diff --git a/clusters/cl01tl/helm/ollama/values.yaml b/clusters/cl01tl/helm/ollama/values.yaml index 9cb2373b0..241b0c84c 100644 --- a/clusters/cl01tl/helm/ollama/values.yaml +++ b/clusters/cl01tl/helm/ollama/values.yaml @@ -259,6 +259,7 @@ ollama: - path: /app/backend/data readOnly: false postgres-18-cluster: + nameOverride: ollama-web-postgresql-18 mode: recovery recovery: method: objectStore diff --git a/clusters/cl01tl/helm/omni-tools/Chart.yaml b/clusters/cl01tl/helm/omni-tools/Chart.yaml index 9b845f313..6524932e2 100644 --- a/clusters/cl01tl/helm/omni-tools/Chart.yaml +++ b/clusters/cl01tl/helm/omni-tools/Chart.yaml @@ -17,4 +17,5 @@ dependencies: repository: https://bjw-s-labs.github.io/helm-charts/ version: 4.5.0 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/omnitools.png +# renovate: github=iib0011/omni-tools appVersion: 0.6.0 diff --git a/clusters/cl01tl/helm/omni-tools/templates/http-route.yaml b/clusters/cl01tl/helm/omni-tools/templates/http-route.yaml deleted file mode 100644 index 981539188..000000000 --- a/clusters/cl01tl/helm/omni-tools/templates/http-route.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: http-route-omni-tools - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: http-route-omni-tools - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - omni-tools.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: omni-tools - port: 80 - weight: 100 diff --git a/clusters/cl01tl/helm/omni-tools/values.yaml b/clusters/cl01tl/helm/omni-tools/values.yaml index 43daccfcd..2e9d52f62 100644 --- a/clusters/cl01tl/helm/omni-tools/values.yaml +++ b/clusters/cl01tl/helm/omni-tools/values.yaml @@ -23,3 +23,24 @@ omni-tools: port: 80 targetPort: 80 protocol: HTTP + route: + main: + kind: HTTPRoute + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - omni-tools.alexlebens.net + rules: + - backendRefs: + - group: '' + kind: Service + name: omni-tools + port: 80 + weight: 100 + matches: + - path: + type: PathPrefix + value: / diff --git a/clusters/cl01tl/helm/outline/Chart.lock b/clusters/cl01tl/helm/outline/Chart.lock index b84702495..01c01d87d 100644 --- a/clusters/cl01tl/helm/outline/Chart.lock +++ b/clusters/cl01tl/helm/outline/Chart.lock @@ -7,9 +7,9 @@ dependencies: version: 2.1.4 - name: postgres-cluster repository: oci://harbor.alexlebens.net/helm-charts - version: 7.1.4 + version: 7.4.3 - name: redis-replication repository: oci://harbor.alexlebens.net/helm-charts version: 0.5.0 -digest: sha256:bb46a714e84ea70896604b99d927050cc236248cdca33ee6c42d13fa10b4e0a5 -generated: "2025-12-21T19:04:48.361120388Z" +digest: sha256:ecdd730ac911b6056fcdead064619e60609135197c1292aa55450a4956261cb4 +generated: "2025-12-23T22:55:48.348972-06:00" diff --git a/clusters/cl01tl/helm/outline/Chart.yaml b/clusters/cl01tl/helm/outline/Chart.yaml index f2272a752..d9d568a45 100644 --- a/clusters/cl01tl/helm/outline/Chart.yaml +++ b/clusters/cl01tl/helm/outline/Chart.yaml @@ -27,10 +27,11 @@ dependencies: version: 2.1.4 - name: postgres-cluster alias: postgres-18-cluster - version: 7.1.4 + version: 7.4.3 repository: oci://harbor.alexlebens.net/helm-charts - name: redis-replication version: 0.5.0 repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/outline.png +# renovate: github=outline/outline appVersion: 1.1.0 diff --git a/clusters/cl01tl/helm/outline/templates/external-secret.yaml b/clusters/cl01tl/helm/outline/templates/external-secret.yaml index 54c23beb5..cd5551f95 100644 --- a/clusters/cl01tl/helm/outline/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/outline/templates/external-secret.yaml @@ -56,70 +56,3 @@ spec: key: /authentik/oidc/outline metadataPolicy: None property: secret - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: outline-postgresql-18-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: outline-postgresql-18-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: outline-postgresql-18-cluster-backup-secret-garage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: outline-postgresql-18-cluster-backup-secret-garage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY - - secretKey: ACCESS_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_REGION diff --git a/clusters/cl01tl/helm/outline/templates/object-bucket-claim.yaml b/clusters/cl01tl/helm/outline/templates/object-bucket-claim.yaml index 6d780520a..23dbc4aaa 100644 --- a/clusters/cl01tl/helm/outline/templates/object-bucket-claim.yaml +++ b/clusters/cl01tl/helm/outline/templates/object-bucket-claim.yaml @@ -1,30 +1,30 @@ -apiVersion: objectbucket.io/v1alpha1 -kind: ObjectBucketClaim -metadata: - name: ceph-bucket-outline - labels: - app.kubernetes.io/name: ceph-bucket-outline - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - generateBucketName: bucket-outline - storageClassName: ceph-bucket - additionalConfig: - bucketPolicy: | - { - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "VisualEditor", - "Effect": "Allow", - "Action": [ - "s3:GetObjectAcl", - "s3:DeleteObject", - "s3:PutObject", - "s3:GetObject", - "s3:PutObjectAcl" - ], - "Resource": "arn:aws:s3:::bucket-outline-630c57e0-d475-4d78-926c-c1c082291d73/*" - } - ] - } +# apiVersion: objectbucket.io/v1alpha1 +# kind: ObjectBucketClaim +# metadata: +# name: ceph-bucket-outline +# labels: +# app.kubernetes.io/name: ceph-bucket-outline +# app.kubernetes.io/instance: {{ .Release.Name }} +# app.kubernetes.io/part-of: {{ .Release.Name }} +# spec: +# generateBucketName: bucket-outline +# storageClassName: ceph-bucket +# additionalConfig: +# bucketPolicy: | +# { +# "Version": "2012-10-17", +# "Statement": [ +# { +# "Sid": "VisualEditor", +# "Effect": "Allow", +# "Action": [ +# "s3:GetObjectAcl", +# "s3:DeleteObject", +# "s3:PutObject", +# "s3:GetObject", +# "s3:PutObjectAcl" +# ], +# "Resource": "arn:aws:s3:::bucket-outline-630c57e0-d475-4d78-926c-c1c082291d73/*" +# } +# ] +# } diff --git a/clusters/cl01tl/helm/outline/values.yaml b/clusters/cl01tl/helm/outline/values.yaml index c40c27e8a..ecbcb4428 100644 --- a/clusters/cl01tl/helm/outline/values.yaml +++ b/clusters/cl01tl/helm/outline/values.yaml @@ -144,58 +144,46 @@ outline: protocol: HTTP postgres-18-cluster: mode: recovery - cluster: - storage: - storageClass: local-path - walStorage: - storageClass: local-path recovery: method: objectStore objectStore: - destinationPath: s3://postgres-backups/cl01tl/outline/outline-postgresql-18-cluster - endpointURL: http://garage-main.garage:3900 index: 1 - endpointCredentials: outline-postgresql-18-cluster-backup-secret-garage backup: objectStore: - name: garage-local - destinationPath: s3://postgres-backups/cl01tl/outline/outline-postgresql-18-cluster index: 1 - endpointURL: http://garage-main.garage:3900 - endpointCredentials: outline-postgresql-18-cluster-backup-secret-garage - endpointCredentialsIncludeRegion: true - retentionPolicy: "3d" + destinationBucket: postgres-backups + externalSecretCredentialPath: /garage/home-infra/postgres-backups isWALArchiver: true - # - name: external - # destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-18-cluster - # index: 1 - # retentionPolicy: "30d" - # isWALArchiver: false # - name: garage-remote - # destinationPath: s3://postgres-backups/cl01tl/outline/outline-postgresql-18-cluster # index: 1 - # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: outline-postgresql-18-cluster-backup-secret-garage - # retentionPolicy: "30d" + # destinationBucket: postgres-backups + # externalSecretCredentialPath: /garage/home-infra/postgres-backups + # retentionPolicy: "90d" # data: # compression: bzip2 - # jobs: 2 + # - name: external + # index: 1 + # endpointURL: https://nyc3.digitaloceanspaces.com + # destinationBucket: postgres-backups-ce540ddf106d186bbddca68a + # externalSecretCredentialPath: /garage/home-infra/postgres-backups + # isWALArchiver: false scheduledBackups: - name: live-backup suspend: false immediate: true schedule: "0 0 0 * * *" backupName: garage-local - # - name: daily-backup - # suspend: false - # immediate: true - # schedule: "0 0 0 * * *" - # backupName: external # - name: weekly-backup # suspend: true # immediate: true # schedule: "0 0 4 * * SAT" # backupName: garage-remote + # - name: daily-backup + # suspend: true + # immediate: true + # schedule: "0 0 0 * * *" + # backupName: external redis-replication: existingSecret: enabled: false diff --git a/clusters/cl01tl/helm/overseerr/Chart.yaml b/clusters/cl01tl/helm/overseerr/Chart.yaml index 390ebe389..af3cd5995 100644 --- a/clusters/cl01tl/helm/overseerr/Chart.yaml +++ b/clusters/cl01tl/helm/overseerr/Chart.yaml @@ -18,4 +18,5 @@ dependencies: repository: https://bjw-s-labs.github.io/helm-charts/ version: 4.5.0 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/overseerr.png +# renovate: github=sct/overseerr appVersion: 1.34.0 diff --git a/clusters/cl01tl/helm/overseerr/templates/http-route.yaml b/clusters/cl01tl/helm/overseerr/templates/http-route.yaml deleted file mode 100644 index f02422b82..000000000 --- a/clusters/cl01tl/helm/overseerr/templates/http-route.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: http-route-overseerr - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: http-route-overseerr - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - overseerr.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: overseerr - port: 80 - weight: 100 diff --git a/clusters/cl01tl/helm/overseerr/values.yaml b/clusters/cl01tl/helm/overseerr/values.yaml index ab54214f0..34d4ac1d4 100644 --- a/clusters/cl01tl/helm/overseerr/values.yaml +++ b/clusters/cl01tl/helm/overseerr/values.yaml @@ -26,6 +26,27 @@ app-template: port: 80 targetPort: 5055 protocol: HTTP + route: + main: + kind: HTTPRoute + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - overseerr.alexlebens.net + rules: + - backendRefs: + - group: '' + kind: Service + name: overseerr + port: 80 + weight: 100 + matches: + - path: + type: PathPrefix + value: / persistence: main: forceRename: overseerr-main diff --git a/clusters/cl01tl/helm/photoview/Chart.lock b/clusters/cl01tl/helm/photoview/Chart.lock index 508546adf..59b395261 100644 --- a/clusters/cl01tl/helm/photoview/Chart.lock +++ b/clusters/cl01tl/helm/photoview/Chart.lock @@ -4,6 +4,6 @@ dependencies: version: 4.5.0 - name: postgres-cluster repository: oci://harbor.alexlebens.net/helm-charts - version: 7.1.4 -digest: sha256:fc8a98bc7da13e38c21db4e936bc24c8b3e77de2d56db71a1d31657c1735ca9b -generated: "2025-12-21T19:05:00.739611336Z" + version: 7.4.3 +digest: sha256:fb2001e6af484504fc95d004144112cda902383939e3a6873c573132efc9e355 +generated: "2025-12-23T22:58:02.636158-06:00" diff --git a/clusters/cl01tl/helm/photoview/Chart.yaml b/clusters/cl01tl/helm/photoview/Chart.yaml index 18bb937b8..0596ea63c 100644 --- a/clusters/cl01tl/helm/photoview/Chart.yaml +++ b/clusters/cl01tl/helm/photoview/Chart.yaml @@ -20,7 +20,8 @@ dependencies: version: 4.5.0 - name: postgres-cluster alias: postgres-18-cluster - version: 7.1.4 + version: 7.4.3 repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/photoview.png +# renovate: github=photoview/photoview appVersion: 2.4.0 diff --git a/clusters/cl01tl/helm/photoview/templates/external-secrets.yaml b/clusters/cl01tl/helm/photoview/templates/external-secrets.yaml deleted file mode 100644 index 36385fe93..000000000 --- a/clusters/cl01tl/helm/photoview/templates/external-secrets.yaml +++ /dev/null @@ -1,65 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: photoview-postgresql-18-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: photoview-postgresql-18-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: photoview-postgresql-18-cluster-backup-secret-garage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: photoview-postgresql-18-cluster-backup-secret-garage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY - - secretKey: ACCESS_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_REGION diff --git a/clusters/cl01tl/helm/photoview/templates/http-route.yaml b/clusters/cl01tl/helm/photoview/templates/http-route.yaml deleted file mode 100644 index 838a90b95..000000000 --- a/clusters/cl01tl/helm/photoview/templates/http-route.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: http-route-photoview - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: http-route-photoview - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - photoview.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: photoview - port: 80 - weight: 100 diff --git a/clusters/cl01tl/helm/photoview/values.yaml b/clusters/cl01tl/helm/photoview/values.yaml index ba2135cc3..189ead5b9 100644 --- a/clusters/cl01tl/helm/photoview/values.yaml +++ b/clusters/cl01tl/helm/photoview/values.yaml @@ -50,6 +50,27 @@ photoview: port: 80 targetPort: 80 protocol: HTTP + route: + main: + kind: HTTPRoute + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - photoview.alexlebens.net + rules: + - backendRefs: + - group: '' + kind: Service + name: photoview + port: 80 + weight: 100 + matches: + - path: + type: PathPrefix + value: / persistence: cache: forceRename: photoview-cache @@ -74,55 +95,43 @@ photoview: readOnly: true postgres-18-cluster: mode: recovery - cluster: - storage: - storageClass: local-path - walStorage: - storageClass: local-path recovery: method: objectStore objectStore: - destinationPath: s3://postgres-backups/cl01tl/photoview/photoview-postgresql-18-cluster - endpointURL: http://garage-main.garage:3900 index: 1 - endpointCredentials: photoview-postgresql-18-cluster-backup-secret-garage backup: objectStore: - name: garage-local - destinationPath: s3://postgres-backups/cl01tl/photoview/photoview-postgresql-18-cluster index: 1 - endpointURL: http://garage-main.garage:3900 - endpointCredentials: photoview-postgresql-18-cluster-backup-secret-garage - endpointCredentialsIncludeRegion: true - retentionPolicy: "3d" + destinationBucket: postgres-backups + externalSecretCredentialPath: /garage/home-infra/postgres-backups isWALArchiver: true - # - name: external - # destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-18-cluster - # index: 1 - # retentionPolicy: "30d" - # isWALArchiver: false # - name: garage-remote - # destinationPath: s3://postgres-backups/cl01tl/photoview/photoview-postgresql-18-cluster # index: 1 - # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: photoview-postgresql-18-cluster-backup-secret-garage - # retentionPolicy: "30d" + # destinationBucket: postgres-backups + # externalSecretCredentialPath: /garage/home-infra/postgres-backups + # retentionPolicy: "90d" # data: # compression: bzip2 - # jobs: 2 + # - name: external + # index: 1 + # endpointURL: https://nyc3.digitaloceanspaces.com + # destinationBucket: postgres-backups-ce540ddf106d186bbddca68a + # externalSecretCredentialPath: /garage/home-infra/postgres-backups + # isWALArchiver: false scheduledBackups: - name: live-backup suspend: false immediate: true schedule: "0 0 0 * * *" backupName: garage-local - # - name: daily-backup - # suspend: false - # immediate: true - # schedule: "0 0 0 * * *" - # backupName: external # - name: weekly-backup # suspend: true # immediate: true # schedule: "0 0 4 * * SAT" # backupName: garage-remote + # - name: daily-backup + # suspend: true + # immediate: true + # schedule: "0 0 0 * * *" + # backupName: external diff --git a/clusters/cl01tl/helm/plex/Chart.yaml b/clusters/cl01tl/helm/plex/Chart.yaml index 2cbfcd3fe..b903b365f 100644 --- a/clusters/cl01tl/helm/plex/Chart.yaml +++ b/clusters/cl01tl/helm/plex/Chart.yaml @@ -6,8 +6,6 @@ keywords: - plex - tv shows - movies - - music - - photos - live tv home: https://wiki.alexlebens.dev/s/e2833eed-f991-4b00-9fa0-5d7f403a8183 sources: @@ -23,4 +21,5 @@ dependencies: repository: https://bjw-s-labs.github.io/helm-charts/ version: 4.5.0 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/plex.png +# renovate: github=linuxserver/docker-plex appVersion: 1.42.2 diff --git a/clusters/cl01tl/helm/plex/templates/http-route.yaml b/clusters/cl01tl/helm/plex/templates/http-route.yaml deleted file mode 100644 index 0ef0cbb23..000000000 --- a/clusters/cl01tl/helm/plex/templates/http-route.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: http-route-plex - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: http-route-plex - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - plex.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: plex - port: 32400 - weight: 100 diff --git a/clusters/cl01tl/helm/plex/values.yaml b/clusters/cl01tl/helm/plex/values.yaml index c8813f55e..a95452cae 100644 --- a/clusters/cl01tl/helm/plex/values.yaml +++ b/clusters/cl01tl/helm/plex/values.yaml @@ -34,6 +34,27 @@ plex: port: 32400 targetPort: 32400 protocol: HTTP + route: + main: + kind: HTTPRoute + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - plex.alexlebens.net + rules: + - backendRefs: + - group: '' + kind: Service + name: plex + port: 32400 + weight: 100 + matches: + - path: + type: PathPrefix + value: / persistence: config: forceRename: plex-config diff --git a/clusters/cl01tl/helm/postiz/Chart.lock b/clusters/cl01tl/helm/postiz/Chart.lock index 1ba941a14..111e41e3d 100644 --- a/clusters/cl01tl/helm/postiz/Chart.lock +++ b/clusters/cl01tl/helm/postiz/Chart.lock @@ -7,7 +7,7 @@ dependencies: version: 2.1.4 - name: postgres-cluster repository: oci://harbor.alexlebens.net/helm-charts - version: 7.1.4 + version: 7.4.3 - name: redis-replication repository: oci://harbor.alexlebens.net/helm-charts version: 0.5.0 @@ -17,5 +17,5 @@ dependencies: - name: volsync-target repository: oci://harbor.alexlebens.net/helm-charts version: 0.6.0 -digest: sha256:bab0d0c74f1ec39ddc3705d4895fcec8a6ae5eecba6c4b2603898bfb4878edfa -generated: "2025-12-21T19:05:17.305997301Z" +digest: sha256:d3af2937b13c32137f2ab46422b429519741eb5672c44bed806f23509e25b380 +generated: "2025-12-23T23:01:31.836463-06:00" diff --git a/clusters/cl01tl/helm/postiz/Chart.yaml b/clusters/cl01tl/helm/postiz/Chart.yaml index 910390b79..cf36618b9 100644 --- a/clusters/cl01tl/helm/postiz/Chart.yaml +++ b/clusters/cl01tl/helm/postiz/Chart.yaml @@ -26,7 +26,7 @@ dependencies: version: 2.1.4 - name: postgres-cluster alias: postgres-18-cluster - version: 7.1.4 + version: 7.4.3 repository: oci://harbor.alexlebens.net/helm-charts - name: redis-replication version: 0.5.0 @@ -40,4 +40,5 @@ dependencies: version: 0.6.0 repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/postiz.png +# renovate: github=gitroomhq/postiz-app appVersion: v2.10.1 diff --git a/clusters/cl01tl/helm/postiz/templates/external-secret.yaml b/clusters/cl01tl/helm/postiz/templates/external-secret.yaml index 3e7819960..a73997ad5 100644 --- a/clusters/cl01tl/helm/postiz/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/postiz/templates/external-secret.yaml @@ -86,70 +86,3 @@ spec: key: /authentik/oidc/postiz metadataPolicy: None property: secret - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: postiz-postgresql-18-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: postiz-postgresql-18-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: postiz-postgresql-18-cluster-backup-secret-garage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: postiz-postgresql-18-cluster-backup-secret-garage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY - - secretKey: ACCESS_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_REGION diff --git a/clusters/cl01tl/helm/postiz/values.yaml b/clusters/cl01tl/helm/postiz/values.yaml index 730180919..31074b7af 100644 --- a/clusters/cl01tl/helm/postiz/values.yaml +++ b/clusters/cl01tl/helm/postiz/values.yaml @@ -81,6 +81,27 @@ postiz: port: 80 targetPort: 5000 protocol: HTTP + route: + main: + kind: HTTPRoute + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - postiz.alexlebens.net + rules: + - backendRefs: + - group: '' + kind: Service + name: postiz + port: 80 + weight: 100 + matches: + - path: + type: PathPrefix + value: / persistence: config: forceRename: postiz-config @@ -106,58 +127,46 @@ postiz: readOnly: false postgres-18-cluster: mode: recovery - cluster: - storage: - storageClass: local-path - walStorage: - storageClass: local-path recovery: method: objectStore objectStore: - destinationPath: s3://postgres-backups/cl01tl/postiz/postiz-postgresql-18-cluster - endpointURL: http://garage-main.garage:3900 index: 1 - endpointCredentials: postiz-postgresql-18-cluster-backup-secret-garage backup: objectStore: - name: garage-local - destinationPath: s3://postgres-backups/cl01tl/postiz/postiz-postgresql-18-cluster index: 1 - endpointURL: http://garage-main.garage:3900 - endpointCredentials: postiz-postgresql-18-cluster-backup-secret-garage - endpointCredentialsIncludeRegion: true - retentionPolicy: "3d" + destinationBucket: postgres-backups + externalSecretCredentialPath: /garage/home-infra/postgres-backups isWALArchiver: true - # - name: external - # destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-18-cluster - # index: 1 - # retentionPolicy: "30d" - # isWALArchiver: false # - name: garage-remote - # destinationPath: s3://postgres-backups/cl01tl/postiz/postiz-postgresql-18-cluster # index: 1 - # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: postiz-postgresql-18-cluster-backup-secret-garage - # retentionPolicy: "30d" + # destinationBucket: postgres-backups + # externalSecretCredentialPath: /garage/home-infra/postgres-backups + # retentionPolicy: "90d" # data: # compression: bzip2 - # jobs: 2 + # - name: external + # index: 1 + # endpointURL: https://nyc3.digitaloceanspaces.com + # destinationBucket: postgres-backups-ce540ddf106d186bbddca68a + # externalSecretCredentialPath: /garage/home-infra/postgres-backups + # isWALArchiver: false scheduledBackups: - name: live-backup suspend: false immediate: true schedule: "0 0 0 * * *" backupName: garage-local - # - name: daily-backup - # suspend: false - # immediate: true - # schedule: "0 0 0 * * *" - # backupName: external # - name: weekly-backup # suspend: true # immediate: true # schedule: "0 0 4 * * SAT" # backupName: garage-remote + # - name: daily-backup + # suspend: true + # immediate: true + # schedule: "0 0 0 * * *" + # backupName: external redis-replication: existingSecret: enabled: true diff --git a/clusters/cl01tl/helm/prometheus-operator-crds/Chart.yaml b/clusters/cl01tl/helm/prometheus-operator-crds/Chart.yaml index 351a5a951..85ebfbe09 100644 --- a/clusters/cl01tl/helm/prometheus-operator-crds/Chart.yaml +++ b/clusters/cl01tl/helm/prometheus-operator-crds/Chart.yaml @@ -18,4 +18,5 @@ dependencies: version: 25.0.1 repository: oci://ghcr.io/prometheus-community/charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/prometheus.png +# renovate: github=prometheus-operator/prometheus-operator appVersion: v0.87.1