From a9a32ca7698b89a87cfd6d4986f2215c9081d11b Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Fri, 3 Apr 2026 19:16:43 -0500 Subject: [PATCH 1/2] feat: refactor apps --- .../helm/kubelet-serving-cert-approver/Chart.yaml | 3 +-- .../kubelet-serving-cert-approver/values.yaml | 10 +++------- .../helm/kubernetes-cloudflare-ddns/Chart.yaml | 4 +--- .../templates/external-secret.yaml | 12 ------------ .../helm/kubernetes-cloudflare-ddns/values.yaml | 13 ++----------- clusters/cl01tl/helm/languagetool/Chart.yaml | 3 ++- clusters/cl01tl/helm/languagetool/values.yaml | 15 ++++----------- 7 files changed, 13 insertions(+), 47 deletions(-) diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/Chart.yaml b/clusters/cl01tl/helm/kubelet-serving-cert-approver/Chart.yaml index f0ad9191a..f475d02ce 100644 --- a/clusters/cl01tl/helm/kubelet-serving-cert-approver/Chart.yaml +++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/Chart.yaml @@ -4,9 +4,8 @@ version: 1.0.0 description: Kubelet Serving Cert Approver keywords: - kubelet-serving-cert-approver - - kubernetes - certificate -home: https://wiki.alexlebens.dev/s/3aa80722-db85-41b4-ba1e-8d4c3d8643b5 +home: https://docs.alexlebens.dev/applications/kubelet-serving-cert-approver/ sources: - https://github.com/alex1989hu/kubelet-serving-cert-approver - https://github.com/alex1989hu/kubelet-serving-cert-approver/pkgs/container/kubelet-serving-cert-approver diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/values.yaml b/clusters/cl01tl/helm/kubelet-serving-cert-approver/values.yaml index 12f1d139b..5f33337c0 100644 --- a/clusters/cl01tl/helm/kubelet-serving-cert-approver/values.yaml +++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/values.yaml @@ -29,7 +29,6 @@ kubelet-serving-cert-approver: type: deployment replicas: 1 strategy: Recreate - revisionHistoryLimit: 3 serviceAccount: name: kubelet-serving-cert-approver pod: @@ -38,8 +37,7 @@ kubelet-serving-cert-approver: main: image: repository: ghcr.io/alex1989hu/kubelet-serving-cert-approver - tag: 0.10.3 - pullPolicy: Always + tag: 0.10.3@sha256:4cdc92140c48341433513dce3201806309d5256cfbac6f830feae1e7e9fb0d7d args: - serve env: @@ -49,8 +47,8 @@ kubelet-serving-cert-approver: fieldPath: metadata.namespace resources: requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 20Mi securityContext: allowPrivilegeEscalation: false capabilities: @@ -70,8 +68,6 @@ kubelet-serving-cert-approver: health: port: 8080 targetPort: 8080 - protocol: HTTP metrics: port: 9090 targetPort: 9090 - protocol: HTTP diff --git a/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/Chart.yaml b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/Chart.yaml index 2fc4bb6e8..9b15c43d4 100644 --- a/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/Chart.yaml +++ b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/Chart.yaml @@ -4,10 +4,8 @@ version: 1.0.0 description: Kubernetes Cloudflare DDNS keywords: - kubernetes-cloudflare-ddns - - cloudflare - ddns - - kubernetes -home: https://wiki.alexlebens.dev/s/49513b51-cf91-4efd-b2a5-957555bc3ad7 +home: https://docs.alexlebens.dev/applications/kubelet-serving-cert-approver/ sources: - https://github.com/kubitodev/kubernetes-cloudflare-ddns - https://hub.docker.com/r/kubitodev/kubernetes-cloudflare-ddns diff --git a/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/external-secret.yaml b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/external-secret.yaml index 54e934487..61ba281df 100644 --- a/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/external-secret.yaml @@ -14,29 +14,17 @@ spec: data: - secretKey: AUTH_KEY remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cloudflare/alexlebens.net/ddns - metadataPolicy: None property: token - secretKey: NAME remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cloudflare/alexlebens.net/ddns - metadataPolicy: None property: name - secretKey: RECORD_ID remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cloudflare/alexlebens.net/ddns - metadataPolicy: None property: record-id - secretKey: ZONE_ID remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cloudflare/alexlebens.net/ddns - metadataPolicy: None property: zone-id diff --git a/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/values.yaml b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/values.yaml index 3821b6313..d0d966fa7 100644 --- a/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/values.yaml +++ b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/values.yaml @@ -4,24 +4,15 @@ kubernetes-cloudflare-ddns: type: cronjob cronjob: suspend: false - concurrencyPolicy: Forbid - timeZone: US/Central + timeZone: America/Chicago schedule: "30 4 * * *" - startingDeadlineSeconds: 90 - successfulJobsHistory: 1 - failedJobsHistory: 1 backoffLimit: 3 parallelism: 1 containers: main: image: repository: kubitodev/kubernetes-cloudflare-ddns - tag: 2.0.0 - pullPolicy: IfNotPresent + tag: 2.0.0sha256:80979b046e32ecccedfa6c00804676d070ef87c7f77a65e4afa4e91ffdeb7309 envFrom: - secretRef: name: kubernetes-cloudflare-ddns-secret - resources: - requests: - cpu: 10m - memory: 128Mi diff --git a/clusters/cl01tl/helm/languagetool/Chart.yaml b/clusters/cl01tl/helm/languagetool/Chart.yaml index a5cbacbe5..4c68e8d79 100644 --- a/clusters/cl01tl/helm/languagetool/Chart.yaml +++ b/clusters/cl01tl/helm/languagetool/Chart.yaml @@ -5,12 +5,13 @@ description: LanguageTool keywords: - languagetool - spellchecking -home: https://wiki.alexlebens.dev/ +home: https://docs.alexlebens.dev/applications/languagetool/ sources: - https://github.com/languagetool-org/languagetool - https://github.com/Erikvl87/docker-languagetool - https://hub.docker.com/r/erikvl87/languagetool - https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template + - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target maintainers: - name: alexlebens dependencies: diff --git a/clusters/cl01tl/helm/languagetool/values.yaml b/clusters/cl01tl/helm/languagetool/values.yaml index ead9e9bee..3b860ad41 100644 --- a/clusters/cl01tl/helm/languagetool/values.yaml +++ b/clusters/cl01tl/helm/languagetool/values.yaml @@ -4,13 +4,11 @@ languagetool: type: deployment replicas: 1 strategy: Recreate - revisionHistoryLimit: 3 containers: main: image: repository: erikvl87/languagetool - tag: 6.7 - pullPolicy: IfNotPresent + tag: 6.7@sha256:454acc9b3d232bdf37a0eddb1c8d0e93513ce41b914a8a374e3c44a884122364 env: - name: langtool_languageModel value: /ngrams @@ -20,8 +18,8 @@ languagetool: value: 1g resources: requests: - cpu: 10m - memory: 128Mi + cpu: 1m + memory: 800Mi service: main: controller: main @@ -29,7 +27,6 @@ languagetool: http: port: 80 targetPort: 8010 - protocol: HTTP route: main: kind: HTTPRoute @@ -42,11 +39,8 @@ languagetool: - languagetool.alexlebens.net rules: - backendRefs: - - group: '' - kind: Service - name: languagetool + - name: languagetool port: 80 - weight: 100 matches: - path: type: PathPrefix @@ -57,7 +51,6 @@ languagetool: storageClass: ceph-block accessMode: ReadWriteOnce size: 1Gi - retain: true advancedMounts: main: main: From de38266778e1dc11f261d84ace43f62696fad553 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Fri, 3 Apr 2026 19:48:56 -0500 Subject: [PATCH 2/2] feat: refactor apps --- clusters/cl01tl/helm/bazarr/Chart.yaml | 3 +- clusters/cl01tl/helm/code-server/Chart.yaml | 2 +- clusters/cl01tl/helm/houndarr/Chart.yaml | 1 + .../kubernetes-cloudflare-ddns/values.yaml | 4 ++ clusters/cl01tl/helm/libation/Chart.yaml | 5 ++- clusters/cl01tl/helm/libation/values.yaml | 15 ++----- clusters/cl01tl/helm/lidarr/Chart.lock | 6 +-- clusters/cl01tl/helm/lidarr/Chart.yaml | 12 ++--- clusters/cl01tl/helm/lidarr/values.yaml | 44 ++----------------- .../helm/local-path-provisioner/Chart.yaml | 3 +- .../helm/local-path-provisioner/values.yaml | 9 +++- 11 files changed, 37 insertions(+), 67 deletions(-) diff --git a/clusters/cl01tl/helm/bazarr/Chart.yaml b/clusters/cl01tl/helm/bazarr/Chart.yaml index 4d0e3ba03..c06605b1e 100644 --- a/clusters/cl01tl/helm/bazarr/Chart.yaml +++ b/clusters/cl01tl/helm/bazarr/Chart.yaml @@ -5,6 +5,7 @@ description: Bazarr keywords: - bazarr - subtitles + - servarr home: https://docs.alexlebens.dev/applications/bazarr/ sources: - https://github.com/morpheus65535/bazarr @@ -24,5 +25,5 @@ dependencies: version: 0.8.0 repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png -# renovate: datasource=github-releases depName=morpheus65535/bazarr +# renovate: datasource=github-releases depName=linuxserver/docker-bazarr appVersion: 1.5.6 diff --git a/clusters/cl01tl/helm/code-server/Chart.yaml b/clusters/cl01tl/helm/code-server/Chart.yaml index eb7257fe8..d2989077b 100644 --- a/clusters/cl01tl/helm/code-server/Chart.yaml +++ b/clusters/cl01tl/helm/code-server/Chart.yaml @@ -28,5 +28,5 @@ dependencies: version: 0.8.0 repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/visual-studio-code.png -# renovate: datasource=github-releases depName=coder/code-server +# renovate: datasource=github-releases depName=linuxserver/docker-code-server appVersion: 4.113.1 diff --git a/clusters/cl01tl/helm/houndarr/Chart.yaml b/clusters/cl01tl/helm/houndarr/Chart.yaml index d3b95a228..7fff0cf30 100644 --- a/clusters/cl01tl/helm/houndarr/Chart.yaml +++ b/clusters/cl01tl/helm/houndarr/Chart.yaml @@ -4,6 +4,7 @@ version: 1.0.0 description: Houndarr keywords: - houndarr + - rescan - servarr home: https://docs.alexlebens.dev/applications/houndarr/ sources: diff --git a/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/values.yaml b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/values.yaml index d0d966fa7..308dd17d4 100644 --- a/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/values.yaml +++ b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/values.yaml @@ -16,3 +16,7 @@ kubernetes-cloudflare-ddns: envFrom: - secretRef: name: kubernetes-cloudflare-ddns-secret + resources: + requests: + cpu: 10m + memory: 32Mi diff --git a/clusters/cl01tl/helm/libation/Chart.yaml b/clusters/cl01tl/helm/libation/Chart.yaml index 834eb2654..7f68a437b 100644 --- a/clusters/cl01tl/helm/libation/Chart.yaml +++ b/clusters/cl01tl/helm/libation/Chart.yaml @@ -4,13 +4,14 @@ version: 1.0.0 description: Libation keywords: - libation - - audiobooks - audible -home: https://wiki.alexlebens.dev/s/63beac50-a63f-45fe-b8e5-e1691dd5e9b0 +home: https://docs.alexlebens.dev/applications/languagetool/ sources: - https://github.com/rmcrackan/Libation - https://hub.docker.com/r/rmcrackan/libation + - https://hub.docker.com/_/ubuntu/tags - https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template + - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target maintainers: - name: alexlebens dependencies: diff --git a/clusters/cl01tl/helm/libation/values.yaml b/clusters/cl01tl/helm/libation/values.yaml index d28852675..e6d4f6fd2 100644 --- a/clusters/cl01tl/helm/libation/values.yaml +++ b/clusters/cl01tl/helm/libation/values.yaml @@ -4,20 +4,15 @@ libation: type: cronjob cronjob: suspend: false - concurrencyPolicy: Forbid - timeZone: US/Central + timeZone: America/Chicago schedule: 0 0 1 1 * - startingDeadlineSeconds: 90 - successfulJobsHistory: 1 - failedJobsHistory: 1 backoffLimit: 3 parallelism: 1 containers: main: image: repository: rmcrackan/libation - tag: 13.3.2 - pullPolicy: IfNotPresent + tag: 13.3.2@sha256:d1c45260f3ba34b0fb1432c2b51763e00c5174864961856c1c31e7f2b0c3a39e env: - name: SLEEP_TIME value: "-1" @@ -26,7 +21,7 @@ libation: resources: requests: cpu: 10m - memory: 128Mi + memory: 32Mi debug: type: deployment replicas: 0 @@ -35,8 +30,7 @@ libation: main: image: repository: ubuntu - tag: resolute-20260401 - pullPolicy: IfNotPresent + tag: resolute-20260401@sha256:a072b64036a738e55bff8f9a9682cbb893bf20c213772effc1de8dee8df1cea9 command: - "sleep" - "infinity" @@ -50,7 +44,6 @@ libation: storageClass: ceph-block accessMode: ReadWriteOnce size: 500Mi - retain: true advancedMounts: main: main: diff --git a/clusters/cl01tl/helm/lidarr/Chart.lock b/clusters/cl01tl/helm/lidarr/Chart.lock index a45c399fb..40afdfb3f 100644 --- a/clusters/cl01tl/helm/lidarr/Chart.lock +++ b/clusters/cl01tl/helm/lidarr/Chart.lock @@ -4,9 +4,9 @@ dependencies: version: 4.6.2 - name: postgres-cluster repository: oci://harbor.alexlebens.net/helm-charts - version: 7.10.0 + version: 7.11.1 - name: volsync-target repository: oci://harbor.alexlebens.net/helm-charts version: 0.8.0 -digest: sha256:0f1a2923a7042b364a817edc64729d5e1c18b0552555c035d974de626f372692 -generated: "2026-03-15T20:07:00.750754951Z" +digest: sha256:28d9013864be22eb7085fc88a45c0b8a555a582026c779dd72fca4a2e1728d2a +generated: "2026-04-03T19:30:51.252965-05:00" diff --git a/clusters/cl01tl/helm/lidarr/Chart.yaml b/clusters/cl01tl/helm/lidarr/Chart.yaml index 752c5e9c8..a2396da90 100644 --- a/clusters/cl01tl/helm/lidarr/Chart.yaml +++ b/clusters/cl01tl/helm/lidarr/Chart.yaml @@ -4,17 +4,18 @@ version: 1.0.0 description: Lidarr keywords: - lidarr - - servarr - music - - metrics -home: https://wiki.alexlebens.dev/s/f7c4e892-aa3b-435f-b220-317dc53137ac + - servarr +home: https://docs.alexlebens.dev/applications/lidarr/ sources: - https://github.com/Lidarr/Lidarr - https://github.com/linuxserver/docker-lidarr - - https://github.com/cloudnative-pg/cloudnative-pg + - https://github.com/onedr0p/exportarr + - https://github.com/linuxserver/docker-lidarr/pkgs/container/lidarr - https://github.com/onedr0p/exportarr/pkgs/container/exportarr - https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster + - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target maintainers: - name: alexlebens dependencies: @@ -24,11 +25,12 @@ dependencies: version: 4.6.2 - name: postgres-cluster alias: postgres-18-cluster - version: 7.10.0 + version: 7.11.1 repository: oci://harbor.alexlebens.net/helm-charts - name: volsync-target alias: volsync-target-config version: 0.8.0 repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/lidarr.png +# renovate: datasource=github-releases depName=linuxserver/docker-lidarr appVersion: 3.1.2-nightly diff --git a/clusters/cl01tl/helm/lidarr/values.yaml b/clusters/cl01tl/helm/lidarr/values.yaml index 0418fe6e4..74f5d8c74 100644 --- a/clusters/cl01tl/helm/lidarr/values.yaml +++ b/clusters/cl01tl/helm/lidarr/values.yaml @@ -4,7 +4,6 @@ lidarr: type: deployment replicas: 1 strategy: Recreate - revisionHistoryLimit: 3 pod: securityContext: runAsUser: 1000 @@ -16,10 +15,9 @@ lidarr: image: repository: ghcr.io/linuxserver/lidarr tag: 3.1.2-nightly@sha256:034055feee43b11eb2f7a8438a9af1c99ab564dd2b43e5df2fe5b3c9b3b8b1ac - pullPolicy: IfNotPresent env: - name: TZ - value: US/Central + value: America/Chicago - name: PUID value: 1000 - name: PGID @@ -27,12 +25,11 @@ lidarr: resources: requests: cpu: 100m - memory: 256Mi + memory: 300Mi metrics: image: repository: ghcr.io/onedr0p/exportarr - tag: v2.3.0 - pullPolicy: IfNotPresent + tag: v2.3.0@sha256:af535d94061cf97a52e1661945ffba78c03f9443eae7c0da1a80a5a4be56b520 args: ["lidarr"] env: - name: URL @@ -45,10 +42,6 @@ lidarr: value: false - name: ENABLE_UNKNOWN_QUEUE_ITEMS value: false - resources: - requests: - cpu: 10m - memory: 128Mi service: main: controller: main @@ -56,11 +49,9 @@ lidarr: http: port: 80 targetPort: 8686 - protocol: HTTP metrics: port: 9792 targetPort: 9792 - protocol: TCP serviceMonitor: main: selector: @@ -95,11 +86,8 @@ lidarr: type: PathPrefix value: /outpost.goauthentik.io - backendRefs: - - group: '' - kind: Service - name: lidarr + - name: lidarr port: 80 - weight: 100 filters: - type: ExtensionRef extensionRef: @@ -116,7 +104,6 @@ lidarr: storageClass: ceph-block accessMode: ReadWriteOnce size: 10Gi - retain: true advancedMounts: main: main: @@ -150,35 +137,12 @@ postgres-18-cluster: destinationBucket: postgres-backups externalSecretCredentialPath: /garage/home-infra/postgres-backups isWALArchiver: true - # - name: garage-remote - # index: 1 - # destinationBucket: postgres-backups - # externalSecretCredentialPath: /garage/home-infra/postgres-backups - # retentionPolicy: "90d" - # data: - # compression: bzip2 - # - name: external - # index: 1 - # endpointURL: https://nyc3.digitaloceanspaces.com - # destinationBucket: postgres-backups-ce540ddf106d186bbddca68a - # externalSecretCredentialPath: /garage/home-infra/postgres-backups - # isWALArchiver: false scheduledBackups: - name: live-backup suspend: false immediate: true schedule: "0 55 14 * * *" backupName: garage-local - # - name: weekly-backup - # suspend: true - # immediate: true - # schedule: "0 0 4 * * SAT" - # backupName: garage-remote - # - name: daily-backup - # suspend: true - # immediate: true - # schedule: "0 0 0 * * *" - # backupName: external volsync-target-config: pvcTarget: lidarr-config moverSecurityContext: diff --git a/clusters/cl01tl/helm/local-path-provisioner/Chart.yaml b/clusters/cl01tl/helm/local-path-provisioner/Chart.yaml index a06d4a487..b8ede47fe 100644 --- a/clusters/cl01tl/helm/local-path-provisioner/Chart.yaml +++ b/clusters/cl01tl/helm/local-path-provisioner/Chart.yaml @@ -5,8 +5,7 @@ description: Local Path Provisioner keywords: - local-path-provisioner - storage - - kubernetes -home: https://wiki.alexlebens.dev/s/fa4d4152-b9dd-4fdc-a6f2-93a2c0df7f4a +home: https://docs.alexlebens.dev/applications/local-path-provisioner/ sources: - https://github.com/rancher/local-path-provisioner - https://hub.docker.com/r/rancher/local-path-provisioner diff --git a/clusters/cl01tl/helm/local-path-provisioner/values.yaml b/clusters/cl01tl/helm/local-path-provisioner/values.yaml index 84974a3f4..8b049852c 100644 --- a/clusters/cl01tl/helm/local-path-provisioner/values.yaml +++ b/clusters/cl01tl/helm/local-path-provisioner/values.yaml @@ -1,10 +1,11 @@ local-path-provisioner: + replicaCount: 1 image: repository: rancher/local-path-provisioner - tag: v0.0.35 + tag: v0.0.35@sha256:34ff0847cc47ebf69656ba44a3de9324596d0036b66ffd323b21614dd8221530 helperImage: repository: busybox - tag: 1.37.0 + tag: 1.37.0@sha256:1487d0af5f52b4ba31c7e465126ee2123fe3f2305d638e7827681e7cf6c83d5e storageClass: create: true defaultClass: false @@ -12,6 +13,10 @@ local-path-provisioner: name: local-path reclaimPolicy: Delete volumeBindingMode: WaitForFirstConsumer + resources: + limits: + cpu: 1m + memory: 30Mi nodePathMap: - node: DEFAULT_PATH_FOR_NON_LISTED_NODES paths: