-registration-secret
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: matrix-hookshot-registration
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 data:
  registration.yml: |
 {{ toYaml .Values.hookshot.registration | indent 4 }}
 {{- end }}
 ---
 {{- if not .Values.hookshot.existingPasskeySecret }}
 apiVersion: v1
 kind: Secret
 metadata:
  name: matrix-hookshot-passkey-secret
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: matrix-hookshot-passkey
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 data:
  {{ .Values.hookshot.config.passFile }}: |
 {{ toYaml .Values.hookshot.passkey | indent 4 }}
 {{- end }}
--- a/charts/matrix-hookshot/templates/service-account.yaml
+++ b/charts/matrix-hookshot/templates/service-account.yaml
@@ -1,11 +0,0 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: matrix-hookshot
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: matrix-hookshot
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
--- a/charts/matrix-hookshot/templates/service-monitor.yaml
+++ b/charts/matrix-hookshot/templates/service-monitor.yaml
@@ -1,23 +0,0 @@
 {{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }}
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
  name: matrix-hookshot
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: matrix-hookshot
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  endpoints:
    - port: metrics
      interval: {{ .Values.metrics.serviceMonitor.interval }}
      scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }}
      path: /metrics
  selector:
    matchLabels:
      app.kubernetes.io/name: matrix-hookshot
      app.kubernetes.io/instance: {{ .Release.Name }}      
 {{- end }}
--- a/charts/matrix-hookshot/templates/service.yaml
+++ b/charts/matrix-hookshot/templates/service.yaml
@@ -1,33 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: matrix-hookshot
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: matrix-hookshot
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  type: {{ .Values.service.type }}
  ports:
    - port: {{ .Values.service.webhook.port }}
      targetPort: webhook
      protocol: TCP
      name: webhook
    - port: {{ .Values.service.metrics.port }}
      targetPort: metrics
      protocol: TCP
      name: metrics
    - port: {{ .Values.service.appservice.port }}
      targetPort: appservice
      protocol: TCP
      name: appservice
    - port: {{ .Values.service.widgets.port }}
      targetPort: widgets
      protocol: TCP
      name: widgets      
  selector:
    app.kubernetes.io/name: matrix-hookshot
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/matrix-hookshot/values.yaml
+++ b/charts/matrix-hookshot/values.yaml
@@ -1,248 +0,0 @@
 deployment:
  replicas: 1
  strategy: Recreate
  image:
    repository: halfshot/matrix-hookshot
    tag: "5.2.1"
    imagePullPolicy: IfNotPresent
  env: {}
  envFrom: []
  resources:
    limits:
      memory: 512Mi
      cpu: 100m
    requests:
      memory: 256Mi
      cpu: 50m
 service:
  type: ClusterIP
  webhook:
    port: 9000
  metrics:
    port: 9001
  appservice:
    port: 9002
  widgets:
    port: 9003
 ingress:
  webhook:
    enabled: false
    className: ""
    annotations: {}
    host: ""
  appservice:
    enabled: false
    className: ""
    annotations: {}
    host: ""
  widgets:
    enabled: false
    className: ""
    annotations: {}
    host: ""    
 metrics:
  enabled: false
  serviceMonitor:
    enabled: false
    interval: 15s
    scrapeTimeout: 5s
 # Reference the following for examples
 # https://matrix-org.github.io/matrix-hookshot/latest/setup/sample-configuration.html
 hookshot:
  # config.yml contents
  existingSecret: ""
  config:
    bridge:
      domain: example.com
      url: http://localhost:8008
      mediaUrl: https://example.com
      port: 9993
      bindAddress: 0.0.0.0
    passFile: passkey.pem
    logging:
      level: info
      colorize: true
      json: false
      timestampFormat: HH:mm:ss:SSS
    listeners:
      - port: 9000
        bindAddress: 0.0.0.0
        resources:
          - webhooks
      - port: 9001
        bindAddress: 0.0.0.0
        resources:
          - metrics
          - provisioning
      - port: 9003
        bindAddress: 0.0.0.0
        resources:
          - widgets
    #github:
    #  # (Optional) Configure this to enable GitHub support
    #  auth:
    #    # Authentication for the GitHub App.
    #    id: 123
    #    privateKeyFile: github-key.pem
    #  webhook:
    #    # Webhook settings for the GitHub app.
    #    secret: secrettoken
    #  oauth:
    #    # (Optional) Settings for allowing users to sign in via OAuth.
    #    client_id: foo
    #    client_secret: bar
    #    redirect_uri: https://example.com/oauth/
    #  defaultOptions:
    #    # (Optional) Default options for GitHub connections.
    #    showIssueRoomLink: false
    #    hotlinkIssues:
    #      prefix: "#"
    #  userIdPrefix:
    #    # (Optional) Prefix used when creating ghost users for GitHub accounts.
    #    _github_
    #gitlab:
    #  # (Optional) Configure this to enable GitLab support
    #  instances:
    #    gitlab.com:
    #      url: https://gitlab.com
    #  webhook:
    #    secret: secrettoken
    #    publicUrl: https://example.com/hookshot/
    #  userIdPrefix:
    #    # (Optional) Prefix used when creating ghost users for GitLab accounts.
    #    _gitlab_
    #  commentDebounceMs:
    #    # (Optional) Aggregate comments by waiting this many miliseconds before posting them to Matrix. Defaults to 5000 (5 seconds)
    #    5000
    #figma:
    #  # (Optional) Configure this to enable Figma support
    #  publicUrl: https://example.com/hookshot/
    #  instances:
    #    your-instance:
    #      teamId: your-team-id
    #      accessToken: your-personal-access-token
    #      passcode: your-webhook-passcode
    #jira:
    #  # (Optional) Configure this to enable Jira support. Only specify `url` if you are using a On Premise install (i.e. not atlassian.com)
    #  webhook:
    #    # Webhook settings for JIRA
    #    secret: secrettoken
    #  oauth:
    #    # (Optional) OAuth settings for connecting users to JIRA. See documentation for more information
    #    client_id: foo
    #    client_secret: bar
    #    redirect_uri: https://example.com/oauth/
    #generic:
    #  # (Optional) Support for generic webhook events.
    #  #'allowJsTransformationFunctions' will allow users to write short transformation snippets in code, and thus is unsafe in untrusted environments
    #  enabled: false
    #  enableHttpGet: false
    #  urlPrefix: https://example.com/webhook/
    #  userIdPrefix: _webhooks_
    #  allowJsTransformationFunctions: false
    #  waitForComplete: false
    #feeds:
    #  # (Optional) Configure this to enable RSS/Atom feed support
    #  enabled: false
    #  pollConcurrency: 4
    #  pollIntervalSeconds: 600
    #  pollTimeoutSeconds: 30
    #provisioning:
    #  # (Optional) Provisioning API for integration managers
    #  secret: "!secretToken"
    #bot:
    #  # (Optional) Define profile information for the bot user
    #  displayname: Hookshot Bot
    #  avatar: mxc://half-shot.uk/2876e89ccade4cb615e210c458e2a7a6883fe17d
    #serviceBots:
    #  # (Optional) Define additional bot users for specific services
    #  - localpart: feeds
    #    displayname: Feeds
    #    avatar: ./assets/feeds_avatar.png
    #    prefix: "!feeds"
    #    service: feeds
    #metrics:
    #  # (Optional) Prometheus metrics support
    #  enabled: true
    #cache:
    #  # (Optional) Cache options for large scale deployments.
    #  # For encryption to work, this must be configured.
    #  redisUri: redis://localhost:6379
    #queue:
    #  # (Optional) Message queue configuration options for large scale deployments.
    #  # For encryption to work, this must not be configured.
    #  redisUri: redis://localhost:6379
    #widgets:
    #  # (Optional) EXPERIMENTAL support for complimentary widgets
    #  addToAdminRooms: false
    #  disallowedIpRanges:
    #    - 127.0.0.0/8
    #    - 10.0.0.0/8
    #    - 172.16.0.0/12
    #    - 192.168.0.0/16
    #    - 100.64.0.0/10
    #    - 192.0.0.0/24
    #    - 169.254.0.0/16
    #    - 192.88.99.0/24
    #    - 198.18.0.0/15
    #    - 192.0.2.0/24
    #    - 198.51.100.0/24
    #    - 203.0.113.0/24
    #    - 224.0.0.0/4
    #    - ::1/128
    #    - fe80::/10
    #    - fc00::/7
    #    - 2001:db8::/32
    #    - ff00::/8
    #    - fec0::/10
    #  roomSetupWidget:
    #    addOnInvite: false
    #  publicUrl: https://example.com/widgetapi/v1/static/
    #  branding:
    #    widgetTitle: Hookshot Configuration
    #sentry:
    #  # (Optional) Configure Sentry error reporting
    #  dsn: https://examplePublicKey@o0.ingest.sentry.io/0
    #  environment: production
    #permissions:
    #  # (Optional) Permissions for using the bridge. See docs/setup.md#permissions for help
    #  - actor: example.com
    #    services:
    #      - service: "*"
    #        level: admin
  # registration.yml contents
  existingRegistrationSecret: ""
  registration:
    id: matrix-hookshot
    as_token: ""
    hs_token: ""
    namespaces:
      rooms: []
      users: []
    sender_localpart: hookshot
    url: "http://example.com"
    rate_limited: false
  # A passkey used to encrypt tokens stored inside the bridge.
  # Run openssl genpkey -out passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:4096 to generate
  existingPasskeySecret: ""
  passkey: ""
--- a/charts/mautrix-discord/Chart.yaml
+++ b/charts/mautrix-discord/Chart.yaml
@@ -1,15 +0,0 @@
 apiVersion: v2
 name: mautrix-discord
 version: 0.0.2
 description: Chart for Matrix Discord Bridge
 keywords:
  - matrix
  - mautrix-discord
  - bridge
  - discord
 sources:
  - https://github.com/mautrix/discord
 maintainers:
  - name: alexlebens
 icon: https://avatars.githubusercontent.com/u/88519669?s=48&v=4
 appVersion: v0.6.5
--- a/charts/mautrix-discord/templates/_helpers.tpl
+++ b/charts/mautrix-discord/templates/_helpers.tpl
@@ -1,41 +0,0 @@
 {{/*
 Helper for secret name
 */}}
 {{- define "mautrix-discord.secretName" -}}
 {{- if .Values.mautrixDiscord.existingSecret }}
 {{- printf "%s" .Values.mautrixDiscord.existingSecret -}}
 {{- else }}
 {{- printf "mautrix-discord-config-secret" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{/*
 Helper for registration secret name
 */}}
 {{- define "mautrix-discord.registrationSecretName" -}}
 {{- if .Values.mautrixDiscord.existingRegistrationSecret }}
 {{- printf "%s" .Values.mautrixDiscord.existingRegistrationSecret -}}
 {{- else }}
 {{- printf "mautrix-discord-registration-secret" }}
 {{- end }}
 {{- end }}
 {{/*
 Generate registration.yaml if not from existing secret
 */}}
 {{- define "mautrix-discord.registration-yaml" -}}
 id: {{ .Values.mautrixDiscord.config.appservice.id | quote }}
 as_token: {{ .Values.mautrixDiscord.config.appservice.as_token | quote }}
 hs_token: {{ .Values.mautrixDiscord.config.appservice.hs_token | quote }}
 namespaces:
  users:
    - regex: {{ printf "^@discordbot:%s$" (replace "." "\\." .Values.mautrixDiscord.config.homeserver.domain) }}
      exclusive: true
    - regex: {{ printf "^@%s:%s$" (replace "{{.}}" ".*" (tpl .Values.mautrixDiscord.config.bridge.username_template .)) (replace "." "\\." .Values.mautrixDiscord.config.homeserver.domain) }}
      exclusive: true
 url: {{ .Values.mautrixDiscord.config.appservice.address | quote }}
 sender_localpart: {{ .Values.mautrixDiscord.registration.sender_localpart | quote }}
 rate_limited: {{ .Values.mautrixDiscord.registration.rate_limited }}
 de.sorunome.msc2409.push_ephemeral: true
 push_ephemeral: true
 {{- end -}}
--- a/charts/mautrix-discord/templates/deployment.yaml
+++ b/charts/mautrix-discord/templates/deployment.yaml
@@ -1,96 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: mautrix-discord
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-discord
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  revisionHistoryLimit: 3
  replicas: {{ .Values.deployment.replicas }}
  strategy:
    type: {{ .Values.deployment.strategy }}
  selector:
    matchLabels:
      app.kubernetes.io/name: mautrix-discord
      app.kubernetes.io/instance: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app.kubernetes.io/name: mautrix-discord
        app.kubernetes.io/instance: {{ .Release.Name }}
    spec:
      serviceAccountName: mautrix-discord
      automountServiceAccountToken: true
      containers:
        - name: mautrix-discord
          image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
          imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.port }}
              protocol: TCP
          env:
          {{- range $k,$v := .Values.deployment.env }}
            - name: {{ $k }}
              value: {{ $v | quote }}
          {{- end }}
          {{- with .Values.deployment.envFrom }}
          envFrom:
            {{- toYaml . | nindent 12 }}
          {{- end }}
          livenessProbe:
            httpGet:
              path: /_matrix/mau/live
              port: http
            failureThreshold: {{ .Values.deployment.probes.liveness.failureThreshold }}
            periodSeconds: {{ .Values.deployment.probes.liveness.periodSeconds }}
          readinessProbe:
            httpGet:
              path: /_matrix/mau/ready
              port: http
            failureThreshold: {{ .Values.deployment.probes.readiness.failureThreshold }}
            periodSeconds: {{ .Values.deployment.probes.readiness.periodSeconds }}
          resources:
            {{- toYaml .Values.deployment.resources | nindent 12 }}
          volumeMounts:
            - name: config
              mountPath: /data/config.yaml
              subPath: config.yaml
              readOnly: true
            - name: registration
              mountPath: /data/registration.yaml
              subPath: registration.yaml
              readOnly: true
            - name: data
              mountPath: /data
      volumes:
        - name: config
          secret:
            secretName: {{ template "mautrix-discord.secretName" . }}
        - name: registration
          secret:
            secretName: {{ template "mautrix-discord.registrationSecretName" . }}
        - name: data
          {{- if .Values.persistence.enabled }}
          persistentVolumeClaim:
            claimName: {{ .Values.persistence.existingClaim | default "mautrix-discord-data" }}
          {{- else }}
          emptyDir: {}
          {{- end }}
      {{- with .Values.deployment.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.deployment.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.deployment.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
--- a/charts/mautrix-discord/templates/ingress.yaml
+++ b/charts/mautrix-discord/templates/ingress.yaml
@@ -1,32 +0,0 @@
 {{- if .Values.ingress.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: mautrix-discord
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-discord
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  annotations:
    {{- toYaml .Values.ingress.annotations | nindent 4 }}
 spec:
  ingressClassName: {{ .Values.ingress.className }}
  tls:
    - hosts:
        - {{ .Values.ingress.host }}
      secretName: {{ .Release.Name }}-secret-tls
  rules:
    - host: {{ .Values.ingress.host }}
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: mautrix-discord
                port:
                  name: http
 {{- end }}
--- a/charts/mautrix-discord/templates/persistent-volume-claim.yaml
+++ b/charts/mautrix-discord/templates/persistent-volume-claim.yaml
@@ -1,26 +0,0 @@
 {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
 kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
  name: mautrix-discord-data
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-discord
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  accessModes:
    - {{ .Values.persistence.accessMode | quote }}
  resources:
    requests:
      storage: {{ .Values.persistence.size | quote }}
  {{- if .Values.persistence.storageClass }}
  {{- if not .Values.persistence.storageClass }}
  storageClassName: ""
  {{- else }}
  storageClassName: {{ .Values.persistence.storageClass | quote }}
  {{- end }}
  {{- end }}
 {{- end }}
--- a/charts/mautrix-discord/templates/secret.yaml
+++ b/charts/mautrix-discord/templates/secret.yaml
@@ -1,33 +0,0 @@
 {{- if not .Values.mautrixDiscord.existingSecret }}
 apiVersion: v1
 kind: Secret
 metadata:
  name: mautrix-discord-config-secret
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-discord-config
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 data:
  config.yaml: |
 {{ toYaml .Values.mautrixDiscord.config | indent 4 }}
 {{- end }}
 ---
 {{- if not .Values.mautrixDiscord.existingRegistrationSecret }}
 apiVersion: v1
 kind: Secret
 metadata:
  name: mautrix-discord-registration-secret
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-discord-registration
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 data:
  registration.yaml: {{ include "mautrix-discord.registration-yaml" . | b64enc | quote }}
 {{- end }}
--- a/charts/mautrix-discord/templates/service-account.yaml
+++ b/charts/mautrix-discord/templates/service-account.yaml
@@ -1,17 +0,0 @@
 {{- if .Values.serviceAccount.create -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: mautrix-discord
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-discord
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  {{- with .Values.serviceAccount.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 {{- end -}}
--- a/charts/mautrix-discord/templates/service.yaml
+++ b/charts/mautrix-discord/templates/service.yaml
@@ -1,24 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: mautrix-discord
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-discord
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  type: {{ .Values.service.type }}
  clusterIP: {{ .Values.service.clusterIP | quote }}
  externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }}
  publishNotReadyAddresses: {{ .Values.service.publishNotReadyAddresses }}
  ports:
    - port: {{ .Values.service.port }}
      targetPort: http
      protocol: TCP
      name: http
  selector:
    app.kubernetes.io/name: mautrix-discord
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/mautrix-discord/values.yaml
+++ b/charts/mautrix-discord/values.yaml
@@ -1,427 +0,0 @@
 deployment:
  replicas: 1
  strategy: Recreate
  image:
    repository: dock.mau.dev/mautrix/discord
    tag: v0.6.5
    imagePullPolicy: IfNotPresent
  env: {}
  envFrom: []
  resources:
    limits:
      memory: 128Mi
      cpu: 200m
    requests:
      memory: 64Mi
      cpu: 50m
  probes:
    liveness:
      failureThreshold: 5
      periodSeconds: 10
    readiness:
      failureThreshold: 5
      periodSeconds: 10
  nodeSelector: {}
  tolerations: []
  affinity: {}
 serviceAccount:
  create: true
  annotations: {}
 service:
  type: ClusterIP
  clusterIP: None
  port: 29334
  externalTrafficPolicy: ""
  publishNotReadyAddresses: true
 ingress:
  enabled: false
  className: ""
  annotations: {}
  host: ""
 persistence:
  enabled: false
  existingClaim: ""
  storageClass: ""
  accessMode: ReadWriteOnce
  size: 500Mi
 # Reference the following for examples
 # https://github.com/mautrix/discord/blob/main/example-config.yaml
 mautrixDiscord:
  # config.yml contents
  existingSecret: ""
  config:
    # Homeserver details.
    homeserver:
        # The address that this appservice can use to connect to the homeserver.
        address: https://matrix.example.com
        # Publicly accessible base URL for media, used for avatars in relay mode.
        # If not set, the connection address above will be used.
        public_address: null
        # The domain of the homeserver (also known as server_name, used for MXIDs, etc).
        domain: example.com
        # What software is the homeserver running?
        # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
        software: standard
        # The URL to push real-time bridge status to.
        # If set, the bridge will make POST requests to this URL whenever a user's discord connection state changes.
        # The bridge will use the appservice as_token to authorize requests.
        status_endpoint: null
        # Endpoint for reporting per-message status.
        message_send_checkpoint_endpoint: null
        # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
        async_media: false
        # Should the bridge use a websocket for connecting to the homeserver?
        # The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
        # mautrix-asmux (deprecated), and hungryserv (proprietary).
        websocket: false
        # How often should the websocket be pinged? Pinging will be disabled if this is zero.
        ping_interval_seconds: 0
    # Application service host/registration related details.
    # Changing these values requires regeneration of the registration.
    appservice:
        # The address that the homeserver can use to connect to this appservice.
        address: http://localhost:29334
        # The hostname and port where this appservice should listen.
        hostname: 0.0.0.0
        port: 29334
        # Database config.
        database:
            # The database type. "sqlite3-fk-wal" and "postgres" are supported.
            type: postgres
            # The database URI.
            #   SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
            #           https://github.com/mattn/go-sqlite3#connection-string
            #   Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
            #             To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
            uri: postgres://user:password@host/database?sslmode=disable
            # Maximum number of connections. Mostly relevant for Postgres.
            max_open_conns: 20
            max_idle_conns: 2
            # Maximum connection idle time and lifetime before they're closed. Disabled if null.
            # Parsed with https://pkg.go.dev/time#ParseDuration
            max_conn_idle_time: null
            max_conn_lifetime: null
        # The unique ID of this appservice.
        id: discord
        # Appservice bot details.
        bot:
            # Username of the appservice bot.
            username: discordbot
            # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
            # to leave display name/avatar as-is.
            displayname: Discord bridge bot
            avatar: mxc://maunium.net/nIdEykemnwdisvHbpxflpDlC
        # Whether or not to receive ephemeral events via appservice transactions.
        # Requires MSC2409 support (i.e. Synapse 1.22+).
        ephemeral_events: true
        # Should incoming events be handled asynchronously?
        # This may be necessary for large public instances with lots of messages going through.
        # However, messages will not be guaranteed to be bridged in the same order they were sent in.
        async_transactions: false
        # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
        as_token: "This value is generated when generating the registration"
        hs_token: "This value is generated when generating the registration"
    # Bridge config
    bridge:
        # Localpart template of MXIDs for Discord users.
        # {{.}} is replaced with the internal ID of the Discord user.
        username_template: discord_{{.}}
        # Displayname template for Discord users. This is also used as the room name in DMs if private_chat_portal_meta is enabled.
        # Available variables:
        #   .ID - Internal user ID
        #   .Username - Legacy display/username on Discord
        #   .GlobalName - New displayname on Discord
        #   .Discriminator - The 4 numbers after the name on Discord
        #   .Bot - Whether the user is a bot
        #   .System - Whether the user is an official system user
        #   .Webhook - Whether the user is a webhook and is not an application
        #   .Application - Whether the user is an application
        displayname_template: '{{or .GlobalName .Username}}{{if .Bot}} (bot){{end}}'
        # Displayname template for Discord channels (bridged as rooms, or spaces when type=4).
        # Available variables:
        #   .Name - Channel name, or user displayname (pre-formatted with displayname_template) in DMs.
        #   .ParentName - Parent channel name (used for categories).
        #   .GuildName - Guild name.
        #   .NSFW - Whether the channel is marked as NSFW.
        #   .Type - Channel type (see values at https://github.com/bwmarrin/discordgo/blob/v0.25.0/structs.go#L251-L267)
        channel_name_template: '{{if or (eq .Type 3) (eq .Type 4)}}{{.Name}}{{else}}#{{.Name}}{{end}}'
        # Displayname template for Discord guilds (bridged as spaces).
        # Available variables:
        #   .Name - Guild name
        guild_name_template: '{{.Name}}'
        # Whether to explicitly set the avatar and room name for private chat portal rooms.
        # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
        # If set to `always`, all DM rooms will have explicit names and avatars set.
        # If set to `never`, DM rooms will never have names and avatars set.
        private_chat_portal_meta: default
        portal_message_buffer: 128
        # Number of private channel portals to create on bridge startup.
        # Other portals will be created when receiving messages.
        startup_private_channel_create_limit: 5
        # Should the bridge send a read receipt from the bridge bot when a message has been sent to Discord?
        delivery_receipts: false
        # Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
        message_status_events: false
        # Whether the bridge should send error notices via m.notice events when a message fails to bridge.
        message_error_notices: true
        # Should the bridge use space-restricted join rules instead of invite-only for guild rooms?
        # This can avoid unnecessary invite events in guild rooms when members are synced in.
        restricted_rooms: true
        # Should the bridge automatically join the user to threads on Discord when the thread is opened on Matrix?
        # This only works with clients that support thread read receipts (MSC3771 added in Matrix v1.4).
        autojoin_thread_on_open: true
        # Should inline fields in Discord embeds be bridged as HTML tables to Matrix?
        # Tables aren't supported in all clients, but are the only way to emulate the Discord inline field UI.
        embed_fields_as_tables: true
        # Should guild channels be muted when the portal is created? This only meant for single-user instances,
        # it won't mute it for all users if there are multiple Matrix users in the same Discord guild.
        mute_channels_on_create: false
        # Should the bridge update the m.direct account data event when double puppeting is enabled.
        # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
        # and is therefore prone to race conditions.
        sync_direct_chat_list: false
        # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
        # This field will automatically be changed back to false after it, except if the config file is not writable.
        resend_bridge_info: false
        # Should incoming custom emoji reactions be bridged as mxc:// URIs?
        # If set to false, custom emoji reactions will be bridged as the shortcode instead, and the image won't be available.
        custom_emoji_reactions: true
        # Should the bridge attempt to completely delete portal rooms when a channel is deleted on Discord?
        # If true, the bridge will try to kick Matrix users from the room. Otherwise, the bridge only makes ghosts leave.
        delete_portal_on_channel_delete: false
        # Should the bridge delete all portal rooms when you leave a guild on Discord?
        # This only applies if the guild has no other Matrix users on this bridge instance.
        delete_guild_on_leave: true
        # Whether or not created rooms should have federation enabled.
        # If false, created portal rooms will never be federated.
        federate_rooms: true
        # Prefix messages from webhooks with the profile info? This can be used along with a custom displayname_template
        # to better handle webhooks that change their name all the time (like ones used by bridges).
        prefix_webhook_messages: false
        # Bridge webhook avatars?
        enable_webhook_avatars: true
        # Should the bridge upload media to the Discord CDN directly before sending the message when using a user token,
        # like the official client does? The other option is sending the media in the message send request as a form part
        # (which is always used by bots and webhooks).
        use_discord_cdn_upload: true
        # Should mxc uris copied from Discord be cached?
        # This can be `never` to never cache, `unencrypted` to only cache unencrypted mxc uris, or `always` to cache everything.
        # If you have a media repo that generates non-unique mxc uris, you should set this to never.
        cache_media: unencrypted
        # Settings for converting Discord media to custom mxc:// URIs instead of reuploading.
        # More details can be found at https://docs.mau.fi/bridges/go/discord/direct-media.html
        direct_media:
            # Should custom mxc:// URIs be used instead of reuploading media?
            enabled: false
            # The server name to use for the custom mxc:// URIs.
            # This server name will effectively be a real Matrix server, it just won't implement anything other than media.
            # You must either set up .well-known delegation from this domain to the bridge, or proxy the domain directly to the bridge.
            server_name: discord-media.example.com
            # Optionally a custom .well-known response. This defaults to `server_name:443`
            well_known_response:
            # The bridge supports MSC3860 media download redirects and will use them if the requester supports it.
            # Optionally, you can force redirects and not allow proxying at all by setting this to false.
            allow_proxy: true
            # Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file.
            # This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them.
            server_key: generate
        # Settings for converting animated stickers.
        animated_sticker:
            # Format to which animated stickers should be converted.
            # disable - No conversion, send as-is (lottie JSON)
            # png - converts to non-animated png (fastest)
            # gif - converts to animated gif
            # webm - converts to webm video, requires ffmpeg executable with vp9 codec and webm container support
            # webp - converts to animated webp, requires ffmpeg executable with webp codec/container support
            target: webp
            # Arguments for converter. All converters take width and height.
            args:
                width: 320
                height: 320
                fps: 25 # only for webm, webp and gif (2, 5, 10, 20 or 25 recommended)
        # Servers to always allow double puppeting from
        double_puppet_server_map:
            example.com: https://example.com
        # Allow using double puppeting from any server with a valid client .well-known file.
        double_puppet_allow_discovery: false
        # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
        #
        # If set, double puppeting will be enabled automatically for local users
        # instead of users having to find an access token and run `login-matrix`
        # manually.
        login_shared_secret_map:
            example.com: foobar
        # The prefix for commands. Only required in non-management rooms.
        command_prefix: '!discord'
        # Messages sent upon joining a management room.
        # Markdown is supported. The defaults are listed below.
        management_room_text:
            # Sent when joining a room.
            welcome: "Hello, I'm a Discord bridge bot."
            # Sent when joining a management room and the user is already logged in.
            welcome_connected: "Use `help` for help."
            # Sent when joining a management room and the user is not logged in.
            welcome_unconnected: "Use `help` for help or `login` to log in."
            # Optional extra text sent when joining a management room.
            additional_help: ""
        # Settings for backfilling messages.
        backfill:
            # Limits for forward backfilling.
            forward_limits:
                # Initial backfill (when creating portal). 0 means backfill is disabled.
                # A special unlimited value is not supported, you must set a limit. Initial backfill will
                # fetch all messages first before backfilling anything, so high limits can take a lot of time.
                initial:
                    dm: 0
                    channel: 0
                    thread: 0
                # Missed message backfill (on startup).
                # 0 means backfill is disabled, -1 means fetch all messages since last bridged message.
                # When using unlimited backfill (-1), messages are backfilled as they are fetched.
                # With limits, all messages up to the limit are fetched first and backfilled afterwards.
                missed:
                    dm: 0
                    channel: 0
                    thread: 0
            # Maximum members in a guild to enable backfilling. Set to -1 to disable limit.
            # This can be used as a rough heuristic to disable backfilling in channels that are too active.
            # Currently only applies to missed message backfill.
            max_guild_members: -1
        # End-to-bridge encryption support options.
        #
        # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
        encryption:
            # Allow encryption, work in group chat rooms with e2ee enabled
            allow: false
            # Default to encryption, force-enable encryption in all portals the bridge creates
            # This will cause the bridge bot to be in private chats for the encryption to work properly.
            default: false
            # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
            appservice: false
            # Require encryption, drop any unencrypted messages.
            require: false
            # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
            # You must use a client that supports requesting keys from other users to use this feature.
            allow_key_sharing: false
            # Should users mentions be in the event wire content to enable the server to send push notifications?
            plaintext_mentions: false
            # Options for deleting megolm sessions from the bridge.
            delete_keys:
                # Beeper-specific: delete outbound sessions when hungryserv confirms
                # that the user has uploaded the key to key backup.
                delete_outbound_on_ack: false
                # Don't store outbound sessions in the inbound table.
                dont_store_outbound: false
                # Ratchet megolm sessions forward after decrypting messages.
                ratchet_on_decrypt: false
                # Delete fully used keys (index >= max_messages) after decrypting messages.
                delete_fully_used_on_decrypt: false
                # Delete previous megolm sessions from same device when receiving a new one.
                delete_prev_on_new_session: false
                # Delete megolm sessions received from a device when the device is deleted.
                delete_on_device_delete: false
                # Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
                periodically_delete_expired: false
                # Delete inbound megolm sessions that don't have the received_at field used for
                # automatic ratcheting and expired session deletion. This is meant as a migration
                # to delete old keys prior to the bridge update.
                delete_outdated_inbound: false
            # What level of device verification should be required from users?
            #
            # Valid levels:
            #   unverified - Send keys to all device in the room.
            #   cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
            #   cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
            #   cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
            #                           Note that creating user signatures from the bridge bot is not currently possible.
            #   verified - Require manual per-device verification
            #              (currently only possible by modifying the `trust` column in the `crypto_device` database table).
            verification_levels:
                # Minimum level for which the bridge should send keys to when bridging messages from WhatsApp to Matrix.
                receive: unverified
                # Minimum level that the bridge should accept for incoming Matrix messages.
                send: unverified
                # Minimum level that the bridge should require for accepting key requests.
                share: cross-signed-tofu
            # Options for Megolm room key rotation. These options allow you to
            # configure the m.room.encryption event content. See:
            # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
            # more information about that event.
            rotation:
                # Enable custom Megolm room key rotation settings. Note that these
                # settings will only apply to rooms created after this option is
                # set.
                enable_custom: false
                # The maximum number of milliseconds a session should be used
                # before changing it. The Matrix spec recommends 604800000 (a week)
                # as the default.
                milliseconds: 604800000
                # The maximum number of messages that should be sent with a given a
                # session before changing it. The Matrix spec recommends 100 as the
                # default.
                messages: 100
                # Disable rotating keys when a user's devices change?
                # You should not enable this option unless you understand all the implications.
                disable_device_change_key_rotation: false
        # Settings for provisioning API
        provisioning:
            # Prefix for the provisioning API paths.
            prefix: /_matrix/provision
            # Shared secret for authentication. If set to "generate", a random secret will be generated,
            # or if set to "disable", the provisioning API will be disabled.
            shared_secret: generate
            # Enable debug API at /debug with provisioning authentication.
            debug_endpoints: false
        # Permissions for using the bridge.
        # Permitted values:
        #    relay - Talk through the relaybot (if enabled), no access otherwise
        #     user - Access to use the bridge to chat with a Discord account.
        #    admin - User level and some additional administration tools
        # Permitted keys:
        #        * - All Matrix users
        #   domain - All users on that homeserver
        #     mxid - Specific user
        permissions:
            "*": relay
            "example.com": user
            "@admin:example.com": admin
    # Logging config. See https://github.com/tulir/zeroconfig for details.
    logging:
        min_level: debug
        writers:
        - type: stdout
          format: pretty-colored
        - type: file
          format: json
          filename: ./logs/mautrix-discord.log
          max_size: 100
          max_backups: 10
          compress: true
  # registration.yml contents
  existingRegistrationSecret: ""
  registration:
    rate_limited: false
    sender_localpart: discordbridgebot
--- a/charts/mautrix-whatsapp/Chart.yaml
+++ b/charts/mautrix-whatsapp/Chart.yaml
@@ -1,15 +0,0 @@
 apiVersion: v2
 name: mautrix-whatsapp
 version: 0.0.2
 description: Chart for Matrix Whatsapp Bridge
 keywords:
  - matrix
  - mautrix-whatsapp
  - bridge
  - whatsapp
 sources:
  - https://github.com/mautrix/whatsapp
 maintainers:
  - name: alexlebens
 icon: https://avatars.githubusercontent.com/u/88519669?s=48&v=4
 appVersion: v0.10.6
--- a/charts/mautrix-whatsapp/templates/_helpers.tpl
+++ b/charts/mautrix-whatsapp/templates/_helpers.tpl
@@ -1,41 +0,0 @@
 {{/*
 Helper for secret name
 */}}
 {{- define "mautrix-whatsapp.secretName" -}}
 {{- if .Values.mautrixWhatsapp.existingSecret }}
 {{- printf "%s" .Values.mautrixWhatsapp.existingSecret -}}
 {{- else }}
 {{- printf "mautrix-whatsapp-config-secret" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{/*
 Helper for registration secret name
 */}}
 {{- define "mautrix-whatsapp.registrationSecretName" -}}
 {{- if .Values.mautrixWhatsapp.existingRegistrationSecret }}
 {{- printf "%s" .Values.mautrixWhatsapp.existingRegistrationSecret -}}
 {{- else }}
 {{- printf "mautrix-whatsapp-registration-secret" }}
 {{- end }}
 {{- end }}
 {{/*
 Generate registration.yaml if not from existing secret
 */}}
 {{- define "mautrix-whatsapp.registration-yaml" -}}
 id: {{ .Values.mautrixWhatsapp.config.appservice.id | quote }}
 as_token: {{ .Values.mautrixWhatsapp.config.appservice.as_token | quote }}
 hs_token: {{ .Values.mautrixWhatsapp.config.appservice.hs_token | quote }}
 namespaces:
  users:
    - regex: {{ printf "^@whatsappbot:%s$" (replace "." "\\." .Values.mautrixWhatsapp.config.homeserver.domain) }}
      exclusive: true
    - regex: {{ printf "^@%s:%s$" (replace "{{.}}" ".*" (tpl .Values.mautrixWhatsapp.config.bridge.username_template .)) (replace "." "\\." .Values.mautrixWhatsapp.config.homeserver.domain) }}
      exclusive: true
 url: {{ .Values.mautrixWhatsapp.config.appservice.address | quote }}
 sender_localpart: {{ .Values.mautrixWhatsapp.registration.sender_localpart | quote }}
 rate_limited: {{ .Values.mautrixWhatsapp.registration.rate_limited }}
 de.sorunome.msc2409.push_ephemeral: true
 push_ephemeral: true
 {{- end -}}
--- a/charts/mautrix-whatsapp/templates/deployment.yaml
+++ b/charts/mautrix-whatsapp/templates/deployment.yaml
@@ -1,96 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: mautrix-whatsapp
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-whatsapp
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  revisionHistoryLimit: 3
  replicas: {{ .Values.deployment.replicas }}
  strategy:
    type: {{ .Values.deployment.strategy }}
  selector:
    matchLabels:
      app.kubernetes.io/name: mautrix-whatsapp
      app.kubernetes.io/instance: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app.kubernetes.io/name: mautrix-whatsapp
        app.kubernetes.io/instance: {{ .Release.Name }}
    spec:
      serviceAccountName: mautrix-whatsapp
      automountServiceAccountToken: true
      containers:
        - name: mautrix-whatsapp
          image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
          imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.port }}
              protocol: TCP
          env:
          {{- range $k,$v := .Values.deployment.env }}
            - name: {{ $k }}
              value: {{ $v | quote }}
          {{- end }}
          {{- with .Values.deployment.envFrom }}
          envFrom:
            {{- toYaml . | nindent 12 }}
          {{- end }}
          livenessProbe:
            httpGet:
              path: /_matrix/mau/live
              port: http
            failureThreshold: {{ .Values.deployment.probes.liveness.failureThreshold }}
            periodSeconds: {{ .Values.deployment.probes.liveness.periodSeconds }}
          readinessProbe:
            httpGet:
              path: /_matrix/mau/ready
              port: http
            failureThreshold: {{ .Values.deployment.probes.readiness.failureThreshold }}
            periodSeconds: {{ .Values.deployment.probes.readiness.periodSeconds }}
          resources:
            {{- toYaml .Values.deployment.resources | nindent 12 }}
          volumeMounts:
            - name: config
              mountPath: /data/config.yaml
              subPath: config.yaml
              readOnly: true
            - name: registration
              mountPath: /data/registration.yaml
              subPath: registration.yaml
              readOnly: true
            - name: data
              mountPath: /data
      volumes:
        - name: config
          secret:
            secretName: {{ template "mautrix-whatsapp.secretName" . }}
        - name: registration
          secret:
            secretName: {{ template "mautrix-whatsapp.registrationSecretName" . }}
        - name: data
          {{- if .Values.persistence.enabled }}
          persistentVolumeClaim:
            claimName: {{ .Values.persistence.existingClaim | default "mautrix-whatsapp-data" }}
          {{- else }}
          emptyDir: {}
          {{- end }}
      {{- with .Values.deployment.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.deployment.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.deployment.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
--- a/charts/mautrix-whatsapp/templates/ingress.yaml
+++ b/charts/mautrix-whatsapp/templates/ingress.yaml
@@ -1,32 +0,0 @@
 {{- if .Values.ingress.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: mautrix-whatsapp
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-whatsapp
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  annotations:
    {{- toYaml .Values.ingress.annotations | nindent 4 }}
 spec:
  ingressClassName: {{ .Values.ingress.className }}
  tls:
    - hosts:
        - {{ .Values.ingress.host }}
      secretName: {{ .Release.Name }}-secret-tls
  rules:
    - host: {{ .Values.ingress.host }}
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: mautrix-whatsapp
                port:
                  name: http
 {{- end }}
--- a/charts/mautrix-whatsapp/templates/persistent-volume-claim.yaml
+++ b/charts/mautrix-whatsapp/templates/persistent-volume-claim.yaml
@@ -1,26 +0,0 @@
 {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
 kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
  name: mautrix-whatsapp-data
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-whatsapp
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  accessModes:
    - {{ .Values.persistence.accessMode | quote }}
  resources:
    requests:
      storage: {{ .Values.persistence.size | quote }}
  {{- if .Values.persistence.storageClass }}
  {{- if not .Values.persistence.storageClass }}
  storageClassName: ""
  {{- else }}
  storageClassName: {{ .Values.persistence.storageClass | quote }}
  {{- end }}
  {{- end }}
 {{- end }}
--- a/charts/mautrix-whatsapp/templates/secret.yaml
+++ b/charts/mautrix-whatsapp/templates/secret.yaml
@@ -1,33 +0,0 @@
 {{- if not .Values.mautrixWhatsapp.existingSecret }}
 apiVersion: v1
 kind: Secret
 metadata:
  name: mautrix-whatsapp-config-secret
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-whatsapp-config
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 data:
  config.yaml: |
 {{ toYaml .Values.mautrixWhatsapp.config | indent 4 }}
 {{- end }}
 ---
 {{- if not .Values.mautrixWhatsapp.existingRegistrationSecret }}
 apiVersion: v1
 kind: Secret
 metadata:
  name: mautrix-whatsapp-registration-secret
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-whatsapp-registration
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 data:
  registration.yaml: {{ include "mautrix-whatsapp.registration-yaml" . | b64enc | quote }}
 {{- end }}
--- a/charts/mautrix-whatsapp/templates/service-account.yaml
+++ b/charts/mautrix-whatsapp/templates/service-account.yaml
@@ -1,17 +0,0 @@
 {{- if .Values.serviceAccount.create -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: mautrix-whatsapp
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-whatsapp
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
  {{- with .Values.serviceAccount.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 {{- end -}}
--- a/charts/mautrix-whatsapp/templates/service.yaml
+++ b/charts/mautrix-whatsapp/templates/service.yaml
@@ -1,24 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: mautrix-whatsapp
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: mautrix-whatsapp
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
  type: {{ .Values.service.type }}
  clusterIP: {{ .Values.service.clusterIP | quote }}
  externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }}
  publishNotReadyAddresses: {{ .Values.service.publishNotReadyAddresses }}
  ports:
    - port: {{ .Values.service.port }}
      targetPort: http
      protocol: TCP
      name: http
  selector:
    app.kubernetes.io/name: mautrix-whatsapp
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/mautrix-whatsapp/values.yaml
+++ b/charts/mautrix-whatsapp/values.yaml
@@ -1,534 +0,0 @@
 deployment:
  replicas: 1
  strategy: Recreate
  image:
    repository: dock.mau.dev/mautrix/whatsapp
    tag: v0.10.6
    imagePullPolicy: IfNotPresent
  env: {}
  envFrom: []
  resources:
    limits:
      memory: 128Mi
      cpu: 200m
    requests:
      memory: 64Mi
      cpu: 50m
  probes:
    liveness:
      failureThreshold: 5
      periodSeconds: 10
    readiness:
      failureThreshold: 5
      periodSeconds: 10
  nodeSelector: {}
  tolerations: []
  affinity: {}
 serviceAccount:
  create: true
  annotations: {}
 service:
  type: ClusterIP
  clusterIP: None
  port: 29334
  externalTrafficPolicy: ""
  publishNotReadyAddresses: true
 ingress:
  enabled: false
  className: ""
  annotations: {}
  host: ""
 persistence:
  enabled: false
  existingClaim: ""
  storageClass: ""
  accessMode: ReadWriteOnce
  size: 500Mi
 # Reference the following for examples
 # https://github.com/mautrix/whatsapp/blob/main/example-config.yaml
 mautrixWhatsapp:
  # config.yml contents
  existingSecret: ""
  config:
    # Homeserver details.
    homeserver:
        # The address that this appservice can use to connect to the homeserver.
        address: https://matrix.example.com
        # The domain of the homeserver (also known as server_name, used for MXIDs, etc).
        domain: example.com
        # What software is the homeserver running?
        # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
        software: standard
        # The URL to push real-time bridge status to.
        # If set, the bridge will make POST requests to this URL whenever a user's whatsapp connection state changes.
        # The bridge will use the appservice as_token to authorize requests.
        status_endpoint: null
        # Endpoint for reporting per-message status.
        message_send_checkpoint_endpoint: null
        # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
        async_media: false
        # Should the bridge use a websocket for connecting to the homeserver?
        # The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
        # mautrix-asmux (deprecated), and hungryserv (proprietary).
        websocket: false
        # How often should the websocket be pinged? Pinging will be disabled if this is zero.
        ping_interval_seconds: 0
    # Application service host/registration related details.
    # Changing these values requires regeneration of the registration.
    appservice:
        # The address that the homeserver can use to connect to this appservice.
        address: http://localhost:29318
        # The hostname and port where this appservice should listen.
        hostname: 0.0.0.0
        port: 29318
        # Database config.
        database:
            # The database type. "sqlite3-fk-wal" and "postgres" are supported.
            type: postgres
            # The database URI.
            #   SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
            #           https://github.com/mattn/go-sqlite3#connection-string
            #   Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
            #             To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
            uri: postgres://user:password@host/database?sslmode=disable
            # Maximum number of connections. Mostly relevant for Postgres.
            max_open_conns: 20
            max_idle_conns: 2
            # Maximum connection idle time and lifetime before they're closed. Disabled if null.
            # Parsed with https://pkg.go.dev/time#ParseDuration
            max_conn_idle_time: null
            max_conn_lifetime: null
        # The unique ID of this appservice.
        id: whatsapp
        # Appservice bot details.
        bot:
            # Username of the appservice bot.
            username: whatsappbot
            # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
            # to leave display name/avatar as-is.
            displayname: WhatsApp bridge bot
            avatar: mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr
        # Whether or not to receive ephemeral events via appservice transactions.
        # Requires MSC2409 support (i.e. Synapse 1.22+).
        ephemeral_events: true
        # Should incoming events be handled asynchronously?
        # This may be necessary for large public instances with lots of messages going through.
        # However, messages will not be guaranteed to be bridged in the same order they were sent in.
        async_transactions: false
        # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
        as_token: "This value is generated when generating the registration"
        hs_token: "This value is generated when generating the registration"
    # Segment-compatible analytics endpoint for tracking some events, like provisioning API login and encryption errors.
    analytics:
        # Hostname of the tracking server. The path is hardcoded to /v1/track
        host: api.segment.io
        # API key to send with tracking requests. Tracking is disabled if this is null.
        token: null
        # Optional user ID for tracking events. If null, defaults to using Matrix user ID.
        user_id: null
    # Prometheus config.
    metrics:
        # Enable prometheus metrics?
        enabled: false
        # IP and port where the metrics listener should be. The path is always /metrics
        listen: 127.0.0.1:8001
    # Config for things that are directly sent to WhatsApp.
    whatsapp:
        # Device name that's shown in the "WhatsApp Web" section in the mobile app.
        os_name: Mautrix-WhatsApp bridge
        # Browser name that determines the logo shown in the mobile app.
        # Must be "unknown" for a generic icon or a valid browser name if you want a specific icon.
        # List of valid browser names: https://github.com/tulir/whatsmeow/blob/efc632c008604016ddde63bfcfca8de4e5304da9/binary/proto/def.proto#L43-L64
        browser_name: unknown
    # Bridge config
    bridge:
        # Localpart template of MXIDs for WhatsApp users.
        # {{.}} is replaced with the phone number of the WhatsApp user.
        username_template: whatsapp_{{.}}
        # Displayname template for WhatsApp users.
        # {{.PushName}}     - nickname set by the WhatsApp user
        # {{.BusinessName}} - validated WhatsApp business name
        # {{.Phone}}        - phone number (international format)
        # The following variables are also available, but will cause problems on multi-user instances:
        # {{.FullName}}  - full name from contact list
        # {{.FirstName}} - first name from contact list
        displayname_template: "{{or .BusinessName .PushName .JID}} (WA)"
        # Should the bridge create a space for each logged-in user and add bridged rooms to it?
        # Users who logged in before turning this on should run `!wa sync space` to create and fill the space for the first time.
        personal_filtering_spaces: false
        # Should the bridge send a read receipt from the bridge bot when a message has been sent to WhatsApp?
        delivery_receipts: false
        # Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
        message_status_events: false
        # Whether the bridge should send error notices via m.notice events when a message fails to bridge.
        message_error_notices: true
        # Should incoming calls send a message to the Matrix room?
        call_start_notices: true
        # Should another user's cryptographic identity changing send a message to Matrix?
        identity_change_notices: false
        portal_message_buffer: 128
        # Settings for handling history sync payloads.
        history_sync:
            # Enable backfilling history sync payloads from WhatsApp?
            backfill: true
            # The maximum number of initial conversations that should be synced.
            # Other conversations will be backfilled on demand when receiving a message or when initiating a direct chat.
            max_initial_conversations: -1
            # Maximum number of messages to backfill in each conversation.
            # Set to -1 to disable limit.
            message_count: 50
            # Should the bridge request a full sync from the phone when logging in?
            # This bumps the size of history syncs from 3 months to 1 year.
            request_full_sync: false
            # Configuration parameters that are sent to the phone along with the request full sync flag.
            # By default (when the values are null or 0), the config isn't sent at all.
            full_sync_config:
                # Number of days of history to request.
                # The limit seems to be around 3 years, but using higher values doesn't break.
                days_limit: null
                # This is presumably the maximum size of the transferred history sync blob, which may affect what the phone includes in the blob.
                size_mb_limit: null
                # This is presumably the local storage quota, which may affect what the phone includes in the history sync blob.
                storage_quota_mb: null
            # If this value is greater than 0, then if the conversation's last message was more than
            # this number of hours ago, then the conversation will automatically be marked it as read.
            # Conversations that have a last message that is less than this number of hours ago will
            # have their unread status synced from WhatsApp.
            unread_hours_threshold: 0
            ###############################################################################
            # The settings below are only applicable for backfilling using batch sending, #
            # which is no longer supported in Synapse.                                    #
            ###############################################################################
            # Settings for media requests. If the media expired, then it will not be on the WA servers.
            # Media can always be requested by reacting with the ♻️ (recycle) emoji.
            # These settings determine if the media requests should be done automatically during or after backfill.
            media_requests:
                # Should expired media be automatically requested from the server as part of the backfill process?
                auto_request_media: true
                # Whether to request the media immediately after the media message is backfilled ("immediate")
                # or at a specific time of the day ("local_time").
                request_method: immediate
                # If request_method is "local_time", what time should the requests be sent (in minutes after midnight)?
                request_local_time: 120
            # Settings for immediate backfills. These backfills should generally be small and their main purpose is
            # to populate each of the initial chats (as configured by max_initial_conversations) with a few messages
            # so that you can continue conversations without losing context.
            immediate:
                # The number of concurrent backfill workers to create for immediate backfills.
                # Note that using more than one worker could cause the room list to jump around
                # since there are no guarantees about the order in which the backfills will complete.
                worker_count: 1
                # The maximum number of events to backfill initially.
                max_events: 10
            # Settings for deferred backfills. The purpose of these backfills are to fill in the rest of
            # the chat history that was not covered by the immediate backfills.
            # These backfills generally should happen at a slower pace so as not to overload the homeserver.
            # Each deferred backfill config should define a "stage" of backfill (i.e. the last week of messages).
            # The fields are as follows:
            # - start_days_ago: the number of days ago to start backfilling from.
            #     To indicate the start of time, use -1. For example, for a week ago, use 7.
            # - max_batch_events: the number of events to send per batch.
            # - batch_delay: the number of seconds to wait before backfilling each batch.
            deferred:
                # Last Week
                - start_days_ago: 7
                  max_batch_events: 20
                  batch_delay: 5
                # Last Month
                - start_days_ago: 30
                  max_batch_events: 50
                  batch_delay: 10
                # Last 3 months
                - start_days_ago: 90
                  max_batch_events: 100
                  batch_delay: 10
                # The start of time
                - start_days_ago: -1
                  max_batch_events: 500
                  batch_delay: 10
        # Should puppet avatars be fetched from the server even if an avatar is already set?
        user_avatar_sync: true
        # Should Matrix users leaving groups be bridged to WhatsApp?
        bridge_matrix_leave: true
        # Should the bridge update the m.direct account data event when double puppeting is enabled.
        # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
        # and is therefore prone to race conditions.
        sync_direct_chat_list: false
        # Should the bridge use MSC2867 to bridge manual "mark as unread"s from
        # WhatsApp and set the unread status on initial backfill?
        # This will only work on clients that support the m.marked_unread or
        # com.famedly.marked_unread room account data.
        sync_manual_marked_unread: true
        # When double puppeting is enabled, users can use `!wa toggle` to change whether
        # presence is bridged. This setting sets the default value.
        # Existing users won't be affected when these are changed.
        default_bridge_presence: true
        # Send the presence as "available" to whatsapp when users start typing on a portal.
        # This works as a workaround for homeservers that do not support presence, and allows
        # users to see when the whatsapp user on the other side is typing during a conversation.
        send_presence_on_typing: false
        # Should the bridge always send "active" delivery receipts (two gray ticks on WhatsApp)
        # even if the user isn't marked as online (e.g. when presence bridging isn't enabled)?
        #
        # By default, the bridge acts like WhatsApp web, which only sends active delivery
        # receipts when it's in the foreground.
        force_active_delivery_receipts: false
        # Servers to always allow double puppeting from
        double_puppet_server_map:
            example.com: https://example.com
        # Allow using double puppeting from any server with a valid client .well-known file.
        double_puppet_allow_discovery: false
        # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
        #
        # If set, double puppeting will be enabled automatically for local users
        # instead of users having to find an access token and run `login-matrix`
        # manually.
        login_shared_secret_map:
            example.com: foobar
        # Whether to explicitly set the avatar and room name for private chat portal rooms.
        # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
        # If set to `always`, all DM rooms will have explicit names and avatars set.
        # If set to `never`, DM rooms will never have names and avatars set.
        private_chat_portal_meta: default
        # Should group members be synced in parallel? This makes member sync faster
        parallel_member_sync: false
        # Should Matrix m.notice-type messages be bridged?
        bridge_notices: true
        # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
        # This field will automatically be changed back to false after it, except if the config file is not writable.
        resend_bridge_info: false
        # When using double puppeting, should muted chats be muted in Matrix?
        mute_bridging: false
        # When using double puppeting, should archived chats be moved to a specific tag in Matrix?
        # Note that WhatsApp unarchives chats when a message is received, which will also be mirrored to Matrix.
        # This can be set to a tag (e.g. m.lowpriority), or null to disable.
        archive_tag: null
        # Same as above, but for pinned chats. The favorite tag is called m.favourite
        pinned_tag: null
        # Should mute status and tags only be bridged when the portal room is created?
        tag_only_on_create: true
        # Should WhatsApp status messages be bridged into a Matrix room?
        # Disabling this won't affect already created status broadcast rooms.
        enable_status_broadcast: true
        # Should sending WhatsApp status messages be allowed?
        # This can cause issues if the user has lots of contacts, so it's disabled by default.
        disable_status_broadcast_send: true
        # Should the status broadcast room be muted and moved into low priority by default?
        # This is only applied when creating the room, the user can unmute it later.
        mute_status_broadcast: true
        # Tag to apply to the status broadcast room.
        status_broadcast_tag: m.lowpriority
        # Should the bridge use thumbnails from WhatsApp?
        # They're disabled by default due to very low resolution.
        whatsapp_thumbnail: false
        # Allow invite permission for user. User can invite any bots to room with whatsapp
        # users (private chat and groups)
        allow_user_invite: false
        # Whether or not created rooms should have federation enabled.
        # If false, created portal rooms will never be federated.
        federate_rooms: true
        # Should the bridge never send alerts to the bridge management room?
        # These are mostly things like the user being logged out.
        disable_bridge_alerts: false
        # Should the bridge stop if the WhatsApp server says another user connected with the same session?
        # This is only safe on single-user bridges.
        crash_on_stream_replaced: false
        # Should the bridge detect URLs in outgoing messages, ask the homeserver to generate a preview,
        # and send it to WhatsApp? URL previews can always be sent using the `com.beeper.linkpreviews`
        # key in the event content even if this is disabled.
        url_previews: false
        # Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552.
        # This is currently not supported in most clients.
        caption_in_message: false
        # Send galleries as a single event? This is not an MSC (yet).
        beeper_galleries: false
        # Should polls be sent using MSC3381 event types?
        extev_polls: false
        # Should cross-chat replies from WhatsApp be bridged? Most servers and clients don't support this.
        cross_room_replies: false
        # Disable generating reply fallbacks? Some extremely bad clients still rely on them,
        # but they're being phased out and will be completely removed in the future.
        disable_reply_fallbacks: false
        # Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration
        # Null means there's no enforced timeout.
        message_handling_timeout:
            # Send an error message after this timeout, but keep waiting for the response until the deadline.
            # This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay.
            # If the message is older than this when it reaches the bridge, the message won't be handled at all.
            error_after: null
            # Drop messages after this timeout. They may still go through if the message got sent to the servers.
            # This is counted from the time the bridge starts handling the message.
            deadline: 120s
        # The prefix for commands. Only required in non-management rooms.
        command_prefix: "!wa"
        # Messages sent upon joining a management room.
        # Markdown is supported. The defaults are listed below.
        management_room_text:
            # Sent when joining a room.
            welcome: "Hello, I'm a WhatsApp bridge bot."
            # Sent when joining a management room and the user is already logged in.
            welcome_connected: "Use `help` for help."
            # Sent when joining a management room and the user is not logged in.
            welcome_unconnected: "Use `help` for help or `login` to log in."
            # Optional extra text sent when joining a management room.
            additional_help: ""
        # End-to-bridge encryption support options.
        #
        # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
        encryption:
            # Allow encryption, work in group chat rooms with e2ee enabled
            allow: false
            # Default to encryption, force-enable encryption in all portals the bridge creates
            # This will cause the bridge bot to be in private chats for the encryption to work properly.
            default: false
            # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
            appservice: false
            # Require encryption, drop any unencrypted messages.
            require: false
            # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
            # You must use a client that supports requesting keys from other users to use this feature.
            allow_key_sharing: false
            # Should users mentions be in the event wire content to enable the server to send push notifications?
            plaintext_mentions: false
            # Options for deleting megolm sessions from the bridge.
            delete_keys:
                # Beeper-specific: delete outbound sessions when hungryserv confirms
                # that the user has uploaded the key to key backup.
                delete_outbound_on_ack: false
                # Don't store outbound sessions in the inbound table.
                dont_store_outbound: false
                # Ratchet megolm sessions forward after decrypting messages.
                ratchet_on_decrypt: false
                # Delete fully used keys (index >= max_messages) after decrypting messages.
                delete_fully_used_on_decrypt: false
                # Delete previous megolm sessions from same device when receiving a new one.
                delete_prev_on_new_session: false
                # Delete megolm sessions received from a device when the device is deleted.
                delete_on_device_delete: false
                # Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
                periodically_delete_expired: false
                # Delete inbound megolm sessions that don't have the received_at field used for
                # automatic ratcheting and expired session deletion. This is meant as a migration
                # to delete old keys prior to the bridge update.
                delete_outdated_inbound: false
            # What level of device verification should be required from users?
            #
            # Valid levels:
            #   unverified - Send keys to all device in the room.
            #   cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
            #   cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
            #   cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
            #                           Note that creating user signatures from the bridge bot is not currently possible.
            #   verified - Require manual per-device verification
            #              (currently only possible by modifying the `trust` column in the `crypto_device` database table).
            verification_levels:
                # Minimum level for which the bridge should send keys to when bridging messages from WhatsApp to Matrix.
                receive: unverified
                # Minimum level that the bridge should accept for incoming Matrix messages.
                send: unverified
                # Minimum level that the bridge should require for accepting key requests.
                share: cross-signed-tofu
            # Options for Megolm room key rotation. These options allow you to
            # configure the m.room.encryption event content. See:
            # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
            # more information about that event.
            rotation:
                # Enable custom Megolm room key rotation settings. Note that these
                # settings will only apply to rooms created after this option is
                # set.
                enable_custom: false
                # The maximum number of milliseconds a session should be used
                # before changing it. The Matrix spec recommends 604800000 (a week)
                # as the default.
                milliseconds: 604800000
                # The maximum number of messages that should be sent with a given a
                # session before changing it. The Matrix spec recommends 100 as the
                # default.
                messages: 100
                # Disable rotating keys when a user's devices change?
                # You should not enable this option unless you understand all the implications.
                disable_device_change_key_rotation: false
        # Settings for provisioning API
        provisioning:
            # Prefix for the provisioning API paths.
            prefix: /_matrix/provision
            # Shared secret for authentication. If set to "generate", a random secret will be generated,
            # or if set to "disable", the provisioning API will be disabled.
            shared_secret: generate
            # Enable debug API at /debug with provisioning authentication.
            debug_endpoints: false
        # Permissions for using the bridge.
        # Permitted values:
        #    relay - Talk through the relaybot (if enabled), no access otherwise
        #     user - Access to use the bridge to chat with a WhatsApp account.
        #    admin - User level and some additional administration tools
        # Permitted keys:
        #        * - All Matrix users
        #   domain - All users on that homeserver
        #     mxid - Specific user
        permissions:
            "*": relay
            "example.com": user
            "@admin:example.com": admin
        # Settings for relay mode
        relay:
            # Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any
            # authenticated user into a relaybot for that chat.
            enabled: false
            # Should only admins be allowed to set themselves as relay users?
            admin_only: true
            # The formats to use when sending messages to WhatsApp via the relaybot.
            message_formats:
                m.text: "<b>{{ .Sender.Displayname }}</b>: {{ .Message }}"
                m.notice: "<b>{{ .Sender.Displayname }}</b>: {{ .Message }}"
                m.emote: "* <b>{{ .Sender.Displayname }}</b> {{ .Message }}"
                m.file: "<b>{{ .Sender.Displayname }}</b> sent a file"
                m.image: "<b>{{ .Sender.Displayname }}</b> sent an image"
                m.audio: "<b>{{ .Sender.Displayname }}</b> sent an audio file"
                m.video: "<b>{{ .Sender.Displayname }}</b> sent a video"
                m.location: "<b>{{ .Sender.Displayname }}</b> sent a location"
    # Logging config. See https://github.com/tulir/zeroconfig for details.
    logging:
        min_level: debug
        writers:
        - type: stdout
          format: pretty-colored
        - type: file
          format: json
          filename: ./logs/mautrix-whatsapp.log
          max_size: 100
          max_backups: 10
          compress: true
  # registration.yml contents
  existingRegistrationSecret: ""
  registration:
    rate_limited: false
    sender_localpart: whatsappbridgebot
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
alexlebens	ee944a6b83	update image	2024-08-19 16:41:19 -05:00
renovate[bot]	5fe95ea7ad	Update renovate/renovate Docker tag to v38 (#62 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-08-19 16:40:33 -05:00
alexlebens	6a33a670e1	update common chart	2024-08-19 16:40:16 -05:00
alexlebens	27cdfd742e	remove mysql-cluster	2024-08-19 15:31:01 -05:00
alexlebens	9f68b30a31	change condition handling	2024-07-08 12:09:29 -05:00
alexlebens	668d50dfdb	add conditional check for postinit	2024-07-04 22:52:02 -05:00
alexlebens	93a232947e	increment chart	2024-07-04 22:45:41 -05:00
alexlebens	667236239d	fix backup fields	2024-07-04 22:45:18 -05:00
alexlebens	875f0c143c	fix backup fields	2024-07-04 22:41:31 -05:00
alexlebens	670b6e600c	add conditional check for values	2024-07-01 18:08:23 -05:00
alexlebens	6f5b5ffcb4	change value inseration	2024-07-01 18:08:23 -05:00
renovate[bot]	295a7296bc	Update cloudflare/cloudflared Docker tag to v2024.6.1 (#60 ) * Update cloudflare/cloudflared Docker tag to v2024.6.1 * update chart --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-06-28 17:01:04 -05:00
alexlebens	f1b4020287	change flow control	2024-06-22 18:26:19 -05:00
alexlebens	969357a664	change null handling	2024-06-22 18:22:25 -05:00
alexlebens	5685190e43	remove field not declared in schema	2024-06-22 18:18:03 -05:00
alexlebens	5e88f116fc	disable rules by default	2024-06-22 17:58:43 -05:00
alexlebens	f99ebfaa44	change initdb keys	2024-06-14 21:37:00 -05:00
alexlebens	64e3612762	fix init keys	2024-06-14 21:30:54 -05:00
alexlebens	a6821995ca	fix post init location	2024-06-14 21:23:48 -05:00
alexlebens	4291c3d18c	add options for postgresql init	2024-06-14 21:17:45 -05:00
renovate[bot]	3f1fc33123	Update cloudflare/cloudflared Docker tag to v2024.6.0 (#59 ) * Update cloudflare/cloudflared Docker tag to v2024.6.0 * bump chart version --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-06-13 11:01:03 -05:00
alexlebens	fad13607e6	bump chart version	2024-06-13 10:58:31 -05:00
alexlebens	a1811097c0	add resources to values	2024-06-13 10:58:01 -05:00
alexlebens	6b850205ad	move image to values	2024-06-13 10:56:49 -05:00
alexlebens	d075a47f03	remove hookshot	2024-06-13 10:53:52 -05:00
alexlebens	0a437d983d	remove discord	2024-06-13 10:53:44 -05:00
alexlebens	7058201439	remove whatsapp	2024-06-13 10:53:29 -05:00
alexlebens	42cd8834b9	remove outline	2024-06-01 18:13:49 -05:00
alexlebens	2cda957b4c	remove taiga	2024-06-01 18:13:42 -05:00
alexlebens	238d01c5e4	remove kublet cert	2024-05-30 11:59:29 -05:00
alexlebens	9f0fae9fdf	remove qbittorrent	2024-05-30 11:59:13 -05:00
alexlebens	d2f062e3db	remove unpackerr	2024-05-30 11:58:57 -05:00
alexlebens	a1c9367b6d	remove penpot	2024-05-30 11:58:45 -05:00
alexlebens	9857d61093	change command	2024-05-28 15:28:00 -05:00
alexlebens	cfe7ebea99	force http2 connection	2024-05-28 15:09:36 -05:00
alexlebens	aface2b57d	add cloudflared	2024-05-28 14:03:55 -05:00
alexlebens	8158d1689c	remove cops	2024-05-28 13:12:05 -05:00
alexlebens	276921cf8a	remove calibre server	2024-05-28 13:11:55 -05:00
alexlebens	e420e092c9	remove tdarr	2024-05-28 10:50:06 -05:00
alexlebens	e20049fc8c	remove home-assistant	2024-05-27 22:00:05 -05:00
alexlebens	37ba06acc7	remove tubearchvist plugin	2024-05-27 21:27:28 -05:00
alexlebens	02228e31cc	remove tubearchivist	2024-05-27 21:27:18 -05:00
alexlebens	6708443275	remove libation	2024-05-27 20:41:01 -05:00
alexlebens	987cedb98a	remove homepage	2024-05-27 20:40:52 -05:00
alexlebens	7f0fd5d5c7	remove freshrss	2024-05-27 20:40:44 -05:00
alexlebens	d381bdee39	change renovate config	2024-05-27 20:40:35 -05:00
alexlebens	ed4a43cd31	add archive folder to ignore	2024-05-27 20:40:27 -05:00
alexlebens	1b01ed0ba2	remove registration secret	2024-05-26 15:43:20 -05:00
alexlebens	58151e21aa	remove registration secret	2024-05-26 15:43:14 -05:00
alexlebens	3f2615097f	remove registration	2024-05-26 15:31:12 -05:00
alexlebens	a8bbc84740	remove registration	2024-05-26 15:28:21 -05:00
alexlebens	a8b3615f2f	change conf	2024-05-24 21:50:27 -05:00
alexlebens	590b095a32	change image version	2024-05-24 21:00:48 -05:00
alexlebens	5d2cdc9648	update dependencies	2024-05-20 12:13:43 -05:00
alexlebens	99c106bd63	update dependencies	2024-05-20 12:13:33 -05:00
alexlebens	e6938fe645	bump version	2024-05-20 12:12:00 -05:00
alexlebens	7f5d870579	update dependencies	2024-05-18 14:40:42 -05:00
alexlebens	6cf2db87f4	update dependencies	2024-05-18 14:40:13 -05:00
alexlebens	537d9bd125	update dependencies	2024-05-18 14:39:55 -05:00
alexlebens	9627287f30	update base image	2024-05-17 12:08:15 -05:00
alexlebens	dd724b5b32	update base image	2024-05-17 12:06:04 -05:00
alexlebens	cd91a16c75	pass destinationPath through to values	2024-05-16 17:19:41 -05:00
alexlebens	69900d3931	update image version	2024-05-16 13:57:33 -05:00
alexlebens	f80cec8c82	change renovate config	2024-05-16 13:51:53 -05:00
alexlebens	f3d629fe00	add namespace to authentik proxy	2024-05-16 13:44:28 -05:00
alexlebens	4d3574ffa8	add namespace to authentik proxy	2024-05-16 13:44:20 -05:00
alexlebens	f98268fd25	add namespace to authentik proxy	2024-05-16 13:44:09 -05:00
alexlebens	7514ea022e	bump chart version	2024-05-16 13:15:13 -05:00
alexlebens	a65a0dbcec	change timezone	2024-05-16 13:01:35 -05:00
alexlebens	6bc5aea01f	update dependencies	2024-05-16 12:48:42 -05:00
alexlebens	80940910a9	update dependencies	2024-05-16 12:48:19 -05:00
alexlebens	6895b078b5	update image version	2024-05-16 12:47:41 -05:00
alexlebens	27e70a1786	update image version	2024-05-16 12:46:44 -05:00
alexlebens	de21d07a5d	update image version	2024-05-16 12:45:49 -05:00
alexlebens	58cc48724b	update image version	2024-05-16 12:45:15 -05:00
alexlebens	8a357574e9	update dependencies	2024-05-16 12:44:35 -05:00
alexlebens	220e9e011b	update image version	2024-05-16 12:42:57 -05:00
alexlebens	9483523eb8	update dependencies	2024-05-16 12:42:04 -05:00
alexlebens	ca205a8802	update dependencies	2024-05-16 12:41:41 -05:00
alexlebens	36267ada6f	update middleware api	2024-05-16 12:35:39 -05:00
alexlebens	153b7a1ad2	update middleware api	2024-05-16 12:35:27 -05:00
alexlebens	9b30408661	update middleware api	2024-05-16 12:35:04 -05:00
alexlebens	947120d73c	fix backup schedule	2024-04-26 14:35:54 -06:00
alexlebens	a62e24142c	add mysql cluster	2024-04-26 14:05:21 -06:00
alexlebens	03c825e816	change s3 path	2024-04-26 10:00:10 -06:00
alexlebens	38c2be01f9	remove kyoo	2024-04-25 12:45:25 -06:00
renovate[bot]	5ac88f9aa8	Update homeassistant/home-assistant Docker tag to v2024.4.4 (#44 ) * Update homeassistant/home-assistant Docker tag to v2024.4.4 * update chart --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-04-23 16:43:29 -06:00
renovate[bot]	3c3f1bdb76	Update Helm release redis to v19.1.3 (#43 ) * Update Helm release redis to v19.1.3 * update chart versions --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-04-23 15:57:32 -06:00
renovate[bot]	718acdc607	Update Helm release rabbitmq to v14.0.2 (#42 ) * Update Helm release rabbitmq to v14.0.2 * update chart * remove tailing whitespace --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-04-23 03:34:32 -06:00
renovate[bot]	71a5d81c09	Update bbilly1/tubearchivist-jf Docker tag to v0.2.0 (#41 ) * Update bbilly1/tubearchivist-jf Docker tag to v0.2.0 * update chart --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-04-23 03:32:57 -06:00
renovate[bot]	e2d4c395e5	Update Helm release elasticsearch to v21 (#40 ) * Update Helm release elasticsearch to v21 * update elastic search chart --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-04-22 06:43:28 -06:00
alexlebens	fd611813b7	add annotations to deployment	2024-04-21 06:40:46 -06:00
alexlebens	ab5da15b10	remove lazy-librarian	2024-04-21 04:59:41 -06:00
alexlebens	e584566dde	fix app version	2024-04-21 04:03:32 -06:00
alexlebens	f06aa3a175	add lazy-librarian	2024-04-21 03:59:25 -06:00
alexlebens	9abeba8f9d	add penpot	2024-04-19 21:34:56 -06:00
alexlebens	1f498323a4	change postgres settings to import only password from secret	2024-04-19 05:41:38 -06:00
alexlebens	646e3a2c36	grant read to unlogged users	2024-04-19 05:32:28 -06:00
alexlebens	197ca6ef81	add quotes around default vhost of /	2024-04-19 05:22:14 -06:00
alexlebens	b8780a7339	add default vhost	2024-04-19 05:05:10 -06:00
alexlebens	b90968ea85	fix scanner image name	2024-04-19 05:01:23 -06:00
alexlebens	d3275f8067	create switch if various api keys are provided	2024-04-19 04:58:46 -06:00
alexlebens	649f362824	remove extra configuration from rabbitmq	2024-04-19 04:54:03 -06:00
alexlebens	732761d73b	fix default vhost	2024-04-19 04:50:49 -06:00
alexlebens	0e7627cb7d	fix oidc values path	2024-04-19 04:41:22 -06:00
alexlebens	d81c246b35	add kyoo	2024-04-19 04:08:55 -06:00
renovate[bot]	b97dd1f892	Update Helm release redis to v19.1.2 (#39 ) * Update Helm release redis to v19.1.2 * update chart --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-04-18 22:02:37 -06:00
alexlebens	0b8374753d	change default cpu limit	2024-04-18 05:49:15 -06:00
alexlebens	cb29afdcb2	fix source server naming	2024-04-18 05:35:06 -06:00
alexlebens	4f366535c3	change default cpu limit	2024-04-18 04:35:42 -06:00
alexlebens	f32ef77551	add additional options for recovery	2024-04-18 03:43:52 -06:00
alexlebens	d02f649164	remove default option in bootstrap helper	2024-04-18 03:27:00 -06:00
alexlebens	3b50ca2bfe	fix comparision operator position	2024-04-18 01:51:06 -06:00
alexlebens	17796a1183	increment chart version	2024-04-18 01:48:03 -06:00
alexlebens	512b1d4243	set default value for comparision	2024-04-18 01:47:46 -06:00
alexlebens	a2b0cdd5b6	fix ordering of comparision operator	2024-04-18 01:39:33 -06:00
alexlebens	e79af169b9	calculate length of array separately	2024-04-18 01:35:19 -06:00
alexlebens	661f9342b9	fix length measurement of database	2024-04-18 01:17:16 -06:00
alexlebens	9d1244c7a1	remove patch from image tag	2024-04-18 01:07:36 -06:00
alexlebens	0dc50bf88f	change default cluster name to start with release	2024-04-17 20:01:47 -06:00
alexlebens	75accbbf87	use semver function to pull major version into cluster name	2024-04-17 20:00:06 -06:00
alexlebens	19fbd95a79	change templating for cluster naming	2024-04-17 19:45:08 -06:00
alexlebens	d73c42fd42	change default values	2024-04-17 19:15:54 -06:00
renovate[bot]	6399a8ca97	Update Helm release rabbitmq to v14 (#34 ) * Update Helm release rabbitmq to v14 * update chart * align comments for readability --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-04-17 19:13:57 -06:00
renovate[bot]	580c7da73a	Update Helm release redis to v19.1.1 (#18 ) * Update Helm release redis to v19.1.1 * update charts * fix indentation --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-04-17 19:09:36 -06:00
renovate[bot]	11d47799f1	Update dock.mau.dev/mautrix/whatsapp Docker tag to v0.10.7 (#36 ) * Update dock.mau.dev/mautrix/whatsapp Docker tag to v0.10.7 * update helm chart * fix indentation --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-04-17 19:05:30 -06:00
renovate[bot]	7d825da72d	Update linuxserver/code-server Docker tag to v4.23.1 (#35 ) * Update linuxserver/code-server Docker tag to v4.23.1 * update helm chart --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-04-17 19:05:16 -06:00
renovate[bot]	adf49292bd	Update halfshot/matrix-hookshot Docker tag to v5.3.0 (#38 ) * Update halfshot/matrix-hookshot Docker tag to v5.3.0 * update chart * fix linting errors --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: alexlebens <alexanderlebens@gmail.com>	2024-04-17 19:03:21 -06:00
renovate[bot]	63e69df14a	Update ghcr.io/gethomepage/homepage Docker tag to v0.8.12 (#37 ) * Update ghcr.io/gethomepage/homepage Docker tag to v0.8.12 * update chart --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alex Lebens <alexanderlebens@gmail.com>	2024-04-17 18:55:36 -06:00
alexlebens	7bd8a4525a	if oidc is enabled add an ingress path to the backend	2024-04-17 04:42:51 -06:00
alexlebens	a860789056	add env to front deployment about oidc enablement	2024-04-15 03:31:49 -06:00
alexlebens	58f89640a8	fix naming of changed rabbitmq charts	2024-04-15 02:47:45 -06:00
alexlebens	132e086d6d	change rabbitmq chart naming to generate proper dns and app names	2024-04-15 02:44:10 -06:00
alexlebens	617505ee99	fix length of app port	2024-04-13 23:37:58 -06:00
alexlebens	34a21702ab	fix http service value	2024-04-13 23:32:48 -06:00
alexlebens	15d3253af9	fix events app port to service and port	2024-04-13 23:28:03 -06:00
alexlebens	90970ef172	fix events health endpoint	2024-04-13 23:19:59 -06:00
alexlebens	0d6f789ffd	increment chart version	2024-04-13 23:14:21 -06:00
alexlebens	f968776cd0	fix trello importer switch for async container	2024-04-13 23:13:44 -06:00
alexlebens	0b2beb08b7	fix indentation of events deployment	2024-04-13 23:11:44 -06:00
alexlebens	8fae31a679	properly enable/disable trello importer	2024-04-13 23:07:20 -06:00
alexlebens	f67ac05610	fix indentation	2024-04-13 23:05:03 -06:00
alexlebens	7803519d04	add major version value	2024-04-13 22:58:01 -06:00
alexlebens	55e63c2c72	fix minor formatting and remove uneeded values	2024-04-13 22:31:07 -06:00
alexlebens	6e083293bb	fix minor formatting and remove uneeded values	2024-04-13 22:29:33 -06:00
alexlebens	60e427826c	add taiga	2024-04-13 22:17:45 -06:00
alexlebens	f905b4ccfe	change s3 env keys	2024-04-13 14:58:20 -06:00
alexlebens	487786455c	change default credential secret name	2024-04-13 03:28:27 -06:00
alexlebens	585d39657a	change how the cluster name is generated and used	2024-04-13 03:24:58 -06:00
alexlebens	e5e2812ed5	remove chart as functionality is now included in postgres-cluster chart	2024-04-13 02:46:38 -06:00
alexlebens	506218210e	add replica import type	2024-04-13 02:41:46 -06:00
`@@ -1,2 +1,2 @@`
	`# This file is processed by Renovate bot so that it creates a PR on new major Renovate versions`	`# This file is processed by Renovate bot so that it creates a PR on new major Renovate versions`
	`FROM renovate/renovate:37`	`FROM renovate/renovate:38`