chore(deps): update harbor.alexlebens.net/images/site-documentation docker tag to v0.20.0

clusters/cl01tl/helm/blocky/values.yaml

@@ -144,7 +144,8 @@ blocky:
               omni-tools                      IN      CNAME   traefik-cl01tl
               paperless-ngx                   IN      CNAME   traefik-cl01tl
               plex                            IN      CNAME   traefik-cl01tl
-              postiz                          IN      CNAME   traefik-cl01tl
+              postiz-temporal-web             IN      CNAME   traefik-cl01tl
+              postiz-temporal-frontend        IN      CNAME   traefik-cl01tl
               prometheus                      IN      CNAME   traefik-cl01tl
               prowlarr                        IN      CNAME   traefik-cl01tl
               qbittorrent                     IN      CNAME   traefik-cl01tl

clusters/cl01tl/helm/gatus/values.yaml

@@ -173,6 +173,12 @@ gatus:
       - name: home-assistant-code-server
         url: https://home-assistant-code-server.alexlebens.net
         <<: *defaults
+      - name: postiz-temporal-web
+        url: https://postiz-temporal-web.alexlebens.net
+        <<: *defaults
+      - name: postiz-temporal-frontend
+        url: https://postiz-temporal-frontend.alexlebens.net
+        <<: *defaults
       - name: argocd
         url: https://argocd.alexlebens.net
         <<: *defaults

clusters/cl01tl/helm/homepage/values.yaml

@@ -344,6 +344,18 @@ homepage:
                   href: https://home-assistant-code-server.alexlebens.net
                   siteMonitor: http://home-assistant-code-server.home-assistant:8443
                   statusStyle: dot
+              - Temporal Web (Postiz):
+                  icon: https://raw.githubusercontent.com/temporalio/documentation/47b489b69d7c7ee4c3a0880cc0faf11b5f4cdb2a/static/img/favicon.svg
+                  description: Temporal Web
+                  href: https://postiz-temporal-web.alexlebens.net
+                  siteMonitor: http://postiz-temporal-web.postiz:8080
+                  statusStyle: dot
+              - Temporal Frontend (Postiz):
+                  icon: https://raw.githubusercontent.com/temporalio/documentation/47b489b69d7c7ee4c3a0880cc0faf11b5f4cdb2a/static/img/favicon.svg
+                  description: Temporal Frontend
+                  href: https://postiz-temporal-frontend.alexlebens.net
+                  siteMonitor: http://postiz-temporal-frontend.postiz:7243
+                  statusStyle: dot
           - Automation:
               - Continuous Deployment:
                   icon: sh-argo-cd.webp

clusters/cl01tl/helm/postiz/templates/elasticsearch.yaml

@@ -6,7 +6,7 @@ metadata:
   labels:
     app.kubernetes.io/name: elasticsearch-postiz
     app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}``
+    app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
   # renovate: datasource=docker depName=elasticsearch
   version: 8.19.8@sha256:e6ef2af8db3269ffd075ebf5e605d62324345d646c4fa201654f648d1cad44a4

clusters/cl01tl/helm/postiz/templates/external-secret.yaml

@@ -17,6 +17,58 @@ spec:
         key: /cl01tl/postiz/config
         property: JWT_SECRET
 
+---
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: postiz-oidc-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: postiz-oidc-secret
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: client
+      remoteRef:
+        key: /authentik/oidc/postiz
+        property: client
+    - secretKey: secret
+      remoteRef:
+        key: /authentik/oidc/postiz
+        property: secret
+
+---
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: postiz-elasticsearch-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: postiz-elasticsearch-secret
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: username
+      remoteRef:
+        key: /cl01tl/postiz/elasticsearch
+        property: username
+    - secretKey: password
+      remoteRef:
+        key: /cl01tl/postiz/elasticsearch
+        property: password
+    - secretKey: roles
+      remoteRef:
+        key: /cl01tl/postiz/elasticsearch
+        property: roles
+
 ---
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
@@ -48,27 +100,3 @@ spec:
       remoteRef:
         key: /cl01tl/postiz/valkey
         property: password
-
----
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: postiz-oidc-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: postiz-oidc-secret
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: client
-      remoteRef:
-        key: /authentik/oidc/postiz
-        property: client
-    - secretKey: secret
-      remoteRef:
-        key: /authentik/oidc/postiz
-        property: secret

clusters/cl01tl/helm/postiz/templates/http-route.yaml

@@ -1,10 +1,10 @@
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
-  name: temporal-ui
+  name: postiz-temporal-web
   namespace: {{ .Release.Namespace }}
   labels:
-    app.kubernetes.io/name: temporal-ui
+    app.kubernetes.io/name: postiz-temporal-web
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
@@ -14,7 +14,7 @@ spec:
       name: traefik-gateway
       namespace: traefik
   hostnames:
-    - temporal-ui.alexlebens.net
+    - postiz-temporal-web.alexlebens.net
   rules:
     - matches:
       - path:
@@ -23,7 +23,7 @@ spec:
       backendRefs:
         - group: ''
           kind: Service
-          name: temporal-ui
+          name: postiz-temporal-web
           port: 8080
           weight: 100
 
@@ -31,10 +31,10 @@ spec:
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
-  name: temporal-frontend
+  name: postiz-temporal-frontend
   namespace: {{ .Release.Namespace }}
   labels:
-    app.kubernetes.io/name: temporal-frontend
+    app.kubernetes.io/name: postiz-temporal-frontend
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/part-of: {{ .Release.Name }}
 spec:
@@ -44,7 +44,7 @@ spec:
       name: traefik-gateway
       namespace: traefik
   hostnames:
-    - temporal-frontend.alexlebens.net
+    - postiz-temporal-frontend.alexlebens.net
   rules:
     - matches:
       - path:
@@ -53,6 +53,6 @@ spec:
       backendRefs:
         - group: ''
           kind: Service
-          name: temporal-frontend
-          port: 80
+          name: postiz-temporal-frontend
+          port: 7243
           weight: 100

clusters/cl01tl/helm/postiz/values.yaml

@@ -150,8 +150,9 @@ temporal:
               driverName: postgres12
               databaseName: app
               connectAddr: postiz-postgresql-18-cluster-rw.postiz:5432
-              user: app
-              existingSecret: postiz-postgresql-18-cluster-app
+              connectProtocol: "tcp"
+              user: postgres
+              existingSecret: postiz-postgresql-18-cluster-superuser
               secretKey: password
               tls:
                 enabled: false
@@ -218,6 +219,8 @@ temporal:
         memory: 60Mi
 postgres-18-cluster:
   mode: recovery
+  cluster:
+    enableSuperuserAccess: true
   recovery:
     method: objectStore
     objectStore:

clusters/cl01tl/helm/site-documentation/values.yaml

@@ -11,7 +11,7 @@ site-documentation:
         main:
           image:
             repository: harbor.alexlebens.net/images/site-documentation
-            tag: 0.18.0
+            tag: 0.20.0
             pullPolicy: IfNotPresent
           resources:
             requests:

hosts/ps08rp/blocky/config.yml

@@ -121,7 +121,8 @@ customDNS:
     omni-tools                      IN      CNAME   traefik-cl01tl
     paperless-ngx                   IN      CNAME   traefik-cl01tl
     plex                            IN      CNAME   traefik-cl01tl
-    postiz                          IN      CNAME   traefik-cl01tl
+    postiz-temporal-web             IN      CNAME   traefik-cl01tl
+    postiz-temporal-frontend        IN      CNAME   traefik-cl01tl
     prometheus                      IN      CNAME   traefik-cl01tl
     prowlarr                        IN      CNAME   traefik-cl01tl
     qbittorrent                     IN      CNAME   traefik-cl01tl

hosts/ps09rp/blocky/config.yml

@@ -142,7 +142,8 @@ customDNS:
     omni-tools                      IN      CNAME   traefik-cl01tl
     paperless-ngx                   IN      CNAME   traefik-cl01tl
     plex                            IN      CNAME   traefik-cl01tl
-    postiz                          IN      CNAME   traefik-cl01tl
+    postiz-temporal-web             IN      CNAME   traefik-cl01tl
+    postiz-temporal-frontend        IN      CNAME   traefik-cl01tl
     prometheus                      IN      CNAME   traefik-cl01tl
     prowlarr                        IN      CNAME   traefik-cl01tl
     qbittorrent                     IN      CNAME   traefik-cl01tl