alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Activity

Compare commits

base: alexlebens:0e336a9d8a5013e7e8a7fd117f2a913a4b44fb88
Branches Tags
alexlebens:main alexlebens:renovate/unified-cilium alexlebens:manifests
...
compare: alexlebens:renovate/unified-cilium
Branches Tags
alexlebens:renovate/unified-cilium alexlebens:manifests alexlebens:main

50 Commits
0e336a9d8a ... renovate/u

Author SHA1 Message Date
Renovate Bot
eaef36ad52 chore(deps): update cilium to v1.19.2
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 26s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 26s
Details
2026-04-09 02:46:34 +00:00
Alex Lebens
e6612c3d80 Merge pull request 'feat: increase disk' (#5759) from tmp/foldergram-2 into main
All checks were successful
lint-test-helm / lint-helm (push) Successful in 50s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 5m24s
Details 
Reviewed-on: #5759
 2026-04-09 02:44:08 +00:00
Alex Lebens
00f3df5db8 feat: increase disk
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 30s
Details
render-manifests / render-manifests (pull_request) Successful in 42s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 34s
Details
2026-04-08 21:43:12 -05:00
Alex Lebens
9b07271221 Merge pull request 'feat: add metrics' (#5757) from tmp/eraser into main
All checks were successful
lint-test-helm / lint-helm (push) Successful in 22s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 2m28s
Details 
Reviewed-on: #5757
 2026-04-09 02:41:29 +00:00
Alex Lebens
91ebddbd9d feat: add metrics
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 20s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 27s
Details
render-manifests / render-manifests (pull_request) Successful in 54s
Details
2026-04-08 21:39:21 -05:00
Alex Lebens
d7c8cab33b Merge pull request 'feat: fixes' (#5755) from tmp/kyoo-2 into main
All checks were successful
lint-test-helm / lint-helm (push) Successful in 23s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 1m49s
Details 
Reviewed-on: #5755
 2026-04-09 02:07:11 +00:00
Alex Lebens
e9ad72ac62 feat: fixes
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 25s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 27s
Details
render-manifests / render-manifests (pull_request) Successful in 35s
Details
2026-04-08 21:04:16 -05:00
Alex Lebens
3e35d49de8 ci: reconfigure
All checks were successful
renovate / renovate (push) Successful in 1m52s
Details
2026-04-08 20:50:04 -05:00
Alex Lebens
e942156c0a ci: reconfigure
All checks were successful
lint-test-helm / lint-helm (push) Successful in 32s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 3m0s
Details
2026-04-08 20:43:50 -05:00
Alex Lebens
46e92a4ad8 ci: reconfigure
All checks were successful
renovate / renovate (push) Successful in 2m11s
Details
2026-04-08 20:30:33 -05:00
Alex Lebens
183ebad9d8 ci: reconfigure
All checks were successful
renovate / renovate (push) Successful in 2m36s
Details
2026-04-08 20:21:24 -05:00
Alex Lebens
3de0bb2b98 ci: reconfigure
Some checks failed
renovate / renovate (push) Has been cancelled
Details
2026-04-08 20:19:47 -05:00
Alex Lebens
6698294425 Merge pull request 'feat: add kyoo' (#5752) from tmp/kyoo into main
Some checks failed
lint-test-docker / lint-docker-compose (push) Failing after 6s
Details
lint-test-helm / lint-helm (push) Failing after 6s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 3m10s
Details 
Reviewed-on: #5752
 2026-04-09 01:02:24 +00:00
Alex Lebens
488d90fd35 feat: add kyoo
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 40s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 45s
Details
lint-test-docker / lint-docker-compose (pull_request) Successful in 1m33s
Details
render-manifests / render-manifests (pull_request) Successful in 1m7s
Details
2026-04-08 19:54:19 -05:00
Alex Lebens
8c7e258f6b Merge pull request 'feat: remove dep-track' (#5750) from tmp/remove-dep into main
Some checks failed
lint-test-docker / lint-docker-compose (push) Failing after 8s
Details
lint-test-helm / lint-helm (push) Successful in 22s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 4m57s
Details 
Reviewed-on: #5750
 2026-04-08 23:46:26 +00:00
Alex Lebens
83c65561b4 feat: remove dep-track 2026-04-08 23:46:26 +00:00
Alex Lebens
9bb8ab477b Merge pull request 'chore(deps): update ghcr.io/linuxserver/code-server docker tag to v4.115.0-ls331' (#5749) from renovate/unified-code-server into main
All checks were successful
lint-test-helm / lint-helm (push) Successful in 1m5s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 1m48s
Details 
Reviewed-on: #5749
 2026-04-08 23:27:52 +00:00
Renovate Bot
883e405c83 chore(deps): update ghcr.io/linuxserver/code-server docker tag to v4.115.0-ls331
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 37s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 17s
Details
render-manifests / render-manifests (pull_request) Successful in 1m1s
Details
2026-04-08 23:02:41 +00:00
Alex Lebens
37617c753b Merge pull request 'chore(deps): update helm release argo-cd to v9.5.0' (#5747) from renovate/unified-argo-cd into main
All checks were successful
lint-test-helm / lint-helm (push) Successful in 33s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 2m28s
Details 
Reviewed-on: #5747
 2026-04-08 22:10:30 +00:00
Renovate Bot
5db199efa0 chore(deps): update helm release argo-cd to v9.5.0
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 31s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 25s
Details
render-manifests / render-manifests (pull_request) Successful in 2m33s
Details
2026-04-08 22:05:53 +00:00
Renovate Bot
bf12e74989 Merge pull request 'chore(deps): update elasticsearch docker tag to v9.3.3' (#5746) from renovate/unified-elasticsearch into main
All checks were successful
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 3m15s
Details
lint-test-helm / lint-helm (push) Successful in 17s
Details
2026-04-08 22:02:55 +00:00
Renovate Bot
8ce151be79 chore(deps): update elasticsearch docker tag to v9.3.3
Some checks failed
renovate/stability-days Updates have not met minimum release age requirement
Details
lint-test-helm / lint-helm (pull_request) Successful in 25s
Details
render-manifests / render-manifests (pull_request) Failing after 6s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 35s
Details
2026-04-08 22:02:29 +00:00
Renovate Bot
55835216d2 Merge pull request 'chore(deps): update ghcr.io/renovatebot/renovate docker tag to v43.110.4' (#5744) from renovate/unified-renovate into main
All checks were successful
renovate / renovate (push) Successful in 2m46s
Details
2026-04-08 21:03:06 +00:00
Renovate Bot
c870f974fb chore(deps): update ghcr.io/renovatebot/renovate docker tag to v43.110.4 2026-04-08 21:03:06 +00:00
Renovate Bot
305731cbf3 Merge pull request 'chore(deps): update ghcr.io/autobrr/qui docker tag to v1.16.1' (#5743) from renovate/unified-qui into main
Some checks failed
renovate / renovate (push) Has been cancelled
Details
lint-test-helm / lint-helm (push) Successful in 58s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
2026-04-08 21:02:45 +00:00
Renovate Bot
5382dfb4c0 chore(deps): update ghcr.io/autobrr/qui docker tag to v1.16.1
Some checks are pending
renovate/stability-days Updates have not met minimum release age requirement
Details
lint-test-helm / lint-helm (pull_request) Successful in 35s
Details
render-manifests / render-manifests (pull_request) Successful in 1m19s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 55s
Details
2026-04-08 21:02:23 +00:00
Alex Lebens
4c84a9fcd6 Merge pull request 'chore(deps): update elasticsearch docker tag to v9' (#5641) from renovate/major-unified-elasticsearch into main
All checks were successful
lint-test-helm / lint-helm (push) Successful in 23s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 2m44s
Details 
Reviewed-on: #5641
 2026-04-08 19:34:12 +00:00
Renovate Bot
e5c8a5d3e2 chore(deps): update elasticsearch docker tag to v9
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 22s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 29s
Details
render-manifests / render-manifests (pull_request) Successful in 45s
Details
2026-04-08 19:07:11 +00:00
Renovate Bot
db21a7b6c5 Merge pull request 'chore(deps): update kube-prometheus-stack docker tag to v83.2.0' (#5738) from renovate/unified-kube-prometheus-stack into main
All checks were successful
lint-test-helm / lint-helm (push) Successful in 25s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 2m35s
Details
2026-04-08 19:04:25 +00:00
Renovate Bot
33c34c77f8 chore(deps): update kube-prometheus-stack docker tag to v83.2.0 2026-04-08 19:04:25 +00:00
Renovate Bot
4afb944cf2 Merge pull request 'chore(deps): update helm release temporal to v1.0.0' (#5736) from renovate/unified-temporal into main
Some checks failed
lint-test-helm / validate-kubeconform (push) Has been cancelled
Details
lint-test-helm / lint-helm (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details
2026-04-08 19:03:48 +00:00
Renovate Bot
88d44afed6 chore(deps): update helm release temporal to v1.0.0 2026-04-08 19:03:48 +00:00
Renovate Bot
0cbce3e010 Merge pull request 'chore(deps): update helm release matrix-synapse to v3.12.25' (#5735) from renovate/unified-matrix-synapse into main
Some checks failed
lint-test-helm / lint-helm (push) Successful in 24s
Details
lint-test-helm / validate-kubeconform (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details
2026-04-08 19:03:20 +00:00
Renovate Bot
dd6c2592f0 chore(deps): update helm release matrix-synapse to v3.12.25 2026-04-08 19:03:20 +00:00
Renovate Bot
76e5f9808c Merge pull request 'chore(deps): update dependency ollama/ollama to v0.20.4' (#5734) from renovate/unified-ollama into main
Some checks failed
lint-test-helm / lint-helm (push) Successful in 21s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details
2026-04-08 19:02:34 +00:00
Renovate Bot
1e020b6182 chore(deps): update dependency ollama/ollama to v0.20.4
Some checks are pending
renovate/stability-days Updates have not met minimum release age requirement
Details
render-manifests / render-manifests (pull_request) Successful in 30s
Details
lint-test-helm / lint-helm (pull_request) Successful in 43s
Details
lint-test-helm / validate-kubeconform (pull_request) Has been skipped
Details
2026-04-08 19:02:18 +00:00
Alex Lebens
c045e62538 Merge pull request 'chore(deps): update plex to v1.43.1.10576-06378bdcd-ls300' (#5731) from renovate/unified-plex into main
All checks were successful
lint-test-helm / lint-helm (push) Successful in 20s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 3m58s
Details 
Reviewed-on: #5731
 2026-04-08 18:40:47 +00:00
Renovate Bot
7ace8403e4 chore(deps): update plex to v1.43.1.10576-06378bdcd-ls300
Some checks are pending
renovate/stability-days Updates have not met minimum release age requirement
Details
lint-test-helm / lint-helm (pull_request) Successful in 20s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 31s
Details
render-manifests / render-manifests (pull_request) Successful in 43s
Details
2026-04-08 18:00:22 +00:00
Renovate Bot
6164882d83 Merge pull request 'chore(deps): update element-web' (#5730) from renovate/unified-element-web into main
All checks were successful
lint-test-helm / lint-helm (push) Successful in 25s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 3m15s
Details
2026-04-08 17:57:47 +00:00
Renovate Bot
2a106cba50 chore(deps): update element-web
Some checks are pending
renovate/stability-days Updates have not met minimum release age requirement
Details
lint-test-helm / lint-helm (pull_request) Successful in 36s
Details
lint-test-helm / validate-kubeconform (pull_request) Has been skipped
Details
render-manifests / render-manifests (pull_request) Successful in 52s
Details
2026-04-08 17:57:32 +00:00
Alex Lebens
f055864eaa Merge pull request 'chore(deps): update postgres-cluster docker tag to v7.11.2' (#5284) from renovate/unified-postgres-cluster into main
Some checks failed
lint-test-helm / lint-helm (push) Successful in 21s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details 
Reviewed-on: #5284
 2026-04-08 17:51:02 +00:00
Renovate Bot
0bbd60d4ee chore(deps): update postgres-cluster docker tag to v7.11.2 2026-04-08 17:51:02 +00:00
Renovate Bot
699e29fefc Merge pull request 'chore(deps): update kube-prometheus-stack docker tag to v83.1.0' (#5727) from renovate/unified-kube-prometheus-stack into main
All checks were successful
lint-test-helm / lint-helm (push) Successful in 36s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 2m56s
Details
2026-04-08 17:26:42 +00:00
Renovate Bot
434f823d9e chore(deps): update kube-prometheus-stack docker tag to v83.1.0 2026-04-08 17:26:42 +00:00
Renovate Bot
cb27412d6f Merge pull request 'chore(deps): update ghcr.io/renovatebot/renovate docker tag to v43.110.3' (#5725) from renovate/unified-renovate into main
Some checks failed
renovate / renovate (push) Has been cancelled
Details
2026-04-08 17:26:08 +00:00
Renovate Bot
d8534c6c1d chore(deps): update ghcr.io/renovatebot/renovate docker tag to v43.110.3 2026-04-08 17:26:08 +00:00
Renovate Bot
f6a3505fd4 Merge pull request 'chore(deps): update seerr-chart docker tag to v3.4.1' (#5723) from renovate/unified-seerr-chart into main
Some checks failed
lint-test-helm / lint-helm (push) Successful in 23s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details
2026-04-08 17:25:15 +00:00
Renovate Bot
c5e41a6f74 chore(deps): update seerr-chart docker tag to v3.4.1 2026-04-08 17:25:15 +00:00
Renovate Bot
0529d6d419 Merge pull request 'chore(deps): update rclone to v1.73.4' (#5722) from renovate/unified-rclone into main
Some checks failed
lint-test-helm / lint-helm (push) Successful in 24s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details
2026-04-08 17:24:43 +00:00
Renovate Bot
0c1fd59b75 chore(deps): update rclone to v1.73.4
Some checks are pending
renovate/stability-days Updates have not met minimum release age requirement
Details
lint-test-helm / lint-helm (pull_request) Successful in 32s
Details
lint-test-helm / validate-kubeconform (pull_request) Has been skipped
Details
render-manifests / render-manifests (pull_request) Successful in 56s
Details
2026-04-08 17:24:17 +00:00
49 changed files with 873 additions and 255 deletions
Expand all files Collapse all files

4
.gitea/workflows/render-manifests.yaml
View File

@@ -283,7 +283,7 @@ jobs:
echo ">> Formating rendered template ..."
local TEMPLATE
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1,monitoring.coreos.com/v1")
# Format and split rendered template
echo "${TEMPLATE}" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"${OUTPUT_FOLDER}"'" + .kind + "-" + .metadata.name + ".yaml"'
@@ -314,7 +314,7 @@ jobs:
for DIR in ${RENDER_DIR}; do
echo "${DIR}"
done | xargs -P 4 -I {} bash -c 'OUT=$(render_chart "$@" 2>&1); printf "%s\n" "$OUT"' _ {}
done | xargs -P 5 -I {} bash -c 'OUT=$(render_chart "$@" 2>&1); printf "%s\n" "$OUT"' _ {}
echo ""
echo "----"

2
.gitea/workflows/renovate.yaml
View File

@@ -13,7 +13,7 @@ on:
jobs:
renovate:
runs-on: ubuntu-latest
container: ghcr.io/renovatebot/renovate:43.109.1@sha256:3dc6493fd5846ee486ca26531db8b8dd2c028bc8e4c5b3464514f5f6b3e065d8
container: ghcr.io/renovatebot/renovate:43.110.4@sha256:7ad99abc53b30d3f6e34df88b3e2b2b75436bba9b290e90d367356526034496f
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

6
clusters/cl01tl/helm/argocd/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies:
- name: argo-cd
repository: https://argoproj.github.io/argo-helm
version: 9.4.17
digest: sha256:17752dbf03861cf70ee31c9a17373a5175656a2edd00ba5fcd3988a195147da8
generated: "2026-03-28T01:51:34.832601868Z"
version: 9.5.0
digest: sha256:69daada0822f796cd49eeda2d9e39dd5c0c42bb61b6898af68123c8c49f25fa1
generated: "2026-04-08T22:05:49.003208408Z"

2
clusters/cl01tl/helm/argocd/Chart.yaml
View File

@@ -13,7 +13,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: argo-cd
version: 9.4.17
version: 9.5.0
repository: https://argoproj.github.io/argo-helm
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
# renovate: datasource=github-releases depName=argoproj/argo-cd

50
clusters/cl01tl/helm/argocd/values.yaml
View File

@@ -48,31 +48,31 @@ argo-cd:
enabled: true
rules:
enabled: true
spec:
- alert: ArgoAppMissing
expr: |
absent(argocd_app_info) == 1
for: 15m
labels:
severity: critical
annotations:
summary: "[Argo CD] No reported applications"
description: >
Argo CD has not reported any applications data for the past 15 minutes which
means that it must be down or not functioning properly. This needs to be
resolved for this cloud to continue to maintain state.
- alert: ArgoAppNotSynced
expr: |
argocd_app_info{sync_status!="Synced"} == 1
for: 12h
labels:
severity: warning
annotations:
summary: "[{{`{{$labels.name}}`}}] Application not synchronized"
description: >
The application [{{`{{$labels.name}}`}} has not been synchronized for over
12 hours which means that the state of this cloud has drifted away from the
state inside Git.
spec:
- alert: ArgoAppMissing
expr: |
absent(argocd_app_info) == 1
for: 15m
labels:
severity: critical
annotations:
summary: "[Argo CD] No reported applications"
description: >
Argo CD has not reported any applications data for the past 15 minutes which
means that it must be down or not functioning properly. This needs to be
resolved for this cloud to continue to maintain state.
- alert: ArgoAppNotSynced
expr: |
argocd_app_info{sync_status!="Synced"} == 1
for: 12h
labels:
severity: warning
annotations:
summary: "[{{`{{$labels.name}}`}}] Application not synchronized"
description: >
The application [{{`{{$labels.name}}`}} has not been synchronized for over
12 hours which means that the state of this cloud has drifted away from the
state inside Git.
dex:
enabled: true
resources:

2
clusters/cl01tl/helm/blocky/values.yaml
View File

@@ -109,7 +109,6 @@ blocky:
bazarr IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl
dawarich IN CNAME traefik-cl01tl
dependency-track IN CNAME traefik-cl01tl
directus IN CNAME traefik-cl01tl
excalidraw IN CNAME traefik-cl01tl
feishin IN CNAME traefik-cl01tl
@@ -132,6 +131,7 @@ blocky:
jellystat IN CNAME traefik-cl01tl
kiwix IN CNAME traefik-cl01tl
komodo IN CNAME traefik-cl01tl
kyoo IN CNAME traefik-cl01tl
languagetool IN CNAME traefik-cl01tl
lidarr IN CNAME traefik-cl01tl
mail IN CNAME traefik-cl01tl

6
clusters/cl01tl/helm/cilium/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies:
- name: cilium
repository: https://helm.cilium.io/
version: 1.18.6
digest: sha256:8ea328ac238524b5b423e6289f5e25d05ef64e6aa19cfd5de238f1d5dd533e9b
generated: "2026-02-05T12:00:20.15778-06:00"
version: 1.19.2
digest: sha256:11f8eef4733b70c2b9a91ce39fe3c1ea1ad3fa3c46750efb015e03ff6ea3655b
generated: "2026-04-09T02:46:30.286150405Z"

4
clusters/cl01tl/helm/cilium/Chart.yaml
View File

@@ -14,8 +14,8 @@ maintainers:
- name: alexlebens
dependencies:
- name: cilium
version: 1.18.6
version: 1.19.2
repository: https://helm.cilium.io/
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/cilium.png
# renovate: datasource=github-releases depName=cilium/cilium
appVersion: 1.18.6
appVersion: 1.19.2

9
clusters/cl01tl/helm/dependency-track/Chart.lock
View File

@@ -1,9 +0,0 @@
dependencies:
- name: dependency-track
repository: https://dependencytrack.github.io/helm-charts
version: 0.44.0
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.11.2
digest: sha256:6ea7e8066cce675a02ce76393ee2b0e23300d2f5c72ae64946ae667fc12fde1f
generated: "2026-04-05T17:32:11.221935-05:00"

27
clusters/cl01tl/helm/dependency-track/Chart.yaml
View File

@@ -1,27 +0,0 @@
apiVersion: v2
name: dependency-track
version: 1.0.0
description: Dependency Track
keywords:
- dependency-track
- vulnerability-scanner
home: https://docs.alexlebens.dev/applications/dependency-track/
sources:
- https://github.com/DependencyTrack/dependency-track
- https://hub.docker.com/r/dependencytrack/apiserver
- https://hub.docker.com/r/dependencytrack/frontend
- https://github.com/DependencyTrack/helm-charts/tree/main/charts/dependency-track
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
maintainers:
- name: alexlebens
dependencies:
- name: dependency-track
version: 0.44.0
repository: https://dependencytrack.github.io/helm-charts
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.11.2
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://avatars.githubusercontent.com/u/40258585
# renovate: datasource=github-releases depName=DependencyTrack/dependency-track
appVersion: 4.14.1

114
clusters/cl01tl/helm/dependency-track/values.yaml
View File

@@ -1,114 +0,0 @@
dependency-track:
common:
secretKey:
createSecret: false
existingSecretName: dependency-track-key-secret
apiServer:
image:
repository: dependencytrack/apiserver
tag: 4.14.1@sha256:2d8813e1ba4ada4aa23087d908c1b5a3ffce39261ead5555c397a1d67c7cbe9d
resources:
requests:
cpu: 100m
memory: 100Mi
limits:
memory: null
persistentVolume:
enabled: true
className: ceph-block
size: 5Gi
extraEnv:
- name: ALPINE_DATABASE_MODE
value: external
- name: ALPINE_DATABASE_DRIVER
value: org.postgresql.Driver
- name: ALPINE_DATABASE_URL
valueFrom:
secretKeyRef:
name: dependency-track-postgresql-18-cluster-app
key: jdbc-uri
- name: ALPINE_DATABASE_USERNAME
valueFrom:
secretKeyRef:
name: dependency-track-postgresql-18-cluster-app
key: user
- name: ALPINE_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: dependency-track-postgresql-18-cluster-app
key: password
- name: ALPINE_OIDC_ENABLED
value: "true"
- name: ALPINE_OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: dependency-track-oidc-secret
key: client
- name: ALPINE_OIDC_ISSUER
value: https://authentik.alexlebens.net/application/o/dependency-track/
- name: ALPINE_OIDC_USERNAME_CLAIM
value: preferred_username
- name: ALPINE_OIDC_TEAMS_CLAIM
value: groups
- name: ALPINE_OIDC_USER_PROVISIONING
value: "true"
- name: ALPINE_OIDC_TEAM_SYNCHRONIZATION
value: "true"
- name: ALPINE_CORS_ENABLED
value: "false"
- name: ALPINE_CORS_ALLOW_ORIGIN
value: dependency-track.alexlebens.net dependency-track.dependency-track
serviceMonitor:
enabled: true
namespace: dependency-track
frontend:
image:
repository: dependencytrack/frontend
tag: 4.14.1@sha256:8217737050b26ea69a6ddd6fe2cb419531a0bae0b903a87a04077a2415fc9f35
resources:
requests:
cpu: 10m
memory: 60Mi
limits:
memory: null
extraEnv:
- name: OIDC_ISSUER
value: https://authentik.alexlebens.net/application/o/dependency-track/
- name: OIDC_FLOW
value: explicit
- name: OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: dependency-track-oidc-secret
key: client
- name: OIDC_LOGIN_BUTTON_TEXT
value: Authentik
apiBaseUrl: dependency-track-api-server.dependency-track
httpRoute:
enabled: true
hostnames:
- dependency-track.alexlebens.net
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
postgres-18-cluster:
mode: standalone
recovery:
method: objectStore
objectStore:
index: 1
backup:
objectStore:
- name: garage-local
index: 1
destinationBucket: postgres-backups
externalSecretCredentialPath: /garage/home-infra/postgres-backups
isWALArchiver: true
scheduledBackups:
- name: live-backup
suspend: false
immediate: true
schedule: "0 10 14 * * *"
backupName: garage-local

6
clusters/cl01tl/helm/element-web/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies:
- name: element-web
repository: https://ananace.gitlab.io/charts
version: 1.4.33
version: 1.4.34
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 2.4.0
digest: sha256:63b0e582d42fb42bcf4d96ba4b299e42c434c42f284208596808288543192fe0
generated: "2026-03-24T16:11:50.424321433Z"
digest: sha256:376f1201085c5c93972d2286755dd8b530a4a88ad9fdaf4bfb50ec1f11c64df0
generated: "2026-04-08T17:57:31.040649797Z"

4
clusters/cl01tl/helm/element-web/Chart.yaml
View File

@@ -15,11 +15,11 @@ maintainers:
- name: alexlebens
dependencies:
- name: element-web
version: 1.4.33
version: 1.4.34
repository: https://ananace.gitlab.io/charts
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 2.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
# renovate: datasource=github-releases depName=element-hq/element-web
appVersion: v1.12.14
appVersion: v1.12.15

2
clusters/cl01tl/helm/element-web/values.yaml
View File

@@ -2,7 +2,7 @@ element-web:
replicaCount: 1
image:
repository: ghcr.io/element-hq/element-web
tag: v1.12.14@sha256:13052614150733892ff06189f0f9baf098bc16092bffc0e0e18ccf2f257abe34
tag: v1.12.15@sha256:c7fa40b5ba3891f8af3ce63da0818f457c1802a9ee4d2f5e46a9df36a2388eed
defaultServer:
url: https://matrix.alexlebens.dev
name: alexlebens.dev

7
clusters/cl01tl/helm/eraser/Chart.lock
View File

@@ -2,5 +2,8 @@ dependencies:
- name: eraser
repository: https://eraser-dev.github.io/eraser/charts
version: 1.4.1
digest: sha256:da828de684b0cd82e99994586f3db4f55c43c01607c4d8d0e70e204c7bbbbf5b
generated: "2025-12-03T22:53:20.200917773Z"
- name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2
digest: sha256:8414813d3d9d195b16ef7ebf814f7095a16413f4b0e579fcb37738000624f68c
generated: "2026-04-08T21:39:05.689756-05:00"

6
clusters/cl01tl/helm/eraser/Chart.yaml
View File

@@ -9,13 +9,19 @@ home: https://docs.alexlebens.dev/applications/eraser/
sources:
- https://github.com/eraser-dev/eraser
- https://github.com/eraser-dev/eraser/pkgs/container/eraser-manager
- https://github.com/open-telemetry/opentelemetry-collector-releases/pkgs/container/opentelemetry-collector-releases%2Fopentelemetry-collector
- https://github.com/eraser-dev/eraser/tree/main/charts/eraser
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
maintainers:
- name: alexlebens
dependencies:
- name: eraser
version: 1.4.1
repository: https://eraser-dev.github.io/eraser/charts
- name: app-template
alias: eraser-metrics
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2
icon: https://raw.githubusercontent.com/eraser-dev/eraser/refs/heads/main/images/eraser-logo-color-1c.png
# renovate: datasource=github-releases depName=eraser-dev/eraser
appVersion: v1.4.1

85
clusters/cl01tl/helm/eraser/values.yaml
View File

@@ -35,3 +35,88 @@ eraser:
requests:
cpu: 1m
memory: 20Mi
eraser-metrics:
global:
nameOverride: eraser-metrics
fullnameOverride: eraser-metrics
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
containers:
main:
image:
repository: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector
tag: 0.149.0@sha256:dd56aed607fd02f8ac01dddb27a859c0c2cc750539abce927803778fafc736ae
command:
- /otelcol
- --config=/conf/otel-collector-config.yaml
resources:
requests:
cpu: 10m
memory: 20Mi
configMaps:
config:
enabled: true
forceRename: eraser-config
data:
otel-collector-config.yaml: |
receivers:
otlp:
protocols:
http:
exporters:
logging:
loglevel: debug
prometheus:
endpoint: "0.0.0.0:8889"
send_timestamps: true
metric_expiration: 180m
service:
telemetry:
logs:
encoding: json
pipelines:
metrics:
receivers:
- otlp
exporters:
- logging
- prometheus
service:
main:
controller: main
ports:
http:
port: 4318
targetPort: 4318
metrics:
port: 8889
targetPort: 8889
serviceMonitor:
main:
selector:
matchLabels:
app.kubernetes.io/name: eraser-metrics
app.kubernetes.io/instance: eraser-metrics
serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}'
endpoints:
- port: metrics
interval: 30s
scrapeTimeout: 15s
path: /metrics
persistence:
config:
enabled: true
type: configMap
name: eraser-config
advancedMounts:
main:
main:
- path: /conf/otel-collector-config.yaml
readOnly: true
mountPropagation: None
subPath: otel-collector-config.yaml

2
clusters/cl01tl/helm/foldergram/values.yaml
View File

@@ -58,7 +58,7 @@ foldergram:
forceRename: foldergram-data
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 10Gi
size: 20Gi
advancedMounts:
main:
main:

6
clusters/cl01tl/helm/gatus/values.yaml
View File

@@ -116,6 +116,9 @@ gatus:
- name: jellyfin
url: https://jellyfin.alexlebens.net
<<: *defaults
- name: kyoo
url: https://kyoo.alexlebens.net
<<: *defaults
- name: tubearchivist
url: https://tubearchivist.alexlebens.net
<<: *defaults
@@ -185,9 +188,6 @@ gatus:
- name: komodo
url: https://komodo.alexlebens.net
<<: *defaults
- name: dependency-track
url: https://dependency-track.alexlebens.net
<<: *defaults
- name: omni-tools
url: https://omni-tools.alexlebens.net
<<: *defaults

2
clusters/cl01tl/helm/home-assistant/values.yaml
View File

@@ -23,7 +23,7 @@ home-assistant:
code-server:
image:
repository: ghcr.io/linuxserver/code-server
tag: 4.114.1-ls330@sha256:4dabed7dc766d3034778aa648ff6b89f0b04755a069fc1071ac0f22484b7c587
tag: 4.115.0-ls331@sha256:308f49acac8734542560f797d79b15e4c872c4d3f97d1b22862633fcce2af62a
env:
- name: TZ
value: America/Chicago

12
clusters/cl01tl/helm/homepage/values.yaml
View File

@@ -151,6 +151,12 @@ homepage:
href: https://jellyfin.alexlebens.net
siteMonitor: http://jellyfin.jellyfin:80
statusStyle: dot
- Movies and TV:
icon: sh-kyoo.webp
description: Kyoo
href: https://kyoo.alexlebens.net
siteMonitor: http://front.kyoo:8901
statusStyle: dot
- Youtube Archive:
icon: sh-tube-archivist-light.webp
description: TubeArchivist
@@ -387,12 +393,6 @@ homepage:
secret: {{ "{{HOMEPAGE_VAR_KOMODO_API_SECRET}}" }}
showStacks: true
fields: ["running", "down", "unhealthy", "unknown"]
- Vulnerability Scanning:
icon: https://raw.githubusercontent.com/DependencyTrack/branding/f77a4ad3b469ff656856ea225f26b1610b89a584/dt-logo-symbol.svg
description: Dependency Track
href: https://dependency-track.alexlebens.net
siteMonitor: http://dependency-track-frontend.dependency-track:8080
statusStyle: dot
- Uptime:
icon: sh-gatus.webp
description: Gatus

6
clusters/cl01tl/helm/kube-prometheus-stack/Chart.lock
View File

@@ -1,7 +1,7 @@
dependencies:
- name: kube-prometheus-stack
repository: oci://ghcr.io/prometheus-community/charts
version: 83.0.2
version: 83.2.0
- name: prometheus-operator-crds
repository: oci://ghcr.io/prometheus-community/charts
version: 28.0.1
@@ -11,5 +11,5 @@ dependencies:
- name: valkey
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
digest: sha256:0675ee4a9de34b23c744f521be309f7ad6860af74f8e7faeaa44bf26fda72d08
generated: "2026-04-07T22:42:15.723825441Z"
digest: sha256:d0942cff6346335abc91f9ceb919c5a819543b9b8baed11f83de89486f4e874d
generated: "2026-04-08T19:03:59.676069331Z"

2
clusters/cl01tl/helm/kube-prometheus-stack/Chart.yaml
View File

@@ -20,7 +20,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: kube-prometheus-stack
version: 83.0.2
version: 83.2.0
repository: oci://ghcr.io/prometheus-community/charts
- name: prometheus-operator-crds
version: 28.0.1

12
clusters/cl01tl/helm/kyoo/Chart.lock Normal file
View File

@@ -0,0 +1,12 @@
dependencies:
- name: kyoo
repository: oci://ghcr.io/zoriya/helm-charts
version: 5.0.0
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.11.2
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
digest: sha256:0a5ba08e137471d788da07502db63f5be535c2843f5bfda74fb873a997846ded
generated: "2026-04-08T21:04:05.245024-05:00"

35
clusters/cl01tl/helm/kyoo/Chart.yaml Normal file
View File

@@ -0,0 +1,35 @@
apiVersion: v2
name: kyoo
version: 1.0.0
description: Kyoo
keywords:
- kyoo
- media
home: https://docs.alexlebens.dev/applications/kyoo/
sources:
- https://github.com/zoriya/Kyoo
- https://github.com/zoriya/Kyoo/pkgs/container/kyoo_api
- https://github.com/zoriya/Kyoo/pkgs/container/kyoo_auth
- https://github.com/zoriya/Kyoo/pkgs/container/kyoo_front
- https://github.com/zoriya/Kyoo/pkgs/container/kyoo_scanner
- https://github.com/zoriya/Kyoo/pkgs/container/kyoo_transcoder
- https://github.com/zoriya/Kyoo/tree/master/chart
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target
maintainers:
- name: alexlebens
dependencies:
- name: kyoo
repository: oci://ghcr.io/zoriya/helm-charts
version: 5.0.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.11.2
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-metadata
version: 0.8.0
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kyoo.png
# renovate: datasource=github-releases depName=zoriya/Kyoo
appVersion: v5.0.0

30
clusters/cl01tl/helm/dependency-track/templates/external-secret.yaml → clusters/cl01tl/helm/kyoo/templates/external-secret.yaml
View File

@@ -1,10 +1,10 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: dependency-track-key-secret
name: kyoo-key-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: dependency-track-key-secret
app.kubernetes.io/name: kyoo-key-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
@@ -12,19 +12,31 @@ spec:
kind: ClusterSecretStore
name: vault
data:
- secretKey: secret.key
- secretKey: rsa-private
remoteRef:
key: /cl01tl/dependency-track/key
property: key
key: /cl01tl/kyoo/key
property: rsa-private
- secretKey: scanner-apikey
remoteRef:
key: /cl01tl/kyoo/key
property: scanner
- secretKey: tmdb-apikey
remoteRef:
key: /tmdb/alexlebens
property: api-key
- secretKey: tvdb-apikey
remoteRef:
key: /tvdb/alexlebens
property: api-key
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: dependency-track-oidc-secret
name: kyoo-oidc-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: dependency-track-oidc-secret
app.kubernetes.io/name: kyoo-oidc-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
@@ -34,9 +46,9 @@ spec:
data:
- secretKey: client
remoteRef:
key: /authentik/oidc/dependency-track
key: /authentik/oidc/kyoo
property: client
- secretKey: secret
remoteRef:
key: /authentik/oidc/dependency-track
key: /authentik/oidc/kyoo
property: secret

88
clusters/cl01tl/helm/kyoo/templates/http-route.yaml Normal file
View File

@@ -0,0 +1,88 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: kyoo
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- kyoo.alexlebens.net
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- group: ''
kind: Service
name: kyoo-front
port: 8901
weight: 100
- matches:
- path:
type: PathPrefix
value: /video
backendRefs:
- group: ''
kind: Service
name: kyoo-transcoder
port: 7666
weight: 100
- matches:
- path:
type: PathPrefix
value: /auth/
backendRefs:
- group: ''
kind: Service
name: kyoo-auth
port: 4568
weight: 100
- matches:
- path:
type: PathPrefix
value: /.well-known/
backendRefs:
- group: ''
kind: Service
name: kyoo-auth
port: 4568
weight: 100
- matches:
- path:
type: PathPrefix
value: /api/
backendRefs:
- group: ''
kind: Service
name: kyoo-api
port: 3567
weight: 100
- matches:
- path:
type: PathPrefix
value: /swagger
backendRefs:
- group: ''
kind: Service
name: kyoo-api
port: 3567
weight: 100
- matches:
- path:
type: PathPrefix
value: /scanner/
backendRefs:
- group: ''
kind: Service
name: kyoo-scanner
port: 4389
weight: 100

131
clusters/cl01tl/helm/kyoo/templates/persistent-volume-claim.yaml Normal file
View File

@@ -0,0 +1,131 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-media-anime-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-anime-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-media-anime-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-media-anime-movies-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-anime-movies-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-media-anime-movies-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-media-movies-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-movies-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-media-movies-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-media-movies-4k-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-movies-4k-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-media-movies-4k-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-media-standup-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-standup-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-media-standup-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-media-tvshows-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-tvshows-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-media-tvshows-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-media-tvshows-4k-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-tvshows-4k-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-media-tvshows-4k-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi

173
clusters/cl01tl/helm/kyoo/templates/persistent-volume.yaml Normal file
View File

@@ -0,0 +1,173 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-media-anime-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-anime-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Anime
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-media-anime-movies-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-anime-movies-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Anime Movies
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-media-movies-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-movies-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Movies
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-media-movies-4k-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-movies-4k-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Movies 4K
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-media-standup-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-standup-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Stand Up
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-media-tvshows-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-tvshows-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/TV Shows
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-media-tvshows-4k-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-media-tvshows-4k-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/TV Shows
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac

223
clusters/cl01tl/helm/kyoo/values.yaml Normal file
View File

@@ -0,0 +1,223 @@
kyoo:
global:
securityContext:
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
postgres:
shared:
host: kyoo-postgresql-18-cluster-rw
port: 5432
existingSecret: kyoo-postgresql-18-cluster-app
userKey: user
passwordKey: password
kyoo_api:
database: kyoo_api
sslmode: disable
kyoo_api:
userKey: user
passwordKey: password
existingSecret: kyoo-postgresql-18-cluster-superuser
kyoo_auth:
database: kyoo_auth
sslmode: disable
kyoo_scanner:
database: kyoo_scanner
sslmode: disable
kyoo_transcoder:
database: kyoo_transcoder
sslmode: disable
kyoo:
address: https://kyoo.alexlebens.net
auth:
privatekey:
existingSecret: kyoo-key-secret
privatekeyKey: rsa-private
apikeys:
scanner:
existingSecret: kyoo-key-secret
apikeyKey: scanner-apikey
transcoderAcceleration: qsv
transcoderPreset: fast
oidc_providers:
- name: Authentik
existingSecret: kyoo-oidc-secret
clientIdKey: client
clientSecretKey: secret
logo: https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/authentik.webp
authorizationAddress: https://authentik.alexlebens.net/application/o/authorize/
tokenAddress: https://authentik.alexlebens.net/application/o/token/
profileAddress: https://authentik.alexlebens.net/application/o/userinfo/
scope: "email openid profile"
authMethod: ClientSecretBasic
media:
volumes:
- name: kyoo-media-anime-nfs-storage
persistentVolumeClaim:
claimName: kyoo-media-anime-nfs-storage
- name: kyoo-media-anime-movies-nfs-storage
persistentVolumeClaim:
claimName: kyoo-media-anime-movies-nfs-storage
- name: kyoo-media-movies-nfs-storage
persistentVolumeClaim:
claimName: kyoo-media-movies-nfs-storage
- name: kyoo-media-movies-4k-nfs-storage
persistentVolumeClaim:
claimName: kyoo-media-movies-4k-nfs-storage
- name: kyoo-media-standup-nfs-storage
persistentVolumeClaim:
claimName: kyoo-media-standup-nfs-storage
- name: kyoo-media-tvshows-nfs-storage
persistentVolumeClaim:
claimName: kyoo-media-tvshows-nfs-storage
- name: kyoo-media-tvshows-4k-nfs-storage
persistentVolumeClaim:
claimName: kyoo-media-tvshows-4k-nfs-storage
volumeMounts:
- mountPath: /media/anime
name: kyoo-media-anime-nfs-storage
readOnly: true
- mountPath: /media/anime-movies
name: kyoo-media-anime-movies-nfs-storage
readOnly: true
- mountPath: /media/movies
name: kyoo-media-movies-nfs-storage
readOnly: true
- mountPath: /media/movies-4k
name: kyoo-media-movies-4k-nfs-storage
readOnly: true
- mountPath: /media/standup
name: kyoo-media-standup-nfs-storage
readOnly: true
- mountPath: /media/tvshows
name: kyoo-media-tvshows-nfs-storage
readOnly: true
- mountPath: /media/tvshows-4k
name: kyoo-media-tvshows-4k-nfs-storage
readOnly: true
baseMountPath: /media
contentdatabase:
tmdb:
apikeyKey: tmdb-apikey
existingSecret: kyoo-key-secret
tvdb:
apikeyKey: tvdb-apikey
pinKey: tvdb-apikey
existingSecret: kyoo-key-secret
api:
kyoo_api:
resources:
requests:
cpu: 10m
memory: 100Mi
image:
repository: ghcr.io/zoriya/kyoo_api
tag: 5.0.0@sha256:dc0210f235e23ae616b0f5952af7867dcbc52e0354c2683ec3c4190fdcd17744
persistence:
enabled: true
size: 1Gi
storageClass: ceph-block
accessModes:
- ReadWriteOnce
auth:
kyoo_auth:
resources:
requests:
cpu: 10m
memory: 100Mi
image:
repository: ghcr.io/zoriya/kyoo_auth
tag: 5.0.0
persistence:
enabled: true
size: 500Mi
storageClass: ceph-block
accessModes:
- ReadWriteOnce
front:
kyoo_front:
resources:
requests:
cpu: 10m
memory: 100Mi
image:
repository: ghcr.io/zoriya/kyoo_front
tag: 5.0.0@sha256:985f892470b304f13ef1950fb5f7e9ef33ee39b71705c627cb045773e6dfb7b4
scanner:
kyoo_scanner:
resources:
requests:
cpu: 10m
memory: 100Mi
image:
repository: ghcr.io/zoriya/kyoo_scanner
tag: 5.0.0@sha256:fa972f3f1e534264f4de153e30fe9481839754a3e724cc2663524a2b30e82b46
transcoder:
kyoo_transcoder:
resources:
limits:
gpu.intel.com/i915: 1
requests:
gpu.intel.com/i915: 1
cpu: 1
memory: 1Gi
image:
repository: ghcr.io/zoriya/kyoo_transcoder
tag: 5.0.0@sha256:59974794f8a638175408fa20f023ba9598108b54ad8ed9a22ec87a1a211dfc43
replicaCount: 1
persistence:
enabled: true
size: 1Gi
storageClass: ceph-block
accessModes:
- ReadWriteOnce
ingress:
enabled: false
traefikproxy:
enabled: false
postgres:
enabled: false
postgres-18-cluster:
mode: recovery
cluster:
enableSuperuserAccess: true
recovery:
method: objectStore
objectStore:
index: 1
backup:
objectStore:
- name: garage-local
index: 1
destinationBucket: postgres-backups
externalSecretCredentialPath: /garage/home-infra/postgres-backups
isWALArchiver: true
scheduledBackups:
- name: live-backup
suspend: false
immediate: true
schedule: "0 5 14 * * *"
backupName: garage-local
databases:
- name: kyoo_api
ensure: present
owner: app
- name: kyoo_auth
ensure: present
owner: app
- name: kyoo_scanner
ensure: present
owner: app
- name: kyoo_transcoder
ensure: present
owner: app
volsync-target-metadata:
pvcTarget: kyoo-apimetadata
local:
enabled: true
schedule: 26 8 * * *
remote:
enabled: true
schedule: 26 9 * * *
external:
enabled: true
schedule: 26 10 * * *

6
clusters/cl01tl/helm/matrix-synapse/Chart.lock
View File

@@ -1,7 +1,7 @@
dependencies:
- name: matrix-synapse
repository: https://ananace.gitlab.io/charts
version: 3.12.24
version: 3.12.25
- name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2
@@ -38,5 +38,5 @@ dependencies:
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
digest: sha256:0e8b1b79a98952ed49c87c6da83dcc2eed2aabbd755d9ebf1bdd3090f3ccc44c
generated: "2026-04-04T21:03:48.737144-05:00"
digest: sha256:937fe4fd8cd564a5f55a0f251a9b412eeeebe797f52d6769b18f6f6a28f6dd64
generated: "2026-04-08T19:02:45.651984056Z"

2
clusters/cl01tl/helm/matrix-synapse/Chart.yaml
View File

@@ -26,7 +26,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: matrix-synapse
version: 3.12.24
version: 3.12.25
repository: https://ananace.gitlab.io/charts
- name: app-template
alias: matrix-hookshot

2
clusters/cl01tl/helm/ollama/Chart.yaml
View File

@@ -31,4 +31,4 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/ollama.png
# renovate: datasource=github-releases depName=ollama/ollama
appVersion: 0.20.3
appVersion: 0.20.4

6
clusters/cl01tl/helm/paperless-ngx/Chart.lock
View File

@@ -4,7 +4,7 @@ dependencies:
version: 4.6.2
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.11.0
version: 7.11.2
- name: valkey
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
@@ -20,5 +20,5 @@ dependencies:
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
digest: sha256:08acc0818deaede4bb7515be7cbb1253f30036b70af6038caa69e4bd3cc02412
generated: "2026-03-30T20:25:47.995874-05:00"
digest: sha256:ae3aa7bd167e216d79bfbb60770c9bc209a8a689685f6dff6be41d8952ac0f25
generated: "2026-04-08T17:24:02.420482074Z"

2
clusters/cl01tl/helm/paperless-ngx/Chart.yaml
View File

@@ -24,7 +24,7 @@ dependencies:
version: 4.6.2
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.11.0
version: 7.11.2
repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey
alias: valkey

2
clusters/cl01tl/helm/plex/Chart.yaml
View File

@@ -20,4 +20,4 @@ dependencies:
version: 4.6.2
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/plex.png
# renovate: datasource=github-releases depName=linuxserver/docker-plex
appVersion: 1.43.0.10492-121068a07-ls299
appVersion: 1.43.1.10576-06378bdcd-ls300

2
clusters/cl01tl/helm/plex/values.yaml
View File

@@ -22,7 +22,7 @@ plex:
main:
image:
repository: ghcr.io/linuxserver/plex
tag: 1.43.0.10492-121068a07-ls299@sha256:a21302c5297943e204e9b262f8c2eca3e0c7ddb52490bfb3f1db47f6103721ab
tag: 1.43.1.10576-06378bdcd-ls300@sha256:09fe33e5efd991681ea3cbd3e3cb262cd1ae26d4a0145a4141ead284d8f21de6
env:
- name: TZ
value: America/Chicago

6
clusters/cl01tl/helm/postiz/Chart.lock
View File

@@ -4,7 +4,7 @@ dependencies:
version: 4.6.2
- name: temporal
repository: https://go.temporal.io/helm-charts
version: 1.0.0-rc.3
version: 1.0.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 2.4.0
@@ -20,5 +20,5 @@ dependencies:
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
digest: sha256:a5d285d997702cefaac9808ac6556a566d7974773c7fb2c7a0defb8f64226443
generated: "2026-04-05T20:33:43.946895-05:00"
digest: sha256:dbb86231dcf341e73570b57a10aad6278989e0c50c6f5959a43439a8a9146bb9
generated: "2026-04-08T19:03:28.347782848Z"

2
clusters/cl01tl/helm/postiz/Chart.yaml
View File

@@ -29,7 +29,7 @@ dependencies:
version: 4.6.2
- name: temporal
repository: https://go.temporal.io/helm-charts
version: 1.0.0-rc.3
version: 1.0.0
- name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts
version: 2.4.0

2
clusters/cl01tl/helm/qbittorrent/values.yaml
View File

@@ -208,7 +208,7 @@ qbittorrent:
qui:
image:
repository: ghcr.io/autobrr/qui
tag: v1.16.0@sha256:fcdced7cb8395ce039f2c5f920d890d4ad8bd849faec4c4df31701a8f13423cb
tag: v1.16.1@sha256:07b6ea9572e52e8b5f70f8fb15a7c688d8d754a7616242d3ad0b21dbd5c05836
env:
- name: QUI__METRICS_ENABLED
value: true

2
clusters/cl01tl/helm/rclone/Chart.yaml
View File

@@ -20,4 +20,4 @@ dependencies:
version: 4.6.2
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/rclone.png
# renovate: datasource=github-releases depName=rclone/rclone
appVersion: v1.73.3
appVersion: v1.73.4

16
clusters/cl01tl/helm/rclone/values.yaml
View File

@@ -12,7 +12,7 @@ rclone:
sync:
image:
repository: rclone/rclone
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
args:
- sync
- src:directus-assets
@@ -90,7 +90,7 @@ rclone:
sync:
image:
repository: rclone/rclone
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
args:
- sync
- src:karakeep-assets
@@ -168,7 +168,7 @@ rclone:
sync:
image:
repository: rclone/rclone
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
args:
- sync
- src:talos-backups
@@ -239,7 +239,7 @@ rclone:
prune:
image:
repository: rclone/rclone
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
args:
- delete
- dest:talos-backups
@@ -287,7 +287,7 @@ rclone:
sync:
image:
repository: rclone/rclone
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
args:
- sync
- src:web-assets
@@ -365,7 +365,7 @@ rclone:
sync:
image:
repository: rclone/rclone
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
args:
- sync
- src:postgres-backups
@@ -440,7 +440,7 @@ rclone:
prune:
image:
repository: rclone/rclone
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
args:
- delete
- dest:postgres-backups
@@ -488,7 +488,7 @@ rclone:
sync:
image:
repository: rclone/rclone
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
args:
- sync
- src:ntfy-attachments

6
clusters/cl01tl/helm/seerr/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies:
- name: seerr-chart
repository: oci://ghcr.io/seerr-team/seerr
version: 3.4.0
version: 3.4.1
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
digest: sha256:0ae90021bff10a9790f29f40f57607c9212e4e793078d62c9aeab833066b2d4e
generated: "2026-04-07T22:03:12.12671791Z"
digest: sha256:821fc73d7411c89f0eba2c35a7a455523dadaa4f9d5149b17b2c96cf594f5e1a
generated: "2026-04-08T17:24:50.724009386Z"

2
clusters/cl01tl/helm/seerr/Chart.yaml
View File

@@ -17,7 +17,7 @@ maintainers:
dependencies:
- name: seerr-chart
repository: oci://ghcr.io/seerr-team/seerr
version: 3.4.0
version: 3.4.1
- name: volsync-target
alias: volsync-target-config
version: 0.8.0

2
clusters/cl01tl/helm/stalwart/templates/elasticsearch.yaml
View File

@@ -9,7 +9,7 @@ metadata:
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
# renovate: datasource=docker depName=elasticsearch
version: 8.19.13
version: 9.3.3
auth:
fileRealm:
- secretName: stalwart-elasticsearch-secret

2
clusters/cl01tl/helm/tubearchivist/templates/elasticsearch.yaml
View File

@@ -9,7 +9,7 @@ metadata:
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
# renovate: datasource=docker depName=elasticsearch
version: 8.19.13
version: 9.3.3
auth:
fileRealm:
- secretName: tubearchivist-elasticsearch-secret

2
hosts/ps08rp/blocky/config.yml
View File

@@ -86,7 +86,6 @@ customDNS:
bazarr IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl
dawarich IN CNAME traefik-cl01tl
dependency-track IN CNAME traefik-cl01tl
directus IN CNAME traefik-cl01tl
excalidraw IN CNAME traefik-cl01tl
feishin IN CNAME traefik-cl01tl
@@ -109,6 +108,7 @@ customDNS:
jellystat IN CNAME traefik-cl01tl
kiwix IN CNAME traefik-cl01tl
komodo IN CNAME traefik-cl01tl
kyoo IN CNAME traefik-cl01tl
languagetool IN CNAME traefik-cl01tl
lidarr IN CNAME traefik-cl01tl
mail IN CNAME traefik-cl01tl

2
hosts/ps09rp/blocky/config.yml
View File

@@ -107,7 +107,6 @@ customDNS:
bazarr IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl
dawarich IN CNAME traefik-cl01tl
dependency-track IN CNAME traefik-cl01tl
directus IN CNAME traefik-cl01tl
excalidraw IN CNAME traefik-cl01tl
feishin IN CNAME traefik-cl01tl
@@ -130,6 +129,7 @@ customDNS:
jellystat IN CNAME traefik-cl01tl
kiwix IN CNAME traefik-cl01tl
komodo IN CNAME traefik-cl01tl
kyoo IN CNAME traefik-cl01tl
languagetool IN CNAME traefik-cl01tl
lidarr IN CNAME traefik-cl01tl
mail IN CNAME traefik-cl01tl

4
renovate.json
View File

@@ -76,10 +76,10 @@
{
"description": "Specific app grouping overrides",
"matchPackageNames": [
"/(^|/|-)(argo-cd|bazarr|cilium|dawarich|element-web|home-assistant|immich|komodo|plex|postiz|rook-ceph|roundcube|rybbit|tdarr|traefik)/",
"/(^|/|-)(argo-cd|bazarr|cilium|dawarich|element-web|home-assistant|immich|komodo|kyoo|plex|postiz|rook-ceph|roundcube|rybbit|tdarr|traefik)/",
"/^rook(-ceph|/rook|/ceph)/"
],
"groupName": "{{#if packageName}}{{{replace '^.*(argo-cd|bazarr|cilium|dawarich|element-web|home-assistant|immich|komodo|plex|postiz|rook-ceph|roundcube|rybbit|tdarr|traefik).*$' '$1' packageName}}}{{else}}{{{replace '^.*(argo-cd|bazarr|cilium|dawarich|element-web|home-assistant|immich|komodo|plex|postiz|rook-ceph|roundcube|rybbit|tdarr|traefik).*$' '$1' depName}}}{{/if}}",
"groupName": "{{#if packageName}}{{{replace '^.*(argo-cd|bazarr|cilium|dawarich|element-web|home-assistant|immich|komodo|kyoo|plex|postiz|rook-ceph|roundcube|rybbit|tdarr|traefik).*$' '$1' packageName}}}{{else}}{{{replace '^.*(argo-cd|bazarr|cilium|dawarich|element-web|home-assistant|immich|komodo|kyoo|plex|postiz|rook-ceph|roundcube|rybbit|tdarr|traefik).*$' '$1' depName}}}{{/if}}",
"groupSlug": "unified-{{{groupName}}}"
},
{