alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions 1 Activity

migrate to new chart
All checks were successful
lint-test-helm / lint-helm (push) Successful in 19s
Details
render-manifests-push / render-manifests-push (push) Successful in 2m40s
Details
renovate / renovate (push) Successful in 1m12s
Details

Browse Source
This commit is contained in:
Alex Lebens
2025-12-17 16:45:02 -06:00
parent 2ed60a2759
commit feb8ae9e0b
56 changed files with 88 additions and 462 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
clusters/cl01tl/helm/authentik/Chart.lock
View File

@@ -4,12 +4,12 @@ dependencies:
version: 2025.10.3
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.1.3
- name: redis-replication
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
digest: sha256:529f2ddaef6ef3584461ae31e4e3ffcc1146f19ece74ef054a7ddbc7eb36a0d8
generated: "2025-12-17T16:09:03.696627571Z"
digest: sha256:ec4d196c502021555fef8e13789b7ce683163270dc0dc76ee63df614e74b5969
generated: "2025-12-17T16:33:20.824676-06:00"

2
clusters/cl01tl/helm/authentik/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
- name: cloudflared
alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.1.3

23
clusters/cl01tl/helm/authentik/templates/external-secret.yaml
View File

@@ -20,29 +20,6 @@ spec:
metadataPolicy: None
property: key
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: authentik-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: authentik-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/authentik
metadataPolicy: None
property: token
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret

2
clusters/cl01tl/helm/authentik/values.yaml
View File

@@ -48,8 +48,6 @@ authentik:
enabled: false
redis:
enabled: false
cloudflared:
existingSecretName: authentik-cloudflared-secret
postgres-18-cluster:
mode: recovery
cluster:

6
clusters/cl01tl/helm/directus/Chart.lock
View File

@@ -4,12 +4,12 @@ dependencies:
version: 4.5.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.1.3
- name: redis-replication
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
digest: sha256:984cd51b50663cda85c4861949d2dc724de730a415344936a4fe39745aca31d3
generated: "2025-12-17T16:09:15.230017239Z"
digest: sha256:381d2e9dba91716b569b4533c55f922baea35e36e631626e12e509ba0ff42abf
generated: "2025-12-17T16:40:44.294195-06:00"

2
clusters/cl01tl/helm/directus/Chart.yaml
View File

@@ -24,7 +24,7 @@ dependencies:
- name: cloudflared
alias: cloudflared-directus
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.1.3

83
clusters/cl01tl/helm/directus/templates/external-secret.yaml
View File

@@ -41,6 +41,36 @@ spec:
metadataPolicy: None
property: key
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: directus-oidc-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: directus-oidc-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: OIDC_CLIENT_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/directus
metadataPolicy: None
property: client
- secretKey: OIDC_CLIENT_SECRET
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/directus
metadataPolicy: None
property: secret
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
@@ -94,59 +124,6 @@ spec:
metadataPolicy: None
property: password
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: directus-oidc-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: directus-oidc-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: OIDC_CLIENT_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/directus
metadataPolicy: None
property: client
- secretKey: OIDC_CLIENT_SECRET
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/directus
metadataPolicy: None
property: secret
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: directus-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: directus-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/directus
metadataPolicy: None
property: token
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret

3
clusters/cl01tl/helm/directus/values.yaml
View File

@@ -153,9 +153,6 @@ directus:
port: 80
targetPort: 8055
protocol: TCP
cloudflared-directus:
name: cloudflared-directus
existingSecretName: directus-cloudflared-secret
postgres-18-cluster:
mode: recovery
cluster:

6
clusters/cl01tl/helm/element-web/Chart.lock
View File

@@ -4,6 +4,6 @@ dependencies:
version: 1.4.26
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
digest: sha256:f9196cbede894c6da6ecedd9ae05d3f1fd0e20304eca8ca38c18334a923b2235
generated: "2025-12-07T02:54:29.895481505Z"
version: 2.0.1
digest: sha256:167c380390784b7f9838ae1123f60c546fcb25cbba026e1de6820546a4e28c01
generated: "2025-12-17T16:40:48.510486-06:00"

2
clusters/cl01tl/helm/element-web/Chart.yaml
View File

@@ -22,6 +22,6 @@ dependencies:
- name: cloudflared
alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
appVersion: v1.12.6

21
clusters/cl01tl/helm/element-web/templates/external-secret.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: element-web-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: element-web-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/element
metadataPolicy: None
property: token

2
clusters/cl01tl/helm/element-web/values.yaml
View File

@@ -24,5 +24,3 @@ element-web:
requests:
cpu: 10m
memory: 128Mi
cloudflared:
existingSecretName: element-web-cloudflared-secret

6
clusters/cl01tl/helm/freshrss/Chart.lock
View File

@@ -4,12 +4,12 @@ dependencies:
version: 4.5.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.1.3
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
digest: sha256:5900e87dbe27e52b72edc6dd34e36aeb89c491ac8729b3be499cbd6e09ce88ff
generated: "2025-12-17T16:09:27.525526677Z"
digest: sha256:65c3f3e803b60090d43f6b5d8eca56e1da6bfeb8212d66d23cfdb8460d13ecba
generated: "2025-12-17T16:40:58.956142-06:00"

2
clusters/cl01tl/helm/freshrss/Chart.yaml
View File

@@ -24,7 +24,7 @@ dependencies:
- name: cloudflared
alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.1.3

23
clusters/cl01tl/helm/freshrss/templates/external-secret.yaml
View File

@@ -71,29 +71,6 @@ spec:
metadataPolicy: None
property: crypto-key
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: freshrss-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: freshrss-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/freshrss
metadataPolicy: None
property: token
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret

2
clusters/cl01tl/helm/freshrss/values.yaml
View File

@@ -192,8 +192,6 @@ freshrss:
main:
- path: /var/www/FreshRSS/extensions
readOnly: false
cloudflared:
existingSecretName: freshrss-cloudflared-secret
postgres-18-cluster:
mode: recovery
cluster:

6
clusters/cl01tl/helm/gitea/Chart.lock
View File

@@ -10,7 +10,7 @@ dependencies:
version: 0.18.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.1.3
@@ -23,5 +23,5 @@ dependencies:
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
digest: sha256:4d1894d82bb3c9ca4672378e79ba8c6a7b1d1d691c6ac0e5ac369759a015f1dd
generated: "2025-12-17T16:09:49.625523528Z"
digest: sha256:15b7a7d8b69b876dc63705a75070cb522e90d6f8ead610209fd88b39f1ba28e4
generated: "2025-12-17T16:41:08.82906-06:00"

2
clusters/cl01tl/helm/gitea/Chart.yaml
View File

@@ -37,7 +37,7 @@ dependencies:
- name: cloudflared
alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.1.3

23
clusters/cl01tl/helm/gitea/templates/external-secret.yaml
View File

@@ -197,29 +197,6 @@ spec:
metadataPolicy: None
property: MEILI_MASTER_KEY
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: gitea-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/gitea
metadataPolicy: None
property: token
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret

2
clusters/cl01tl/helm/gitea/values.yaml
View File

@@ -185,8 +185,6 @@ meilisearch:
memory: 128Mi
serviceMonitor:
enabled: true
cloudflared:
existingSecretName: gitea-cloudflared-secret
postgres-18-cluster:
mode: recovery
cluster:

6
clusters/cl01tl/helm/homepage-dev/Chart.lock
View File

@@ -4,6 +4,6 @@ dependencies:
version: 4.5.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
digest: sha256:fbfdebf734560044cfe5d2c4771b63cbcabc121d13c44b751f914877b5bdc83f
generated: "2025-12-07T02:55:01.91141803Z"
version: 2.0.1
digest: sha256:96923099c2893374540fe8cf354fc1805205c08819dcb6367f4f8ac14b4221bc
generated: "2025-12-17T16:41:26.330656-06:00"

2
clusters/cl01tl/helm/homepage-dev/Chart.yaml
View File

@@ -22,6 +22,6 @@ dependencies:
- name: cloudflared
alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
appVersion: v1.8.0

21
clusters/cl01tl/helm/homepage-dev/templates/external-secret.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: homepage-dev-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: homepage-dev-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/homepage-dev
metadataPolicy: None
property: token

2
clusters/cl01tl/helm/homepage-dev/values.yaml
View File

@@ -163,5 +163,3 @@ homepage:
readOnly: true
mountPropagation: None
subPath: widgets.yaml
cloudflared:
existingSecretName: homepage-dev-cloudflared-secret

6
clusters/cl01tl/helm/karakeep/Chart.lock
View File

@@ -7,9 +7,9 @@ dependencies:
version: 0.18.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
digest: sha256:75ae21505394e7f5d2c0308665400aa249598612b141c6632bffe99230d454d3
generated: "2025-12-16T23:01:47.968439-06:00"
digest: sha256:9e808d0a415bb032c8565c99c59b15f25cbffd22df8c1c70e16c80e8799505fb
generated: "2025-12-17T16:41:40.280667-06:00"

2
clusters/cl01tl/helm/karakeep/Chart.yaml
View File

@@ -27,7 +27,7 @@ dependencies:
- name: cloudflared
alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: volsync-target
alias: volsync-target-data
version: 0.5.0

23
clusters/cl01tl/helm/karakeep/templates/external-secret.yaml
View File

@@ -79,26 +79,3 @@ spec:
key: /cl01tl/karakeep/meilisearch
metadataPolicy: None
property: MEILI_MASTER_KEY
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: karakeep-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: karakeep-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/karakeep
metadataPolicy: None
property: token

2
clusters/cl01tl/helm/karakeep/values.yaml
View File

@@ -152,7 +152,5 @@ meilisearch:
memory: 128Mi
serviceMonitor:
enabled: true
cloudflared:
existingSecretName: karakeep-cloudflared-secret
volsync-target-data:
pvcTarget: karakeep

8
clusters/cl01tl/helm/matrix-synapse/Chart.lock
View File

@@ -13,10 +13,10 @@ dependencies:
version: 4.5.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.1.3
@@ -38,5 +38,5 @@ dependencies:
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
digest: sha256:d7487cc29147c4cc2719ffca559a77a3c9c50abf5087ba34f9557eb36a9302fc
generated: "2025-12-17T10:23:12.737976-06:00"
digest: sha256:ccb371d89141f57b6fcddbb132406ef783e27be124e8f44af480e5f0eeb11de6
generated: "2025-12-17T16:42:10.9332-06:00"

4
clusters/cl01tl/helm/matrix-synapse/Chart.yaml
View File

@@ -45,11 +45,11 @@ dependencies:
version: 4.5.0
- name: cloudflared
alias: cloudflared-synapse
version: 1.23.2
version: 2.0.1
repository: oci://harbor.alexlebens.net/helm-charts
- name: cloudflared
alias: cloudflared-hookshot
version: 1.23.2
version: 2.0.1
repository: oci://harbor.alexlebens.net/helm-charts
- name: postgres-cluster
alias: postgres-18-cluster

46
clusters/cl01tl/helm/matrix-synapse/templates/external-secret.yaml
View File

@@ -199,52 +199,6 @@ spec:
metadataPolicy: None
property: password
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: matrix-synapse-cloudflared-synapse-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: matrix-synapse-cloudflared-synapse-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/matrix-synapse
metadataPolicy: None
property: token
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: matrix-synapse-cloudflared-hookshot-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: matrix-synapse-cloudflared-hookshot-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/matrix-hookshot
metadataPolicy: None
property: token
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret

6
clusters/cl01tl/helm/matrix-synapse/values.yaml
View File

@@ -384,12 +384,6 @@ mautrix-whatsapp:
main:
- path: /data
readOnly: false
cloudflared-synapse:
name: cloudflared-synapse
existingSecretName: matrix-synapse-cloudflared-synapse-secret
cloudflared-hookshot:
name: cloudflared-hookshot
existingSecretName: matrix-synapse-cloudflared-hookshot-secret
postgres-18-cluster:
mode: recovery
cluster:

6
clusters/cl01tl/helm/outline/Chart.lock
View File

@@ -4,12 +4,12 @@ dependencies:
version: 4.5.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.1.3
- name: redis-replication
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
digest: sha256:f88a6de488648be3e889b6791ea10f2bbdc93b185b23fe1ce6f011e0c52e8795
generated: "2025-12-17T16:11:20.961903473Z"
digest: sha256:522fd84d35b1aa3e761cce7e878bfbaa3981a7abca590b1cae87395ad8f0c354
generated: "2025-12-17T16:42:30.713283-06:00"

2
clusters/cl01tl/helm/outline/Chart.yaml
View File

@@ -25,7 +25,7 @@ dependencies:
- name: cloudflared
alias: cloudflared-outline
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.1.3

23
clusters/cl01tl/helm/outline/templates/external-secret.yaml
View File

@@ -57,29 +57,6 @@ spec:
metadataPolicy: None
property: secret
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: outline-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: outline-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/outline
metadataPolicy: None
property: token
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret

3
clusters/cl01tl/helm/outline/values.yaml
View File

@@ -142,9 +142,6 @@ outline:
port: 3000
targetPort: 3000
protocol: HTTP
cloudflared-outline:
existingSecretName: outline-cloudflared-secret
name: cloudflared-outline
postgres-18-cluster:
mode: recovery
cluster:

6
clusters/cl01tl/helm/postiz/Chart.lock
View File

@@ -4,7 +4,7 @@ dependencies:
version: 4.5.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.1.3
@@ -17,5 +17,5 @@ dependencies:
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
digest: sha256:8bca371950ea2088ed3229f2e2dbfaa859668de408077b3ffc6c9ade8cacc4b7
generated: "2025-12-17T11:32:26.293547-06:00"
digest: sha256:87746040a5bc493b609900567800bd57764849ffc35949df11ba8c1a53c77852
generated: "2025-12-17T16:42:38.213421-06:00"

2
clusters/cl01tl/helm/postiz/Chart.yaml
View File

@@ -23,7 +23,7 @@ dependencies:
version: 4.5.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.1.3

23
clusters/cl01tl/helm/postiz/templates/external-secret.yaml
View File

@@ -87,29 +87,6 @@ spec:
metadataPolicy: None
property: secret
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: postiz-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: postiz-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/postiz
metadataPolicy: None
property: token
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret

3
clusters/cl01tl/helm/postiz/values.yaml
View File

@@ -104,9 +104,6 @@ postiz:
main:
- path: /uploads
readOnly: false
cloudflared:
name: cloudflared-postiz
existingSecretName: postiz-cloudflared-secret
postgres-18-cluster:
mode: recovery
cluster:

6
clusters/cl01tl/helm/rook-ceph/Chart.lock
View File

@@ -7,6 +7,6 @@ dependencies:
version: v1.18.8
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
digest: sha256:22c958d439ac2f43c7bfd4a9544bc1f26ddd0758182173eef9dba4a9cf97bae3
generated: "2025-12-07T02:55:52.670455114Z"
version: 2.0.1
digest: sha256:796c19e79a794aa3a92d85328744bf43505fe747571991a9c59571f69901c3fe
generated: "2025-12-17T16:42:59.123083-06:00"

2
clusters/cl01tl/helm/rook-ceph/Chart.yaml
View File

@@ -24,6 +24,6 @@ dependencies:
- name: cloudflared
alias: cloudflared-rgw
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/ceph.png
appVersion: v1.18.8

21
clusters/cl01tl/helm/rook-ceph/templates/external-secret.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: ceph-rgw-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: ceph-rgw-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/ceph-rgw
metadataPolicy: None
property: token

4
clusters/cl01tl/helm/rook-ceph/values.yaml
View File

@@ -194,7 +194,3 @@ rook-ceph-cluster:
volumeBindingMode: "Immediate"
parameters:
region: us-east-1
cloudflared-rgw:
existingSecretName: ceph-rgw-cloudflared-secret
name: cloudflared-rgw

6
clusters/cl01tl/helm/site-documentation/Chart.lock
View File

@@ -4,6 +4,6 @@ dependencies:
version: 4.5.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
digest: sha256:f312794ceabc62e757aaf8e89dcd0728dbd581414ad4c2bd07dbbe20bcba8c6a
generated: "2025-12-07T02:56:04.029970498Z"
version: 2.0.1
digest: sha256:79bb50a1edfc2569cc6a6ae10c92d4e9b2f04a6f07c23e04266e23194c775ade
generated: "2025-12-17T16:43:11.64999-06:00"

2
clusters/cl01tl/helm/site-documentation/Chart.yaml
View File

@@ -23,6 +23,6 @@ dependencies:
- name: cloudflared
alias: cloudflared-site
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
icon: https://d21zlbwtcn424f.cloudfront.net/logo-new-round.png
appVersion: 0.0.5

21
clusters/cl01tl/helm/site-documentation/templates/external-secret.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: site-documentation-cloudflared-api-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: site-documentation-cloudflared-api-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/site-documentation
metadataPolicy: None
property: token

3
clusters/cl01tl/helm/site-documentation/values.yaml
View File

@@ -25,6 +25,3 @@ site-documentation:
port: 80
targetPort: 4321
protocol: HTTP
cloudflared-site:
name: cloudflared-site
existingSecretName: site-documentation-cloudflared-api-secret

6
clusters/cl01tl/helm/site-profile/Chart.lock
View File

@@ -4,6 +4,6 @@ dependencies:
version: 4.5.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
digest: sha256:b48981e2f4819b198c0584659579f958cb8e292c2ce08882a54224445e30e225
generated: "2025-12-07T02:56:13.641921599Z"
version: 2.0.1
digest: sha256:9f4021ce375babbb6e4cbb12139bc63d57b3be9a4861a5d5b286652fe8ee24ee
generated: "2025-12-17T16:43:13.437947-06:00"

2
clusters/cl01tl/helm/site-profile/Chart.yaml
View File

@@ -23,6 +23,6 @@ dependencies:
- name: cloudflared
alias: cloudflared-site
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
icon: https://d21zlbwtcn424f.cloudfront.net/logo-new-round.png
appVersion: 2.1.2

21
clusters/cl01tl/helm/site-profile/templates/external-secret.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: site-profile-cloudflared-api-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: site-profile-cloudflared-api-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/site-profile
metadataPolicy: None
property: token

3
clusters/cl01tl/helm/site-profile/values.yaml
View File

@@ -25,6 +25,3 @@ site-profile:
port: 80
targetPort: 4321
protocol: HTTP
cloudflared-site:
name: cloudflared-site
existingSecretName: site-profile-cloudflared-api-secret

6
clusters/cl01tl/helm/vaultwarden/Chart.lock
View File

@@ -4,12 +4,12 @@ dependencies:
version: 4.5.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.1.3
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
digest: sha256:278b78abd5050dc1f51a4e0d14f2f385d39c2ae657a843553c4a23f2ae109da9
generated: "2025-12-17T13:20:59.914523-06:00"
digest: sha256:e3db0d0947b1f556fa1d55e5df91e51eb6aab081dc82abe40a7d1612a19ad1b3
generated: "2025-12-17T16:43:52.028768-06:00"

2
clusters/cl01tl/helm/vaultwarden/Chart.yaml
View File

@@ -25,7 +25,7 @@ dependencies:
- name: cloudflared
alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2
version: 2.0.1
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.1.3

23
clusters/cl01tl/helm/vaultwarden/templates/external-secret.yaml
View File

@@ -1,28 +1,5 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: vaultwarden-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: vaultwarden-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/vaultwarden
metadataPolicy: None
property: token
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: vaultwarden-postgresql-18-cluster-backup-secret
namespace: {{ .Release.Namespace }}

2
clusters/cl01tl/helm/vaultwarden/values.yaml
View File

@@ -47,8 +47,6 @@ vaultwarden:
main:
- path: /data
readOnly: false
cloudflared:
existingSecretName: vaultwarden-cloudflared-secret
postgres-18-cluster:
mode: recovery
cluster: