Compare commits
83 Commits
10fa4e597f
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| e6612c3d80 | |||
| 00f3df5db8 | |||
| 9b07271221 | |||
| 91ebddbd9d | |||
| d7c8cab33b | |||
| e9ad72ac62 | |||
| 3e35d49de8 | |||
| e942156c0a | |||
| 46e92a4ad8 | |||
| 183ebad9d8 | |||
| 3de0bb2b98 | |||
| 6698294425 | |||
| 488d90fd35 | |||
| 8c7e258f6b | |||
| 83c65561b4 | |||
| 9bb8ab477b | |||
883e405c83
|
|||
| 37617c753b | |||
|
5db199efa0
|
|||
| bf12e74989 | |||
|
8ce151be79
|
|||
| 55835216d2 | |||
| c870f974fb | |||
| 305731cbf3 | |||
|
5382dfb4c0
|
|||
| 4c84a9fcd6 | |||
|
e5c8a5d3e2
|
|||
| db21a7b6c5 | |||
| 33c34c77f8 | |||
| 4afb944cf2 | |||
| 88d44afed6 | |||
| 0cbce3e010 | |||
| dd6c2592f0 | |||
| 76e5f9808c | |||
|
1e020b6182
|
|||
| c045e62538 | |||
|
7ace8403e4
|
|||
| 6164882d83 | |||
|
2a106cba50
|
|||
| f055864eaa | |||
| 0bbd60d4ee | |||
| 699e29fefc | |||
| 434f823d9e | |||
| cb27412d6f | |||
| d8534c6c1d | |||
| f6a3505fd4 | |||
| c5e41a6f74 | |||
| 0529d6d419 | |||
|
0c1fd59b75
|
|||
| fb35354219 | |||
| 5576a0b382 | |||
| a28fc988b3 | |||
| 6fb72f493c | |||
| 80bc455d75 | |||
| 6b1d2a35a8 | |||
| cc7cd9a57e | |||
|
e0d450e79f
|
|||
| 4ad6904837 | |||
|
988e6b21c1
|
|||
| 7b34b8901e | |||
|
32870a7213
|
|||
| 5b894cd50e | |||
| 3168925715 | |||
| 050576d5a6 | |||
|
2de4d79c58
|
|||
| 0c6edbae28 | |||
| f6b11e17e4 | |||
| 7d36ea9c90 | |||
| 0a7bbf21bd | |||
|
5456428592
|
|||
| 88ab17c2f3 | |||
| cd0eefdbec | |||
| 66cdec3eee | |||
| 2f8a695f04 | |||
| b024675f2e | |||
| 1ce8f18df7 | |||
| 6825615229 | |||
|
495cac7e10
|
|||
| 01dfc0cc67 | |||
| e4f8996477 | |||
| 309d087b66 | |||
| 4b7fafbe88 | |||
| aaef7d9783 |
@@ -283,7 +283,7 @@ jobs:
|
||||
|
||||
echo ">> Formating rendered template ..."
|
||||
local TEMPLATE
|
||||
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
|
||||
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1,monitoring.coreos.com/v1")
|
||||
|
||||
# Format and split rendered template
|
||||
echo "${TEMPLATE}" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"${OUTPUT_FOLDER}"'" + .kind + "-" + .metadata.name + ".yaml"'
|
||||
@@ -314,7 +314,7 @@ jobs:
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
echo "${DIR}"
|
||||
|
||||
done | xargs -P 4 -I {} bash -c 'OUT=$(render_chart "$@" 2>&1); printf "%s\n" "$OUT"' _ {}
|
||||
done | xargs -P 5 -I {} bash -c 'OUT=$(render_chart "$@" 2>&1); printf "%s\n" "$OUT"' _ {}
|
||||
|
||||
echo ""
|
||||
echo "----"
|
||||
|
||||
@@ -13,7 +13,7 @@ on:
|
||||
jobs:
|
||||
renovate:
|
||||
runs-on: ubuntu-latest
|
||||
container: ghcr.io/renovatebot/renovate:43.109.0@sha256:262d3c2d7e61da7a7eef61fdbdcf26d80cb0d13f65baaa99ace4163a4d56c0fa
|
||||
container: ghcr.io/renovatebot/renovate:43.110.4@sha256:7ad99abc53b30d3f6e34df88b3e2b2b75436bba9b290e90d367356526034496f
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
dependencies:
|
||||
- name: argo-cd
|
||||
repository: https://argoproj.github.io/argo-helm
|
||||
version: 9.4.17
|
||||
digest: sha256:17752dbf03861cf70ee31c9a17373a5175656a2edd00ba5fcd3988a195147da8
|
||||
generated: "2026-03-28T01:51:34.832601868Z"
|
||||
version: 9.5.0
|
||||
digest: sha256:69daada0822f796cd49eeda2d9e39dd5c0c42bb61b6898af68123c8c49f25fa1
|
||||
generated: "2026-04-08T22:05:49.003208408Z"
|
||||
|
||||
@@ -13,7 +13,7 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: argo-cd
|
||||
version: 9.4.17
|
||||
version: 9.5.0
|
||||
repository: https://argoproj.github.io/argo-helm
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
|
||||
# renovate: datasource=github-releases depName=argoproj/argo-cd
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
dependencies:
|
||||
- name: authentik
|
||||
repository: https://charts.goauthentik.io/
|
||||
version: 2026.2.1
|
||||
version: 2026.2.2
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.4.0
|
||||
@@ -11,5 +11,5 @@ dependencies:
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:7302a85008aee7950aa345aa7d64563c1b0da8f07e348ec9709f9438503a41ff
|
||||
generated: "2026-04-04T21:00:59.689114-05:00"
|
||||
digest: sha256:86950b83ac8a4da2a89bb826616857fd5eca017c813d8def0eb905025a6e7687
|
||||
generated: "2026-04-08T02:23:25.175388081Z"
|
||||
|
||||
@@ -18,7 +18,7 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: authentik
|
||||
version: 2026.2.1
|
||||
version: 2026.2.2
|
||||
repository: https://charts.goauthentik.io/
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
|
||||
@@ -109,7 +109,6 @@ blocky:
|
||||
bazarr IN CNAME traefik-cl01tl
|
||||
ceph IN CNAME traefik-cl01tl
|
||||
dawarich IN CNAME traefik-cl01tl
|
||||
dependency-track IN CNAME traefik-cl01tl
|
||||
directus IN CNAME traefik-cl01tl
|
||||
excalidraw IN CNAME traefik-cl01tl
|
||||
feishin IN CNAME traefik-cl01tl
|
||||
@@ -132,6 +131,7 @@ blocky:
|
||||
jellystat IN CNAME traefik-cl01tl
|
||||
kiwix IN CNAME traefik-cl01tl
|
||||
komodo IN CNAME traefik-cl01tl
|
||||
kyoo IN CNAME traefik-cl01tl
|
||||
languagetool IN CNAME traefik-cl01tl
|
||||
lidarr IN CNAME traefik-cl01tl
|
||||
mail IN CNAME traefik-cl01tl
|
||||
|
||||
@@ -1,9 +0,0 @@
|
||||
dependencies:
|
||||
- name: dependency-track
|
||||
repository: https://dependencytrack.github.io/helm-charts
|
||||
version: 0.44.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.11.2
|
||||
digest: sha256:6ea7e8066cce675a02ce76393ee2b0e23300d2f5c72ae64946ae667fc12fde1f
|
||||
generated: "2026-04-05T17:32:11.221935-05:00"
|
||||
@@ -1,27 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: dependency-track
|
||||
version: 1.0.0
|
||||
description: Dependency Track
|
||||
keywords:
|
||||
- dependency-track
|
||||
- vulnerability-scanner
|
||||
home: https://docs.alexlebens.dev/applications/dependency-track/
|
||||
sources:
|
||||
- https://github.com/DependencyTrack/dependency-track
|
||||
- https://hub.docker.com/r/dependencytrack/apiserver
|
||||
- https://hub.docker.com/r/dependencytrack/frontend
|
||||
- https://github.com/DependencyTrack/helm-charts/tree/main/charts/dependency-track
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: dependency-track
|
||||
version: 0.44.0
|
||||
repository: https://dependencytrack.github.io/helm-charts
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.11.2
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://avatars.githubusercontent.com/u/40258585
|
||||
# renovate: datasource=github-releases depName=DependencyTrack/dependency-track
|
||||
appVersion: 4.14.1
|
||||
@@ -1,114 +0,0 @@
|
||||
dependency-track:
|
||||
common:
|
||||
secretKey:
|
||||
createSecret: false
|
||||
existingSecretName: dependency-track-key-secret
|
||||
apiServer:
|
||||
image:
|
||||
repository: dependencytrack/apiserver
|
||||
tag: 4.14.1@sha256:2d8813e1ba4ada4aa23087d908c1b5a3ffce39261ead5555c397a1d67c7cbe9d
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 100Mi
|
||||
limits:
|
||||
memory: null
|
||||
persistentVolume:
|
||||
enabled: true
|
||||
className: ceph-block
|
||||
size: 5Gi
|
||||
extraEnv:
|
||||
- name: ALPINE_DATABASE_MODE
|
||||
value: external
|
||||
- name: ALPINE_DATABASE_DRIVER
|
||||
value: org.postgresql.Driver
|
||||
- name: ALPINE_DATABASE_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dependency-track-postgresql-18-cluster-app
|
||||
key: jdbc-uri
|
||||
- name: ALPINE_DATABASE_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dependency-track-postgresql-18-cluster-app
|
||||
key: user
|
||||
- name: ALPINE_DATABASE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dependency-track-postgresql-18-cluster-app
|
||||
key: password
|
||||
- name: ALPINE_OIDC_ENABLED
|
||||
value: "true"
|
||||
- name: ALPINE_OIDC_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dependency-track-oidc-secret
|
||||
key: client
|
||||
- name: ALPINE_OIDC_ISSUER
|
||||
value: https://authentik.alexlebens.net/application/o/dependency-track/
|
||||
- name: ALPINE_OIDC_USERNAME_CLAIM
|
||||
value: preferred_username
|
||||
- name: ALPINE_OIDC_TEAMS_CLAIM
|
||||
value: groups
|
||||
- name: ALPINE_OIDC_USER_PROVISIONING
|
||||
value: "true"
|
||||
- name: ALPINE_OIDC_TEAM_SYNCHRONIZATION
|
||||
value: "true"
|
||||
- name: ALPINE_CORS_ENABLED
|
||||
value: "false"
|
||||
- name: ALPINE_CORS_ALLOW_ORIGIN
|
||||
value: dependency-track.alexlebens.net dependency-track.dependency-track
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
namespace: dependency-track
|
||||
frontend:
|
||||
image:
|
||||
repository: dependencytrack/frontend
|
||||
tag: 4.14.1@sha256:8217737050b26ea69a6ddd6fe2cb419531a0bae0b903a87a04077a2415fc9f35
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 60Mi
|
||||
limits:
|
||||
memory: null
|
||||
extraEnv:
|
||||
- name: OIDC_ISSUER
|
||||
value: https://authentik.alexlebens.net/application/o/dependency-track/
|
||||
- name: OIDC_FLOW
|
||||
value: explicit
|
||||
- name: OIDC_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dependency-track-oidc-secret
|
||||
key: client
|
||||
- name: OIDC_LOGIN_BUTTON_TEXT
|
||||
value: Authentik
|
||||
apiBaseUrl: dependency-track-api-server.dependency-track
|
||||
httpRoute:
|
||||
enabled: true
|
||||
hostnames:
|
||||
- dependency-track.alexlebens.net
|
||||
parentRefs:
|
||||
- group: gateway.networking.k8s.io
|
||||
kind: Gateway
|
||||
name: traefik-gateway
|
||||
namespace: traefik
|
||||
postgres-18-cluster:
|
||||
mode: standalone
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
index: 1
|
||||
backup:
|
||||
objectStore:
|
||||
- name: garage-local
|
||||
index: 1
|
||||
destinationBucket: postgres-backups
|
||||
externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
||||
isWALArchiver: true
|
||||
scheduledBackups:
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 10 14 * * *"
|
||||
backupName: garage-local
|
||||
@@ -1,9 +1,9 @@
|
||||
dependencies:
|
||||
- name: element-web
|
||||
repository: https://ananace.gitlab.io/charts
|
||||
version: 1.4.33
|
||||
version: 1.4.34
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.4.0
|
||||
digest: sha256:63b0e582d42fb42bcf4d96ba4b299e42c434c42f284208596808288543192fe0
|
||||
generated: "2026-03-24T16:11:50.424321433Z"
|
||||
digest: sha256:376f1201085c5c93972d2286755dd8b530a4a88ad9fdaf4bfb50ec1f11c64df0
|
||||
generated: "2026-04-08T17:57:31.040649797Z"
|
||||
|
||||
@@ -15,11 +15,11 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: element-web
|
||||
version: 1.4.33
|
||||
version: 1.4.34
|
||||
repository: https://ananace.gitlab.io/charts
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.4.0
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
||||
# renovate: datasource=github-releases depName=element-hq/element-web
|
||||
appVersion: v1.12.14
|
||||
appVersion: v1.12.15
|
||||
|
||||
@@ -2,7 +2,7 @@ element-web:
|
||||
replicaCount: 1
|
||||
image:
|
||||
repository: ghcr.io/element-hq/element-web
|
||||
tag: v1.12.14@sha256:13052614150733892ff06189f0f9baf098bc16092bffc0e0e18ccf2f257abe34
|
||||
tag: v1.12.15@sha256:c7fa40b5ba3891f8af3ce63da0818f457c1802a9ee4d2f5e46a9df36a2388eed
|
||||
defaultServer:
|
||||
url: https://matrix.alexlebens.dev
|
||||
name: alexlebens.dev
|
||||
|
||||
@@ -2,5 +2,8 @@ dependencies:
|
||||
- name: eraser
|
||||
repository: https://eraser-dev.github.io/eraser/charts
|
||||
version: 1.4.1
|
||||
digest: sha256:da828de684b0cd82e99994586f3db4f55c43c01607c4d8d0e70e204c7bbbbf5b
|
||||
generated: "2025-12-03T22:53:20.200917773Z"
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.6.2
|
||||
digest: sha256:8414813d3d9d195b16ef7ebf814f7095a16413f4b0e579fcb37738000624f68c
|
||||
generated: "2026-04-08T21:39:05.689756-05:00"
|
||||
|
||||
@@ -9,13 +9,19 @@ home: https://docs.alexlebens.dev/applications/eraser/
|
||||
sources:
|
||||
- https://github.com/eraser-dev/eraser
|
||||
- https://github.com/eraser-dev/eraser/pkgs/container/eraser-manager
|
||||
- https://github.com/open-telemetry/opentelemetry-collector-releases/pkgs/container/opentelemetry-collector-releases%2Fopentelemetry-collector
|
||||
- https://github.com/eraser-dev/eraser/tree/main/charts/eraser
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: eraser
|
||||
version: 1.4.1
|
||||
repository: https://eraser-dev.github.io/eraser/charts
|
||||
- name: app-template
|
||||
alias: eraser-metrics
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.6.2
|
||||
icon: https://raw.githubusercontent.com/eraser-dev/eraser/refs/heads/main/images/eraser-logo-color-1c.png
|
||||
# renovate: datasource=github-releases depName=eraser-dev/eraser
|
||||
appVersion: v1.4.1
|
||||
|
||||
@@ -35,3 +35,88 @@ eraser:
|
||||
requests:
|
||||
cpu: 1m
|
||||
memory: 20Mi
|
||||
eraser-metrics:
|
||||
global:
|
||||
nameOverride: eraser-metrics
|
||||
fullnameOverride: eraser-metrics
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector
|
||||
tag: 0.149.0@sha256:dd56aed607fd02f8ac01dddb27a859c0c2cc750539abce927803778fafc736ae
|
||||
command:
|
||||
- /otelcol
|
||||
- --config=/conf/otel-collector-config.yaml
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
configMaps:
|
||||
config:
|
||||
enabled: true
|
||||
forceRename: eraser-config
|
||||
data:
|
||||
otel-collector-config.yaml: |
|
||||
receivers:
|
||||
otlp:
|
||||
protocols:
|
||||
http:
|
||||
|
||||
exporters:
|
||||
logging:
|
||||
loglevel: debug
|
||||
prometheus:
|
||||
endpoint: "0.0.0.0:8889"
|
||||
send_timestamps: true
|
||||
metric_expiration: 180m
|
||||
|
||||
service:
|
||||
telemetry:
|
||||
logs:
|
||||
encoding: json
|
||||
pipelines:
|
||||
metrics:
|
||||
receivers:
|
||||
- otlp
|
||||
exporters:
|
||||
- logging
|
||||
- prometheus
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
ports:
|
||||
http:
|
||||
port: 4318
|
||||
targetPort: 4318
|
||||
metrics:
|
||||
port: 8889
|
||||
targetPort: 8889
|
||||
serviceMonitor:
|
||||
main:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: eraser-metrics
|
||||
app.kubernetes.io/instance: eraser-metrics
|
||||
serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}'
|
||||
endpoints:
|
||||
- port: metrics
|
||||
interval: 30s
|
||||
scrapeTimeout: 15s
|
||||
path: /metrics
|
||||
persistence:
|
||||
config:
|
||||
enabled: true
|
||||
type: configMap
|
||||
name: eraser-config
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
- path: /conf/otel-collector-config.yaml
|
||||
readOnly: true
|
||||
mountPropagation: None
|
||||
subPath: otel-collector-config.yaml
|
||||
|
||||
@@ -58,7 +58,7 @@ foldergram:
|
||||
forceRename: foldergram-data
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 10Gi
|
||||
size: 20Gi
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
|
||||
@@ -116,6 +116,9 @@ gatus:
|
||||
- name: jellyfin
|
||||
url: https://jellyfin.alexlebens.net
|
||||
<<: *defaults
|
||||
- name: kyoo
|
||||
url: https://kyoo.alexlebens.net
|
||||
<<: *defaults
|
||||
- name: tubearchivist
|
||||
url: https://tubearchivist.alexlebens.net
|
||||
<<: *defaults
|
||||
@@ -185,9 +188,6 @@ gatus:
|
||||
- name: komodo
|
||||
url: https://komodo.alexlebens.net
|
||||
<<: *defaults
|
||||
- name: dependency-track
|
||||
url: https://dependency-track.alexlebens.net
|
||||
<<: *defaults
|
||||
- name: omni-tools
|
||||
url: https://omni-tools.alexlebens.net
|
||||
<<: *defaults
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 1.18.3
|
||||
- name: postgres-cluster
|
||||
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
|
||||
version: 7.11.1
|
||||
version: 7.11.2
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:fb17e2bad9c3a303da2b9d65ee5bd082a58ca6a5cee17d337e2536747982aa2c
|
||||
generated: "2026-03-31T18:38:15.510833-05:00"
|
||||
digest: sha256:2ef60d6315a21e0d92970570630cc74720643e7e51e0574107249684ddc2fab5
|
||||
generated: "2026-04-07T20:36:47.509644-05:00"
|
||||
|
||||
@@ -20,7 +20,7 @@ dependencies:
|
||||
repository: https://helm.goharbor.io
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.11.1
|
||||
version: 7.11.2
|
||||
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
|
||||
@@ -23,7 +23,7 @@ home-assistant:
|
||||
code-server:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/code-server
|
||||
tag: 4.114.1-ls330@sha256:4dabed7dc766d3034778aa648ff6b89f0b04755a069fc1071ac0f22484b7c587
|
||||
tag: 4.115.0-ls331@sha256:308f49acac8734542560f797d79b15e4c872c4d3f97d1b22862633fcce2af62a
|
||||
env:
|
||||
- name: TZ
|
||||
value: America/Chicago
|
||||
|
||||
@@ -151,6 +151,12 @@ homepage:
|
||||
href: https://jellyfin.alexlebens.net
|
||||
siteMonitor: http://jellyfin.jellyfin:80
|
||||
statusStyle: dot
|
||||
- Movies and TV:
|
||||
icon: sh-kyoo.webp
|
||||
description: Kyoo
|
||||
href: https://kyoo.alexlebens.net
|
||||
siteMonitor: http://front.kyoo:8901
|
||||
statusStyle: dot
|
||||
- Youtube Archive:
|
||||
icon: sh-tube-archivist-light.webp
|
||||
description: TubeArchivist
|
||||
@@ -387,12 +393,6 @@ homepage:
|
||||
secret: {{ "{{HOMEPAGE_VAR_KOMODO_API_SECRET}}" }}
|
||||
showStacks: true
|
||||
fields: ["running", "down", "unhealthy", "unknown"]
|
||||
- Vulnerability Scanning:
|
||||
icon: https://raw.githubusercontent.com/DependencyTrack/branding/f77a4ad3b469ff656856ea225f26b1610b89a584/dt-logo-symbol.svg
|
||||
description: Dependency Track
|
||||
href: https://dependency-track.alexlebens.net
|
||||
siteMonitor: http://dependency-track-frontend.dependency-track:8080
|
||||
statusStyle: dot
|
||||
- Uptime:
|
||||
icon: sh-gatus.webp
|
||||
description: Gatus
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
dependencies:
|
||||
- name: kube-prometheus-stack
|
||||
repository: oci://ghcr.io/prometheus-community/charts
|
||||
version: 83.0.2
|
||||
version: 83.2.0
|
||||
- name: prometheus-operator-crds
|
||||
repository: oci://ghcr.io/prometheus-community/charts
|
||||
version: 28.0.1
|
||||
@@ -11,5 +11,5 @@ dependencies:
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:0675ee4a9de34b23c744f521be309f7ad6860af74f8e7faeaa44bf26fda72d08
|
||||
generated: "2026-04-07T22:42:15.723825441Z"
|
||||
digest: sha256:d0942cff6346335abc91f9ceb919c5a819543b9b8baed11f83de89486f4e874d
|
||||
generated: "2026-04-08T19:03:59.676069331Z"
|
||||
|
||||
@@ -5,6 +5,7 @@ description: Kube Prometheus Stack
|
||||
keywords:
|
||||
- kube-prometheus-stack
|
||||
- prometheus
|
||||
- metrics
|
||||
home: https://docs.alexlebens.dev/applications/kube-prometheus-stack/
|
||||
sources:
|
||||
- https://github.com/prometheus/prometheus
|
||||
@@ -19,7 +20,7 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: kube-prometheus-stack
|
||||
version: 83.0.2
|
||||
version: 83.2.0
|
||||
repository: oci://ghcr.io/prometheus-community/charts
|
||||
- name: prometheus-operator-crds
|
||||
version: 28.0.1
|
||||
|
||||
12
clusters/cl01tl/helm/kyoo/Chart.lock
Normal file
12
clusters/cl01tl/helm/kyoo/Chart.lock
Normal file
@@ -0,0 +1,12 @@
|
||||
dependencies:
|
||||
- name: kyoo
|
||||
repository: oci://ghcr.io/zoriya/helm-charts
|
||||
version: 5.0.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.11.2
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:0a5ba08e137471d788da07502db63f5be535c2843f5bfda74fb873a997846ded
|
||||
generated: "2026-04-08T21:04:05.245024-05:00"
|
||||
35
clusters/cl01tl/helm/kyoo/Chart.yaml
Normal file
35
clusters/cl01tl/helm/kyoo/Chart.yaml
Normal file
@@ -0,0 +1,35 @@
|
||||
apiVersion: v2
|
||||
name: kyoo
|
||||
version: 1.0.0
|
||||
description: Kyoo
|
||||
keywords:
|
||||
- kyoo
|
||||
- media
|
||||
home: https://docs.alexlebens.dev/applications/kyoo/
|
||||
sources:
|
||||
- https://github.com/zoriya/Kyoo
|
||||
- https://github.com/zoriya/Kyoo/pkgs/container/kyoo_api
|
||||
- https://github.com/zoriya/Kyoo/pkgs/container/kyoo_auth
|
||||
- https://github.com/zoriya/Kyoo/pkgs/container/kyoo_front
|
||||
- https://github.com/zoriya/Kyoo/pkgs/container/kyoo_scanner
|
||||
- https://github.com/zoriya/Kyoo/pkgs/container/kyoo_transcoder
|
||||
- https://github.com/zoriya/Kyoo/tree/master/chart
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: kyoo
|
||||
repository: oci://ghcr.io/zoriya/helm-charts
|
||||
version: 5.0.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.11.2
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-metadata
|
||||
version: 0.8.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kyoo.png
|
||||
# renovate: datasource=github-releases depName=zoriya/Kyoo
|
||||
appVersion: v5.0.0
|
||||
@@ -1,10 +1,10 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: dependency-track-key-secret
|
||||
name: kyoo-key-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: dependency-track-key-secret
|
||||
app.kubernetes.io/name: kyoo-key-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
@@ -12,19 +12,31 @@ spec:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: secret.key
|
||||
- secretKey: rsa-private
|
||||
remoteRef:
|
||||
key: /cl01tl/dependency-track/key
|
||||
property: key
|
||||
key: /cl01tl/kyoo/key
|
||||
property: rsa-private
|
||||
- secretKey: scanner-apikey
|
||||
remoteRef:
|
||||
key: /cl01tl/kyoo/key
|
||||
property: scanner
|
||||
- secretKey: tmdb-apikey
|
||||
remoteRef:
|
||||
key: /tmdb/alexlebens
|
||||
property: api-key
|
||||
- secretKey: tvdb-apikey
|
||||
remoteRef:
|
||||
key: /tvdb/alexlebens
|
||||
property: api-key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: dependency-track-oidc-secret
|
||||
name: kyoo-oidc-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: dependency-track-oidc-secret
|
||||
app.kubernetes.io/name: kyoo-oidc-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
@@ -34,9 +46,9 @@ spec:
|
||||
data:
|
||||
- secretKey: client
|
||||
remoteRef:
|
||||
key: /authentik/oidc/dependency-track
|
||||
key: /authentik/oidc/kyoo
|
||||
property: client
|
||||
- secretKey: secret
|
||||
remoteRef:
|
||||
key: /authentik/oidc/dependency-track
|
||||
key: /authentik/oidc/kyoo
|
||||
property: secret
|
||||
88
clusters/cl01tl/helm/kyoo/templates/http-route.yaml
Normal file
88
clusters/cl01tl/helm/kyoo/templates/http-route.yaml
Normal file
@@ -0,0 +1,88 @@
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
name: kyoo
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
- group: gateway.networking.k8s.io
|
||||
kind: Gateway
|
||||
name: traefik-gateway
|
||||
namespace: traefik
|
||||
hostnames:
|
||||
- kyoo.alexlebens.net
|
||||
rules:
|
||||
- matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: kyoo-front
|
||||
port: 8901
|
||||
weight: 100
|
||||
- matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /video
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: kyoo-transcoder
|
||||
port: 7666
|
||||
weight: 100
|
||||
- matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /auth/
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: kyoo-auth
|
||||
port: 4568
|
||||
weight: 100
|
||||
- matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /.well-known/
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: kyoo-auth
|
||||
port: 4568
|
||||
weight: 100
|
||||
- matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /api/
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: kyoo-api
|
||||
port: 3567
|
||||
weight: 100
|
||||
- matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /swagger
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: kyoo-api
|
||||
port: 3567
|
||||
weight: 100
|
||||
- matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /scanner/
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: kyoo-scanner
|
||||
port: 4389
|
||||
weight: 100
|
||||
131
clusters/cl01tl/helm/kyoo/templates/persistent-volume-claim.yaml
Normal file
131
clusters/cl01tl/helm/kyoo/templates/persistent-volume-claim.yaml
Normal file
@@ -0,0 +1,131 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: kyoo-media-anime-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-anime-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: kyoo-media-anime-nfs-storage
|
||||
storageClassName: nfs-client
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: kyoo-media-anime-movies-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-anime-movies-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: kyoo-media-anime-movies-nfs-storage
|
||||
storageClassName: nfs-client
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: kyoo-media-movies-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-movies-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: kyoo-media-movies-nfs-storage
|
||||
storageClassName: nfs-client
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: kyoo-media-movies-4k-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-movies-4k-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: kyoo-media-movies-4k-nfs-storage
|
||||
storageClassName: nfs-client
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: kyoo-media-standup-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-standup-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: kyoo-media-standup-nfs-storage
|
||||
storageClassName: nfs-client
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: kyoo-media-tvshows-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-tvshows-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: kyoo-media-tvshows-nfs-storage
|
||||
storageClassName: nfs-client
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: kyoo-media-tvshows-4k-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-tvshows-4k-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: kyoo-media-tvshows-4k-nfs-storage
|
||||
storageClassName: nfs-client
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
173
clusters/cl01tl/helm/kyoo/templates/persistent-volume.yaml
Normal file
173
clusters/cl01tl/helm/kyoo/templates/persistent-volume.yaml
Normal file
@@ -0,0 +1,173 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: kyoo-media-anime-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-anime-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
storageClassName: nfs-client
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
nfs:
|
||||
path: /volume2/Storage/Anime
|
||||
server: synologybond.alexlebens.net
|
||||
mountOptions:
|
||||
- vers=4
|
||||
- minorversion=1
|
||||
- noac
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: kyoo-media-anime-movies-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-anime-movies-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
storageClassName: nfs-client
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
nfs:
|
||||
path: /volume2/Storage/Anime Movies
|
||||
server: synologybond.alexlebens.net
|
||||
mountOptions:
|
||||
- vers=4
|
||||
- minorversion=1
|
||||
- noac
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: kyoo-media-movies-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-movies-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
storageClassName: nfs-client
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
nfs:
|
||||
path: /volume2/Storage/Movies
|
||||
server: synologybond.alexlebens.net
|
||||
mountOptions:
|
||||
- vers=4
|
||||
- minorversion=1
|
||||
- noac
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: kyoo-media-movies-4k-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-movies-4k-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
storageClassName: nfs-client
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
nfs:
|
||||
path: /volume2/Storage/Movies 4K
|
||||
server: synologybond.alexlebens.net
|
||||
mountOptions:
|
||||
- vers=4
|
||||
- minorversion=1
|
||||
- noac
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: kyoo-media-standup-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-standup-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
storageClassName: nfs-client
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
nfs:
|
||||
path: /volume2/Storage/Stand Up
|
||||
server: synologybond.alexlebens.net
|
||||
mountOptions:
|
||||
- vers=4
|
||||
- minorversion=1
|
||||
- noac
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: kyoo-media-tvshows-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-tvshows-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
storageClassName: nfs-client
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
nfs:
|
||||
path: /volume2/Storage/TV Shows
|
||||
server: synologybond.alexlebens.net
|
||||
mountOptions:
|
||||
- vers=4
|
||||
- minorversion=1
|
||||
- noac
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: kyoo-media-tvshows-4k-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kyoo-media-tvshows-4k-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
storageClassName: nfs-client
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
nfs:
|
||||
path: /volume2/Storage/TV Shows
|
||||
server: synologybond.alexlebens.net
|
||||
mountOptions:
|
||||
- vers=4
|
||||
- minorversion=1
|
||||
- noac
|
||||
223
clusters/cl01tl/helm/kyoo/values.yaml
Normal file
223
clusters/cl01tl/helm/kyoo/values.yaml
Normal file
@@ -0,0 +1,223 @@
|
||||
kyoo:
|
||||
global:
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
postgres:
|
||||
shared:
|
||||
host: kyoo-postgresql-18-cluster-rw
|
||||
port: 5432
|
||||
existingSecret: kyoo-postgresql-18-cluster-app
|
||||
userKey: user
|
||||
passwordKey: password
|
||||
kyoo_api:
|
||||
database: kyoo_api
|
||||
sslmode: disable
|
||||
kyoo_api:
|
||||
userKey: user
|
||||
passwordKey: password
|
||||
existingSecret: kyoo-postgresql-18-cluster-superuser
|
||||
kyoo_auth:
|
||||
database: kyoo_auth
|
||||
sslmode: disable
|
||||
kyoo_scanner:
|
||||
database: kyoo_scanner
|
||||
sslmode: disable
|
||||
kyoo_transcoder:
|
||||
database: kyoo_transcoder
|
||||
sslmode: disable
|
||||
kyoo:
|
||||
address: https://kyoo.alexlebens.net
|
||||
auth:
|
||||
privatekey:
|
||||
existingSecret: kyoo-key-secret
|
||||
privatekeyKey: rsa-private
|
||||
apikeys:
|
||||
scanner:
|
||||
existingSecret: kyoo-key-secret
|
||||
apikeyKey: scanner-apikey
|
||||
transcoderAcceleration: qsv
|
||||
transcoderPreset: fast
|
||||
oidc_providers:
|
||||
- name: Authentik
|
||||
existingSecret: kyoo-oidc-secret
|
||||
clientIdKey: client
|
||||
clientSecretKey: secret
|
||||
logo: https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/authentik.webp
|
||||
authorizationAddress: https://authentik.alexlebens.net/application/o/authorize/
|
||||
tokenAddress: https://authentik.alexlebens.net/application/o/token/
|
||||
profileAddress: https://authentik.alexlebens.net/application/o/userinfo/
|
||||
scope: "email openid profile"
|
||||
authMethod: ClientSecretBasic
|
||||
media:
|
||||
volumes:
|
||||
- name: kyoo-media-anime-nfs-storage
|
||||
persistentVolumeClaim:
|
||||
claimName: kyoo-media-anime-nfs-storage
|
||||
- name: kyoo-media-anime-movies-nfs-storage
|
||||
persistentVolumeClaim:
|
||||
claimName: kyoo-media-anime-movies-nfs-storage
|
||||
- name: kyoo-media-movies-nfs-storage
|
||||
persistentVolumeClaim:
|
||||
claimName: kyoo-media-movies-nfs-storage
|
||||
- name: kyoo-media-movies-4k-nfs-storage
|
||||
persistentVolumeClaim:
|
||||
claimName: kyoo-media-movies-4k-nfs-storage
|
||||
- name: kyoo-media-standup-nfs-storage
|
||||
persistentVolumeClaim:
|
||||
claimName: kyoo-media-standup-nfs-storage
|
||||
- name: kyoo-media-tvshows-nfs-storage
|
||||
persistentVolumeClaim:
|
||||
claimName: kyoo-media-tvshows-nfs-storage
|
||||
- name: kyoo-media-tvshows-4k-nfs-storage
|
||||
persistentVolumeClaim:
|
||||
claimName: kyoo-media-tvshows-4k-nfs-storage
|
||||
volumeMounts:
|
||||
- mountPath: /media/anime
|
||||
name: kyoo-media-anime-nfs-storage
|
||||
readOnly: true
|
||||
- mountPath: /media/anime-movies
|
||||
name: kyoo-media-anime-movies-nfs-storage
|
||||
readOnly: true
|
||||
- mountPath: /media/movies
|
||||
name: kyoo-media-movies-nfs-storage
|
||||
readOnly: true
|
||||
- mountPath: /media/movies-4k
|
||||
name: kyoo-media-movies-4k-nfs-storage
|
||||
readOnly: true
|
||||
- mountPath: /media/standup
|
||||
name: kyoo-media-standup-nfs-storage
|
||||
readOnly: true
|
||||
- mountPath: /media/tvshows
|
||||
name: kyoo-media-tvshows-nfs-storage
|
||||
readOnly: true
|
||||
- mountPath: /media/tvshows-4k
|
||||
name: kyoo-media-tvshows-4k-nfs-storage
|
||||
readOnly: true
|
||||
baseMountPath: /media
|
||||
contentdatabase:
|
||||
tmdb:
|
||||
apikeyKey: tmdb-apikey
|
||||
existingSecret: kyoo-key-secret
|
||||
tvdb:
|
||||
apikeyKey: tvdb-apikey
|
||||
pinKey: tvdb-apikey
|
||||
existingSecret: kyoo-key-secret
|
||||
api:
|
||||
kyoo_api:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 100Mi
|
||||
image:
|
||||
repository: ghcr.io/zoriya/kyoo_api
|
||||
tag: 5.0.0@sha256:dc0210f235e23ae616b0f5952af7867dcbc52e0354c2683ec3c4190fdcd17744
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
storageClass: ceph-block
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
auth:
|
||||
kyoo_auth:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 100Mi
|
||||
image:
|
||||
repository: ghcr.io/zoriya/kyoo_auth
|
||||
tag: 5.0.0
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 500Mi
|
||||
storageClass: ceph-block
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
front:
|
||||
kyoo_front:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 100Mi
|
||||
image:
|
||||
repository: ghcr.io/zoriya/kyoo_front
|
||||
tag: 5.0.0@sha256:985f892470b304f13ef1950fb5f7e9ef33ee39b71705c627cb045773e6dfb7b4
|
||||
scanner:
|
||||
kyoo_scanner:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 100Mi
|
||||
image:
|
||||
repository: ghcr.io/zoriya/kyoo_scanner
|
||||
tag: 5.0.0@sha256:fa972f3f1e534264f4de153e30fe9481839754a3e724cc2663524a2b30e82b46
|
||||
transcoder:
|
||||
kyoo_transcoder:
|
||||
resources:
|
||||
limits:
|
||||
gpu.intel.com/i915: 1
|
||||
requests:
|
||||
gpu.intel.com/i915: 1
|
||||
cpu: 1
|
||||
memory: 1Gi
|
||||
image:
|
||||
repository: ghcr.io/zoriya/kyoo_transcoder
|
||||
tag: 5.0.0@sha256:59974794f8a638175408fa20f023ba9598108b54ad8ed9a22ec87a1a211dfc43
|
||||
replicaCount: 1
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
storageClass: ceph-block
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
ingress:
|
||||
enabled: false
|
||||
traefikproxy:
|
||||
enabled: false
|
||||
postgres:
|
||||
enabled: false
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
enableSuperuserAccess: true
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
index: 1
|
||||
backup:
|
||||
objectStore:
|
||||
- name: garage-local
|
||||
index: 1
|
||||
destinationBucket: postgres-backups
|
||||
externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
||||
isWALArchiver: true
|
||||
scheduledBackups:
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 5 14 * * *"
|
||||
backupName: garage-local
|
||||
databases:
|
||||
- name: kyoo_api
|
||||
ensure: present
|
||||
owner: app
|
||||
- name: kyoo_auth
|
||||
ensure: present
|
||||
owner: app
|
||||
- name: kyoo_scanner
|
||||
ensure: present
|
||||
owner: app
|
||||
- name: kyoo_transcoder
|
||||
ensure: present
|
||||
owner: app
|
||||
volsync-target-metadata:
|
||||
pvcTarget: kyoo-apimetadata
|
||||
local:
|
||||
enabled: true
|
||||
schedule: 26 8 * * *
|
||||
remote:
|
||||
enabled: true
|
||||
schedule: 26 9 * * *
|
||||
external:
|
||||
enabled: true
|
||||
schedule: 26 10 * * *
|
||||
@@ -14,7 +14,7 @@ lidarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/lidarr
|
||||
tag: 3.1.2-nightly@sha256:0fc8d169a0740a77e03ec0e5eaee1ce2db0d882fc0bb8d0a26fd77a8beaad8e9
|
||||
tag: 3.1.2-nightly@sha256:2b602738585d64c62e119073c631e50872f07595d2d90936a9186f2989cb2eda
|
||||
env:
|
||||
- name: TZ
|
||||
value: America/Chicago
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
dependencies:
|
||||
- name: matrix-synapse
|
||||
repository: https://ananace.gitlab.io/charts
|
||||
version: 3.12.24
|
||||
version: 3.12.25
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.6.2
|
||||
@@ -38,5 +38,5 @@ dependencies:
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:0e8b1b79a98952ed49c87c6da83dcc2eed2aabbd755d9ebf1bdd3090f3ccc44c
|
||||
generated: "2026-04-04T21:03:48.737144-05:00"
|
||||
digest: sha256:937fe4fd8cd564a5f55a0f251a9b412eeeebe797f52d6769b18f6f6a28f6dd64
|
||||
generated: "2026-04-08T19:02:45.651984056Z"
|
||||
|
||||
@@ -26,7 +26,7 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: matrix-synapse
|
||||
version: 3.12.24
|
||||
version: 3.12.25
|
||||
repository: https://ananace.gitlab.io/charts
|
||||
- name: app-template
|
||||
alias: matrix-hookshot
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
matrix-synapse:
|
||||
image:
|
||||
repository: ghcr.io/element-hq/synapse
|
||||
tag: v1.150.0@sha256:cba0969087ca70a3ec72ebcd1491a6c8391a7da2c0b92738231dd9c7ad55df4d
|
||||
tag: v1.151.0@sha256:184dc8757daef019b511e7f96fc6e5edfb880fd074d8cf702c7e3aa899d188c8
|
||||
serverName: alexlebens.dev
|
||||
publicServerName: matrix.alexlebens.dev
|
||||
argoCD: true
|
||||
|
||||
@@ -31,4 +31,4 @@ dependencies:
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/ollama.png
|
||||
# renovate: datasource=github-releases depName=ollama/ollama
|
||||
appVersion: 0.20.3
|
||||
appVersion: 0.20.4
|
||||
|
||||
@@ -4,7 +4,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.11.0
|
||||
version: 7.11.2
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
@@ -20,5 +20,5 @@ dependencies:
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:08acc0818deaede4bb7515be7cbb1253f30036b70af6038caa69e4bd3cc02412
|
||||
generated: "2026-03-30T20:25:47.995874-05:00"
|
||||
digest: sha256:ae3aa7bd167e216d79bfbb60770c9bc209a8a689685f6dff6be41d8952ac0f25
|
||||
generated: "2026-04-08T17:24:02.420482074Z"
|
||||
|
||||
@@ -24,7 +24,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.11.0
|
||||
version: 7.11.2
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
|
||||
@@ -20,4 +20,4 @@ dependencies:
|
||||
version: 4.6.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/plex.png
|
||||
# renovate: datasource=github-releases depName=linuxserver/docker-plex
|
||||
appVersion: 1.43.0.10492-121068a07-ls299
|
||||
appVersion: 1.43.1.10576-06378bdcd-ls300
|
||||
|
||||
@@ -22,7 +22,7 @@ plex:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/plex
|
||||
tag: 1.43.0.10492-121068a07-ls299@sha256:a21302c5297943e204e9b262f8c2eca3e0c7ddb52490bfb3f1db47f6103721ab
|
||||
tag: 1.43.1.10576-06378bdcd-ls300@sha256:09fe33e5efd991681ea3cbd3e3cb262cd1ae26d4a0145a4141ead284d8f21de6
|
||||
env:
|
||||
- name: TZ
|
||||
value: America/Chicago
|
||||
|
||||
@@ -4,7 +4,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: temporal
|
||||
repository: https://go.temporal.io/helm-charts
|
||||
version: 1.0.0-rc.3
|
||||
version: 1.0.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.4.0
|
||||
@@ -20,5 +20,5 @@ dependencies:
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:a5d285d997702cefaac9808ac6556a566d7974773c7fb2c7a0defb8f64226443
|
||||
generated: "2026-04-05T20:33:43.946895-05:00"
|
||||
digest: sha256:dbb86231dcf341e73570b57a10aad6278989e0c50c6f5959a43439a8a9146bb9
|
||||
generated: "2026-04-08T19:03:28.347782848Z"
|
||||
|
||||
@@ -29,7 +29,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: temporal
|
||||
repository: https://go.temporal.io/helm-charts
|
||||
version: 1.0.0-rc.3
|
||||
version: 1.0.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.4.0
|
||||
|
||||
@@ -208,7 +208,7 @@ qbittorrent:
|
||||
qui:
|
||||
image:
|
||||
repository: ghcr.io/autobrr/qui
|
||||
tag: v1.16.0@sha256:fcdced7cb8395ce039f2c5f920d890d4ad8bd849faec4c4df31701a8f13423cb
|
||||
tag: v1.16.1@sha256:07b6ea9572e52e8b5f70f8fb15a7c688d8d754a7616242d3ad0b21dbd5c05836
|
||||
env:
|
||||
- name: QUI__METRICS_ENABLED
|
||||
value: true
|
||||
|
||||
@@ -20,4 +20,4 @@ dependencies:
|
||||
version: 4.6.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/rclone.png
|
||||
# renovate: datasource=github-releases depName=rclone/rclone
|
||||
appVersion: v1.73.3
|
||||
appVersion: v1.73.4
|
||||
|
||||
@@ -12,7 +12,7 @@ rclone:
|
||||
sync:
|
||||
image:
|
||||
repository: rclone/rclone
|
||||
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
|
||||
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
|
||||
args:
|
||||
- sync
|
||||
- src:directus-assets
|
||||
@@ -90,7 +90,7 @@ rclone:
|
||||
sync:
|
||||
image:
|
||||
repository: rclone/rclone
|
||||
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
|
||||
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
|
||||
args:
|
||||
- sync
|
||||
- src:karakeep-assets
|
||||
@@ -168,7 +168,7 @@ rclone:
|
||||
sync:
|
||||
image:
|
||||
repository: rclone/rclone
|
||||
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
|
||||
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
|
||||
args:
|
||||
- sync
|
||||
- src:talos-backups
|
||||
@@ -239,7 +239,7 @@ rclone:
|
||||
prune:
|
||||
image:
|
||||
repository: rclone/rclone
|
||||
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
|
||||
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
|
||||
args:
|
||||
- delete
|
||||
- dest:talos-backups
|
||||
@@ -287,7 +287,7 @@ rclone:
|
||||
sync:
|
||||
image:
|
||||
repository: rclone/rclone
|
||||
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
|
||||
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
|
||||
args:
|
||||
- sync
|
||||
- src:web-assets
|
||||
@@ -365,7 +365,7 @@ rclone:
|
||||
sync:
|
||||
image:
|
||||
repository: rclone/rclone
|
||||
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
|
||||
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
|
||||
args:
|
||||
- sync
|
||||
- src:postgres-backups
|
||||
@@ -440,7 +440,7 @@ rclone:
|
||||
prune:
|
||||
image:
|
||||
repository: rclone/rclone
|
||||
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
|
||||
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
|
||||
args:
|
||||
- delete
|
||||
- dest:postgres-backups
|
||||
@@ -488,7 +488,7 @@ rclone:
|
||||
sync:
|
||||
image:
|
||||
repository: rclone/rclone
|
||||
tag: 1.73.3@sha256:66af24d7c8809af336dc16068149257cf447c80f8c60aa9f5679153f42017b85
|
||||
tag: 1.73.4@sha256:654f6517c7aaec7e377690b2caf7c272dbe5f3b8200afbc14a00df6b4a9aa6ef
|
||||
args:
|
||||
- sync
|
||||
- src:ntfy-attachments
|
||||
|
||||
@@ -56,7 +56,7 @@ roundcube:
|
||||
nginx:
|
||||
image:
|
||||
repository: nginx
|
||||
tag: 1.29.7-alpine-slim@sha256:0848ca84c476868cbeb6a5c2c009a98821b8540f96c44b1ba06820db50262e35
|
||||
tag: 1.29.8-alpine-slim@sha256:34311a2592ef8b857ca342b0d458d2978e4d05ae620ba2da5030f3d7c9b4774c
|
||||
env:
|
||||
- name: NGINX_HOST
|
||||
value: mail.alexlebens.net
|
||||
|
||||
@@ -5,6 +5,7 @@ description: S3 Exporter
|
||||
keywords:
|
||||
- s3-exporter
|
||||
- storage
|
||||
- metrics
|
||||
home: https://docs.alexlebens.dev/applications/s3-exporter/
|
||||
sources:
|
||||
- https://github.com/molu8bits/s3bucket_exporter
|
||||
|
||||
@@ -57,7 +57,7 @@ searxng:
|
||||
valkey:
|
||||
image:
|
||||
repository: valkey/valkey
|
||||
tag: 9.0.0-alpine@sha256:bef37d06d4856710973ee31dd1eac1482e4c8e6e7b847f999ad25433e646587b
|
||||
tag: 9.0.3-alpine@sha256:e1095c6c76ee982cb2d1e07edbb7fb2a53606630a1d810d5a47c9f646b708bf5
|
||||
service:
|
||||
api:
|
||||
controller: api
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
dependencies:
|
||||
- name: seerr-chart
|
||||
repository: oci://ghcr.io/seerr-team/seerr
|
||||
version: 3.4.0
|
||||
version: 3.4.1
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:0ae90021bff10a9790f29f40f57607c9212e4e793078d62c9aeab833066b2d4e
|
||||
generated: "2026-04-07T22:03:12.12671791Z"
|
||||
digest: sha256:821fc73d7411c89f0eba2c35a7a455523dadaa4f9d5149b17b2c96cf594f5e1a
|
||||
generated: "2026-04-08T17:24:50.724009386Z"
|
||||
|
||||
@@ -17,7 +17,7 @@ maintainers:
|
||||
dependencies:
|
||||
- name: seerr-chart
|
||||
repository: oci://ghcr.io/seerr-team/seerr
|
||||
version: 3.4.0
|
||||
version: 3.4.1
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.8.0
|
||||
|
||||
@@ -10,7 +10,7 @@ site-documentation:
|
||||
main:
|
||||
image:
|
||||
repository: harbor.alexlebens.net/images/site-documentation
|
||||
tag: 0.21.0@sha256:556d92724306b0949c38185ffbaa7e3f05b9ba0d9b8dcfee0fc7a21985d10199
|
||||
tag: 0.22.0@sha256:3310620f9bad0184d6ba6c786a3826ce53038c03cca345660a7e422276dbd478
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
|
||||
@@ -5,6 +5,7 @@ description: Speedtest Exporter
|
||||
keywords:
|
||||
- speedtest-exporter
|
||||
- internet-speed
|
||||
- metrics
|
||||
home: https://docs.alexlebens.dev/applications/speedtest-exporter/
|
||||
sources:
|
||||
- https://github.com/MiguelNdeCarvalho/speedtest-exporter
|
||||
|
||||
@@ -9,7 +9,7 @@ metadata:
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
# renovate: datasource=docker depName=elasticsearch
|
||||
version: 8.19.13
|
||||
version: 9.3.3
|
||||
auth:
|
||||
fileRealm:
|
||||
- secretName: stalwart-elasticsearch-secret
|
||||
|
||||
@@ -376,7 +376,7 @@ etcd-defrag:
|
||||
cronjob:
|
||||
suspend: false
|
||||
timeZone: America/Chicago
|
||||
schedule: "0 0 * * 0"
|
||||
schedule: 0 0 * * 0
|
||||
backoffLimit: 3
|
||||
parallelism: 1
|
||||
containers:
|
||||
@@ -404,7 +404,7 @@ etcd-defrag:
|
||||
cronjob:
|
||||
suspend: false
|
||||
timeZone: America/Chicago
|
||||
schedule: "10 0 * * 0"
|
||||
schedule: 10 0 * * 0
|
||||
backoffLimit: 3
|
||||
parallelism: 1
|
||||
containers:
|
||||
@@ -432,7 +432,7 @@ etcd-defrag:
|
||||
cronjob:
|
||||
suspend: false
|
||||
timeZone: America/Chicago
|
||||
schedule: "20 0 * * 0"
|
||||
schedule: 20 0 * * 0
|
||||
backoffLimit: 3
|
||||
parallelism: 1
|
||||
containers:
|
||||
|
||||
@@ -5,16 +5,16 @@ description: Tdarr
|
||||
keywords:
|
||||
- tdarr
|
||||
- video
|
||||
- transcode
|
||||
- healthchecks
|
||||
home: https://wiki.alexlebens.dev/s/0a8c0a10-7847-4081-8a4b-5e6ac4cb1d62
|
||||
home: https://docs.alexlebens.dev/applications/tdarr/
|
||||
sources:
|
||||
- https://github.com/HaveAGitGat/Tdarr
|
||||
- https://github.com/homeylab/tdarr-exporter
|
||||
- https://github.com/haveagitgat/Tdarr/pkgs/container/tdarr
|
||||
- https://github.com/users/haveagitgat/packages/container/package/tdarr_node
|
||||
- https://hub.docker.com/r/homeylab/tdarr-exporter
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/homeylab/helm-charts/tree/main/charts/tdarr-exporter
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
@@ -34,5 +34,5 @@ dependencies:
|
||||
version: 0.8.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/tdarr.png
|
||||
# renovate: datasource=github-releases depName=HaveAGitGat/Tdarr
|
||||
# renovate: datasource=docker depName=ghcr.io/haveagitgat/tdarr
|
||||
appVersion: 2.58.02
|
||||
|
||||
@@ -4,16 +4,18 @@ tdarr:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
pod:
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/haveagitgat/tdarr
|
||||
tag: 2.67.01
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 2.68.01@sha256:db9520315f83974cb5b8f2a8ed89a8a2be3d97d29575f54cbe4b5cc5e6daf5a5
|
||||
env:
|
||||
- name: TZ
|
||||
value: US/Central
|
||||
value: America/Chicago
|
||||
- name: PUID
|
||||
value: "1001"
|
||||
- name: PGID
|
||||
@@ -36,12 +38,11 @@ tdarr:
|
||||
value: "8265"
|
||||
resources:
|
||||
requests:
|
||||
cpu: 200m
|
||||
memory: 1Gi
|
||||
cpu: 500m
|
||||
memory: 2Gi
|
||||
node:
|
||||
type: statefulset
|
||||
replicas: 3
|
||||
revisionHistoryLimit: 3
|
||||
statefulset:
|
||||
volumeClaimTemplates:
|
||||
- name: transcode-cache
|
||||
@@ -67,11 +68,10 @@ tdarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/haveagitgat/tdarr_node
|
||||
tag: 2.67.01
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 2.68.01@sha256:6359991d297ec23e2a5fe3a6b5b19c65d9eabdc63172d2cbe6aa576bbe5356c2
|
||||
env:
|
||||
- name: TZ
|
||||
value: US/Central
|
||||
value: America/Chicago
|
||||
- name: PUID
|
||||
value: "1001"
|
||||
- name: PGID
|
||||
@@ -96,7 +96,7 @@ tdarr:
|
||||
requests:
|
||||
gpu.intel.com/i915: 1
|
||||
cpu: 10m
|
||||
memory: 512Mi
|
||||
memory: 100Mi
|
||||
service:
|
||||
api:
|
||||
controller: server
|
||||
@@ -104,14 +104,12 @@ tdarr:
|
||||
http:
|
||||
port: 8266
|
||||
targetPort: 8266
|
||||
protocol: HTTP
|
||||
web:
|
||||
controller: server
|
||||
ports:
|
||||
http:
|
||||
port: 8265
|
||||
targetPort: 8265
|
||||
protocol: HTTP
|
||||
route:
|
||||
main:
|
||||
kind: HTTPRoute
|
||||
@@ -124,11 +122,8 @@ tdarr:
|
||||
- tdarr.alexlebens.net
|
||||
rules:
|
||||
- backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: tdarr-web
|
||||
- name: tdarr-web
|
||||
port: 8265
|
||||
weight: 100
|
||||
matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
@@ -139,7 +134,6 @@ tdarr:
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 50Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
server:
|
||||
main:
|
||||
@@ -150,7 +144,6 @@ tdarr:
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 50Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
server:
|
||||
main:
|
||||
@@ -177,8 +170,7 @@ tdarr:
|
||||
tdarr-exporter:
|
||||
image:
|
||||
name: homeylab/tdarr-exporter
|
||||
# renovate: datasource=docker depName=homeylab/tdarr-exporter
|
||||
tag: 1.4.3
|
||||
tag: 1.4.3@sha256:88254cb505bfff20e86e04fa23a71789a411e7939e3bcbccbd5ef397ff91d052
|
||||
metrics:
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
@@ -188,8 +180,8 @@ tdarr-exporter:
|
||||
verify_ssl: false
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 256Mi
|
||||
cpu: 1m
|
||||
memory: 10Mi
|
||||
volsync-target-config:
|
||||
pvcTarget: tdarr-config
|
||||
local:
|
||||
|
||||
@@ -5,12 +5,11 @@ description: Traefik
|
||||
keywords:
|
||||
- traefik
|
||||
- reverse-proxy
|
||||
- tls
|
||||
- kubernetes
|
||||
home: https://wiki.alexlebens.dev/s/541ec45c-6cf7-4be6-bb08-63cab175e7cb
|
||||
home: https://docs.alexlebens.dev/applications/traefik/
|
||||
sources:
|
||||
- https://github.com/traefik/traefik
|
||||
- https://github.com/traefik/traefik-helm-chart
|
||||
- https://github.com/traefik/traefik-helm-chart/tree/master/traefik
|
||||
- https://github.com/traefik/traefik-helm-chart/tree/master/traefik-crds
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
|
||||
@@ -1,4 +1,8 @@
|
||||
traefik:
|
||||
image:
|
||||
registry: docker.io
|
||||
repository: traefik
|
||||
tag: v3.6.13@sha256:abb4f51887319c9b9d9cfe1d3cdf9379a771138003bf683f10e97697e148f95f
|
||||
deployment:
|
||||
kind: DaemonSet
|
||||
ingressClass:
|
||||
@@ -39,6 +43,11 @@ traefik:
|
||||
enabled: true
|
||||
matchRule: (Host(`traefik-cl01tl.alexlebens.net`) && (PathPrefix(`/api/`) || PathPrefix(`/dashboard/`)))
|
||||
entryPoints: ["websecure"]
|
||||
updateStrategy:
|
||||
type: RollingUpdate
|
||||
rollingUpdate:
|
||||
maxUnavailable: 1
|
||||
maxSurge: 1
|
||||
providers:
|
||||
kubernetesCRD:
|
||||
allowCrossNamespace: true
|
||||
@@ -58,8 +67,23 @@ traefik:
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: false
|
||||
enabled: true
|
||||
rules:
|
||||
- alert: TraefikDown
|
||||
expr: up{job="traefik"} == 0
|
||||
for: 5m
|
||||
labels:
|
||||
context: traefik
|
||||
severity: warning
|
||||
annotations:
|
||||
summary: "Traefik Down"
|
||||
description: "{{ $labels.pod }} on {{ $labels.nodename }} is down"
|
||||
global:
|
||||
checkNewVersion: false
|
||||
ports:
|
||||
traefik:
|
||||
expose:
|
||||
default: false
|
||||
web:
|
||||
port: 8000
|
||||
expose:
|
||||
@@ -77,14 +101,12 @@ traefik:
|
||||
- 172.16.0.0/16
|
||||
- 192.168.0.0/16
|
||||
- fc00::/7
|
||||
insecure: false
|
||||
proxyProtocol:
|
||||
trustedIPs:
|
||||
- 10.0.0.0/8
|
||||
- 172.16.0.0/16
|
||||
- 192.168.0.0/16
|
||||
- fc00::/7
|
||||
insecure: false
|
||||
websecure:
|
||||
port: 8443
|
||||
expose:
|
||||
@@ -102,22 +124,18 @@ traefik:
|
||||
allowEncodedPercent: true
|
||||
allowEncodedQuestionMark: true
|
||||
allowEncodedHash: true
|
||||
tls:
|
||||
enabled: true
|
||||
forwardedHeaders:
|
||||
trustedIPs:
|
||||
- 10.0.0.0/8
|
||||
- 172.16.0.0/16
|
||||
- 192.168.0.0/16
|
||||
- fc00::/7
|
||||
insecure: false
|
||||
proxyProtocol:
|
||||
trustedIPs:
|
||||
- 10.0.0.0/8
|
||||
- 172.16.0.0/16
|
||||
- 192.168.0.0/16
|
||||
- fc00::/7
|
||||
insecure: false
|
||||
ssh:
|
||||
port: 22
|
||||
expose:
|
||||
@@ -129,14 +147,12 @@ traefik:
|
||||
- 172.16.0.0/16
|
||||
- 192.168.0.0/16
|
||||
- fc00::/7
|
||||
insecure: false
|
||||
proxyProtocol:
|
||||
trustedIPs:
|
||||
- 10.0.0.0/8
|
||||
- 172.16.0.0/16
|
||||
- 192.168.0.0/16
|
||||
- fc00::/7
|
||||
insecure: false
|
||||
metrics:
|
||||
expose:
|
||||
default: false
|
||||
@@ -145,6 +161,10 @@ traefik:
|
||||
type: LoadBalancer
|
||||
externalIPs:
|
||||
- 10.232.1.21
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 100Mi
|
||||
traefik-crds:
|
||||
enabled: true
|
||||
traefik: true
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
digest: sha256:39a57c1505ed39180cffe9153ce69233c2376ba62c9287bc411071cf986f44de
|
||||
generated: "2026-03-09T23:08:53.501770729Z"
|
||||
version: 0.5.0
|
||||
digest: sha256:bbceeb6ebc7a358798e706280aa2eaba8b47b018ea0fb736b30ece5419979c4e
|
||||
generated: "2026-04-07T19:36:53.116343-05:00"
|
||||
|
||||
@@ -4,15 +4,17 @@ version: 1.0.0
|
||||
description: Tube Archivist
|
||||
keywords:
|
||||
- tubearchivist
|
||||
- download
|
||||
- video
|
||||
- youtube
|
||||
home: https://wiki.alexlebens.dev/s/9a5f89bb-3cae-43ab-b651-d39f69a05e93
|
||||
home: https://docs.alexlebens.dev/applications/tubearchivist/
|
||||
sources:
|
||||
- https://github.com/tubearchivist/tubearchivist
|
||||
- https://github.com/elastic/elasticsearch
|
||||
- https://github.com/Brainicism/bgutil-ytdlp-pot-provider
|
||||
- https://github.com/qdm12/gluetun
|
||||
- https://hub.docker.com/r/bbilly1/tubearchivist
|
||||
- https://hub.docker.com/r/brainicism/bgutil-ytdlp-pot-provider
|
||||
- https://github.com/qdm12/gluetun/pkgs/container/gluetun
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/valkey
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
@@ -22,7 +24,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
version: 0.4.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/tube-archivist.png
|
||||
# renovate: datasource=github-releases depName=tubearchivist/tubearchivist
|
||||
|
||||
@@ -9,7 +9,7 @@ metadata:
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
# renovate: datasource=docker depName=elasticsearch
|
||||
version: 8.19.13
|
||||
version: 9.3.3
|
||||
auth:
|
||||
fileRealm:
|
||||
- secretName: tubearchivist-elasticsearch-secret
|
||||
|
||||
@@ -14,17 +14,11 @@ spec:
|
||||
data:
|
||||
- secretKey: ELASTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/tubearchivist/env
|
||||
metadataPolicy: None
|
||||
property: ELASTIC_PASSWORD
|
||||
- secretKey: TA_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/tubearchivist/env
|
||||
metadataPolicy: None
|
||||
property: TA_PASSWORD
|
||||
|
||||
---
|
||||
@@ -44,24 +38,15 @@ spec:
|
||||
data:
|
||||
- secretKey: username
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/tubearchivist/elasticsearch
|
||||
metadataPolicy: None
|
||||
property: username
|
||||
- secretKey: password
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/tubearchivist/elasticsearch
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
- secretKey: roles
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/tubearchivist/elasticsearch
|
||||
metadataPolicy: None
|
||||
property: roles
|
||||
|
||||
---
|
||||
@@ -81,29 +66,17 @@ spec:
|
||||
data:
|
||||
- secretKey: private-key
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /airvpn/conf/cl01tl
|
||||
metadataPolicy: None
|
||||
property: private-key
|
||||
- secretKey: preshared-key
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /airvpn/conf/cl01tl
|
||||
metadataPolicy: None
|
||||
property: preshared-key
|
||||
- secretKey: addresses
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /airvpn/conf/cl01tl
|
||||
metadataPolicy: None
|
||||
property: addresses
|
||||
- secretKey: input-ports
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /airvpn/conf/cl01tl
|
||||
metadataPolicy: None
|
||||
property: input-ports
|
||||
|
||||
@@ -4,13 +4,15 @@ tubearchivist:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
pod:
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: bbilly1/tubearchivist
|
||||
tag: v0.5.10
|
||||
pullPolicy: IfNotPresent
|
||||
tag: v0.5.10@sha256:dfe723cf008520e1758ecc3e59e6ea8761dd10d5bb099cd87289e80f5bd66567
|
||||
env:
|
||||
- name: TZ
|
||||
value: America/Chicago
|
||||
@@ -40,13 +42,11 @@ tubearchivist:
|
||||
bgutil:
|
||||
image:
|
||||
repository: brainicism/bgutil-ytdlp-pot-provider
|
||||
tag: 1.3.1
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 1.3.1@sha256:1aaa43a0ca72dfca6a6d2129a0fb4a23465c25adb1b043f8aff829a20825646b
|
||||
gluetun:
|
||||
image:
|
||||
repository: ghcr.io/qdm12/gluetun
|
||||
tag: v3.41.1@sha256:1a5bf4b4820a879cdf8d93d7ef0d2d963af56670c9ebff8981860b6804ebc8ab
|
||||
pullPolicy: IfNotPresent
|
||||
lifecycle:
|
||||
postStart:
|
||||
exec:
|
||||
@@ -106,8 +106,6 @@ tubearchivist:
|
||||
devic.es/tun: "1"
|
||||
requests:
|
||||
devic.es/tun: "1"
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -115,7 +113,6 @@ tubearchivist:
|
||||
http:
|
||||
port: 80
|
||||
targetPort: 24000
|
||||
protocol: HTTP
|
||||
route:
|
||||
main:
|
||||
kind: HTTPRoute
|
||||
@@ -128,11 +125,8 @@ tubearchivist:
|
||||
- tubearchivist.alexlebens.net
|
||||
rules:
|
||||
- backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: tubearchivist
|
||||
- name: tubearchivist
|
||||
port: 80
|
||||
weight: 100
|
||||
matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
@@ -142,7 +136,6 @@ tubearchivist:
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 40Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
@@ -157,10 +150,6 @@ tubearchivist:
|
||||
readOnly: false
|
||||
valkey:
|
||||
valkey:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 1Gi
|
||||
dataStorage:
|
||||
requestedSize: 10Gi
|
||||
replica:
|
||||
|
||||
@@ -6,7 +6,7 @@ keywords:
|
||||
- unpackerr
|
||||
- archive
|
||||
- servarr
|
||||
home: https://wiki.alexlebens.dev/s/7d3193ee-4ca3-4477-bdb0-44f2258bc088
|
||||
home: https://docs.alexlebens.dev/applications/unpackerr/
|
||||
sources:
|
||||
- https://github.com/Unpackerr/unpackerr
|
||||
- https://hub.docker.com/r/golift/unpackerr
|
||||
|
||||
@@ -14,57 +14,33 @@ spec:
|
||||
data:
|
||||
- secretKey: UN_SONARR_0_API_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/sonarr4/key
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
- secretKey: UN_SONARR_1_API_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/sonarr4-4k/key
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
- secretKey: UN_SONARR_2_API_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/sonarr4-anime/key
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
- secretKey: UN_RADARR_0_API_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/radarr5/key
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
- secretKey: UN_RADARR_1_API_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/radarr5-4k/key
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
- secretKey: UN_RADARR_2_API_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/radarr5-anime/key
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
- secretKey: UN_RADARR_3_API_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/radarr5-standup/key
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
- secretKey: UN_LIDARR_0_API_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/lidarr2/key
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
|
||||
@@ -4,16 +4,18 @@ unpackerr:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
pod:
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: golift/unpackerr
|
||||
tag: 0.15.2
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 0.15.2@sha256:057e34740d26c34d81ec8e2faf8ec11f8dbfc77489b7a42826f52b37e5ee1b6c
|
||||
env:
|
||||
- name: TZ
|
||||
value: US/Central
|
||||
value: America/Chicago
|
||||
- name: UN_WEBSERVER_METRICS
|
||||
value: true
|
||||
- name: UN_SONARR_0_URL
|
||||
@@ -54,7 +56,7 @@ unpackerr:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
memory: 10Mi
|
||||
persistence:
|
||||
storage:
|
||||
existingClaim: unpackerr-nfs-storage
|
||||
|
||||
@@ -5,9 +5,8 @@ description: Unpoller
|
||||
keywords:
|
||||
- unpoller
|
||||
- ubiquiti
|
||||
- unifi
|
||||
- metrics
|
||||
home: https://wiki.alexlebens.dev/s/cac4e7b1-3d8e-4a32-993c-c6b3f1d2c344
|
||||
home: https://docs.alexlebens.dev/applications/unpoller/
|
||||
sources:
|
||||
- https://github.com/unpoller/unpoller
|
||||
- https://github.com/unpoller/unpoller/pkgs/container/unpoller
|
||||
@@ -19,6 +18,6 @@ dependencies:
|
||||
alias: unpoller
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.6.2
|
||||
icon: https://camo.githubusercontent.com/c5d07a5b3acfeac8e1c25bf56f440ffe032b86e4e7f15de82357f022a43fc927/68747470733a2f2f756e706f6c6c65722e636f6d2f696d672f6c6f676f2e706e67
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/ubiquiti-unifi.png
|
||||
# renovate: datasource=github-releases depName=unpoller/unpoller
|
||||
appVersion: v2.39.0
|
||||
|
||||
@@ -14,15 +14,9 @@ spec:
|
||||
data:
|
||||
- secretKey: UP_UNIFI_CONTROLLER_0_USER
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /unifi/auth/cl01tl
|
||||
metadataPolicy: None
|
||||
property: user
|
||||
- secretKey: UP_UNIFI_CONTROLLER_0_PASS
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /unifi/auth/cl01tl
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
|
||||
@@ -4,16 +4,14 @@ unpoller:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/unpoller/unpoller
|
||||
tag: v2.39.0
|
||||
pullPolicy: IfNotPresent
|
||||
tag: v2.39.0@sha256:1cf63ad43121acc6995da1bd636063de9023b4bfc16599a4297951a6fb6b7fd2
|
||||
env:
|
||||
- name: UP_UNIFI_CONTROLLER_0_SAVE_ALARMS
|
||||
value: 'false'
|
||||
value: 'true'
|
||||
- name: UP_UNIFI_CONTROLLER_0_SAVE_ANOMALIES
|
||||
value: 'false'
|
||||
- name: UP_UNIFI_CONTROLLER_0_SAVE_DPI
|
||||
@@ -21,7 +19,7 @@ unpoller:
|
||||
- name: UP_UNIFI_CONTROLLER_0_SAVE_EVENTS
|
||||
value: 'false'
|
||||
- name: UP_UNIFI_CONTROLLER_0_SAVE_IDS
|
||||
value: 'false'
|
||||
value: 'true'
|
||||
- name: UP_UNIFI_CONTROLLER_0_SAVE_SITES
|
||||
value: 'true'
|
||||
- name: UP_UNIFI_CONTROLLER_0_URL
|
||||
@@ -44,7 +42,7 @@ unpoller:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 64Mi
|
||||
memory: 20Mi
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -52,7 +50,6 @@ unpoller:
|
||||
metrics:
|
||||
port: 9130
|
||||
targetPort: 9130
|
||||
protocol: TCP
|
||||
serviceMonitor:
|
||||
main:
|
||||
selector:
|
||||
|
||||
@@ -5,7 +5,7 @@ description: Vault
|
||||
keywords:
|
||||
- vault
|
||||
- secrets
|
||||
home: https://wiki.alexlebens.dev/s/5e40fae1-53a5-4bd0-9953-6fcbe88f1987
|
||||
home: https://docs.alexlebens.dev/applications/vault/
|
||||
sources:
|
||||
- https://github.com/hashicorp/vault
|
||||
- https://github.com/Angatar/s3cmd
|
||||
@@ -29,6 +29,6 @@ dependencies:
|
||||
alias: unseal
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.6.2
|
||||
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/vault.png
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/hashicorp-vault.png
|
||||
# renovate: datasource=github-releases depName=hashicorp/vault
|
||||
appVersion: 1.21.4
|
||||
|
||||
@@ -14,17 +14,11 @@ spec:
|
||||
data:
|
||||
- secretKey: VAULT_APPROLE_ROLE_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/snapshot
|
||||
metadataPolicy: None
|
||||
property: VAULT_APPROLE_ROLE_ID
|
||||
- secretKey: VAULT_APPROLE_SECRET_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/snapshot
|
||||
metadataPolicy: None
|
||||
property: VAULT_APPROLE_SECRET_ID
|
||||
|
||||
---
|
||||
@@ -44,17 +38,11 @@ spec:
|
||||
data:
|
||||
- secretKey: .s3cfg
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/vault-backups
|
||||
metadataPolicy: None
|
||||
property: s3cfg-local
|
||||
- secretKey: BUCKET
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/vault-backups
|
||||
metadataPolicy: None
|
||||
property: BUCKET
|
||||
|
||||
---
|
||||
@@ -74,17 +62,11 @@ spec:
|
||||
data:
|
||||
- secretKey: .s3cfg
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/vault-backups
|
||||
metadataPolicy: None
|
||||
property: s3cfg-remote
|
||||
- secretKey: BUCKET
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/vault-backups
|
||||
metadataPolicy: None
|
||||
property: BUCKET
|
||||
|
||||
---
|
||||
@@ -104,17 +86,11 @@ spec:
|
||||
data:
|
||||
- secretKey: .s3cfg
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/vault-backup
|
||||
metadataPolicy: None
|
||||
property: s3cfg
|
||||
- secretKey: BUCKET
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/vault-backup
|
||||
metadataPolicy: None
|
||||
property: BUCKET
|
||||
|
||||
---
|
||||
@@ -134,24 +110,15 @@ spec:
|
||||
data:
|
||||
- secretKey: NTFY_TOKEN
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /ntfy/user/cl01tl
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
- secretKey: NTFY_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /ntfy/user/cl01tl
|
||||
metadataPolicy: None
|
||||
property: endpoint
|
||||
- secretKey: NTFY_TOPIC
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/snapshot
|
||||
metadataPolicy: None
|
||||
property: NTFY_TOPIC
|
||||
|
||||
---
|
||||
@@ -171,66 +138,39 @@ spec:
|
||||
data:
|
||||
- secretKey: ENVIRONMENT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-1
|
||||
metadataPolicy: None
|
||||
property: ENVIRONMENT
|
||||
- secretKey: CHECK_INTERVAL
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-1
|
||||
metadataPolicy: None
|
||||
property: CHECK_INTERVAL
|
||||
- secretKey: MAX_CHECK_INTERVAL
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-1
|
||||
metadataPolicy: None
|
||||
property: MAX_CHECK_INTERVAL
|
||||
- secretKey: NODES
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-1
|
||||
metadataPolicy: None
|
||||
property: NODES
|
||||
- secretKey: TLS_SKIP_VERIFY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-1
|
||||
metadataPolicy: None
|
||||
property: TLS_SKIP_VERIFY
|
||||
- secretKey: TOKENS
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-1
|
||||
metadataPolicy: None
|
||||
property: TOKENS
|
||||
- secretKey: EMAIL_ENABLED
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-1
|
||||
metadataPolicy: None
|
||||
property: EMAIL_ENABLED
|
||||
- secretKey: NOTIFY_MAX_ELAPSED
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-1
|
||||
metadataPolicy: None
|
||||
property: NOTIFY_MAX_ELAPSED
|
||||
- secretKey: NOTIFY_QUEUE_DELAY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-1
|
||||
metadataPolicy: None
|
||||
property: NOTIFY_QUEUE_DELAY
|
||||
|
||||
---
|
||||
@@ -250,66 +190,39 @@ spec:
|
||||
data:
|
||||
- secretKey: ENVIRONMENT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-2
|
||||
metadataPolicy: None
|
||||
property: ENVIRONMENT
|
||||
- secretKey: CHECK_INTERVAL
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-2
|
||||
metadataPolicy: None
|
||||
property: CHECK_INTERVAL
|
||||
- secretKey: MAX_CHECK_INTERVAL
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-2
|
||||
metadataPolicy: None
|
||||
property: MAX_CHECK_INTERVAL
|
||||
- secretKey: NODES
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-2
|
||||
metadataPolicy: None
|
||||
property: NODES
|
||||
- secretKey: TLS_SKIP_VERIFY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-2
|
||||
metadataPolicy: None
|
||||
property: TLS_SKIP_VERIFY
|
||||
- secretKey: TOKENS
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-2
|
||||
metadataPolicy: None
|
||||
property: TOKENS
|
||||
- secretKey: EMAIL_ENABLED
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-2
|
||||
metadataPolicy: None
|
||||
property: EMAIL_ENABLED
|
||||
- secretKey: NOTIFY_MAX_ELAPSED
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-2
|
||||
metadataPolicy: None
|
||||
property: NOTIFY_MAX_ELAPSED
|
||||
- secretKey: NOTIFY_QUEUE_DELAY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-2
|
||||
metadataPolicy: None
|
||||
property: NOTIFY_QUEUE_DELAY
|
||||
|
||||
---
|
||||
@@ -329,66 +242,39 @@ spec:
|
||||
data:
|
||||
- secretKey: ENVIRONMENT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-3
|
||||
metadataPolicy: None
|
||||
property: ENVIRONMENT
|
||||
- secretKey: CHECK_INTERVAL
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-3
|
||||
metadataPolicy: None
|
||||
property: CHECK_INTERVAL
|
||||
- secretKey: MAX_CHECK_INTERVAL
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-3
|
||||
metadataPolicy: None
|
||||
property: MAX_CHECK_INTERVAL
|
||||
- secretKey: NODES
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-3
|
||||
metadataPolicy: None
|
||||
property: NODES
|
||||
- secretKey: TLS_SKIP_VERIFY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-3
|
||||
metadataPolicy: None
|
||||
property: TLS_SKIP_VERIFY
|
||||
- secretKey: TOKENS
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-3
|
||||
metadataPolicy: None
|
||||
property: TOKENS
|
||||
- secretKey: EMAIL_ENABLED
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-3
|
||||
metadataPolicy: None
|
||||
property: EMAIL_ENABLED
|
||||
- secretKey: NOTIFY_MAX_ELAPSED
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-3
|
||||
metadataPolicy: None
|
||||
property: NOTIFY_MAX_ELAPSED
|
||||
- secretKey: NOTIFY_QUEUE_DELAY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/unseal/config-3
|
||||
metadataPolicy: None
|
||||
property: NOTIFY_QUEUE_DELAY
|
||||
|
||||
---
|
||||
@@ -408,43 +294,25 @@ spec:
|
||||
data:
|
||||
- secretKey: token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/token
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
- secretKey: unseal_key_1
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/token
|
||||
metadataPolicy: None
|
||||
property: unseal_key_1
|
||||
- secretKey: unseal_key_2
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/token
|
||||
metadataPolicy: None
|
||||
property: unseal_key_2
|
||||
- secretKey: unseal_key_3
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/token
|
||||
metadataPolicy: None
|
||||
property: unseal_key_3
|
||||
- secretKey: unseal_key_4
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/token
|
||||
metadataPolicy: None
|
||||
property: unseal_key_4
|
||||
- secretKey: unseal_key_5
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/vault/token
|
||||
metadataPolicy: None
|
||||
property: unseal_key_5
|
||||
|
||||
@@ -25,4 +25,3 @@ spec:
|
||||
kind: Service
|
||||
name: vault-active
|
||||
port: 8200
|
||||
weight: 100
|
||||
|
||||
@@ -1,9 +1,5 @@
|
||||
vault:
|
||||
global:
|
||||
enabled: true
|
||||
tlsDisable: true
|
||||
psp:
|
||||
enable: false
|
||||
serverTelemetry:
|
||||
prometheusOperator: true
|
||||
injector:
|
||||
@@ -12,23 +8,16 @@ vault:
|
||||
enabled: true
|
||||
image:
|
||||
repository: hashicorp/vault
|
||||
tag: 1.21.4
|
||||
updateStrategyType: "RollingUpdate"
|
||||
tag: 1.21.4@sha256:4e33b126a59c0c333b76fb4e894722462659a6bec7c48c9ee8cea56fccfd2569
|
||||
updateStrategyType: RollingUpdate
|
||||
logLevel: debug
|
||||
logFormat: standard
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 512Mi
|
||||
ingress:
|
||||
enabled: false
|
||||
route:
|
||||
enabled: false
|
||||
authDelegator:
|
||||
enabled: false
|
||||
readinessProbe:
|
||||
enabled: true
|
||||
port: 8200
|
||||
livenessProbe:
|
||||
enabled: false
|
||||
volumes:
|
||||
@@ -39,43 +28,17 @@ vault:
|
||||
- mountPath: /opt/backups/
|
||||
name: vault-storage-backup
|
||||
readOnly: false
|
||||
affinity: |
|
||||
podAntiAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
- labelSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ template "vault.name" . }}
|
||||
app.kubernetes.io/instance: "{{ .Release.Name }}"
|
||||
component: server
|
||||
topologyKey: kubernetes.io/hostname
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
service:
|
||||
enabled: true
|
||||
active:
|
||||
enabled: true
|
||||
standby:
|
||||
enabled: false
|
||||
type: ClusterIP
|
||||
port: 8200
|
||||
targetPort: 8200
|
||||
dataStorage:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
mountPath: "/vault/data"
|
||||
accessMode: ReadWriteOnce
|
||||
storageClass: ceph-block
|
||||
auditStorage:
|
||||
enabled: false
|
||||
size: 5Gi
|
||||
mountPath: "/vault/audit"
|
||||
accessMode: ReadWriteOnce
|
||||
dev:
|
||||
enabled: false
|
||||
storageClass: ceph-block
|
||||
standalone:
|
||||
enabled: false
|
||||
ha:
|
||||
enabled: true
|
||||
replicas: 3
|
||||
raft:
|
||||
enabled: true
|
||||
config: |
|
||||
@@ -109,30 +72,12 @@ vault:
|
||||
prometheus_retention_time = "30s"
|
||||
disable_hostname = true
|
||||
}
|
||||
|
||||
disruptionBudget:
|
||||
enabled: true
|
||||
maxUnavailable: null
|
||||
serviceAccount:
|
||||
create: true
|
||||
serviceDiscovery:
|
||||
enabled: true
|
||||
hostNetwork: false
|
||||
ui:
|
||||
enabled: true
|
||||
publishNotReadyAddresses: true
|
||||
activeVaultPodOnly: false
|
||||
serviceType: "ClusterIP"
|
||||
serviceNodePort: null
|
||||
externalPort: 8200
|
||||
targetPort: 8200
|
||||
csi:
|
||||
enabled: false
|
||||
maxUnavailable: 1
|
||||
serverTelemetry:
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
||||
prometheusRules:
|
||||
enabled: true
|
||||
rules:
|
||||
@@ -158,20 +103,15 @@ snapshot:
|
||||
type: cronjob
|
||||
cronjob:
|
||||
suspend: false
|
||||
concurrencyPolicy: Forbid
|
||||
timeZone: US/Central
|
||||
timeZone: America/Chicago
|
||||
schedule: 0 4 * * *
|
||||
startingDeadlineSeconds: 90
|
||||
successfulJobsHistory: 1
|
||||
failedJobsHistory: 3
|
||||
backoffLimit: 3
|
||||
parallelism: 1
|
||||
initContainers:
|
||||
snapshot:
|
||||
image:
|
||||
repository: hashicorp/vault
|
||||
tag: 1.21.4
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 1.21.4@sha256:4e33b126a59c0c333b76fb4e894722462659a6bec7c48c9ee8cea56fccfd2569
|
||||
command:
|
||||
- /bin/ash
|
||||
args:
|
||||
@@ -328,53 +268,47 @@ unseal:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/lrstanley/vault-unseal
|
||||
tag: 0.7.2
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 0.7.2@sha256:b25d0c2f6a73d1b9a3907befa473f08fe9fac828d248d7e9702517c5b967733c
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: vault-unseal-config-1
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 24Mi
|
||||
cpu: 1m
|
||||
memory: 10Mi
|
||||
unseal-2:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/lrstanley/vault-unseal
|
||||
tag: 0.7.2
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 0.7.2@sha256:b25d0c2f6a73d1b9a3907befa473f08fe9fac828d248d7e9702517c5b967733c
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: vault-unseal-config-2
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 24Mi
|
||||
cpu: 1m
|
||||
memory: 10Mi
|
||||
unseal-3:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/lrstanley/vault-unseal
|
||||
tag: 0.7.2
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 0.7.2@sha256:b25d0c2f6a73d1b9a3907befa473f08fe9fac828d248d7e9702517c5b967733c
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: vault-unseal-config-3
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 24Mi
|
||||
cpu: 1m
|
||||
memory: 10Mi
|
||||
|
||||
@@ -7,9 +7,9 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.10.0
|
||||
version: 7.11.2
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:6f78b41937412c1db5e0f612287d29ea81c1d9169b8a0efd98a0dd4be3e532d1
|
||||
generated: "2026-03-15T20:10:47.852109985Z"
|
||||
digest: sha256:1b1949361ed77479733f8634a2ac6d74d4d8ba3144339446f5508643a0b57a31
|
||||
generated: "2026-04-07T20:19:48.079671-05:00"
|
||||
|
||||
@@ -4,17 +4,15 @@ version: 1.0.0
|
||||
description: Vaultwarden
|
||||
keywords:
|
||||
- vaultwarden
|
||||
- bitwarden
|
||||
- password
|
||||
home: https://wiki.alexlebens.dev/s/fecd00f9-ebce-43eb-b066-3721b15432e3
|
||||
- password-manager
|
||||
home: https://docs.alexlebens.dev/applications/vault/
|
||||
sources:
|
||||
- https://github.com/dani-garcia/vaultwarden
|
||||
- https://github.com/cloudflare/cloudflared
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://hub.docker.com/r/vaultwarden/server
|
||||
- https://github.com/dani-garcia/vaultwarden/pkgs/container/vaultwarden
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
@@ -27,7 +25,7 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.10.0
|
||||
version: 7.11.2
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
|
||||
@@ -14,15 +14,9 @@ spec:
|
||||
data:
|
||||
- secretKey: client
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/vaultwarden
|
||||
metadataPolicy: None
|
||||
property: client
|
||||
- secretKey: secret
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/vaultwarden
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
@@ -4,13 +4,11 @@ vaultwarden:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: vaultwarden/server
|
||||
tag: 1.35.4
|
||||
pullPolicy: IfNotPresent
|
||||
repository: ghcr.io/dani-garcia/vaultwarden
|
||||
tag: 1.35.4@sha256:43498a94b22f9563f2a94b53760ab3e710eefc0d0cac2efda4b12b9eb8690664
|
||||
env:
|
||||
- name: DOMAIN
|
||||
value: https://passwords.alexlebens.dev
|
||||
@@ -44,7 +42,7 @@ vaultwarden:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
memory: 30Mi
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -52,14 +50,12 @@ vaultwarden:
|
||||
http:
|
||||
port: 80
|
||||
targetPort: 80
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
config:
|
||||
forceRename: vaultwarden-data
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
@@ -78,35 +74,12 @@ postgres-18-cluster:
|
||||
destinationBucket: postgres-backups
|
||||
externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# index: 1
|
||||
# destinationBucket: postgres-backups
|
||||
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
||||
# retentionPolicy: "90d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# - name: external
|
||||
# index: 1
|
||||
# endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
# destinationBucket: postgres-backups-ce540ddf106d186bbddca68a
|
||||
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
||||
# isWALArchiver: false
|
||||
scheduledBackups:
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: true
|
||||
# immediate: true
|
||||
# schedule: "0 0 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
# - name: daily-backup
|
||||
# suspend: true
|
||||
# immediate: true
|
||||
# schedule: "0 0 0 * * *"
|
||||
# backupName: external
|
||||
volsync-target-data:
|
||||
pvcTarget: vaultwarden-data
|
||||
local:
|
||||
|
||||
@@ -5,6 +5,7 @@ description: Version Checker
|
||||
keywords:
|
||||
- version-checker
|
||||
- update-tracker
|
||||
- metrics
|
||||
home: https://docs.alexlebens.dev/applications/version-checker/
|
||||
sources:
|
||||
- https://github.com/jetstack/version-checker
|
||||
|
||||
@@ -0,0 +1,16 @@
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: version-checker
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: version-checker
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: version-checker
|
||||
endpoints:
|
||||
- port: web
|
||||
path: /metrics
|
||||
@@ -10,8 +10,7 @@ version-checker:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 1m
|
||||
memory: 40Mi
|
||||
memory: 400Mi
|
||||
prometheus:
|
||||
enabled: true
|
||||
replicas: 1
|
||||
serviceAccountName: version-checker-prometheus
|
||||
|
||||
@@ -5,12 +5,10 @@ description: Volsync
|
||||
keywords:
|
||||
- volsync
|
||||
- backup
|
||||
- storage
|
||||
- s3
|
||||
- kubernetes
|
||||
home: https://wiki.alexlebens.dev/s/6858726b-5219-46ee-b9b7-6e1f6c125f6b
|
||||
home: https://docs.alexlebens.dev/applications/volsync/
|
||||
sources:
|
||||
- https://github.com/backube/volsync
|
||||
- https://quay.io/repository/backube/volsync?tab=tags
|
||||
- https://github.com/backube/volsync/tree/main/helm/volsync
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
|
||||
@@ -1,15 +1,15 @@
|
||||
volsync:
|
||||
replicaCount: 2
|
||||
image:
|
||||
repository: quay.io/backube/volsync
|
||||
tag: 0.15.0@sha256:4fedd41b3101dde090542009c4177f703d241bf4760d1767bd9df08fd8fd93a4
|
||||
manageCRDs: true
|
||||
metrics:
|
||||
disableAuth: true
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: true
|
||||
resources:
|
||||
limits:
|
||||
cpu: null
|
||||
memory: null
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
cpu: 1m
|
||||
memory: 80Mi
|
||||
|
||||
@@ -4,9 +4,8 @@ version: 1.0.0
|
||||
description: WhoDB
|
||||
keywords:
|
||||
- whodb
|
||||
- postgresql
|
||||
- database
|
||||
home: https://wiki.alexlebens.dev/s/f329e026-7ade-4a3c-a5f1-1ac1492b9786
|
||||
- database-dashboard
|
||||
home: https://docs.alexlebens.dev/applications/whodb/
|
||||
sources:
|
||||
- https://github.com/clidey/whodb
|
||||
- https://hub.docker.com/r/clidey/whodb
|
||||
|
||||
@@ -3,13 +3,11 @@ whodb:
|
||||
main:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: clidey/whodb
|
||||
tag: 0.104.0
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 0.104.0@sha256:ab485c021b862aac50bb88658f3342ca01d3eba33e933353692bc9989b2912c4
|
||||
env:
|
||||
- name: WHODB_OLLAMA_HOST
|
||||
value: ollama-server-2.ollama
|
||||
@@ -17,8 +15,8 @@ whodb:
|
||||
value: 11434
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 256Mi
|
||||
cpu: 1m
|
||||
memory: 20Mi
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -26,7 +24,6 @@ whodb:
|
||||
http:
|
||||
port: 80
|
||||
targetPort: 8080
|
||||
protocol: TCP
|
||||
route:
|
||||
main:
|
||||
kind: HTTPRoute
|
||||
@@ -39,11 +36,8 @@ whodb:
|
||||
- whodb.alexlebens.net
|
||||
rules:
|
||||
- backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: whodb
|
||||
- name: whodb
|
||||
port: 80
|
||||
weight: 100
|
||||
matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.10.0
|
||||
version: 7.11.2
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
digest: sha256:71da007e1cef75e45b1678caa51b0d2317cb8f4dfdf7df675d534194f03650aa
|
||||
generated: "2026-03-15T20:11:03.591727143Z"
|
||||
version: 0.5.0
|
||||
digest: sha256:473de03f0404ca8c53e85ea2a22797a8ba040102c6dca977face60f81f3130e4
|
||||
generated: "2026-04-07T20:57:56.63402-05:00"
|
||||
|
||||
@@ -4,15 +4,14 @@ version: 1.0.0
|
||||
description: Yamtrack
|
||||
keywords:
|
||||
- yamtrack
|
||||
- media
|
||||
- jellyfin
|
||||
home: https://wiki.alexlebens.dev/s/74f31779-734e-42d0-852e-efd57ebdc797
|
||||
- media-tracking
|
||||
home: https://docs.alexlebens.dev/applications/yamtrack/
|
||||
sources:
|
||||
- https://github.com/FuzzyGrim/Yamtrack
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://github.com/FuzzyGrim/Yamtrack/pkgs/container/yamtrack
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/valkey
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
@@ -22,11 +21,11 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.10.0
|
||||
version: 7.11.2
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
version: 0.4.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/yamtrack.png
|
||||
# renovate: datasource=github-releases depName=FuzzyGrim/Yamtrack
|
||||
|
||||
@@ -14,10 +14,7 @@ spec:
|
||||
data:
|
||||
- secretKey: SECRET
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/yamtrack/config
|
||||
metadataPolicy: None
|
||||
property: SECRET
|
||||
|
||||
---
|
||||
@@ -37,8 +34,5 @@ spec:
|
||||
data:
|
||||
- secretKey: SOCIALACCOUNT_PROVIDERS
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/yamtrack
|
||||
metadataPolicy: None
|
||||
property: SOCIALACCOUNT_PROVIDERS
|
||||
|
||||
@@ -4,16 +4,14 @@ yamtrack:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/fuzzygrim/yamtrack
|
||||
tag: 0.25.0
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 0.25.0@sha256:df76008258452a6cda73d971dc4ffbcbca96c5220154a02c9b70bf0bb0e24931
|
||||
env:
|
||||
- name: TZ
|
||||
value: US/Central
|
||||
value: America/Chicago
|
||||
- name: URLS
|
||||
value: https://yamtrack.alexlebens.net
|
||||
- name: REGISTRATION
|
||||
@@ -60,7 +58,7 @@ yamtrack:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 256Mi
|
||||
memory: 380Mi
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -68,7 +66,6 @@ yamtrack:
|
||||
http:
|
||||
port: 80
|
||||
targetPort: 8000
|
||||
protocol: HTTP
|
||||
route:
|
||||
main:
|
||||
kind: HTTPRoute
|
||||
@@ -81,11 +78,8 @@ yamtrack:
|
||||
- yamtrack.alexlebens.net
|
||||
rules:
|
||||
- backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: yamtrack
|
||||
- name: yamtrack
|
||||
port: 80
|
||||
weight: 100
|
||||
matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
@@ -103,32 +97,9 @@ postgres-18-cluster:
|
||||
destinationBucket: postgres-backups
|
||||
externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# index: 1
|
||||
# destinationBucket: postgres-backups
|
||||
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
||||
# retentionPolicy: "90d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# - name: external
|
||||
# index: 1
|
||||
# endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
# destinationBucket: postgres-backups-ce540ddf106d186bbddca68a
|
||||
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
||||
# isWALArchiver: false
|
||||
scheduledBackups:
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 10 16 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: true
|
||||
# immediate: true
|
||||
# schedule: "0 0 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
# - name: daily-backup
|
||||
# suspend: true
|
||||
# immediate: true
|
||||
# schedule: "0 0 0 * * *"
|
||||
# backupName: external
|
||||
|
||||
@@ -5,11 +5,11 @@ description: yubal
|
||||
keywords:
|
||||
- yubal
|
||||
- music
|
||||
- youtube
|
||||
home: https://wiki.alexlebens.dev/s/
|
||||
home: https://docs.alexlebens.dev/applications/yamtrack/
|
||||
sources:
|
||||
- https://github.com/guillevc/yubal
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
@@ -21,5 +21,6 @@ dependencies:
|
||||
alias: volsync-target-config
|
||||
version: 0.8.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/yubal.png
|
||||
# renovate: datasource=github-releases depName=guillevc/yubal
|
||||
appVersion: v0.7.2
|
||||
|
||||
@@ -1,42 +0,0 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: yubal-wireguard-conf
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: yubal-wireguard-conf
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: private-key
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /airvpn/conf/cl01tl
|
||||
metadataPolicy: None
|
||||
property: private-key
|
||||
- secretKey: preshared-key
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /airvpn/conf/cl01tl
|
||||
metadataPolicy: None
|
||||
property: preshared-key
|
||||
- secretKey: addresses
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /airvpn/conf/cl01tl
|
||||
metadataPolicy: None
|
||||
property: addresses
|
||||
- secretKey: input-ports
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /airvpn/conf/cl01tl
|
||||
metadataPolicy: None
|
||||
property: input-ports
|
||||
@@ -1,11 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: yubal
|
||||
labels:
|
||||
app.kubernetes.io/name: yubal
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
pod-security.kubernetes.io/audit: privileged
|
||||
pod-security.kubernetes.io/enforce: privileged
|
||||
pod-security.kubernetes.io/warn: privileged
|
||||
@@ -4,18 +4,17 @@ yubal:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
pod:
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/guillevc/yubal
|
||||
tag: 0.7.2@sha256:906b7c90b738e77ad140178f6a5145f98c12af36e8321d427148c092836c37be
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: YUBAL_TZ
|
||||
value: America/Chicago
|
||||
@@ -28,7 +27,7 @@ yubal:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
memory: 200Mi
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -36,7 +35,6 @@ yubal:
|
||||
http:
|
||||
port: 80
|
||||
targetPort: 8000
|
||||
protocol: HTTP
|
||||
route:
|
||||
main:
|
||||
kind: HTTPRoute
|
||||
@@ -49,11 +47,8 @@ yubal:
|
||||
- yubal.alexlebens.net
|
||||
rules:
|
||||
- backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: yubal
|
||||
- name: yubal
|
||||
port: 80
|
||||
weight: 100
|
||||
matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
@@ -64,7 +59,6 @@ yubal:
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 1Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
services:
|
||||
tailscale-blocky:
|
||||
image: ghcr.io/tailscale/tailscale:v1.94.2@sha256:95e528798bebe75f39b10e74e7051cf51188ee615934f232ba7ad06a3390ffa1
|
||||
image: ghcr.io/tailscale/tailscale:v1.96.5@sha256:dbeff02d2337344b351afac203427218c4d0a06c43fc10a865184063498472a6
|
||||
container_name: tailscale-blocky
|
||||
cap_add:
|
||||
- net_admin
|
||||
|
||||
@@ -86,7 +86,6 @@ customDNS:
|
||||
bazarr IN CNAME traefik-cl01tl
|
||||
ceph IN CNAME traefik-cl01tl
|
||||
dawarich IN CNAME traefik-cl01tl
|
||||
dependency-track IN CNAME traefik-cl01tl
|
||||
directus IN CNAME traefik-cl01tl
|
||||
excalidraw IN CNAME traefik-cl01tl
|
||||
feishin IN CNAME traefik-cl01tl
|
||||
@@ -109,6 +108,7 @@ customDNS:
|
||||
jellystat IN CNAME traefik-cl01tl
|
||||
kiwix IN CNAME traefik-cl01tl
|
||||
komodo IN CNAME traefik-cl01tl
|
||||
kyoo IN CNAME traefik-cl01tl
|
||||
languagetool IN CNAME traefik-cl01tl
|
||||
lidarr IN CNAME traefik-cl01tl
|
||||
mail IN CNAME traefik-cl01tl
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
services:
|
||||
traefik:
|
||||
image: ghcr.io/traefik/traefik:v3.6.12@sha256:171c9c3565b29f6c133f1c1b43c5d4e5853415198e9e1078c001f8702ff66aec
|
||||
image: ghcr.io/traefik/traefik:v3.6.13@sha256:abb4f51887319c9b9d9cfe1d3cdf9379a771138003bf683f10e97697e148f95f
|
||||
container_name: traefik
|
||||
command:
|
||||
- "--global.checkNewVersion=false"
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
services:
|
||||
tailscale-blocky:
|
||||
image: ghcr.io/tailscale/tailscale:v1.94.2@sha256:95e528798bebe75f39b10e74e7051cf51188ee615934f232ba7ad06a3390ffa1
|
||||
image: ghcr.io/tailscale/tailscale:v1.96.5@sha256:dbeff02d2337344b351afac203427218c4d0a06c43fc10a865184063498472a6
|
||||
container_name: tailscale-blocky
|
||||
cap_add:
|
||||
- net_admin
|
||||
|
||||
@@ -107,7 +107,6 @@ customDNS:
|
||||
bazarr IN CNAME traefik-cl01tl
|
||||
ceph IN CNAME traefik-cl01tl
|
||||
dawarich IN CNAME traefik-cl01tl
|
||||
dependency-track IN CNAME traefik-cl01tl
|
||||
directus IN CNAME traefik-cl01tl
|
||||
excalidraw IN CNAME traefik-cl01tl
|
||||
feishin IN CNAME traefik-cl01tl
|
||||
@@ -130,6 +129,7 @@ customDNS:
|
||||
jellystat IN CNAME traefik-cl01tl
|
||||
kiwix IN CNAME traefik-cl01tl
|
||||
komodo IN CNAME traefik-cl01tl
|
||||
kyoo IN CNAME traefik-cl01tl
|
||||
languagetool IN CNAME traefik-cl01tl
|
||||
lidarr IN CNAME traefik-cl01tl
|
||||
mail IN CNAME traefik-cl01tl
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
services:
|
||||
traefik:
|
||||
image: ghcr.io/traefik/traefik:v3.6.12@sha256:171c9c3565b29f6c133f1c1b43c5d4e5853415198e9e1078c001f8702ff66aec
|
||||
image: ghcr.io/traefik/traefik:v3.6.13@sha256:abb4f51887319c9b9d9cfe1d3cdf9379a771138003bf683f10e97697e148f95f
|
||||
container_name: traefik
|
||||
command:
|
||||
- "--global.checkNewVersion=false"
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
services:
|
||||
tailscale-blocky:
|
||||
image: ghcr.io/tailscale/tailscale:v1.94.2@sha256:95e528798bebe75f39b10e74e7051cf51188ee615934f232ba7ad06a3390ffa1
|
||||
image: ghcr.io/tailscale/tailscale:v1.96.5@sha256:dbeff02d2337344b351afac203427218c4d0a06c43fc10a865184063498472a6
|
||||
container_name: tailscale-blocky
|
||||
cap_add:
|
||||
- net_admin
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
services:
|
||||
tailscale-garage:
|
||||
image: ghcr.io/tailscale/tailscale:v1.94.2@sha256:95e528798bebe75f39b10e74e7051cf51188ee615934f232ba7ad06a3390ffa1
|
||||
image: ghcr.io/tailscale/tailscale:v1.96.5@sha256:dbeff02d2337344b351afac203427218c4d0a06c43fc10a865184063498472a6
|
||||
container_name: tailscale-garage
|
||||
cap_add:
|
||||
- net_admin
|
||||
@@ -20,7 +20,7 @@ services:
|
||||
- /dev/net/tun:/dev/net/tun
|
||||
|
||||
tailscale-garage-ui:
|
||||
image: ghcr.io/tailscale/tailscale:v1.94.2@sha256:95e528798bebe75f39b10e74e7051cf51188ee615934f232ba7ad06a3390ffa1
|
||||
image: ghcr.io/tailscale/tailscale:v1.96.5@sha256:dbeff02d2337344b351afac203427218c4d0a06c43fc10a865184063498472a6
|
||||
container_name: tailscale-garage-ui
|
||||
cap_add:
|
||||
- net_admin
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user