alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions 3 Activity

Compare commits

base: alexlebens:1ff1d8c8a6566e85c87bfd04c1adf86b3b505d7a
Branches Tags
alexlebens:main alexlebens:manifests alexlebens:renovate/unified-haveagitgattdarr_node alexlebens:renovate/unified-haveagitgattdarr alexlebens:renovate/unified-brainicismbgutil-ytdlp-pot-provider alexlebens:renovate/redis-replication-1.x alexlebens:renovate/kube-prometheus-stack-82.x alexlebens:renovate/meilisearch-0.x alexlebens:renovate/cilium-1.x
..
compare: alexlebens:renovate/kube-prometheus-stack-82.x
Branches Tags
alexlebens:manifests alexlebens:renovate/unified-haveagitgattdarr_node alexlebens:renovate/unified-haveagitgattdarr alexlebens:renovate/unified-brainicismbgutil-ytdlp-pot-provider alexlebens:main alexlebens:renovate/redis-replication-1.x alexlebens:renovate/kube-prometheus-stack-82.x alexlebens:renovate/meilisearch-0.x alexlebens:renovate/cilium-1.x

23 Commits
1ff1d8c8a6 ... renovate/k

Author SHA1 Message Date
Renovate Bot
60c093afa1 chore(deps): update kube-prometheus-stack docker tag to v82.8.0
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 19s
Details
2026-03-03 22:56:41 +00:00
Alex Lebens
599e0de11c fix: change image name
All checks were successful
lint-test-helm / lint-helm (push) Successful in 37s
Details
render-manifests-push / render-manifests-push (push) Successful in 3m7s
Details
renovate / renovate (push) Successful in 13m51s
Details
2026-03-03 16:49:57 -06:00
Alex Lebens
6941d9f17b fix: change image name
Some checks failed
lint-test-helm / lint-helm (push) Successful in 36s
Details
render-manifests-push / render-manifests-push (push) Successful in 1m25s
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-03 16:42:32 -06:00
Alex Lebens
ca21308ef4 feat: add dawarich
All checks were successful
lint-test-helm / lint-helm (push) Successful in 55s
Details
lint-test-docker / lint-docker-compose (push) Successful in 1m15s
Details
render-manifests-push / render-manifests-push (push) Successful in 1m17s
Details
renovate / renovate (push) Successful in 8m29s
Details
2026-03-03 16:17:44 -06:00
Renovate Bot
27f55d8240 chore(deps): update helm release authentik to v2026.2.1 (#4398)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 19s
Details
render-manifests-push / render-manifests-push (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-03 22:11:41 +00:00
Renovate Bot
9bac99ead5 chore(deps): update harbor.alexlebens.net/images/site-profile docker tag to v2.19.0 (#4395)
Some checks failed
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 16s
Details
renovate / renovate (push) Has been cancelled
Details 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [harbor.alexlebens.net/images/site-profile](https://gitea.alexlebens.dev/alexlebens/site-profile) | minor | `2.17.2` → `2.19.0` |

---

### Release Notes

<details>
<summary>alexlebens/site-profile (harbor.alexlebens.net/images/site-profile)</summary>

### [`v2.19.0`](https://gitea.alexlebens.dev/alexlebens/site-profile/compare/2.17.2...2.19.0)

[Compare Source](https://gitea.alexlebens.dev/alexlebens/site-profile/compare/2.17.2...2.19.0)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41MS4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTEuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiaW1hZ2UiXX0=-->

Reviewed-on: #4395
Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net>
Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>
 2026-03-03 22:08:41 +00:00
Renovate Bot
cd84ba0a99 chore(deps): update searxng/searxng:latest docker digest to dc9c7aa (#4394)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 12s
Details
render-manifests-push / render-manifests-push (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-03 22:04:02 +00:00
Renovate Bot
8311e994c2 chore(deps): update ghcr.io/linuxserver/bazarr:1.5.6 docker digest to 94eee5e (#4393)
Some checks failed
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 15s
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-03 22:03:41 +00:00
Renovate Bot
89dc1f94ef chore(deps): update searxng/searxng:latest docker digest to ac4ece8 (#4390)
All checks were successful
lint-test-helm / lint-helm (push) Successful in 20s
Details
render-manifests-push / render-manifests-push (push) Has been skipped
Details
renovate / renovate (push) Successful in 11m54s
Details
2026-03-03 20:49:48 +00:00
Renovate Bot
766772da32 chore(deps): update dependency clidey/whodb to v0.97.0 (#4377)
Some checks failed
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [clidey/whodb](https://github.com/clidey/whodb) | minor | `0.95.0` → `0.97.0` |

---

### Release Notes

<details>
<summary>clidey/whodb (clidey/whodb)</summary>

### [`v0.97.0`](https://github.com/clidey/whodb/releases/tag/0.97.0)

[Compare Source](https://github.com/clidey/whodb/compare/0.96.0...0.97.0)

- Fix for the AI Chat streaming

#### Installation

##### Mac App Store

[Download from the Apple Store](https://apps.apple.com/app/whodb/id6754566536)

##### Microsoft Store

[Download from the Microsoft Store](https://apps.microsoft.com/detail/9pftx5bv4ds6)

##### Snap Store

```bash
sudo snap install whodb
```

[View on Snapcraft](https://snapcraft.io/whodb)

##### Docker

```bash
docker pull clidey/whodb:0.97.0
docker pull clidey/whodb:latest
```

##### Direct Downloads

See assets below for platform-specific packages (DMG, MSIX, etc.).

#### Documentation

- [Documentation](https://docs.whodb.com)
- [Report Issues](https://github.com/clidey/whodb/issues)

#### Upgrade Notes

To upgrade from a previous version:

- **Docker**: Pull the latest image and restart your container
- **Snap**: Run `sudo snap refresh whodb`
- **Desktop Apps**: Download and install the new version

***

**Full Changelog**: <https://github.com/clidey/whodb/compare/0.96.0...0.97.0>

### [`v0.96.0`](https://github.com/clidey/whodb/releases/tag/0.96.0)

[Compare Source](https://github.com/clidey/whodb/compare/0.95.0...0.96.0)

- Updates to how the AWS provider handles authentication
- Bug fixes for mock data related to cyclical foreign keys
- AI backend changes to make it easier to add generic providers
- Add small migration checks that show messages if a legacy option is used
- Apply Connection Timeout default to all database drivers that support it

#### Installation

##### Mac App Store

[Download from the Apple Store](https://apps.apple.com/app/whodb/id6754566536)

##### Microsoft Store

[Download from the Microsoft Store](https://apps.microsoft.com/detail/9pftx5bv4ds6)

##### Snap Store

```bash
sudo snap install whodb
```

[View on Snapcraft](https://snapcraft.io/whodb)

##### Docker

```bash
docker pull clidey/whodb:0.96.0
docker pull clidey/whodb:latest
```

##### Direct Downloads

See assets below for platform-specific packages (DMG, MSIX, etc.).

#### Documentation

- [Documentation](https://docs.whodb.com)
- [Report Issues](https://github.com/clidey/whodb/issues)

#### Upgrade Notes

To upgrade from a previous version:

- **Docker**: Pull the latest image and restart your container
- **Snap**: Run `sudo snap refresh whodb`
- **Desktop Apps**: Download and install the new version

***

**Full Changelog**: <https://github.com/clidey/whodb/compare/0.95.0...0.96.0>

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these updates again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40OS4wIiwidXBkYXRlZEluVmVyIjoiNDMuNDkuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiaW1hZ2UiXX0=-->

Reviewed-on: #4377
Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net>
Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>
 2026-03-03 20:45:23 +00:00
Alex Lebens
29398d1d8e feat: add alias
All checks were successful
render-manifests-push / render-manifests-push (push) Successful in 56s
Details
lint-test-helm / lint-helm (push) Successful in 1m53s
Details
renovate / renovate (push) Successful in 4m22s
Details
2026-03-03 14:10:29 -06:00
Renovate Bot
933e48247c chore(deps): update helm release argo-cd to v9.4.7 (#4387)
Some checks failed
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 26s
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-03 20:06:26 +00:00
Renovate Bot
db0e8a7138 chore(deps): update searxng/searxng:latest docker digest to 8cbf1da (#4383)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 20s
Details
render-manifests-push / render-manifests-push (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-03 20:03:09 +00:00
Alex Lebens
4d689eb7aa feat: remove registry
Some checks failed
lint-test-helm / lint-helm (push) Successful in 24s
Details
renovate / renovate (push) Has been cancelled
Details
render-manifests-push / render-manifests-push (push) Successful in 1m51s
Details
2026-03-03 14:01:42 -06:00
Alex Lebens
15a49d363d fix: change name
Some checks failed
lint-test-helm / lint-helm (push) Successful in 53s
Details
render-manifests-push / render-manifests-push (push) Failing after 2m5s
Details
renovate / renovate (push) Successful in 3m11s
Details
2026-03-03 13:00:09 -06:00
Alex Lebens
694cf28ebe feat: add back values
Some checks failed
render-manifests-push / render-manifests-push (push) Failing after 1m22s
Details
lint-test-helm / lint-helm (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-03 12:57:57 -06:00
Alex Lebens
a41f9190ca feat: use vendor chart for actions
Some checks failed
lint-test-helm / lint-helm (push) Has been cancelled
Details
render-manifests-push / render-manifests-push (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-03 12:55:33 -06:00
Renovate Bot
258296c402 chore(deps): update helm release element-web to v1.4.31 (#4379)
All checks were successful
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 43s
Details
renovate / renovate (push) Successful in 5m3s
Details
2026-03-03 18:09:03 +00:00
Renovate Bot
187ab3b5df chore(deps): update searxng/searxng:latest docker digest to a1dd6e4 (#4375)
All checks were successful
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 2m20s
Details
renovate / renovate (push) Successful in 10m46s
Details
2026-03-03 11:04:44 +00:00
Renovate Bot
07d76d14e3 chore(deps): update dependency actualbudget/actual to v26.3.0 (#4368)
All checks were successful
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 21s
Details
renovate / renovate (push) Successful in 4m6s
Details 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [actualbudget/actual](https://github.com/actualbudget/actual) | minor | `26.2.1` → `26.3.0` |

---

### Release Notes

<details>
<summary>actualbudget/actual (actualbudget/actual)</summary>

### [`v26.3.0`](https://github.com/actualbudget/actual/releases/tag/v26.3.0)

[Compare Source](https://github.com/actualbudget/actual/compare/v26.2.1...v26.3.0)

🔗 [View release notes](https://actualbudget.org/blog/release-26.3.0)

#### Desktop releases

Please note: Microsoft store updates can sometimes lag behind the main release by a couple of days while they verify the new version.

<p>
  <a href="https://apps.microsoft.com/detail/9p2hmlhsdbrm?cid=Github+Releases&mode=direct"><img src="https://get.microsoft.com/images/en-us%20dark.svg" width="200" /></a>
  <img src="data:image/gif;base64,R0lGODlhAQABAAAAACw=" width="12" height="1" alt="" />
  <a href="https://flathub.org/apps/com.actualbudget.actual"><img width="165" style="margin-left:12px;" alt="Get it on Flathub" src="https://flathub.org/api/badge?locale=en" /></a>
</p>

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yNS43IiwidXBkYXRlZEluVmVyIjoiNDMuMjUuNyIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiaW1hZ2UiXX0=-->

Reviewed-on: #4368
Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net>
Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>
 2026-03-03 03:41:13 +00:00
Renovate Bot
a09df3cca1 chore(deps): update helm release generic-device-plugin to v0.20.20 (#4371)
All checks were successful
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 33s
Details
renovate / renovate (push) Successful in 3m21s
Details
2026-03-03 03:03:49 +00:00
Renovate Bot
e30908a0f0 chore(deps): update ghcr.io/open-webui/open-webui docker tag to v0.8.8 (#4370)
Some checks failed
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 25s
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-03 03:03:07 +00:00
Renovate Bot
4fb0d55515 chore(deps): update ghcr.io/linuxserver/code-server docker tag to v4.109.5 (#4369)
Some checks failed
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 27s
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-03 03:02:34 +00:00
29 changed files with 489 additions and 35 deletions
Expand all files Collapse all files

6
clusters/cl01tl/helm/argocd/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: argo-cd - name: argo-cd
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
version: 9.4.6 version: 9.4.7
digest: sha256:0eb9b1925e946d56b9281b801fd92beb74ed952382e1d1fa0f6a0090a105ec96 digest: sha256:9fc78ed4a6a55f65e3250e687caf67ad09e852eb7b01313e372127e75f451a79
generated: "2026-03-02T00:09:30.041548831Z" generated: "2026-03-03T20:05:52.081769174Z"

2
clusters/cl01tl/helm/argocd/Chart.yaml
View File

@@ -15,7 +15,7 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: argo-cd - name: argo-cd
version: 9.4.6 version: 9.4.7
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
# renovate: datasource=github-releases depName=argoproj/argo-cd # renovate: datasource=github-releases depName=argoproj/argo-cd

6
clusters/cl01tl/helm/authentik/Chart.lock
View File

@@ -1,7 +1,7 @@
dependencies: dependencies:
- name: authentik - name: authentik
repository: https://charts.goauthentik.io/ repository: https://charts.goauthentik.io/
version: 2026.2.0 version: 2026.2.1
- name: cloudflared - name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 2.3.0 version: 2.3.0
@@ -11,5 +11,5 @@ dependencies:
- name: redis-replication - name: redis-replication
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.0.4 version: 1.0.4
digest: sha256:d8431fb5a658a6e0e2600c25531c389627e228e5e9c0317f1efcc78428f3166f digest: sha256:c356de948612277945be5dd1a7898399482434be1bab6bec85f8d3c03ca78307
generated: "2026-02-27T18:14:49.72388334Z" generated: "2026-03-03T22:11:01.686244657Z"

2
clusters/cl01tl/helm/authentik/Chart.yaml
View File

@@ -21,7 +21,7 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: authentik - name: authentik
version: 2026.2.0 version: 2026.2.1
repository: https://charts.goauthentik.io/ repository: https://charts.goauthentik.io/
- name: cloudflared - name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts

2
clusters/cl01tl/helm/bazarr/values.yaml
View File

@@ -15,7 +15,7 @@ bazarr:
main: main:
image: image:
repository: ghcr.io/linuxserver/bazarr repository: ghcr.io/linuxserver/bazarr
tag: 1.5.6@sha256:b0bc617664dbca25845ac3b1bb6411b145b6a44a6d173071c9d2f426524fdd9f tag: 1.5.6@sha256:94eee5e3e14430b7b144d4556be73963a7daf6f1bddc25586627f426465482ce
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: TZ - name: TZ

2
clusters/cl01tl/helm/blocky/values.yaml
View File

@@ -100,6 +100,7 @@ blocky:
blocky IN A 10.232.1.22 blocky IN A 10.232.1.22
cilium-cl01tl IN A 10.232.1.23 cilium-cl01tl IN A 10.232.1.23
;; Application Names ;; Application Names
actual IN CNAME traefik-cl01tl actual IN CNAME traefik-cl01tl
alertmanager IN CNAME traefik-cl01tl alertmanager IN CNAME traefik-cl01tl
@@ -112,6 +113,7 @@ blocky:
booklore IN CNAME traefik-cl01tl booklore IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl ceph IN CNAME traefik-cl01tl
code-server IN CNAME traefik-cl01tl code-server IN CNAME traefik-cl01tl
dawarich IN CNAME traefik-cl01tl
directus IN CNAME traefik-cl01tl directus IN CNAME traefik-cl01tl
excalidraw IN CNAME traefik-cl01tl excalidraw IN CNAME traefik-cl01tl
feishin IN CNAME traefik-cl01tl feishin IN CNAME traefik-cl01tl

2
clusters/cl01tl/helm/code-server/values.yaml
View File

@@ -9,7 +9,7 @@ code-server:
main: main:
image: image:
repository: ghcr.io/linuxserver/code-server repository: ghcr.io/linuxserver/code-server
tag: 4.109.2@sha256:e142dcf071e493ea04705441d1c7b22b62ca846c42b68e05193a5e55cb4af2d1 tag: 4.109.5@sha256:aa43fb2fc31127e9d2166e903c7f13792351e38658ba29645662a89ff04ff90d
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: TZ - name: TZ

12
clusters/cl01tl/helm/dawarich/Chart.lock Normal file
View File

@@ -0,0 +1,12 @@
dependencies:
- name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.8.0
- name: valkey
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.2.0
digest: sha256:2682dcbc71417a103cf4c1ed920caac5b14272b021dc579fb8a3cf2fedfa0490
generated: "2026-03-03T16:10:42.029406-06:00"

29
clusters/cl01tl/helm/dawarich/Chart.yaml Normal file
View File

@@ -0,0 +1,29 @@
apiVersion: v2
name: dawarich
version: 1.0.0
description: Dawarich
keywords:
- dawarich
- location
home: https://wiki.alexlebens.dev/s/
sources:
- https://github.com/Freika/dawarich
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: dawarich
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.8.0
repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey
alias: valkey
version: 0.2.0
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/dawarich.png
# renovate: datasource=github-releases depName=Freika/dawarich
appVersion: 1.3.1

51
clusters/cl01tl/helm/dawarich/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,51 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: dawarich-key-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: dawarich-key-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: key
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/dawarich/key
metadataPolicy: None
property: key
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: dawarich-oidc-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: dawarich-oidc-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: client
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/dawarich
metadataPolicy: None
property: client
- secretKey: secret
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/dawarich
metadataPolicy: None
property: secret

344
clusters/cl01tl/helm/dawarich/values.yaml Normal file
View File

@@ -0,0 +1,344 @@
dawarich:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: freikin/dawarich
tag: 1.3.1
pullPolicy: IfNotPresent
command: ["web-entrypoint.sh"]
args: ["bin/rails", "server", "-p", "3000", "-b", "::"]
env:
- name: RAILS_ENV
value: production
- name: REDIS_URL
value: redis://dawarich-valkey.dawarich:6379
- name: DATABASE_HOST
valueFrom:
secretKeyRef:
name: dawarich-postgresql-18-cluster-app
key: host
- name: DATABASE_PORT
valueFrom:
secretKeyRef:
name: dawarich-postgresql-18-cluster-app
key: port
- name: DATABASE_USERNAME
valueFrom:
secretKeyRef:
name: dawarich-postgresql-18-cluster-app
key: user
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: dawarich-postgresql-18-cluster-app
key: password
- name: DATABASE_NAME
valueFrom:
secretKeyRef:
name: dawarich-postgresql-18-cluster-app
key: dbname
- name: APPLICATION_HOSTS
value: dawarich.alexlebens.net,localhost,::1,127.0.0.1
- name: TIME_ZONE
value: America/Chicago
- name: APPLICATION_PROTOCOL
value: http
- name: OIDC_ISSUER
value: https://authentik.alexlebens.net/application/o/darwich/.well-known/openid-configuration
- name: OIDC_REDIRECT_URI
value: https://dawarich.alexlebens.net/users/auth/openid_connect/callback
- name: OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: dawarich-oidc-secret
key: client
- name: OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: dawarich-oidc-secret
key: secret
- name: OIDC_PROVIDER_NAME
value: Authentik
- name: OIDC_AUTO_REGISTER
value: true
- name: PROMETHEUS_EXPORTER_ENABLED
value: true
- name: PROMETHEUS_EXPORTER_HOST
value: 0.0.0.0
- name: PROMETHEUS_EXPORTER_PORT
value: 9394
- name: SECRET_KEY_BASE
valueFrom:
secretKeyRef:
name: dawarich-key-secret
key: key
- name: RAILS_LOG_TO_STDOUT
value: true
- name: SELF_HOSTED
value: true
- name: STORE_GEODATA
value: true
probes:
liveness:
enabled: true
custom: true
spec:
exec:
command:
- /bin/sh
- -c
- wget -qO - http://127.0.0.1:3000/api/v1/health | grep -q '\"status\"\\s*:\\s*\"ok\"'
failureThreshold: 5
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
resources:
requests:
cpu: 10m
memory: 128Mi
sidekiq:
image:
repository: freikin/dawarich
tag: 1.3.1
pullPolicy: IfNotPresent
command: ["sidekiq-entrypoint.sh"]
args: ["sidekiq"]
env:
- name: RAILS_ENV
value: production
- name: REDIS_URL
value: redis://dawarich-valkey.dawarich:6379
- name: DATABASE_HOST
valueFrom:
secretKeyRef:
name: dawarich-postgresql-18-cluster-app
key: host
- name: DATABASE_PORT
valueFrom:
secretKeyRef:
name: dawarich-postgresql-18-cluster-app
key: port
- name: DATABASE_USERNAME
valueFrom:
secretKeyRef:
name: dawarich-postgresql-18-cluster-app
key: user
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: dawarich-postgresql-18-cluster-app
key: password
- name: DATABASE_NAME
valueFrom:
secretKeyRef:
name: dawarich-postgresql-18-cluster-app
key: dbname
- name: APPLICATION_HOSTS
value: dawarich.alexlebens.net,localhost,::1,127.0.0.1
- name: TIME_ZONE
value: America/Chicago
- name: APPLICATION_PROTOCOL
value: http
- name: DISTANCE_UNIT
value: mi
- name: OIDC_ISSUER
value: https://authentik.alexlebens.net/application/o/darwich/.well-known/openid-configuration
- name: OIDC_REDIRECT_URI
value: https://dawarich.alexlebens.net/users/auth/openid_connect/callback
- name: OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: dawarich-oidc-secret
key: client
- name: OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: dawarich-oidc-secret
key: secret
- name: OIDC_PROVIDER_NAME
value: Authentik
- name: OIDC_AUTO_REGISTER
value: true
- name: PROMETHEUS_EXPORTER_ENABLED
value: true
- name: PROMETHEUS_EXPORTER_HOST
value: 0.0.0.0
- name: PROMETHEUS_EXPORTER_PORT
value: 9394
- name: SECRET_KEY_BASE
valueFrom:
secretKeyRef:
name: dawarich-key-secret
key: key
- name: RAILS_LOG_TO_STDOUT
value: true
- name: SELF_HOSTED
value: true
- name: STORE_GEODATA
value: true
probes:
liveness:
enabled: true
custom: true
spec:
exec:
command:
- /bin/sh
- -c
- pgrep -f sidekiq
failureThreshold: 5
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
resources:
requests:
cpu: 10m
memory: 128Mi
service:
main:
controller: main
ports:
http:
port: 80
targetPort: 3000
protocol: TCP
metrics:
port: 9394
targetPort: 9394
protocol: TCP
serviceMonitor:
main:
selector:
matchLabels:
app.kubernetes.io/name: dawarich
app.kubernetes.io/instance: dawarich
serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}'
endpoints:
- port: metrics
interval: 30s
scrapeTimeout: 15s
path: /metrics
route:
main:
kind: HTTPRoute
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- dawarich.alexlebens.net
rules:
- backendRefs:
- group: ""
kind: Service
name: dawarich
port: 80
weight: 100
matches:
- path:
type: PathPrefix
value: /
persistence:
storage:
forceRename: dawarich-storage
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 5Gi
retain: true
advancedMounts:
main:
main:
- path: /var/app/storage
readOnly: false
sidekiq:
- path: /var/app/storage
readOnly: false
public:
forceRename: dawarich-public
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 5Gi
retain: true
advancedMounts:
main:
main:
- path: /var/app/public
readOnly: false
sidekiq:
- path: /var/app/public
readOnly: false
watched:
forceRename: dawarich-watched
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 1Gi
retain: true
advancedMounts:
main:
main:
- path: /var/app/tmp/imports/watched
readOnly: false
sidekiq:
- path: /var/app/tmp/imports/watched
readOnly: false
postgres-18-cluster:
mode: standalone
cluster:
image:
repository: ghcr.io/cloudnative-pg/postgis
tag: 18-3-system-trixie
initdb:
postInitTemplateSQL:
- CREATE EXTENSION postgis;
- CREATE EXTENSION postgis_topology;
- CREATE EXTENSION fuzzystrmatch;
- CREATE EXTENSION postgis_tiger_geocoder;
recovery:
method: objectStore
objectStore:
index: 1
backup:
objectStore:
- name: garage-local
index: 1
destinationBucket: postgres-backups
externalSecretCredentialPath: /garage/home-infra/postgres-backups
isWALArchiver: true
# - name: garage-remote
# index: 1
# destinationBucket: postgres-backups
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
# retentionPolicy: "90d"
# data:
# compression: bzip2
# - name: external
# index: 1
# endpointURL: https://nyc3.digitaloceanspaces.com
# destinationBucket: postgres-backups-ce540ddf106d186bbddca68a
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
# isWALArchiver: false
scheduledBackups:
- name: live-backup
suspend: true
immediate: true
schedule: "0 0 0 * * *"
backupName: garage-local
# - name: weekly-backup
# suspend: true
# immediate: true
# schedule: "0 0 4 * * SAT"
# backupName: garage-remote
# - name: daily-backup
# suspend: true
# immediate: true
# schedule: "0 0 0 * * *"
# backupName: external

6
clusters/cl01tl/helm/element-web/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies: dependencies:
- name: element-web - name: element-web
repository: https://ananace.gitlab.io/charts repository: https://ananace.gitlab.io/charts
version: 1.4.30 version: 1.4.31
- name: cloudflared - name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 2.3.0 version: 2.3.0
digest: sha256:90a1767a625f0a5ba0f5f23015b2ae7c2ae2cecac311e6cb2dc2ce3c483916b3 digest: sha256:7447f3828246d85acd5a2a75b6d086d8fbe29ee90ad61b96dd25de8dcfefbc4e
generated: "2026-02-16T20:12:50.293216516Z" generated: "2026-03-03T18:08:31.901975101Z"

2
clusters/cl01tl/helm/element-web/Chart.yaml
View File

@@ -17,7 +17,7 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: element-web - name: element-web
version: 1.4.30 version: 1.4.31
repository: https://ananace.gitlab.io/charts repository: https://ananace.gitlab.io/charts
- name: cloudflared - name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts

3
clusters/cl01tl/helm/gatus/values.yaml
View File

@@ -167,6 +167,9 @@ gatus:
- name: home-assistant - name: home-assistant
url: https://home-assistant.alexlebens.net url: https://home-assistant.alexlebens.net
<<: *defaults <<: *defaults
- name: dawarich
url: https://dawarich.alexlebens.net
<<: *defaults
- name: actual - name: actual
url: https://actual.alexlebens.net url: https://actual.alexlebens.net
<<: *defaults <<: *defaults

6
clusters/cl01tl/helm/generic-device-plugin/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: generic-device-plugin - name: generic-device-plugin
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
version: 0.20.19 version: 0.20.20
digest: sha256:b5183b9e68c8ca65327588f8577b7e6c09988667498839445f8f797da5d1935b digest: sha256:8841709955381394b6304b7c53345692517e419c197ddc59b66a505ae742ec04
generated: "2026-03-02T01:31:13.326419153Z" generated: "2026-03-03T03:03:20.457381608Z"

2
clusters/cl01tl/helm/generic-device-plugin/Chart.yaml
View File

@@ -15,6 +15,6 @@ maintainers:
dependencies: dependencies:
- name: generic-device-plugin - name: generic-device-plugin
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
version: 0.20.19 version: 0.20.20
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
appVersion: 1.0.0 appVersion: 1.0.0

7
clusters/cl01tl/helm/gitea/Chart.yaml
View File

@@ -28,9 +28,10 @@ dependencies:
- name: gitea - name: gitea
version: 12.5.0 version: 12.5.0
repository: https://dl.gitea.io/charts/ repository: https://dl.gitea.io/charts/
- name: gitea-actions - name: actions
repository: oci://harbor.alexlebens.net/helm-charts alias: gitea-actions
version: 0.2.1 repository: https://dl.gitea.com/charts/
version: 0.0.3
- name: meilisearch - name: meilisearch
version: 0.25.1 version: 0.25.1
repository: https://meilisearch.github.io/meilisearch-kubernetes repository: https://meilisearch.github.io/meilisearch-kubernetes

8
clusters/cl01tl/helm/gitea/values.yaml
View File

@@ -134,11 +134,11 @@ gitea:
enabled: false enabled: false
gitea-actions: gitea-actions:
enabled: true enabled: true
global:
fullnameOverride: gitea-actions
statefulset: statefulset:
replicas: 6 replicas: 6
timezone: America/Chicago
actRunner: actRunner:
registry: ""
repository: gitea/act_runner repository: gitea/act_runner
tag: 0.2.13 tag: 0.2.13
config: | config: |
@@ -153,13 +153,15 @@ gitea-actions:
- "ubuntu-24.04:docker://harbor.alexlebens.net/proxy-hub.docker/gitea/runner-images:ubuntu-24.04" - "ubuntu-24.04:docker://harbor.alexlebens.net/proxy-hub.docker/gitea/runner-images:ubuntu-24.04"
- "ubuntu-22.04:docker://harbor.alexlebens.net/proxy-hub.docker/gitea/runner-images:ubuntu-22.04" - "ubuntu-22.04:docker://harbor.alexlebens.net/proxy-hub.docker/gitea/runner-images:ubuntu-22.04"
dind: dind:
registry: ""
repository: docker repository: docker
tag: 25.0.2-dind tag: 28.3.3-dind
persistence: persistence:
storageClass: ceph-block storageClass: ceph-block
size: 5Gi size: 5Gi
init: init:
image: image:
registry: ""
repository: busybox repository: busybox
tag: "1.37.0" tag: "1.37.0"
existingSecret: gitea-runner-secret existingSecret: gitea-runner-secret

2
clusters/cl01tl/helm/home-assistant/values.yaml
View File

@@ -21,7 +21,7 @@ home-assistant:
code-server: code-server:
image: image:
repository: ghcr.io/linuxserver/code-server repository: ghcr.io/linuxserver/code-server
tag: 4.109.2@sha256:e142dcf071e493ea04705441d1c7b22b62ca846c42b68e05193a5e55cb4af2d1 tag: 4.109.5@sha256:aa43fb2fc31127e9d2166e903c7f13792351e38658ba29645662a89ff04ff90d
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: TZ - name: TZ

6
clusters/cl01tl/helm/homepage/values.yaml
View File

@@ -252,6 +252,12 @@ homepage:
href: https://home-assistant.alexlebens.net href: https://home-assistant.alexlebens.net
siteMonitor: http://home-assistant-main.home-assistant:80 siteMonitor: http://home-assistant-main.home-assistant:80
statusStyle: dot statusStyle: dot
- Location:
icon: sh-dawarich.webp
description: Dawarich
href: https://dawarich.alexlebens.net
siteMonitor: http://dawarich.dawarich:80
statusStyle: dot
- Budgeting: - Budgeting:
icon: sh-actual-budget.webp icon: sh-actual-budget.webp
description: Actual description: Actual

6
clusters/cl01tl/helm/kube-prometheus-stack/Chart.lock
View File

@@ -1,12 +1,12 @@
dependencies: dependencies:
- name: kube-prometheus-stack - name: kube-prometheus-stack
repository: oci://ghcr.io/prometheus-community/charts repository: oci://ghcr.io/prometheus-community/charts
version: 82.4.3 version: 82.8.0
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2 version: 4.6.2
- name: redis-replication - name: redis-replication
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.0.4 version: 1.0.4
digest: sha256:4c91341624420da7cb0502f0bf04aded7945b599d4791c71f0ed14c1bbcbcdc1 digest: sha256:99a9b7f8699fac9c0691c2a00f175e99d4857bf2a134fd332fd263952fbad4d8
generated: "2026-02-27T18:11:53.485436384Z" generated: "2026-03-03T22:56:29.449966691Z"

2
clusters/cl01tl/helm/kube-prometheus-stack/Chart.yaml
View File

@@ -20,7 +20,7 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: kube-prometheus-stack - name: kube-prometheus-stack
version: 82.4.3 version: 82.8.0
repository: oci://ghcr.io/prometheus-community/charts repository: oci://ghcr.io/prometheus-community/charts
- name: app-template - name: app-template
alias: ntfy-alertmanager alias: ntfy-alertmanager

2
clusters/cl01tl/helm/ollama/values.yaml
View File

@@ -117,7 +117,7 @@ ollama:
main: main:
image: image:
repository: ghcr.io/open-webui/open-webui repository: ghcr.io/open-webui/open-webui
tag: v0.8.7 tag: v0.8.8
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: ENV - name: ENV

4
clusters/cl01tl/helm/searxng/values.yaml
View File

@@ -9,7 +9,7 @@ searxng:
main: main:
image: image:
repository: searxng/searxng repository: searxng/searxng
tag: latest@sha256:7d03be7e7281a67ef298542375ed50f15c093fa7c926fccbf592619c10abfebe tag: latest@sha256:dc9c7aae0b77f8cd819dd8c7e6d489eab456000838e062c399f2bf37d230500e
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: SEARXNG_BASE_URL - name: SEARXNG_BASE_URL
@@ -39,7 +39,7 @@ searxng:
main: main:
image: image:
repository: searxng/searxng repository: searxng/searxng
tag: latest@sha256:7d03be7e7281a67ef298542375ed50f15c093fa7c926fccbf592619c10abfebe tag: latest@sha256:dc9c7aae0b77f8cd819dd8c7e6d489eab456000838e062c399f2bf37d230500e
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: SEARXNG_BASE_URL - name: SEARXNG_BASE_URL

2
clusters/cl01tl/helm/site-profile/values.yaml
View File

@@ -11,7 +11,7 @@ site-profile:
main: main:
image: image:
repository: harbor.alexlebens.net/images/site-profile repository: harbor.alexlebens.net/images/site-profile
tag: 2.17.2 tag: 2.19.0
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
resources: resources:
requests: requests:

2
clusters/cl01tl/helm/whodb/Chart.yaml
View File

@@ -20,4 +20,4 @@ dependencies:
version: 4.6.2 version: 4.6.2
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/whodb.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/whodb.png
# renovate: datasource=github-releases depName=clidey/whodb # renovate: datasource=github-releases depName=clidey/whodb
appVersion: 0.95.0 appVersion: 0.97.0

2
clusters/cl01tl/helm/whodb/values.yaml
View File

@@ -8,7 +8,7 @@ whodb:
main: main:
image: image:
repository: clidey/whodb repository: clidey/whodb
tag: 0.95.0 tag: 0.97.0
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: WHODB_OLLAMA_HOST - name: WHODB_OLLAMA_HOST

2
hosts/ps08rp/blocky/config.yml
View File

@@ -75,6 +75,7 @@ customDNS:
blocky IN A 10.232.1.22 blocky IN A 10.232.1.22
cilium-cl01tl IN A 10.232.1.23 cilium-cl01tl IN A 10.232.1.23
;; Application Names ;; Application Names
actual IN CNAME traefik-cl01tl actual IN CNAME traefik-cl01tl
alertmanager IN CNAME traefik-cl01tl alertmanager IN CNAME traefik-cl01tl
@@ -87,6 +88,7 @@ customDNS:
booklore IN CNAME traefik-cl01tl booklore IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl ceph IN CNAME traefik-cl01tl
code-server IN CNAME traefik-cl01tl code-server IN CNAME traefik-cl01tl
dawarich IN CNAME traefik-cl01tl
directus IN CNAME traefik-cl01tl directus IN CNAME traefik-cl01tl
excalidraw IN CNAME traefik-cl01tl excalidraw IN CNAME traefik-cl01tl
feishin IN CNAME traefik-cl01tl feishin IN CNAME traefik-cl01tl

2
hosts/ps09rp/blocky/config.yml
View File

@@ -96,6 +96,7 @@ customDNS:
blocky IN A 10.232.1.22 blocky IN A 10.232.1.22
cilium-cl01tl IN A 10.232.1.23 cilium-cl01tl IN A 10.232.1.23
;; Application Names ;; Application Names
actual IN CNAME traefik-cl01tl actual IN CNAME traefik-cl01tl
alertmanager IN CNAME traefik-cl01tl alertmanager IN CNAME traefik-cl01tl
@@ -108,6 +109,7 @@ customDNS:
booklore IN CNAME traefik-cl01tl booklore IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl ceph IN CNAME traefik-cl01tl
code-server IN CNAME traefik-cl01tl code-server IN CNAME traefik-cl01tl
dawarich IN CNAME traefik-cl01tl
directus IN CNAME traefik-cl01tl directus IN CNAME traefik-cl01tl
excalidraw IN CNAME traefik-cl01tl excalidraw IN CNAME traefik-cl01tl
feishin IN CNAME traefik-cl01tl feishin IN CNAME traefik-cl01tl