alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Activity

feat: refactor apps (#5172)
All checks were successful
lint-test-helm / lint-helm (push) Successful in 15s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 2m23s
Details

Browse Source 
Reviewed-on: #5172
This commit was merged in pull request #5172.
This commit is contained in:
Alex Lebens
2026-03-27 00:22:08 +00:00
parent 6ad0f707e6
commit c3e134ffba
11 changed files with 94 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
clusters/cl01tl/helm/eraser/Chart.yaml
View File

@@ -5,10 +5,10 @@ description: Eraser
keywords: keywords:
- eraser - eraser
- images - images
- kubernetes home: https://docs.alexlebens.dev/applications/eraser/
home: https://wiki.alexlebens.dev/s/bb53ffae-0eda-4ed6-9fdd-894e672b4377
sources: sources:
- https://github.com/eraser-dev/eraser - https://github.com/eraser-dev/eraser
- https://github.com/eraser-dev/eraser/pkgs/container/eraser-manager
- https://github.com/eraser-dev/eraser/tree/main/charts/eraser - https://github.com/eraser-dev/eraser/tree/main/charts/eraser
maintainers: maintainers:
- name: alexlebens - name: alexlebens
@@ -16,6 +16,6 @@ dependencies:
- name: eraser - name: eraser
version: 1.4.1 version: 1.4.1
repository: https://eraser-dev.github.io/eraser/charts repository: https://eraser-dev.github.io/eraser/charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png icon: https://raw.githubusercontent.com/eraser-dev/eraser/refs/heads/main/images/eraser-logo-color-1c.png
# renovate: datasource=github-releases depName=eraser-dev/eraser # renovate: datasource=github-releases depName=eraser-dev/eraser
appVersion: v1.4.1 appVersion: v1.4.1

47
clusters/cl01tl/helm/eraser/values.yaml
View File

@@ -1,50 +1,37 @@
eraser: eraser:
runtimeConfig: runtimeConfig:
apiVersion: eraser.sh/v1alpha3
kind: EraserConfig
manager: manager:
runtime:
name: containerd
address: unix:///run/containerd/containerd.sock
logLevel: info
scheduling: scheduling:
repeatInterval: 24h repeatInterval: 24h
beginImmediately: true beginImmediately: true
profile:
enabled: false
port: 6060
imageJob: imageJob:
successRatio: 1.0
cleanup: cleanup:
delayOnSuccess: 0s delayOnSuccess: 0s
delayOnFailure: 24h delayOnFailure: 24h
nodeFilter:
type: exclude
selectors:
- eraser.sh/cleanup.filter
- kubernetes.io/os=windows
components: components:
collector: collector:
enabled: true image:
repo: ghcr.io/eraser-dev/collector
tag: v1.4.1@sha256:827588ff826c3558bf2c50b1fc94f20122b054dfcf3480c3ffe6f0bae25c3dad
request: request:
cpu: 10m cpu: 1m
memory: 128Mi memory: 20Mi
scanner: scanner:
enabled: false enabled: false
request:
cpu: 100m
memory: 128Mi
config: ""
remover: remover:
image:
repo: ghcr.io/eraser-dev/remover
tag: v1.4.1@sha256:e57592157d717588f69c011cd0b6ab783a19a53b447a5350b27e7e66aae67525
request: request:
cpu: 10m cpu: 1m
memory: 128Mi memory: 20Mi
deploy: deploy:
securityContext: image:
allowPrivilegeEscalation: false repo: ghcr.io/eraser-dev/eraser-manager
tag: v1.4.1@sha256:5f18fb7da4ccad93a8643ece496681f1489b0d7b0ce45e18a94774cf8b6a717d
resources: resources:
limits:
memory: null
requests: requests:
cpu: 10m cpu: 1m
memory: 30Mi memory: 20Mi
nodeSelector:
kubernetes.io/os: linux

3
clusters/cl01tl/helm/excalidraw/Chart.yaml
View File

@@ -4,7 +4,8 @@ version: 1.0.0
description: Excalidraw description: Excalidraw
keywords: keywords:
- excalidraw - excalidraw
home: https://wiki.alexlebens.dev/ - drawing
home: https://docs.alexlebens.dev/applications/eraser/
sources: sources:
- https://github.com/excalidraw/excalidraw - https://github.com/excalidraw/excalidraw
- https://hub.docker.com/r/excalidraw/excalidraw - https://hub.docker.com/r/excalidraw/excalidraw

11
clusters/cl01tl/helm/excalidraw/values.yaml
View File

@@ -4,13 +4,11 @@ excalidraw:
type: deployment type: deployment
replicas: 1 replicas: 1
strategy: Recreate strategy: Recreate
revisionHistoryLimit: 3
containers: containers:
main: main:
image: image:
repository: excalidraw/excalidraw repository: excalidraw/excalidraw
tag: latest@sha256:3c2513e830bb6e195147c05b34ecf8393d0ba2b1cc86e93b407a5777d6135c6c tag: latest@sha256:3c2513e830bb6e195147c05b34ecf8393d0ba2b1cc86e93b407a5777d6135c6c
pullPolicy: IfNotPresent
env: env:
- name: NODE_ENV - name: NODE_ENV
value: production value: production
@@ -18,8 +16,8 @@ excalidraw:
value: America/Chicago value: America/Chicago
resources: resources:
requests: requests:
cpu: 10m cpu: 1m
memory: 128Mi memory: 10Mi
service: service:
main: main:
controller: main controller: main
@@ -40,11 +38,8 @@ excalidraw:
- excalidraw.alexlebens.net - excalidraw.alexlebens.net
rules: rules:
- backendRefs: - backendRefs:
- group: '' - name: excalidraw
kind: Service
name: excalidraw
port: 80 port: 80
weight: 100
matches: matches:
- path: - path:
type: PathPrefix type: PathPrefix

4
clusters/cl01tl/helm/external-dns/Chart.yaml
View File

@@ -5,9 +5,7 @@ description: External DNS
keywords: keywords:
- external-dns - external-dns
- dns - dns
- unifi home: https://docs.alexlebens.dev/applications/eraser/
- kubernetes
home: https://wiki.alexlebens.dev/s/7b50e4da-5dc1-4f62-baf9-14b5fed64552
sources: sources:
- https://github.com/kubernetes-sigs/external-dns - https://github.com/kubernetes-sigs/external-dns
- https://github.com/kubernetes-sigs/external-dns/tree/master/charts/external-dns - https://github.com/kubernetes-sigs/external-dns/tree/master/charts/external-dns

3
clusters/cl01tl/helm/external-dns/templates/external-secret.yaml
View File

@@ -14,8 +14,5 @@ spec:
data: data:
- secretKey: api-key - secretKey: api-key
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /unifi/auth/cl01tl key: /unifi/auth/cl01tl
metadataPolicy: None
property: api-key property: api-key

26
clusters/cl01tl/helm/external-dns/values.yaml
View File

@@ -1,25 +1,27 @@
external-dns-unifi: external-dns-unifi:
fullnameOverride: external-dns-unifi fullnameOverride: external-dns-unifi
resources:
requests:
cpu: 1m
memory: 80Mi
serviceMonitor: serviceMonitor:
enabled: true enabled: true
interval: 1m interval: 360m
sources: sources:
- ingress
- crd - crd
- gateway-httproute - gateway-httproute
- gateway-tlsroute - gateway-tlsroute
policy: sync policy: sync
registry: txt
txtOwnerId: default txtOwnerId: default
txtPrefix: k8s. txtPrefix: k8s.
domainFilters: ["alexlebens.net"] domainFilters: ["alexlebens.net"]
excludeDomains: [] excludeDomains: ["alexlebens.dev"]
provider: provider:
name: webhook name: webhook
webhook: webhook:
image: image:
repository: ghcr.io/kashalls/external-dns-unifi-webhook repository: ghcr.io/kashalls/external-dns-unifi-webhook
tag: v0.8.2 tag: v0.8.2@sha256:7f0ddbbc83a36a2a9d762e25eef9cafcb3adf0493068a27d72ae71087eafe6f0
env: env:
- name: UNIFI_HOST - name: UNIFI_HOST
value: https://192.168.1.1 value: https://192.168.1.1
@@ -29,18 +31,6 @@ external-dns-unifi:
name: external-dns-unifi-secret name: external-dns-unifi-secret
key: api-key key: api-key
- name: LOG_LEVEL - name: LOG_LEVEL
value: debug value: info
livenessProbe:
httpGet:
path: /healthz
port: http-webhook
initialDelaySeconds: 10
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /readyz
port: http-webhook
initialDelaySeconds: 10
timeoutSeconds: 5
extraArgs: extraArgs:
- --ignore-ingress-tls-spec - --ignore-ingress-tls-spec

4
clusters/cl01tl/helm/external-secrets/Chart.lock
View File

@@ -2,5 +2,5 @@ dependencies:
- name: external-secrets - name: external-secrets
repository: https://charts.external-secrets.io repository: https://charts.external-secrets.io
version: 2.2.0 version: 2.2.0
digest: sha256:832fc3f8d3728bdea2b696a6044e4c18967cd9ab9c5cc74adbf40aaa270a84b4 digest: sha256:3894df20e1f3d56bc9789177181a84d8ae1402ef76ec6328e417ce5a568738ae
generated: "2026-03-20T20:53:08.407747649Z" generated: "2026-03-26T19:19:15.734454-05:00"

7
clusters/cl01tl/helm/external-secrets/Chart.yaml
View File

@@ -5,15 +5,16 @@ description: External Secrets
keywords: keywords:
- external-secrets - external-secrets
- secrets - secrets
- vault - operator
home: https://wiki.alexlebens.dev/s/d29044fb-0d63-4500-8853-2971964f356a home: https://docs.alexlebens.dev/applications/eraser/
sources: sources:
- https://github.com/external-secrets/external-secrets - https://github.com/external-secrets/external-secrets
- https://github.com/external-secrets/external-secrets/tree/main/deploy/charts/external-secrets - https://github.com/external-secrets/external-secrets/tree/main/deploy/charts/external-secrets
dependencies: dependencies:
- name: external-secrets - name: external-secrets
alias: external-secrets
version: 2.2.0 version: 2.2.0
repository: https://charts.external-secrets.io repository: https://charts.external-secrets.io
icon: https://avatars.githubusercontent.com/u/68335991?s=48&v=4 icon: https://raw.githubusercontent.com/external-secrets/external-secrets/refs/heads/main/assets/eso-logo-large.png
# renovate: datasource=github-releases depName=external-secrets/external-secrets # renovate: datasource=github-releases depName=external-secrets/external-secrets
appVersion: v2.2.0 appVersion: v2.2.0

44
clusters/cl01tl/helm/external-secrets/values.yaml Normal file
View File

@@ -0,0 +1,44 @@
external-secrets:
replicaCount: 1
image:
repository: ghcr.io/external-secrets/external-secrets
tag: v2.2.0@sha256:876e627dbee5b0edd12da49b035469d12418cd6c3c4be5e383ae6a82e8bd4565
installCRDs: true
crds:
createClusterExternalSecret: true
createClusterSecretStore: true
createSecretStore: true
createClusterGenerator: true
createClusterPushSecret: true
createPushSecret: true
leaderElect: true
extendedMetricLabels: true
resources:
requests:
cpu: 5m
memory: 50Mi
serviceMonitor:
enabled: true
livenessProbe:
enabled: true
readinessProbe:
enabled: true
podDisruptionBudget:
enabled: true
minAvailable: 1
webhook:
image:
repository: ghcr.io/external-secrets/external-secrets
tag: v2.2.0@sha256:876e627dbee5b0edd12da49b035469d12418cd6c3c4be5e383ae6a82e8bd4565
resources:
requests:
cpu: 1m
memory: 30Mi
certController:
image:
repository: ghcr.io/external-secrets/external-secrets
tag: v2.2.0@sha256:876e627dbee5b0edd12da49b035469d12418cd6c3c4be5e383ae6a82e8bd4565
resources:
requests:
cpu: 1m
memory: 60Mi

10
renovate.json
View File

@@ -188,6 +188,16 @@
"/^rook(-ceph|\\/rook|\\/ceph)/" "/^rook(-ceph|\\/rook|\\/ceph)/"
] ]
}, },
{
"description": "Open for digest updates, specific packages",
"matchUpdateTypes": [
"digest"
],
"matchPackageNames": [
"excalidraw/excalidraw"
],
"enabled": true
},
{ {
"description": "Automerge digest updates, specific packages", "description": "Automerge digest updates, specific packages",
"matchUpdateTypes": [ "matchUpdateTypes": [