Automated Manifest Update (#2798)

This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow. Reviewed-on: #2798 Co-authored-by: gitea-bot <gitea-bot@alexlebens.net> Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
2025-12-23 23:57:54 +00:00
parent fe4d95e4dc
commit 5a771a64ee
16 changed files with 195 additions and 101 deletions
--- a/clusters/cl01tl/manifests/immich/Cluster-immich-postgresql-18-cluster.yaml
+++ b/clusters/cl01tl/manifests/immich/Cluster-immich-postgresql-18-cluster.yaml
@@ -4,11 +4,11 @@ metadata:
  name: immich-postgresql-18-cluster
  namespace: immich
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: immich-postgresql-18
    app.kubernetes.io/instance: immich
    app.kubernetes.io/part-of: immich
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
 spec:
  instances: 3
--- a/clusters/cl01tl/manifests/immich/ExternalSecret-immich-postgresql-18-backup-garage-local-secret.yaml
+++ b/clusters/cl01tl/manifests/immich/ExternalSecret-immich-postgresql-18-backup-garage-local-secret.yaml
@@ -0,0 +1,39 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: immich-postgresql-18-backup-garage-local-secret
+  namespace: immich
+  labels:
+    helm.sh/chart: postgres-18-cluster-7.4.3
+    app.kubernetes.io/name: immich-postgresql-18
+    app.kubernetes.io/instance: immich
+    app.kubernetes.io/part-of: immich
+    app.kubernetes.io/version: "7.4.3"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: immich-postgresql-18-backup-garage-local-secret
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: ACCESS_REGION
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_REGION
+    - secretKey: ACCESS_KEY_ID
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_KEY_ID
+    - secretKey: ACCESS_SECRET_KEY
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_SECRET_KEY
--- a/clusters/cl01tl/manifests/immich/ExternalSecret-immich-postgresql-18-cluster-backup-secret.yaml
+++ b/clusters/cl01tl/manifests/immich/ExternalSecret-immich-postgresql-18-cluster-backup-secret.yaml
@@ -1,28 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: immich-postgresql-18-cluster-backup-secret
-  namespace: immich
-  labels:
-    app.kubernetes.io/name: immich-postgresql-18-cluster-backup-secret
-    app.kubernetes.io/instance: immich
-    app.kubernetes.io/part-of: immich
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: ACCESS_KEY_ID
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/postgres-backups
-        metadataPolicy: None
-        property: access
-    - secretKey: ACCESS_SECRET_KEY
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/postgres-backups
-        metadataPolicy: None
-        property: secret
--- a/clusters/cl01tl/manifests/immich/ExternalSecret-immich-postgresql-18-cluster-backup-secret-garage.yaml
+++ b/clusters/cl01tl/manifests/immich/ExternalSecret-immich-postgresql-18-cluster-backup-secret-garage.yaml
@@ -1,17 +1,28 @@
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
 metadata:
-  name: immich-postgresql-18-cluster-backup-secret-garage
+  name: immich-postgresql-18-recovery-secret
  namespace: immich
  labels:
-    app.kubernetes.io/name: immich-postgresql-18-cluster-backup-secret-garage
+    helm.sh/chart: postgres-18-cluster-7.4.3
+    app.kubernetes.io/name: immich-postgresql-18
    app.kubernetes.io/instance: immich
    app.kubernetes.io/part-of: immich
+    app.kubernetes.io/version: "7.4.3"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: immich-postgresql-18-recovery-secret
 spec:
  secretStoreRef:
    kind: ClusterSecretStore
    name: vault
  data:
+    - secretKey: ACCESS_REGION
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_REGION
    - secretKey: ACCESS_KEY_ID
      remoteRef:
        conversionStrategy: Default
@@ -26,10 +37,3 @@ spec:
        key: /garage/home-infra/postgres-backups
        metadataPolicy: None
        property: ACCESS_SECRET_KEY
-    - secretKey: ACCESS_REGION
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /garage/home-infra/postgres-backups
-        metadataPolicy: None
-        property: ACCESS_REGION
--- a/clusters/cl01tl/manifests/immich/HTTPRoute-http-route-immich.yaml
+++ b/clusters/cl01tl/manifests/immich/HTTPRoute-http-route-immich.yaml
@@ -1,12 +1,13 @@
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
-  name: http-route-immich
-  namespace: immich
+  name: immich
  labels:
-    app.kubernetes.io/name: http-route-immich
    app.kubernetes.io/instance: immich
-    app.kubernetes.io/part-of: immich
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: immich
+    helm.sh/chart: immich-4.5.0
+  namespace: immich
 spec:
  parentRefs:
    - group: gateway.networking.k8s.io
@@ -14,15 +15,16 @@ spec:
      name: traefik-gateway
      namespace: traefik
  hostnames:
-    - immich.alexlebens.net
+    - "immich.alexlebens.net"
  rules:
-    - matches:
+    - backendRefs:
+        - group: ""
+          kind: Service
+          name: immich
+          namespace: immich
+          port: 2283
+          weight: 100
+      matches:
        - path:
            type: PathPrefix
            value: /
-      backendRefs:
-        - group: ''
-          kind: Service
-          name: immich
-          port: 2283
-          weight: 100
--- a/clusters/cl01tl/manifests/immich/ObjectStore-immich-postgresql-18-backup-garage-local.yaml
+++ b/clusters/cl01tl/manifests/immich/ObjectStore-immich-postgresql-18-backup-garage-local.yaml
@@ -1,27 +1,28 @@
 apiVersion: barmancloud.cnpg.io/v1
 kind: ObjectStore
 metadata:
-  name: "immich-postgresql-18-garage-local-backup"
+  name: immich-postgresql-18-backup-garage-local
  namespace: immich
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: immich-postgresql-18
    app.kubernetes.io/instance: immich
    app.kubernetes.io/part-of: immich
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: immich-postgresql-18-backup-garage-local
 spec:
-  retentionPolicy: 3d
+  retentionPolicy: 7d
  configuration:
    destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-18-cluster
    endpointURL: http://garage-main.garage:3900
    s3Credentials:
      accessKeyId:
-        name: immich-postgresql-18-cluster-backup-secret-garage
+        name: immich-postgresql-18-backup-garage-local-secret
        key: ACCESS_KEY_ID
      secretAccessKey:
-        name: immich-postgresql-18-cluster-backup-secret-garage
+        name: immich-postgresql-18-backup-garage-local-secret
        key: ACCESS_SECRET_KEY
      region:
-        name: immich-postgresql-18-cluster-backup-secret-garage
+        name: immich-postgresql-18-backup-garage-local-secret
        key: ACCESS_REGION
--- a/clusters/cl01tl/manifests/immich/ObjectStore-immich-postgresql-18-recovery.yaml
+++ b/clusters/cl01tl/manifests/immich/ObjectStore-immich-postgresql-18-recovery.yaml
@@ -4,12 +4,13 @@ metadata:
  name: "immich-postgresql-18-recovery"
  namespace: immich
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: immich-postgresql-18
    app.kubernetes.io/instance: immich
    app.kubernetes.io/part-of: immich
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: "immich-postgresql-18-recovery"
 spec:
  configuration:
    destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-18-cluster
@@ -22,8 +23,11 @@ spec:
      jobs: 1
    s3Credentials:
      accessKeyId:
-        name: immich-postgresql-18-cluster-backup-secret-garage
+        name: immich-postgresql-18-recovery-secret
        key: ACCESS_KEY_ID
      secretAccessKey:
-        name: immich-postgresql-18-cluster-backup-secret-garage
+        name: immich-postgresql-18-recovery-secret
        key: ACCESS_SECRET_KEY
+      region:
+        name: immich-postgresql-18-recovery-secret
+        key: ACCESS_REGION
--- a/clusters/cl01tl/manifests/immich/PrometheusRule-immich-postgresql-18-alert-rules.yaml
+++ b/clusters/cl01tl/manifests/immich/PrometheusRule-immich-postgresql-18-alert-rules.yaml
@@ -4,11 +4,11 @@ metadata:
  name: immich-postgresql-18-alert-rules
  namespace: immich
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: immich-postgresql-18
    app.kubernetes.io/instance: immich
    app.kubernetes.io/part-of: immich
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
 spec:
  groups:
--- a/clusters/cl01tl/manifests/immich/ScheduledBackup-immich-postgresql-18-scheduled-backup-live-backup.yaml
+++ b/clusters/cl01tl/manifests/immich/ScheduledBackup-immich-postgresql-18-scheduled-backup-live-backup.yaml
@@ -1,15 +1,16 @@
 apiVersion: postgresql.cnpg.io/v1
 kind: ScheduledBackup
 metadata:
-  name: "immich-postgresql-18-live-backup-scheduled-backup"
+  name: "immich-postgresql-18-scheduled-backup-live-backup"
  namespace: immich
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: immich-postgresql-18
    app.kubernetes.io/instance: immich
    app.kubernetes.io/part-of: immich
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: "immich-postgresql-18-scheduled-backup-live-backup"
 spec:
  immediate: true
  suspend: false
@@ -21,4 +22,4 @@ spec:
  pluginConfiguration:
    name: barman-cloud.cloudnative-pg.io
    parameters:
-      barmanObjectName: "immich-postgresql-18-garage-local-backup"
+      barmanObjectName: "immich-postgresql-18-backup-garage-local"
--- a/clusters/cl01tl/manifests/immich/ServiceMonitor-immich.yaml
+++ b/clusters/cl01tl/manifests/immich/ServiceMonitor-immich.yaml
@@ -2,22 +2,27 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
  name: immich
-  namespace: immich
  labels:
-    app.kubernetes.io/name: immich
    app.kubernetes.io/instance: immich
-    app.kubernetes.io/part-of: immich
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: immich
+    helm.sh/chart: immich-4.5.0
+  namespace: immich
 spec:
+  jobLabel: "immich"
+  namespaceSelector:
+    matchNames:
+      - immich
  selector:
    matchLabels:
-      app.kubernetes.io/name: immich
      app.kubernetes.io/instance: immich
+      app.kubernetes.io/name: immich
  endpoints:
-    - port: metrics-api
-      interval: 3m
-      scrapeTimeout: 1m
+    - interval: 3m
      path: /metrics
-    - port: metrics-ms
-      interval: 3m
+      port: metrics-api
      scrapeTimeout: 1m
+    - interval: 3m
      path: /metrics
+      port: metrics-ms
+      scrapeTimeout: 1m