alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

update app-template chart

Browse Source
This commit is contained in:
Alex Lebens
2025-05-16 21:33:34 -05:00
parent 0d830bad98
commit abcb108104
16 changed files with 33 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
clusters/cl01tl/platform/authentik/Chart.yaml
View File

@@ -26,10 +26,10 @@ dependencies:
- name: cloudflared
alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.14.8
version: 1.15.0
- name: postgres-cluster
alias: postgres-17-cluster
version: 5.1.0
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png
appVersion: 2025.4.0
appVersion: 2025.4.1

3
clusters/cl01tl/platform/authentik/templates/config-map.yaml
View File

@@ -6,9 +6,6 @@ metadata:
labels:
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
data:
custom.css: |
/* Change sign button color */

15
clusters/cl01tl/platform/authentik/templates/external-secret.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: authentik-key-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: authentik-key-secret
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -29,11 +26,8 @@ metadata:
name: authentik-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: authentik-cloudflared-secret
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -54,11 +48,8 @@ metadata:
name: authentik-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: authentik-postgresql-17-cluster-backup-secret
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: database
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore

5
clusters/cl01tl/platform/authentik/templates/http-route.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: http-route-authentik
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: http-route-authentik
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io

5
clusters/cl01tl/platform/authentik/templates/ingress.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: authentik-tailscale
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: authentik-tailscale
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
labels:
tailscale.com/proxy-class: no-metrics
annotations:

3
clusters/cl01tl/platform/external-secrets/templates/cluster-secret-store.yaml
View File

@@ -6,9 +6,6 @@ metadata:
labels:
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: auth
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
provider:
vault:

6
clusters/cl01tl/platform/gitea/Chart.yaml
View File

@@ -33,11 +33,11 @@ dependencies:
- name: app-template
alias: renovate
repository: https://bjw-s-labs.github.io/helm-charts/
version: 3.7.3
version: 4.0.1
- name: app-template
alias: backup
repository: https://bjw-s-labs.github.io/helm-charts/
version: 3.7.3
version: 4.0.1
- name: meilisearch
version: 0.13.0
repository: https://meilisearch.github.io/meilisearch-kubernetes
@@ -51,7 +51,7 @@ dependencies:
- name: cloudflared
alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.14.8
version: 1.15.0
- name: postgres-cluster
alias: postgres-17-cluster
version: 5.1.0

50
clusters/cl01tl/platform/gitea/templates/external-secret.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: gitea-admin-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-admin-secret
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -36,11 +33,8 @@ metadata:
name: gitea-oidc-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-oidc-secret
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -68,11 +62,8 @@ metadata:
name: gitea-runner-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-runner-secret
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: runner
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -93,11 +84,8 @@ metadata:
name: gitea-renovate-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-renovate-secret
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: renovate
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -146,11 +134,8 @@ metadata:
name: gitea-renovate-ssh-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-renovate-ssh-secret
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: renovate
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -185,11 +170,8 @@ metadata:
name: gitea-backup-s3
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-backup-s3
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: backup
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -224,11 +206,8 @@ metadata:
name: gitea-s3cmd-config
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-s3cmd-s3
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: backup
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -249,11 +228,8 @@ metadata:
name: gitea-meilisearch-master-key-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-meilisearch-master-key-secret
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: meilisearch
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -280,11 +256,8 @@ metadata:
name: gitea-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-cloudflared-secret
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -305,11 +278,8 @@ metadata:
name: gitea-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-postgresql-17-cluster-backup-secret
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: database
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore

5
clusters/cl01tl/platform/gitea/templates/http-route.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: http-route-gitea
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: http-route-gitea
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io

5
clusters/cl01tl/platform/gitea/templates/ingress.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: gitea-tailscale
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-tailscale
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
labels:
tailscale.com/proxy-class: no-metrics
annotations:

5
clusters/cl01tl/platform/gitea/templates/persistent-volume-claim.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: gitea-nfs-storage-backup
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-nfs-storage-backup
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeMode: Filesystem
storageClassName: nfs-client

5
clusters/cl01tl/platform/gitea/templates/role-binding.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: gitea-backup
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-backup
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: backup
app.kubernetes.io/part-of: {{ .Release.Name }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

5
clusters/cl01tl/platform/gitea/templates/role.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: gitea-backup
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-backup
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: backup
app.kubernetes.io/part-of: {{ .Release.Name }}
rules:
- apiGroups:
- ""

5
clusters/cl01tl/platform/gitea/templates/service-monitor.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: gitea
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: metrics
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
selector:
matchLabels:

5
clusters/cl01tl/platform/gitea/templates/tcp-route.yaml
View File

@@ -4,11 +4,8 @@ metadata:
name: tcp-route-gitea-ssh
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: tcp-route-gitea-ssh
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io

7
clusters/cl01tl/platform/gitea/values.yaml
View File

@@ -227,6 +227,10 @@ backup:
failedJobsHistory: 3
backoffLimit: 3
parallelism: 1
serviceAccount:
name: gitea-backup
pod:
automountServiceAccountToken: true
initContainers:
backup:
image:
@@ -299,7 +303,8 @@ backup:
cpu: 100m
memory: 128Mi
serviceAccount:
create: true
gitea-backup:
enabled: true
persistence:
config:
existingClaim: gitea-nfs-storage-backup