alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Activity

Compare commits

base: alexlebens:62b69de4a9c6e6794eb85eb44f156794c5313f33
Branches Tags
alexlebens:main alexlebens:manifests alexlebens:renovate/unified-whatsapp alexlebens:renovate/unified-cilium alexlebens:renovate/unified-tdarr alexlebens:renovate/unified-postgres-cluster alexlebens:renovate/major-unified-ntfy-alertmanager alexlebens:renovate/unified-valkey alexlebens:renovate/unified-musicgrabber
..
compare: alexlebens:main
Branches Tags
alexlebens:manifests alexlebens:renovate/unified-whatsapp alexlebens:renovate/unified-cilium alexlebens:main alexlebens:renovate/unified-tdarr alexlebens:renovate/unified-postgres-cluster alexlebens:renovate/major-unified-ntfy-alertmanager alexlebens:renovate/unified-valkey alexlebens:renovate/unified-musicgrabber

32 Commits
62b69de4a9 ... main

Author SHA1 Message Date
Alex Lebens
50cfb00eb6 feat: change to alpine (#5347)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 28s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Failing after 7m37s
Details 
Reviewed-on: #5347
 2026-04-01 00:28:07 +00:00
Renovate Bot
ec887da62d chore(deps): update deluan/navidrome docker tag to v0.61.0 (#5344)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 16s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [deluan/navidrome](https://github.com/navidrome/navidrome) | minor | `0.60.3` → `0.61.0` |

---

### Release Notes

<details>
<summary>navidrome/navidrome (deluan/navidrome)</summary>

### [`v0.61.0`](https://github.com/navidrome/navidrome/releases/tag/v0.61.0)

[Compare Source](https://github.com/navidrome/navidrome/compare/v0.60.3...v0.61.0)

This version brings a comprehensive **Artwork overhaul**, with per-disc cover art, artist image uploads, animated image preservation, and a faster image pipeline powered by WebP encoding. You can now upload custom artwork for playlists, artists, and internet radios directly from the UI, and multi-disc albums will automatically pick up disc-specific cover images.

**Search** has been completely rebuilt on top of SQLite FTS5 with two-phase BM25 ranking, delivering faster and more accurate results across your entire library.

**Transcoding** is now fully server-managed: Navidrome detects client codecs, applies format-aware bitrate defaults, and implements the [OpenSubsonic Transcoding extension](https://opensubsonic.netlify.app/docs/extensions/transcoding/), so clients no longer need to guess what format to request.

The **Plugin System** continues to mature with new host services for HTTP requests, persistent task queues, lyrics providers, and key-value storage with TTL support, giving plugin developers more tools to build powerful integrations.

#### Security

- Bump `golang.org/x/image` to v0.38.0 to address CVE-2026-33809. ([#&#8203;5268](https://github.com/navidrome/navidrome/pull/5268))
- Add ownership checks to share Delete and Update operations, preventing unauthorized access to other users' shares. ([#&#8203;5189](https://github.com/navidrome/navidrome/pull/5189) by [@&#8203;deluan](https://github.com/deluan))
- Clear server-managed fields in savePlaylist to prevent field injection via REST API. ([f102036dc](https://github.com/navidrome/navidrome/commit/f102036dc) by [@&#8203;deluan](https://github.com/deluan))

#### ⚠️ Breaking Changes

- Remove built-in Spotify integration. The `Spotify.ID` and `Spotify.Secret` configuration options are no longer supported. Use the Last.fm or Deezer agents, or a plugin for similar functionality, like the new [Apple Music Plugin](https://github.com/navidrome/apple-music-plugin). ([#&#8203;5197](https://github.com/navidrome/navidrome/pull/5197) by [@&#8203;deluan](https://github.com/deluan))

#### Configuration Changes

| Status  | Option                                 | Description                                                                                                                                                                       | Default                                                              |
| ------- | -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------- |
| New     | `EnableArtworkUpload`                  | Enable uploading custom artwork for playlists and artists. ([#&#8203;5110](https://github.com/navidrome/navidrome/pull/5110), [#&#8203;5198](https://github.com/navidrome/navidrome/pull/5198)) | `true`                                                               |
| New     | `EnableM3UExternalAlbumArt`            | Enable fetching album art URLs from `#EXTALBUMARTURL` directives in M3U playlists. ([#&#8203;5131](https://github.com/navidrome/navidrome/pull/5131))                                    | `false`                                                              |
| New     | `DiscArtPriority`                      | Priority list for disc-level cover art sources. ([#&#8203;5182](https://github.com/navidrome/navidrome/pull/5182))                                                                       | `disc*.*, cd*.*, cover.*, folder.*, front.*, discsubtitle, embedded` |
| New     | `ArtistImageFolder`                    | Folder name to search for artist images within the library. ([#&#8203;5198](https://github.com/navidrome/navidrome/pull/5198))                                                           | —                                                                    |
| New     | `Search.Backend`                       | Search backend to use (`fts` for FTS5 full-text search). ([#&#8203;5079](https://github.com/navidrome/navidrome/pull/5079))                                                              | `fts`                                                                |
| New     | `ExtAuth.LogoutURL`                    | URL to redirect to when logging out with external authentication. ([#&#8203;5074](https://github.com/navidrome/navidrome/pull/5074))                                                     | `""`                                                                 |
| New     | `Subsonic.AppendAlbumVersion`          | Append album version/edition to album names in Subsonic API responses. ([#&#8203;5111](https://github.com/navidrome/navidrome/pull/5111))                                                | `true`                                                               |
| New     | `UISearchDebounceMs`                   | Debounce delay for the UI search field. ([#&#8203;5079](https://github.com/navidrome/navidrome/pull/5079))                                                                               | —                                                                    |
| Changed | `CoverJpegQuality` → `CoverArtQuality` | Renamed for clarity. Old name still works. ([#&#8203;5181](https://github.com/navidrome/navidrome/pull/5181))                                                                            | `75`                                                                 |
| CHanged | `SearchFullString`                     | Use `Search.FullString` instead. ([#&#8203;5079](https://github.com/navidrome/navidrome/pull/5079))                                                                                      | —                                                                    |
| Removed | `Spotify.ID`, `Spotify.Secret`         | Spotify integration has been removed. ([#&#8203;5197](https://github.com/navidrome/navidrome/pull/5197))                                                                                 | —                                                                    |

For a complete list of all configuration options, see the [Configuration Options](https://www.navidrome.org/docs/usage/configuration-options/) documentation.

#### Artwork

- Add per-disc cover art support, with configurable `DiscArtPriority`. ([#&#8203;5182](https://github.com/navidrome/navidrome/pull/5182) by [@&#8203;deluan](https://github.com/deluan))
- Add artist image uploads and image-folder artwork source. ([#&#8203;5198](https://github.com/navidrome/navidrome/pull/5198) by [@&#8203;deluan](https://github.com/deluan))
- Preserve animated image artwork (GIF, APNG, animated WebP) during resize. ([#&#8203;5184](https://github.com/navidrome/navidrome/pull/5184) by [@&#8203;deluan](https://github.com/deluan))
- Improve image serving performance with WebP encoding and optimized pipeline. ([#&#8203;5181](https://github.com/navidrome/navidrome/pull/5181) by [@&#8203;deluan](https://github.com/deluan))
- Increase cover art size to 600px and use CatmullRom scaling for sharper images. ([cb396f3db](https://github.com/navidrome/navidrome/commit/cb396f3db) by [@&#8203;deluan](https://github.com/deluan))
- Fallback mediafile cover art to disc artwork before album. ([#&#8203;5216](https://github.com/navidrome/navidrome/pull/5216) by [@&#8203;deluan](https://github.com/deluan))
- Refresh stale artist image URLs on expiry. ([#&#8203;5267](https://github.com/navidrome/navidrome/pull/5267) by [@&#8203;deluan](https://github.com/deluan))
- Validate ffmpeg pipe before returning in cover art fallback. ([420d2c8e5](https://github.com/navidrome/navidrome/commit/420d2c8e5) by [@&#8203;deluan](https://github.com/deluan))
- Search parent folders for album cover art in multi-disc layouts. ([#&#8203;5157](https://github.com/navidrome/navidrome/pull/5157) by [@&#8203;deluan](https://github.com/deluan))

#### UI

- Add custom playlist cover art upload. ([#&#8203;5110](https://github.com/navidrome/navidrome/pull/5110) by [@&#8203;adrbn](https://github.com/adrbn))
- Add cover art support for internet radio stations. ([#&#8203;5229](https://github.com/navidrome/navidrome/pull/5229) by [@&#8203;deluan](https://github.com/deluan))
- Add Dracula theme. ([#&#8203;5023](https://github.com/navidrome/navidrome/pull/5023) by [@&#8203;Saulimedes](https://github.com/Saulimedes))
- Add Nutball theme. ([#&#8203;4544](https://github.com/navidrome/navidrome/pull/4544) by [@&#8203;cafecitopuro](https://github.com/cafecitopuro))
- Add tooltips for long playlist and album names. ([#&#8203;5070](https://github.com/navidrome/navidrome/pull/5070) by [@&#8203;sfredo](https://github.com/sfredo))
- Add download link for config TOML and disable clipboard copy when unavailable. ([#&#8203;5035](https://github.com/navidrome/navidrome/pull/5035) by [@&#8203;kgarner7](https://github.com/kgarner7))
- Add `path` field as optional column in library list for desktop view. ([4e34d3ac1](https://github.com/navidrome/navidrome/commit/4e34d3ac1) by [@&#8203;deluan](https://github.com/deluan))
- Integrate server-managed transcoding decisions into web player. ([#&#8203;5155](https://github.com/navidrome/navidrome/pull/5155) by [@&#8203;deluan](https://github.com/deluan))
- Improve browser codec detection. ([#&#8203;5171](https://github.com/navidrome/navidrome/pull/5171) by [@&#8203;deluan](https://github.com/deluan))
- Allow `DefaultTheme="Auto"` from config. ([#&#8203;5190](https://github.com/navidrome/navidrome/pull/5190) by [@&#8203;trek-e](https://github.com/trek-e))
- Fix search focus after clearing search field. ([#&#8203;4932](https://github.com/navidrome/navidrome/pull/4932) by [@&#8203;borisrorsvort](https://github.com/borisrorsvort))
- Fix "Play Next" from restarting playback at top of queue. ([#&#8203;5049](https://github.com/navidrome/navidrome/pull/5049) by [@&#8203;alannnna](https://github.com/alannnna))
- Fix toggle switches not visible in Gruvbox Dark theme. ([#&#8203;5064](https://github.com/navidrome/navidrome/pull/5064) by [@&#8203;deluan](https://github.com/deluan))
- Fix delete button contrast in AMusic theme. ([51c48bcac](https://github.com/navidrome/navidrome/commit/51c48bcac) by [@&#8203;deluan](https://github.com/deluan))
- Cancel in-flight image requests on pagination, cache across remounts. ([#&#8203;5249](https://github.com/navidrome/navidrome/pull/5249) by [@&#8203;deluan](https://github.com/deluan))
- Prevent mobile touch events from triggering playback after lightbox close. ([197d357f0](https://github.com/navidrome/navidrome/commit/197d357f0) by [@&#8203;deluan](https://github.com/deluan))
- Prevent duplicate getCoverArt requests on artist page. ([549b81263](https://github.com/navidrome/navidrome/commit/549b81263) by [@&#8203;deluan](https://github.com/deluan))

#### Search

- Implement FTS5-based full-text search for faster and more accurate results. ([#&#8203;5079](https://github.com/navidrome/navidrome/pull/5079) by [@&#8203;deluan](https://github.com/deluan))
- Improve FTS queries with two-phase BM25 ranking for Subsonic's `search3` endpoint. ([#&#8203;5086](https://github.com/navidrome/navidrome/pull/5086) by [@&#8203;deluan](https://github.com/deluan))

#### Transcoding

- Implement server-managed transcoding. ([#&#8203;4990](https://github.com/navidrome/navidrome/pull/4990) by [@&#8203;deluan](https://github.com/deluan))
- Add player MaxBitRate cap, format-aware defaults, and browser profile filtering. ([#&#8203;5165](https://github.com/navidrome/navidrome/pull/5165) by [@&#8203;deluan](https://github.com/deluan))
- Improve transcoding failure diagnostics and error responses. ([#&#8203;5227](https://github.com/navidrome/navidrome/pull/5227) by [@&#8203;deluan](https://github.com/deluan))
- Use ADTS for AAC transcoding. ([#&#8203;5167](https://github.com/navidrome/navidrome/pull/5167) by [@&#8203;deluan](https://github.com/deluan))
- Implement fallback to DefaultDownsamplingFormat for unknown formats. ([5ecbe31a0](https://github.com/navidrome/navidrome/commit/5ecbe31a0) by [@&#8203;deluan](https://github.com/deluan))
- Prevent raw file being returned when explicit transcode format is requested. ([053a0fd6c](https://github.com/navidrome/navidrome/commit/053a0fd6c) by [@&#8203;deluan](https://github.com/deluan))

#### Subsonic API

- Implement OpenSubsonic `transcoding` extension. ([#&#8203;4990](https://github.com/navidrome/navidrome/pull/4990) by [@&#8203;deluan](https://github.com/deluan))
- Append album version to names in Subsonic API responses. ([#&#8203;5111](https://github.com/navidrome/navidrome/pull/5111) by [@&#8203;deluan](https://github.com/deluan))
- Add coverArt to internetRadioStation response. ([03608d3ee](https://github.com/navidrome/navidrome/commit/03608d3ee) by [@&#8203;deluan](https://github.com/deluan))
- Add per-disc cover art support. ([#&#8203;5182](https://github.com/navidrome/navidrome/pull/5182) by [@&#8203;deluan](https://github.com/deluan))
- Never omit duration for AlbumID3. ([#&#8203;5217](https://github.com/navidrome/navidrome/pull/5217) by [@&#8203;kgarner7](https://github.com/kgarner7))
- Always return required playqueue fields. ([#&#8203;5172](https://github.com/navidrome/navidrome/pull/5172) by [@&#8203;kgarner7](https://github.com/kgarner7))
- Always include mandatory title field in Child responses. ([a887521d7](https://github.com/navidrome/navidrome/commit/a887521d7) by [@&#8203;deluan](https://github.com/deluan))
- Restore `public` attribute for playlists in XML responses. ([0c3cc8653](https://github.com/navidrome/navidrome/commit/0c3cc8653) by [@&#8203;deluan](https://github.com/deluan))

#### Scanner

- Add MKA/Matroska audio file support via TagLib 2.2. ([#&#8203;5071](https://github.com/navidrome/navidrome/pull/5071) by [@&#8203;deluan](https://github.com/deluan))
- Exclude Vorbis VERSION from albumversion tag mapping. ([#&#8203;5194](https://github.com/navidrome/navidrome/pull/5194) by [@&#8203;trek-e](https://github.com/trek-e))
- Widen WASM panic recovery to cover tag/property reading. ([#&#8203;5223](https://github.com/navidrome/navidrome/pull/5223) by [@&#8203;deluan](https://github.com/deluan))
- Prevent duplicate tracks when multiple missing files match same target. ([#&#8203;5183](https://github.com/navidrome/navidrome/pull/5183) by [@&#8203;deluan](https://github.com/deluan))
- Prevent ScanOnStartup when scanner is disabled. ([1cf3fd916](https://github.com/navidrome/navidrome/commit/1cf3fd916) by [@&#8203;deluan](https://github.com/deluan))
- Increase watcher channel buffers to prevent dropped filesystem events. ([0790f6662](https://github.com/navidrome/navidrome/commit/0790f6662) by [@&#8203;deluan](https://github.com/deluan))

#### Playlists / Smart Playlists

- Support `#EXTALBUMARTURL` directive and sidecar images for playlist cover art. ([#&#8203;5131](https://github.com/navidrome/navidrome/pull/5131) by [@&#8203;deluan](https://github.com/deluan))
- Add percentage-based limits to smart playlists. ([#&#8203;5144](https://github.com/navidrome/navidrome/pull/5144) by [@&#8203;deluan](https://github.com/deluan))
- Make album and artist fields available to smart playlist queries. ([#&#8203;4927](https://github.com/navidrome/navidrome/pull/4927) by [@&#8203;ulfurinn](https://github.com/ulfurinn))
- Add `averageRating` as a smart playlist field. ([#&#8203;5092](https://github.com/navidrome/navidrome/pull/5092) by [@&#8203;Lokke](https://github.com/Lokke))

#### Server

- Add ExtAuth logout URL configuration. ([#&#8203;5074](https://github.com/navidrome/navidrome/pull/5074) by [@&#8203;deluan](https://github.com/deluan))
- Accept `ND_`-prefixed environment variable names in config files. ([#&#8203;5258](https://github.com/navidrome/navidrome/pull/5258) by [@&#8203;deluan](https://github.com/deluan))
- Add syslog priority prefixes for systemd-journald. ([#&#8203;5192](https://github.com/navidrome/navidrome/pull/5192) by [@&#8203;trek-e](https://github.com/trek-e))
- Require additional variable to enable systemd logging. ([#&#8203;5222](https://github.com/navidrome/navidrome/pull/5222) by [@&#8203;kgarner7](https://github.com/kgarner7))
- Add crontab(5) random `~` syntax support for schedule expressions. ([#&#8203;5233](https://github.com/navidrome/navidrome/pull/5233) by [@&#8203;deluan](https://github.com/deluan))
- Preserve `created_at` when moving songs between libraries. ([#&#8203;5055](https://github.com/navidrome/navidrome/pull/5055) by [@&#8203;deluan](https://github.com/deluan))
- Increase SSE writeTimeout to exceed keepAlive period. ([#&#8203;5054](https://github.com/navidrome/navidrome/pull/5054) by [@&#8203;rcatolino](https://github.com/rcatolino))
- Use `http.TimeFormat` for Last-Modified header. ([#&#8203;5219](https://github.com/navidrome/navidrome/pull/5219) by [@&#8203;SimonTeixidor](https://github.com/SimonTeixidor))
- Return correct scanType in startScan response. ([#&#8203;5159](https://github.com/navidrome/navidrome/pull/5159) by [@&#8203;deluan](https://github.com/deluan))
- Return 404 instead of 500 for non-existent playlists. ([b64d8ad33](https://github.com/navidrome/navidrome/commit/b64d8ad33) by [@&#8203;deluan](https://github.com/deluan))
- Normalize timestamps and fix recently added album sorting. ([#&#8203;5176](https://github.com/navidrome/navidrome/pull/5176) by [@&#8203;deluan](https://github.com/deluan))

#### Plugins

- Add HTTP host service for plugin HTTP requests. ([#&#8203;5095](https://github.com/navidrome/navidrome/pull/5095) by [@&#8203;deluan](https://github.com/deluan))
- Add TaskQueue host service for persistent background task queues. ([#&#8203;5116](https://github.com/navidrome/navidrome/pull/5116) by [@&#8203;deluan](https://github.com/deluan))
- Add lyrics provider plugin capability. ([#&#8203;5126](https://github.com/navidrome/navidrome/pull/5126) by [@&#8203;deluan](https://github.com/deluan))
- Add TTL support, batch operations, and hardening to kvstore. ([#&#8203;5127](https://github.com/navidrome/navidrome/pull/5127) by [@&#8203;deluan](https://github.com/deluan))
- Allow mounting library directories as read-write. ([#&#8203;5122](https://github.com/navidrome/navidrome/pull/5122) by [@&#8203;deluan](https://github.com/deluan))
- Change websockets Data field type to `[]byte` for binary support. ([6fd044fb0](https://github.com/navidrome/navidrome/commit/6fd044fb0) by [@&#8203;deluan](https://github.com/deluan))
- Clear plugin errors on startup to allow retrying. ([27a83547f](https://github.com/navidrome/navidrome/commit/27a83547f) by [@&#8203;deluan](https://github.com/deluan))

#### Translations

- Add Slovak language translation. ([#&#8203;5231](https://github.com/navidrome/navidrome/pull/5231) by [@&#8203;JRoshthen1](https://github.com/JRoshthen1))
- Update Chinese Simplified translation. ([#&#8203;5025](https://github.com/navidrome/navidrome/pull/5025) by [@&#8203;fxj368](https://github.com/fxj368))
- Update Basque translation. ([#&#8203;5038](https://github.com/navidrome/navidrome/pull/5038) by [@&#8203;xabirequejo](https://github.com/xabirequejo))
- Update Hungarian translation. ([#&#8203;5041](https://github.com/navidrome/navidrome/pull/5041), [#&#8203;5263](https://github.com/navidrome/navidrome/pull/5263) by [@&#8203;ChekeredList71](https://github.com/ChekeredList71))
- Update Bulgarian, Catalan, Danish, German, Greek, Spanish, Finnish, French, Galician, Portuguese (BR), Russian, Slovenian, Swedish, Thai, Ukrainian, Chinese (Traditional) translations. ([#&#8203;5044](https://github.com/navidrome/navidrome/pull/5044), [#&#8203;5039](https://github.com/navidrome/navidrome/pull/5039), [#&#8203;5218](https://github.com/navidrome/navidrome/pull/5218), [#&#8203;5260](https://github.com/navidrome/navidrome/pull/5260))

#### New Contributors

- [@&#8203;cafecitopuro](https://github.com/cafecitopuro) made their first contribution in [#&#8203;4544](https://github.com/navidrome/navidrome/pull/4544)
- [@&#8203;Saulimedes](https://github.com/Saulimedes) made their first contribution in [#&#8203;5023](https://github.com/navidrome/navidrome/pull/5023)
- [@&#8203;fxj368](https://github.com/fxj368) made their first contribution in [#&#8203;5025](https://github.com/navidrome/navidrome/pull/5025)
- [@&#8203;rcatolino](https://github.com/rcatolino) made their first contribution in [#&#8203;5054](https://github.com/navidrome/navidrome/pull/5054)
- [@&#8203;sfredo](https://github.com/sfredo) made their first contribution in [#&#8203;5070](https://github.com/navidrome/navidrome/pull/5070)
- [@&#8203;adrbn](https://github.com/adrbn) made their first contribution in [#&#8203;5110](https://github.com/navidrome/navidrome/pull/5110)
- [@&#8203;trek-e](https://github.com/trek-e) made their first contribution in [#&#8203;5190](https://github.com/navidrome/navidrome/pull/5190)
- [@&#8203;SimonTeixidor](https://github.com/SimonTeixidor) made their first contribution in [#&#8203;5219](https://github.com/navidrome/navidrome/pull/5219)
- [@&#8203;JRoshthen1](https://github.com/JRoshthen1) made their first contribution in [#&#8203;5231](https://github.com/navidrome/navidrome/pull/5231)

**Full Changelog**: <https://github.com/navidrome/navidrome/compare/v0.60.3...v0.61.0>

#### Helping out

This release is only possible thanks to the support of some **awesome people**!

Want to be one of them?
You can [sponsor](https://github.com/sponsors/deluan), pay me a [Ko-fi](https://ko-fi.com/deluan), or [contribute with code](https://www.navidrome.org/docs/developers/).

#### Where to go next?

- Read installation instructions on our [website](https://www.navidrome.org/docs/installation/).
- Host Navidrome on [PikaPods](https://www.pikapods.com/pods/navidrome) for a simple cloud solution.
- Reach out on [Discord](https://discord.gg/xh7j7yF), [Reddit](https://www.reddit.com/r/navidrome/) and [Twitter](https://twitter.com/navidrome)!

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMCIsInVwZGF0ZWRJblZlciI6IjQzLjEwMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkb2NrZXIiXX0=-->

Reviewed-on: #5344
Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net>
Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>
 2026-04-01 00:27:12 +00:00
Alex Lebens
0708cc3809 tmp/refactor-14 (#5345)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 1m36s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details 
Reviewed-on: #5345
 2026-04-01 00:17:29 +00:00
Renovate Bot
ffe9accea0 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v43.102.1 (#5343)
Some checks failed
renovate / renovate (push) Has been cancelled
Details
2026-04-01 00:04:40 +00:00
Alex Lebens
a8c0f14c74 feat: disable metrics for auth instances (#5341)
All checks were successful
lint-test-helm / lint-helm (push) Successful in 25s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 15m46s
Details 
Reviewed-on: #5341
 2026-03-31 22:25:30 +00:00
Alex Lebens
d3ff1f441a feat: change affinity label (#5339)
All checks were successful
lint-test-helm / lint-helm (push) Successful in 15s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 15m16s
Details 
Reviewed-on: #5339
 2026-03-31 22:05:44 +00:00
Renovate Bot
48454fa2a5 chore(deps): update harbor.alexlebens.net/images/site-documentation docker tag to v0.13.0 (#5337)
Some checks failed
lint-test-helm / validate-kubeconform (push) Has been cancelled
Details
lint-test-helm / lint-helm (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [harbor.alexlebens.net/images/site-documentation](https://gitea.alexlebens.dev/alexlebens/site-documentation) | minor | `0.12.0` → `0.13.0` |

---

### Release Notes

<details>
<summary>alexlebens/site-documentation (harbor.alexlebens.net/images/site-documentation)</summary>

### [`v0.13.0`](https://gitea.alexlebens.dev/alexlebens/site-documentation/releases/tag/0.13.0)

[Compare Source](https://gitea.alexlebens.dev/alexlebens/site-documentation/compare/0.12.0...0.13.0)

### [0.13.0](http://gitea-http.gitea:3000/alexlebens/site-documentation/compare/0.12.0...0.13.0) (2026-03-31)

##### Features

- documentation on vault ssh ([648fb31](648fb319b1))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMCIsInVwZGF0ZWRJblZlciI6IjQzLjEwMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkb2NrZXIiXX0=-->

Reviewed-on: #5337
Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net>
Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>
 2026-03-31 22:05:13 +00:00
Renovate Bot
91a231b4a7 chore(deps): update ghcr.io/av1155/houndarr docker tag to v1.6.4 (#5336)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 2m9s
Details
lint-test-helm / validate-kubeconform (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-31 22:02:51 +00:00
Alex Lebens
63ef63c278 fix: change context (#5330)
All checks were successful
lint-test-helm / lint-helm (push) Successful in 31s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 22m1s
Details 
Reviewed-on: #5330
 2026-03-31 21:41:35 +00:00
Renovate Bot
6e37cfe5df chore(deps): update helm release traefik to v39.0.7 (#5332)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 1m26s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-31 21:38:22 +00:00
Renovate Bot
6b83b6a5b2 chore(deps): update helm release generic-device-plugin to v0.20.27 (#5329)
Some checks failed
lint-test-helm / validate-kubeconform (push) Has been cancelled
Details
lint-test-helm / lint-helm (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-31 21:37:37 +00:00
Renovate Bot
2e906bd7a5 chore(deps): update dependency roundcube/roundcubemail to v1.6.15 (#5327)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 27s
Details
lint-test-helm / validate-kubeconform (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-31 21:36:35 +00:00
Renovate Bot
4c6ad46de3 chore(deps): update dependency gitroomhq/postiz-app to v2.21.4 (#5326)
Some checks failed
lint-test-helm / validate-kubeconform (push) Has been cancelled
Details
lint-test-helm / lint-helm (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-31 21:36:01 +00:00
Renovate Bot
abd0696ca2 chore(deps): update dependency gethomepage/homepage to v1.12.2 (#5325)
Some checks failed
lint-test-helm / lint-helm (push) Has been cancelled
Details
lint-test-helm / validate-kubeconform (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-31 21:35:40 +00:00
Renovate Bot
832a50bf62 chore(deps): update dependency frederikemmer/medialyze to v0.4.1 (#5324)
Some checks failed
lint-test-helm / lint-helm (push) Has been cancelled
Details
lint-test-helm / validate-kubeconform (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-31 21:35:12 +00:00
Renovate Bot
bd4e4807c0 chore(deps): update dependency directus/directus to v11.17.1 (#5323)
Some checks failed
lint-test-helm / validate-kubeconform (push) Has been cancelled
Details
lint-test-helm / lint-helm (push) Has been cancelled
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-31 21:34:47 +00:00
Renovate Bot
463fb1856c chore(deps): update dependency av1155/houndarr to v1.6.4 (#5322)
Some checks failed
lint-test-helm / validate-kubeconform (push) Has been cancelled
Details
lint-test-helm / lint-helm (push) Successful in 28s
Details
renovate / renovate (push) Has been cancelled
Details
2026-03-31 21:34:18 +00:00
Renovate Bot
b29519f1f4 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v43.102.0 (#5321)
All checks were successful
renovate / renovate (push) Successful in 4m39s
Details
2026-03-31 19:03:34 +00:00
Renovate Bot
81c83ad273 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v43.101.7 (#5320)
Some checks failed
renovate / renovate (push) Failing after 3m20s
Details
2026-03-31 18:05:31 +00:00
Renovate Bot
48dcc05b47 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v43.101.6 (#5319)
All checks were successful
renovate / renovate (push) Successful in 5m36s
Details
2026-03-31 17:04:23 +00:00
Renovate Bot
24fe2fe4c6 chore(deps): update kube-prometheus-stack docker tag to v82.16.0 (#5317)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 30s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Failing after 4m19s
Details
2026-03-31 16:05:04 +00:00
Renovate Bot
251927ece3 chore(deps): update ghcr.io/gethomepage/homepage docker tag to v1.12.2 (#5315)
All checks were successful
lint-test-helm / lint-helm (push) Successful in 22s
Details
lint-test-docker / lint-docker-compose (push) Successful in 26s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 4m59s
Details
2026-03-31 15:07:25 +00:00
Renovate Bot
1824907ec4 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v43.101.4 (#5314)
All checks were successful
render-manifests / render-manifests (push) Successful in 5m42s
Details
renovate / renovate (push) Successful in 7m37s
Details
2026-03-31 14:03:17 +00:00
Renovate Bot
40679a74c8 chore(deps): update seerr-chart docker tag to v3.3.1 (#5311)
All checks were successful
lint-test-helm / lint-helm (push) Successful in 14s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 3m4s
Details
2026-03-31 13:05:41 +00:00
Renovate Bot
779ae93d62 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v43.101.3 (#5310)
Some checks failed
renovate / renovate (push) Has been cancelled
Details
2026-03-31 13:05:06 +00:00
Renovate Bot
5f391f0080 chore(deps): update ghcr.io/frederikemmer/medialyze docker tag to v0.4.1 (#5308)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 21s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Failing after 6m9s
Details
2026-03-31 08:03:52 +00:00
Alex Lebens
d67fe3cfdf fix: add dbname (#5306)
All checks were successful
lint-test-helm / lint-helm (push) Successful in 19s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 3m53s
Details 
Reviewed-on: #5306
 2026-03-31 01:47:52 +00:00
Alex Lebens
fcb24f62af fix: wrong paths (#5304)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 25s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details 
Reviewed-on: #5304
 2026-03-31 01:40:22 +00:00
Alex Lebens
286e43b5de tmp/paperless (#5302)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 42s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
lint-test-docker / lint-docker-compose (push) Successful in 57s
Details
renovate / renovate (push) Has been cancelled
Details 
Reviewed-on: #5302
 2026-03-31 01:30:37 +00:00
Renovate Bot
4c1cfa5fa5 chore(deps): update dependency binwiederhier/ntfy to v2.21.0 (#5300)
Some checks failed
lint-test-helm / lint-helm (push) Successful in 27s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Has been cancelled
Details 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [binwiederhier/ntfy](https://github.com/binwiederhier/ntfy) | minor | `2.20.1` → `2.21.0` |
| [binwiederhier/ntfy](https://ntfy.sh/) ([source](https://github.com/binwiederhier/ntfy)) | minor | `v2.20.1` → `v2.21.0` |

---

### Release Notes

<details>
<summary>binwiederhier/ntfy (binwiederhier/ntfy)</summary>

### [`v2.21.0`](https://github.com/binwiederhier/ntfy/releases/tag/v2.21.0)

[Compare Source](https://github.com/binwiederhier/ntfy/compare/v2.20.1...v2.21.0)

This release adds the ability to verify email addresses using the `smtp-sender-verify` flag. This is a change that is required because ntfy.sh was used to send unsolicited emails and the AWS SES account was suspended. Going forward, ntfy.sh won't be able to send emails unless the email address was verified ahead of time.

**Features:**

- Add verified email recipients feature with `smtp-sender-verify` config flag, allowing server admins to require email
  address verification before sending email notifications ([#&#8203;1681](https://github.com/binwiederhier/ntfy/pull/1681))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these updates again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDEuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEwMS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkb2NrZXIiXX0=-->

Reviewed-on: #5300
Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net>
Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>
 2026-03-31 01:24:10 +00:00
Renovate Bot
859059a996 chore(deps): update favonia/cloudflare-ddns docker tag to v1.16.0 (#5301)
Some checks failed
lint-test-docker / lint-docker-compose (push) Successful in 32s
Details
renovate / renovate (push) Has been cancelled
Details 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [favonia/cloudflare-ddns](https://github.com/favonia/cloudflare-ddns) | minor | `1.15.1` → `1.16.0` |

---

### Release Notes

<details>
<summary>favonia/cloudflare-ddns (favonia/cloudflare-ddns)</summary>

### [`v1.16.0`](https://github.com/favonia/cloudflare-ddns/blob/HEAD/CHANGELOG.markdown#1160-2026-03-30)

[Compare Source](https://github.com/favonia/cloudflare-ddns/compare/v1.15.1...v1.16.0)

Despite the gap of over a year since the last release, we are not aware of any security vulnerability affecting the default configuration. As always, please review the changelog and watch for warnings or errors when upgrading.

#### Highlights

1. **WAF lists now support /128 IPv6 entries.** Cloudflare’s API now accepts individual IPv6 addresses in WAF lists. New `IP4_DEFAULT_PREFIX_LEN` (default `/32`) and `IP6_DEFAULT_PREFIX_LEN` (default `/64`) control how bare addresses are stored in WAF lists. Users can now set `IP6_DEFAULT_PREFIX_LEN` to `128` for per-address granularity. DNS records currently ignore prefix lengths, but will use these in the future.
2. **Multi-instance support via comment-based selection.** New `MANAGED_RECORDS_COMMENT_REGEX` and `MANAGED_WAF_LIST_ITEMS_COMMENT_REGEX` let multiple updater instances safely share the same domain or WAF list, each managing only records or items with matching comments. New `WAF_LIST_ITEM_COMMENT` provides a fallback comment for WAF list items, similar to how `RECORD_COMMENT` serves as a fallback for DNS records.
3. **Multi-IP detection and reconciliation.** Providers now return multiple IP addresses, each with a CIDR prefix length, and the reconciliation algorithm has been redesigned to handle them correctly. The experimental `local.iface` provider now collects all matching global unicast addresses from the specified interface, instead of just the first one. Multi-address support in `url:` and `file:` providers is also experimental.
4. **New `file:` provider.** Reads IP addresses from a local file, re-reading each detection cycle. This enables integration with external scripts or monitoring systems without restarting the updater. (Multi-address support is experimental.)
5. **New variants of `url:` (`url.via4:` and `url.via6:`) for transport overrides.** By default, `url:<url>` connects using the same IP family as the address being detected. Override the IP family used to connect with `url.via4:<url>` or `url.via6:<url>` (e.g., get an IPv6 address over an IPv4 connection). (Multi-address support in URL-based providers is experimental.)
6. **Rewritten user-facing messages.** Many log messages have been reworded into clearer, more natural English.

#### Your Feedback Wanted

The IP prefix length work in this release lays the groundwork for several upcoming features. We’d love your input on the proposed configuration syntax:

- **Per-domain IPv6 host IDs** ([#&#8203;764](https://github.com/favonia/cloudflare-ddns/issues/764)):
  - `IP6_DOMAINS=sub.example.com{hostid6=::2}`
  - `IP6_DOMAINS=sub.example.com{hostid6=preserve}` (keep the detected host IDs)
  - `IP6_DOMAINS=sub.example.com{hostid6=mac(77:cc:a7:f9:45:94)}` (compute an [EUI-64](https://en.wikipedia.org/wiki/IPv6_address#Modified_EUI-64) host ID from a MAC address)
  - `DOMAINS=sub1.example.com{hostid6=::aad1},sub2.example.com{hostid6=preserve}`
- **Detection IP filtering** ([#&#8203;1138](https://github.com/favonia/cloudflare-ddns/issues/1138)):
  - `IP6_DETECTION_FILTER=keep-all`
  - `IP6_DETECTION_FILTER=!addr-in(fc00::/7)`
  - `IP6_DETECTION_FILTER=subnet-in(2001:db8:abcd::/48)`
  - `IP4_DETECTION_FILTER=!addr-in(10.0.0.0/8) && !addr-in(192.168.0.0/16)`
  - `IP6_DETECTION_FILTER=contains(2002:dead:beef::/100) || contains(2005:dead:beef::/100)`

| input        | `addr-in(1.1.0.0/16)`              | `subnet-in(1.1.0.0/16)` | `contains(1.1.0.0/16)` |
| ------------ | ---------------------------------- | ----------------------- | ---------------------- |
| `1.1.1.1/8`  | ✔️                                 | ️                      | ✔️                     |
| `1.1.1.1/16` | ✔️                                 | ✔️                      | ✔️                     |
| `1.1.1.1/24` | ✔️                                 | ✔️                      | ️                     |
| `1.2.2.2/8`  | ️ (`1.2.2.2` not in `1.1.0.0/16`) | ️                      | ✔️                     |

Also planned: a linter for boolean expressions targeting advanced usage of `PROXIED` and the upcoming `IP4/6_DETECTION_FILTER`, and further robustness improvements to the default `cloudflare.trace` provider.

#### Reminder from the Past

As a reminder, since 1.13.0, **the updater no longer drops privileges internally, and `PUID` and `PGID` are ignored.** Please use Docker’s built-in mechanism to drop privileges. The old Docker Compose template may grant unneeded privileges to the new updater, which is not recommended. Please review the new, simpler, and more secure template in [README](./README.markdown). In a nutshell, **remove the `cap_add` attribute and replace the environment variables `PUID` and `PGID` with the [`user: "UID:GID"` attribute](https://docs.docker.com/reference/compose-file/services/#user)**. Similar options may exist for systems not using Docker Compose.

#### Other Notes

**Shoutrrr support is no longer experimental.** The shoutrrr notification integration, introduced in 1.12.0, is now considered stable.

#### Detailed Changes

##### Features

- The detection model has been redesigned so that providers return multiple IP addresses, each with a CIDR prefix length. New `IP4_DEFAULT_PREFIX_LEN` and `IP6_DEFAULT_PREFIX_LEN` settings control how bare addresses are stored in WAF lists. ([#&#8203;1144](https://github.com/favonia/cloudflare-ddns/issues/1144)) ([#&#8203;1156](https://github.com/favonia/cloudflare-ddns/issues/1156))
- The reconciliation algorithm has been redesigned to handle complex metadata mismatches when multiple IP addresses result in multiple records. ([#&#8203;1015](https://github.com/favonia/cloudflare-ddns/issues/1015)) ([#&#8203;1020](https://github.com/favonia/cloudflare-ddns/issues/1020)) ([#&#8203;1022](https://github.com/favonia/cloudflare-ddns/issues/1022)) ([#&#8203;1115](https://github.com/favonia/cloudflare-ddns/issues/1115))
- New `file:` provider reads IP addresses from a local file. ([#&#8203;1148](https://github.com/favonia/cloudflare-ddns/issues/1148))
- New `static:<ip1>,<ip2>,...` and `static.empty` providers have been added. `static.empty` actively clears managed content for a given IP family. ([#&#8203;1102](https://github.com/favonia/cloudflare-ddns/issues/1102)) ([#&#8203;1135](https://github.com/favonia/cloudflare-ddns/issues/1135))
- The `url:`, `file:`, and `static:` providers now accept addresses in CIDR notation (e.g., `198.51.100.1/24`). ([#&#8203;1159](https://github.com/favonia/cloudflare-ddns/issues/1159)) ([#&#8203;1169](https://github.com/favonia/cloudflare-ddns/issues/1169))
- The experimental `local.iface` provider now collects all matching global unicast addresses. ([#&#8203;1095](https://github.com/favonia/cloudflare-ddns/issues/1095))
- New `MANAGED_RECORDS_COMMENT_REGEX` selects only DNS records whose comments match a regex. ([#&#8203;1103](https://github.com/favonia/cloudflare-ddns/issues/1103))
- New `MANAGED_WAF_LIST_ITEMS_COMMENT_REGEX` and `WAF_LIST_ITEM_COMMENT` provide the same comment-based selection for WAF list items. ([#&#8203;1106](https://github.com/favonia/cloudflare-ddns/issues/1106))
- New `url.via4:<url>` and `url.via6:<url>` providers override the IP family used to connect to a custom URL. ([#&#8203;1131](https://github.com/favonia/cloudflare-ddns/issues/1131))
- The updater now warns about likely misconfigured `SHOUTRRR` values. ([#&#8203;1111](https://github.com/favonia/cloudflare-ddns/issues/1111))

##### Bug Fixes

- The configuration parser now warns about extra commas in lists (e.g., `a,,b`) except for trailing commas, which were silently ignored. ([#&#8203;1177](https://github.com/favonia/cloudflare-ddns/issues/1177))
- The updater now exits gracefully when `EMOJI` or `QUIET` is invalid. ([#&#8203;1174](https://github.com/favonia/cloudflare-ddns/issues/1174))
- The updater invalidates relevant zone search cache entries when a zone cannot be found for faster recovery. ([#&#8203;1125](https://github.com/favonia/cloudflare-ddns/issues/1125))
- API token verification is now stricter, catching malformed tokens before any update attempts. ([#&#8203;1126](https://github.com/favonia/cloudflare-ddns/issues/1126))
- Providers (especially `cloudflare.trace` and `cloudflare.doh`) now validate detected IP addresses more strictly. ([#&#8203;1097](https://github.com/favonia/cloudflare-ddns/issues/1097)) ([#&#8203;1099](https://github.com/favonia/cloudflare-ddns/issues/1099)) ([#&#8203;1101](https://github.com/favonia/cloudflare-ddns/issues/1101)) ([#&#8203;1151](https://github.com/favonia/cloudflare-ddns/issues/1151))
- WAF list entries in the configuration are now deduplicated. ([#&#8203;1091](https://github.com/favonia/cloudflare-ddns/issues/1091))
- The updater now warns when a configured domain does not look like a fully qualified domain name. ([#&#8203;1019](https://github.com/favonia/cloudflare-ddns/issues/1019))
- The updater now warns when DNS records and WAF list items for the same domain have mixed ownership (some managed, some not). ([#&#8203;1173](https://github.com/favonia/cloudflare-ddns/issues/1173))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDEuMiIsInVwZGF0ZWRJblZlciI6IjQzLjEwMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkb2NrZXIiXX0=-->

Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/5301
Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net>
Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>
 2026-03-31 01:23:36 +00:00
Renovate Bot
d916bc7460 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v43.101.2 (#5299)
All checks were successful
renovate / renovate (push) Successful in 2m35s
Details
2026-03-30 21:04:02 +00:00
57 changed files with 456 additions and 95 deletions
Expand all files Collapse all files

2
.gitea/workflows/renovate.yaml
View File

@@ -13,7 +13,7 @@ on:
jobs: jobs:
renovate: renovate:
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: ghcr.io/renovatebot/renovate:43.101.1@sha256:06c9297754f7d487adca6446b9970fecade3202190138259e7888c30ec8d4277 container: ghcr.io/renovatebot/renovate:43.102.1@sha256:929ac56e34491346a313a2a16e71fdcc11ee41c6401f4179dcf13774d7f83931
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

2
clusters/cl01tl/helm/actual/values.yaml
View File

@@ -8,7 +8,7 @@ actual:
main: main:
image: image:
repository: ghcr.io/actualbudget/actual repository: ghcr.io/actualbudget/actual
tag: 26.3.0@sha256:eb8bc26f53025e07e464594c12d77c52c4b95840c8dadd9b95c4f0c4660f8ad2 tag: 26.3.0-alpine@sha256:88da05c05de64c3e2b597ffb8fdb9abb50605d64200ad470516da895251bbf9c
env: env:
- name: ACTUAL_PORT - name: ACTUAL_PORT
value: 5006 value: 5006

6
clusters/cl01tl/helm/argo-workflows/Chart.lock
View File

@@ -7,6 +7,6 @@ dependencies:
version: 2.4.21 version: 2.4.21
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.11.1
digest: sha256:5635bfe609d8a901df257ef3e6cb469396a21bdd4c6f96e7e33f84036019c52b digest: sha256:a249bd8faad886fa267cb42e843fd6465b3c4147961d182b73dd64ef9e6ca06e
generated: "2026-03-24T16:59:01.228848139Z" generated: "2026-03-31T18:36:18.025982-05:00"

2
clusters/cl01tl/helm/argo-workflows/Chart.yaml
View File

@@ -25,7 +25,7 @@ dependencies:
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.11.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
# renovate: datasource=github-releases depName=argoproj/argo-workflows # renovate: datasource=github-releases depName=argoproj/argo-workflows

8
clusters/cl01tl/helm/authentik/Chart.lock
View File

@@ -7,9 +7,9 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.11.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.5.0
digest: sha256:8c353c5dad4c3d04d518c1445497f0d1cb64261a4201ae17a2c0874454b807a7 digest: sha256:4b90c5af4cc7f37b04284aafd75ddda1241c71acb726932e7e21520b5bf98543
generated: "2026-03-15T20:04:35.99407071Z" generated: "2026-03-31T18:36:26.87524-05:00"

4
clusters/cl01tl/helm/authentik/Chart.yaml
View File

@@ -25,11 +25,11 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.11.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey alias: valkey
version: 0.4.0 version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png
# renovate: datasource=github-releases depName=goauthentik/authentik # renovate: datasource=github-releases depName=goauthentik/authentik

4
clusters/cl01tl/helm/authentik/values.yaml
View File

@@ -77,6 +77,10 @@ authentik:
enabled: true enabled: true
postgres-18-cluster: postgres-18-cluster:
mode: recovery mode: recovery
cluster:
resources:
requests:
memory: 150Mi
recovery: recovery:
method: objectStore method: objectStore
objectStore: objectStore:

6
clusters/cl01tl/helm/blocky/Chart.lock
View File

@@ -4,6 +4,6 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.5.0
digest: sha256:a5b0099261d772b24a302a106d106cfa82ac07fa14564141e00cf107d708e859 digest: sha256:49b0e666059bad492ebaa4a20119ce5bbd1959a1ee6b22b271a9ca9529122697
generated: "2026-03-09T23:06:16.853255429Z" generated: "2026-03-31T18:37:20.549898-05:00"

2
clusters/cl01tl/helm/blocky/Chart.yaml
View File

@@ -20,7 +20,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: valkey - name: valkey
alias: valkey alias: valkey
version: 0.4.0 version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/blocky.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/blocky.png
# renovate: datasource=github-releases depName=0xerr0r/blocky # renovate: datasource=github-releases depName=0xerr0r/blocky

1
clusters/cl01tl/helm/blocky/values.yaml
View File

@@ -144,6 +144,7 @@ blocky:
objects IN CNAME traefik-cl01tl objects IN CNAME traefik-cl01tl
ollama IN CNAME traefik-cl01tl ollama IN CNAME traefik-cl01tl
omni-tools IN CNAME traefik-cl01tl omni-tools IN CNAME traefik-cl01tl
paperless-ngx IN CNAME traefik-cl01tl
photoview IN CNAME traefik-cl01tl photoview IN CNAME traefik-cl01tl
plex IN CNAME traefik-cl01tl plex IN CNAME traefik-cl01tl
postiz IN CNAME traefik-cl01tl postiz IN CNAME traefik-cl01tl

8
clusters/cl01tl/helm/dawarich/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.11.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.5.0
digest: sha256:7584c2a1613454bbd83b66df46170fd0157df5186842844d483e2dd131398574 digest: sha256:1f513bd53430dd0fbba301ab5577aca85e984394dfdca9f615aae944a09c6bc0
generated: "2026-03-15T20:04:49.68456485Z" generated: "2026-03-31T18:37:35.858603-05:00"

4
clusters/cl01tl/helm/dawarich/Chart.yaml
View File

@@ -21,11 +21,11 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.11.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey alias: valkey
version: 0.4.0 version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/dawarich.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/dawarich.png
# renovate: datasource=github-releases depName=Freika/dawarich # renovate: datasource=github-releases depName=Freika/dawarich

8
clusters/cl01tl/helm/directus/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.11.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.5.0
digest: sha256:dfcb5d35e03ecdc4206227d206d36509319f0dcdaed54363840d71337debb3f7 digest: sha256:116183cdff428293215553b7e60be9aefafbbaaaf64c01f1fc974badd3e0754b
generated: "2026-03-15T20:05:03.156596646Z" generated: "2026-03-31T18:37:42.414041-05:00"

6
clusters/cl01tl/helm/directus/Chart.yaml
View File

@@ -21,12 +21,12 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.11.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey alias: valkey
version: 0.4.0 version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png
# renovate: datasource=github-releases depName=directus/directus # renovate: datasource=github-releases depName=directus/directus
appVersion: 11.17.0 appVersion: 11.17.1

4
clusters/cl01tl/helm/directus/values.yaml
View File

@@ -212,3 +212,7 @@ valkey:
aclUsers: aclUsers:
default: default:
permissions: "~* &* +@all" permissions: "~* &* +@all"
# No option to configure metrics when auth is enabled
# https://github.com/valkey-io/valkey-helm/issues/135
metrics:
enabled: false

6
clusters/cl01tl/helm/freshrss/Chart.lock
View File

@@ -7,9 +7,9 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.11.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:a7bdbecd50433fedd65d3043102fe3c9e366dc98953c37eb0cfe762bce833e8e digest: sha256:ebf08159809ef0d69fcb8742b47245c82994b528c2f58e5ed40293555e085ecd
generated: "2026-03-15T20:05:14.085780861Z" generated: "2026-03-31T18:37:59.187695-05:00"

2
clusters/cl01tl/helm/freshrss/Chart.yaml
View File

@@ -25,7 +25,7 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.11.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-data alias: volsync-target-data

6
clusters/cl01tl/helm/gatus/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 1.5.0 version: 1.5.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.11.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:83ec84774e0cc708f1cb5d83d657180159bfb75c9928784ebf0280e224b1cbca digest: sha256:1f530794c6d9c4a487d30443dce7ddf556524c7f875c6e5249b135e81528f0c5
generated: "2026-03-15T20:05:27.625292422Z" generated: "2026-03-31T19:06:30.871275-05:00"

2
clusters/cl01tl/helm/gatus/Chart.yaml
View File

@@ -20,7 +20,7 @@ dependencies:
version: 1.5.0 version: 1.5.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.11.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-data alias: volsync-target-data

6
clusters/cl01tl/helm/gatus/values.yaml
View File

@@ -164,15 +164,15 @@ gatus:
- name: roundcube - name: roundcube
url: https://mail.alexlebens.net url: https://mail.alexlebens.net
<<: *defaults <<: *defaults
- name: paperless-ngx
url: https://paperless-ngx.alexlebens.net
<<: *defaults
- name: kiwix - name: kiwix
url: https://kiwix.alexlebens.net url: https://kiwix.alexlebens.net
<<: *defaults <<: *defaults
- name: excalidraw - name: excalidraw
url: https://excalidraw.alexlebens.net url: https://excalidraw.alexlebens.net
<<: *defaults <<: *defaults
- name: languagetool
url: https://languagetool.alexlebens.net
<<: *defaults
- name: gitea - name: gitea
url: https://gitea.alexlebens.net url: https://gitea.alexlebens.net
<<: *defaults <<: *defaults

6
clusters/cl01tl/helm/generic-device-plugin/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: generic-device-plugin - name: generic-device-plugin
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
version: 0.20.26 version: 0.20.27
digest: sha256:47d12b7555d345dea0438d13ac538896994dbd44b142b9a546dbfe5c0939a92b digest: sha256:b66a7ab013f5eda47ccf94824796e026642e1abfc051e498957ee0f59743e9fc
generated: "2026-03-24T16:59:26.537547513Z" generated: "2026-03-31T21:37:08.823163353Z"

2
clusters/cl01tl/helm/generic-device-plugin/Chart.yaml
View File

@@ -14,6 +14,6 @@ maintainers:
dependencies: dependencies:
- name: generic-device-plugin - name: generic-device-plugin
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
version: 0.20.26 version: 0.20.27
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
appVersion: 1.0.0 appVersion: 1.0.0

8
clusters/cl01tl/helm/gitea/Chart.lock
View File

@@ -16,12 +16,12 @@ dependencies:
version: 7.10.0 version: 7.10.0
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.5.0
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.5.0
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:e2c79d0dc5bee77c31bb92f117eac6fe248def2c17eaa589cc4388e7ad55c84f digest: sha256:bbc7c8c9da52c79c8b8cfe93ec75a1df75fd2985e82417e61eae6ba11da52a89
generated: "2026-03-30T16:13:01.539524905Z" generated: "2026-03-31T18:38:06.461077-05:00"

4
clusters/cl01tl/helm/gitea/Chart.yaml
View File

@@ -43,11 +43,11 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey-gitea alias: valkey-gitea
version: 0.4.0 version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey-renovate alias: valkey-renovate
version: 0.4.0 version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-storage alias: volsync-target-storage

4
clusters/cl01tl/helm/gitea/values.yaml
View File

@@ -201,7 +201,7 @@ postgres-18-cluster:
resources: resources:
requests: requests:
cpu: 100m cpu: 100m
memory: 100Mi memory: 150Mi
recovery: recovery:
method: objectStore method: objectStore
objectStore: objectStore:
@@ -224,7 +224,7 @@ valkey-gitea:
resources: resources:
requests: requests:
cpu: 20m cpu: 20m
memory: 2Gi memory: 1Gi
dataStorage: dataStorage:
requestedSize: 10Gi requestedSize: 10Gi
replica: replica:

10
clusters/cl01tl/helm/grafana-operator/Chart.lock
View File

@@ -4,12 +4,12 @@ dependencies:
version: 5.22.2 version: 5.22.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.11.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.5.0
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.5.0
digest: sha256:a3bf183bcecb4d4b5354fe91a549075997dccb41c193da9daec9ccbe4d659fe2 digest: sha256:1f6bf4f0f24f85d8c362766010e4f42d26458c0412b67afab9b05f2e17eacced
generated: "2026-03-18T10:04:15.165729555Z" generated: "2026-03-31T19:12:08.326471-05:00"

6
clusters/cl01tl/helm/grafana-operator/Chart.yaml
View File

@@ -20,15 +20,15 @@ dependencies:
repository: https://grafana.github.io/helm-charts repository: https://grafana.github.io/helm-charts
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.11.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey-unified-alerting alias: valkey-unified-alerting
version: 0.4.0 version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey-remote-cache alias: valkey-remote-cache
version: 0.4.0 version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/grafana.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/grafana.png
# renovate: datasource=github-releases depName=grafana/grafana-operator # renovate: datasource=github-releases depName=grafana/grafana-operator

8
clusters/cl01tl/helm/harbor/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 1.18.3 version: 1.18.3
- name: postgres-cluster - name: postgres-cluster
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
version: 7.10.0 version: 7.11.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.5.0
digest: sha256:e7a5cee56dddb4abc07ff18677cb6ddf55571b38da2eeb7e654e8ad8f7709bfa digest: sha256:fb17e2bad9c3a303da2b9d65ee5bd082a58ca6a5cee17d337e2536747982aa2c
generated: "2026-03-19T04:16:54.362332682Z" generated: "2026-03-31T18:38:15.510833-05:00"

4
clusters/cl01tl/helm/harbor/Chart.yaml
View File

@@ -20,11 +20,11 @@ dependencies:
repository: https://helm.goharbor.io repository: https://helm.goharbor.io
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.11.1
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
- name: valkey - name: valkey
alias: valkey alias: valkey
version: 0.4.0 version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/harbor.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/harbor.png
# renovate: datasource=github-releases depName=goharbor/harbor # renovate: datasource=github-releases depName=goharbor/harbor

5
clusters/cl01tl/helm/harbor/values.yaml
View File

@@ -111,3 +111,8 @@ postgres-18-cluster:
immediate: true immediate: true
schedule: "0 35 14 * * *" schedule: "0 35 14 * * *"
backupName: garage-local backupName: garage-local
valkey:
valkey:
resources:
requests:
memory: 30Mi

2
clusters/cl01tl/helm/home-assistant/values.yaml
View File

@@ -119,8 +119,6 @@ home-assistant:
volsync-target-config: volsync-target-config:
pvcTarget: home-assistant-config pvcTarget: home-assistant-config
moverSecurityContext: moverSecurityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000 fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch fsGroupChangePolicy: OnRootMismatch
local: local:

2
clusters/cl01tl/helm/homepage/Chart.yaml
View File

@@ -19,4 +19,4 @@ dependencies:
version: 4.6.2 version: 4.6.2
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
# renovate: datasource=github-releases depName=gethomepage/homepage # renovate: datasource=github-releases depName=gethomepage/homepage
appVersion: v1.12.1 appVersion: v1.12.2

8
clusters/cl01tl/helm/homepage/values.yaml
View File

@@ -16,7 +16,7 @@ homepage:
main: main:
image: image:
repository: ghcr.io/gethomepage/homepage repository: ghcr.io/gethomepage/homepage
tag: v1.12.1 tag: v1.12.2
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: HOMEPAGE_ALLOWED_HOSTS - name: HOMEPAGE_ALLOWED_HOSTS
@@ -304,6 +304,12 @@ homepage:
href: https://mail.alexlebens.net href: https://mail.alexlebens.net
siteMonitor: http://roundcube.roundcube:80 siteMonitor: http://roundcube.roundcube:80
statusStyle: dot statusStyle: dot
- Documents:
icon: sh-paperless-ngx.webp
description: Paperless-ngx
href: https://paperless-ngx.alexlebens.net
siteMonitor: http://paperless-ngx.paperless-ngx:80
statusStyle: dot
- Wiki: - Wiki:
icon: sh-kiwix-light.webp icon: sh-kiwix-light.webp
description: Kiwix description: Kiwix

2
clusters/cl01tl/helm/houndarr/Chart.yaml
View File

@@ -22,4 +22,4 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://raw.githubusercontent.com/av1155/houndarr/main/src/houndarr/static/img/houndarr-logo-dark.png icon: https://raw.githubusercontent.com/av1155/houndarr/main/src/houndarr/static/img/houndarr-logo-dark.png
# renovate: datasource=github-releases depName=av1155/houndarr # renovate: datasource=github-releases depName=av1155/houndarr
appVersion: v1.6.3 appVersion: v1.6.4

2
clusters/cl01tl/helm/houndarr/values.yaml
View File

@@ -9,7 +9,7 @@ houndarr:
main: main:
image: image:
repository: ghcr.io/av1155/houndarr repository: ghcr.io/av1155/houndarr
tag: v1.6.3 tag: v1.6.4
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: TZ - name: TZ

6
clusters/cl01tl/helm/kube-prometheus-stack/Chart.lock
View File

@@ -1,12 +1,12 @@
dependencies: dependencies:
- name: kube-prometheus-stack - name: kube-prometheus-stack
repository: oci://ghcr.io/prometheus-community/charts repository: oci://ghcr.io/prometheus-community/charts
version: 82.15.1 version: 82.16.0
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2 version: 4.6.2
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
digest: sha256:7be2f0d61a12e674af175046960df7ba06a7248dc92db0b2d9c9b63a77a5bc17 digest: sha256:a7086a19bfa46989e0db1d4c99b0ffa11f63115f41d60259f4467cc5dcf9bcaa
generated: "2026-03-28T01:54:34.406941487Z" generated: "2026-03-31T16:04:22.10025203Z"

2
clusters/cl01tl/helm/kube-prometheus-stack/Chart.yaml
View File

@@ -20,7 +20,7 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: kube-prometheus-stack - name: kube-prometheus-stack
version: 82.15.1 version: 82.16.0
repository: oci://ghcr.io/prometheus-community/charts repository: oci://ghcr.io/prometheus-community/charts
- name: app-template - name: app-template
alias: ntfy-alertmanager alias: ntfy-alertmanager

2
clusters/cl01tl/helm/medialyze/Chart.yaml
View File

@@ -19,4 +19,4 @@ dependencies:
version: 4.6.2 version: 4.6.2
icon: https://raw.githubusercontent.com/frederikemmer/MediaLyze/d8f69c0628bac7c047b90f91a66341648029c273/frontend/public/favicon.svg icon: https://raw.githubusercontent.com/frederikemmer/MediaLyze/d8f69c0628bac7c047b90f91a66341648029c273/frontend/public/favicon.svg
# renovate: datasource=github-releases depName=frederikemmer/MediaLyze # renovate: datasource=github-releases depName=frederikemmer/MediaLyze
appVersion: 0.4.0 appVersion: 0.4.1

2
clusters/cl01tl/helm/medialyze/values.yaml
View File

@@ -9,7 +9,7 @@ medialyze:
main: main:
image: image:
repository: ghcr.io/frederikemmer/medialyze repository: ghcr.io/frederikemmer/medialyze
tag: 0.4.0 tag: 0.4.1
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: HOST_PORT - name: HOST_PORT

2
clusters/cl01tl/helm/navidrome/values.yaml
View File

@@ -9,7 +9,7 @@ navidrome:
main: main:
image: image:
repository: deluan/navidrome repository: deluan/navidrome
tag: 0.60.3@sha256:a5dce8f33304714dd138e870cca0dcab3d937ca236be1a9f2b97da009d1a0048 tag: 0.61.0@sha256:b14a6acb5cd5ee73f3a13d63d8d68ede82dedb796aa522fbada94769d990cf0b
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: ND_MUSICFOLDER - name: ND_MUSICFOLDER

24
clusters/cl01tl/helm/paperless-ngx/Chart.lock Normal file
View File

@@ -0,0 +1,24 @@
dependencies:
- name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.11.0
- name: valkey
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
digest: sha256:08acc0818deaede4bb7515be7cbb1253f30036b70af6038caa69e4bd3cc02412
generated: "2026-03-30T20:25:47.995874-05:00"

51
clusters/cl01tl/helm/paperless-ngx/Chart.yaml Normal file
View File

@@ -0,0 +1,51 @@
apiVersion: v2
name: paperless-ngx
version: 1.0.0
description: Paperless-ngx
keywords:
- paperless-ngx
- documents
home: https://docs.alexlebens.dev/applications/paperless-ngx/
sources:
- https://github.com/paperless-ngx/paperless-ngx
- https://github.com/gotenberg/gotenberg
- https://github.com/paperless-ngx/paperless-ngx/pkgs/container/paperless-ngx
- https://hub.docker.com/r/gotenberg/gotenberg
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/valkey
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: paperless-ngx
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.11.0
repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey
alias: valkey
version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-data
version: 0.8.0
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-media
version: 0.8.0
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-export
version: 0.8.0
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-consume
version: 0.8.0
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/paperless-ngx.png
# renovate: datasource=github-releases depName=paperless-ngx/paperless-ngx
appVersion: 2.20.13

54
clusters/cl01tl/helm/paperless-ngx/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,54 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: paperless-ngx-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: paperless-ngx-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: secret-key
remoteRef:
key: /cl01tl/paperless-ngx/secret
property: secret-key
- secretKey: admin-user
remoteRef:
key: /cl01tl/paperless-ngx/secret
property: admin-user
- secretKey: admin-password
remoteRef:
key: /cl01tl/paperless-ngx/secret
property: admin-password
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: paperless-ngx-oidc-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: paperless-ngx-oidc-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: OIDC_CLIENT_ID
remoteRef:
key: /authentik/oidc/paperless-ngx
property: client
- secretKey: OIDC_CLIENT_SECRET
remoteRef:
key: /authentik/oidc/paperless-ngx
property: secret
- secretKey: PAPERLESS_SOCIALACCOUNT_PROVIDERS
remoteRef:
key: /authentik/oidc/paperless-ngx
property: PAPERLESS_SOCIALACCOUNT_PROVIDERS

212
clusters/cl01tl/helm/paperless-ngx/values.yaml Normal file
View File

@@ -0,0 +1,212 @@
paperless-ngx:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
containers:
main:
image:
repository: ghcr.io/paperless-ngx/paperless-ngx
tag: 2.20.13@sha256:4b05bcd28e6923768000b5d247cbf2c66fd49bdc3f3b05955bd4f6790a638b01
env:
- name: PAPERLESS_REDIS
value: redis://paperless-ngx-valkey.paperless-ngx:6379
- name: PAPERLESS_DBHOST
valueFrom:
secretKeyRef:
name: paperless-ngx-postgresql-18-cluster-app
key: host
- name: PAPERLESS_DBPORT
valueFrom:
secretKeyRef:
name: paperless-ngx-postgresql-18-cluster-app
key: port
- name: PAPERLESS_DBNAME
valueFrom:
secretKeyRef:
name: paperless-ngx-postgresql-18-cluster-app
key: dbname
- name: PAPERLESS_DBUSER
valueFrom:
secretKeyRef:
name: paperless-ngx-postgresql-18-cluster-app
key: user
- name: PAPERLESS_DBPASS
valueFrom:
secretKeyRef:
name: paperless-ngx-postgresql-18-cluster-app
key: password
- name: PAPERLESS_TIKA_ENABLED
value: true
- name: PAPERLESS_TIKA_GOTENBERG_ENDPOINT
value: http://localhost:3000/
- name: PAPERLESS_SECRET_KEY
valueFrom:
secretKeyRef:
name: paperless-ngx-secret
key: secret-key
- name: PAPERLESS_URL
value: https://paperless-ngx.alexlebens.net
- name: PAPERLESS_ALLOWED_HOSTS
value: paperless-ngx.alexlebens.net, paperless-ngx.paperless-ngx
- name: PAPERLESS_ADMIN_USER
valueFrom:
secretKeyRef:
name: paperless-ngx-secret
key: admin-user
- name: PAPERLESS_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: paperless-ngx-secret
key: admin-password
- name: PAPERLESS_ACCOUNT_ALLOW_SIGNUPS
value: true
- name: PAPERLESS_SOCIAL_AUTO_SIGNUP
value: true
- name: PAPERLESS_SOCIALACCOUNT_ALLOW_SIGNUPS
value: true
- name: PAPERLESS_APPS
value: allauth.socialaccount.providers.openid_connect
- name: PAPERLESS_LOGOUT_REDIRECT_URL
value: https://authentik.alexlebens.net/application/o/paperless-ngx/end-session/
- name: PAPERLESS_SOCIALACCOUNT_PROVIDERS
valueFrom:
secretKeyRef:
name: paperless-ngx-oidc-secret
key: PAPERLESS_SOCIALACCOUNT_PROVIDERS
- name: PAPERLESS_TIME_ZONE
value: America/Chicago
resources:
requests:
cpu: 1m
memory: 100Mi
gotenberg:
image:
repository: gotenberg/gotenberg
tag: 8.29.1@sha256:36c925776fa0db0fd1030408d131fde7ac3453027a559883555155b72adb16a7
service:
main:
controller: main
ports:
http:
port: 80
targetPort: 8000
route:
main:
kind: HTTPRoute
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- paperless-ngx.alexlebens.net
rules:
- backendRefs:
- name: paperless-ngx
port: 80
matches:
- path:
type: PathPrefix
value: /
persistence:
data:
forceRename: paperless-ngx-data
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 2Gi
advancedMounts:
main:
main:
- path: /usr/src/paperless/data
media:
forceRename: paperless-ngx-media
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 10Gi
advancedMounts:
main:
main:
- path: /usr/src/paperless/media
export:
forceRename: paperless-ngx-export
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 2Gi
advancedMounts:
main:
main:
- path: /usr/src/paperless/export
consume:
forceRename: paperless-ngx-consume
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 2Gi
advancedMounts:
main:
main:
- path: /usr/src/paperless/consume
postgres-18-cluster:
mode: recovery
recovery:
method: objectStore
objectStore:
index: 1
backup:
objectStore:
- name: garage-local
index: 1
destinationBucket: postgres-backups
externalSecretCredentialPath: /garage/home-infra/postgres-backups
isWALArchiver: true
scheduledBackups:
- name: live-backup
suspend: false
immediate: true
schedule: "0 15 15 * * *"
backupName: garage-local
volsync-target-data:
pvcTarget: paperless-ngx-data
local:
enabled: true
schedule: 2 8 * * *
remote:
enabled: true
schedule: 2 9 * * *
external:
enabled: true
schedule: 2 10 * * *
volsync-target-media:
pvcTarget: paperless-ngx-metadata
local:
enabled: true
schedule: 4 8 * * *
remote:
enabled: true
schedule: 4 9 * * *
external:
enabled: true
schedule: 4 10 * * *
volsync-target-export:
pvcTarget: paperless-ngx-data
local:
enabled: true
schedule: 2 8 * * *
remote:
enabled: true
schedule: 2 9 * * *
external:
enabled: true
schedule: 2 10 * * *
volsync-target-consume:
pvcTarget: paperless-ngx-metadata
local:
enabled: true
schedule: 4 8 * * *
remote:
enabled: true
schedule: 4 9 * * *
external:
enabled: true
schedule: 4 10 * * *

2
clusters/cl01tl/helm/postiz/Chart.yaml
View File

@@ -42,4 +42,4 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/postiz.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/postiz.png
# renovate: datasource=github-releases depName=gitroomhq/postiz-app # renovate: datasource=github-releases depName=gitroomhq/postiz-app
appVersion: v2.21.2 appVersion: v2.21.4

2
clusters/cl01tl/helm/roundcube/Chart.yaml
View File

@@ -29,4 +29,4 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/roundcube.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/roundcube.png
# renovate: datasource=github-releases depName=roundcube/roundcubemail # renovate: datasource=github-releases depName=roundcube/roundcubemail
appVersion: 1.6.14 appVersion: 1.6.15

4
clusters/cl01tl/helm/roundcube/values.yaml
View File

@@ -9,7 +9,7 @@ roundcube:
main: main:
image: image:
repository: roundcube/roundcubemail repository: roundcube/roundcubemail
tag: 1.6.14-fpm-alpine tag: 1.6.15-fpm-alpine
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: ROUNDCUBEMAIL_DB_TYPE - name: ROUNDCUBEMAIL_DB_TYPE
@@ -85,7 +85,7 @@ roundcube:
backup: backup:
image: image:
repository: roundcube/roundcubemail repository: roundcube/roundcubemail
tag: 1.6.14-fpm-alpine tag: 1.6.15-fpm-alpine
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: ROUNDCUBEMAIL_DB_TYPE - name: ROUNDCUBEMAIL_DB_TYPE

6
clusters/cl01tl/helm/seerr/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies: dependencies:
- name: seerr-chart - name: seerr-chart
repository: oci://ghcr.io/seerr-team/seerr repository: oci://ghcr.io/seerr-team/seerr
version: 3.3.0 version: 3.3.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:6b3f76b56c20740f1f1c39df0b0f8ed2684051c698e287c113c9e311477fed82 digest: sha256:125b2384418dda2ccf6ee188d61daf1e78f2faa3bf1ee4a81c2d0f741967ca5f
generated: "2026-03-06T01:16:36.098673586Z" generated: "2026-03-31T13:05:18.964064368Z"

2
clusters/cl01tl/helm/seerr/Chart.yaml
View File

@@ -17,7 +17,7 @@ maintainers:
dependencies: dependencies:
- name: seerr-chart - name: seerr-chart
repository: oci://ghcr.io/seerr-team/seerr repository: oci://ghcr.io/seerr-team/seerr
version: 3.3.0 version: 3.3.1
- name: volsync-target - name: volsync-target
alias: volsync-target-config alias: volsync-target-config
version: 0.8.0 version: 0.8.0

2
clusters/cl01tl/helm/site-documentation/values.yaml
View File

@@ -11,7 +11,7 @@ site-documentation:
main: main:
image: image:
repository: harbor.alexlebens.net/images/site-documentation repository: harbor.alexlebens.net/images/site-documentation
tag: 0.12.0 tag: 0.13.0
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
resources: resources:
requests: requests:

2
clusters/cl01tl/helm/tdarr/values.yaml
View File

@@ -59,7 +59,7 @@ tdarr:
- key: app.kubernetes.io/instance - key: app.kubernetes.io/instance
operator: In operator: In
values: values:
- tdarr - node
topologyKey: kubernetes.io/hostname topologyKey: kubernetes.io/hostname
nodeSelector: nodeSelector:
intel.feature.node.kubernetes.io/gpu: "true" intel.feature.node.kubernetes.io/gpu: "true"

6
clusters/cl01tl/helm/traefik/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies: dependencies:
- name: traefik - name: traefik
repository: https://traefik.github.io/charts repository: https://traefik.github.io/charts
version: 39.0.6 version: 39.0.7
- name: traefik-crds - name: traefik-crds
repository: https://traefik.github.io/charts repository: https://traefik.github.io/charts
version: 1.16.0 version: 1.16.0
digest: sha256:7311d1720303d2930821ac085e246c09d2935aa5f4b8223040017afe3c5acfc4 digest: sha256:42a2f2844385eb79724b6d7b49ed8adfd4f8237ee63ea55aa6ec7b3b3636dd3e
generated: "2026-03-24T14:04:56.829498329Z" generated: "2026-03-31T21:37:50.410289754Z"

2
clusters/cl01tl/helm/traefik/Chart.yaml
View File

@@ -15,7 +15,7 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: traefik - name: traefik
version: 39.0.6 version: 39.0.7
repository: https://traefik.github.io/charts repository: https://traefik.github.io/charts
- name: traefik-crds - name: traefik-crds
version: 1.16.0 version: 1.16.0

1
hosts/ps08rp/blocky/config.yml
View File

@@ -121,6 +121,7 @@ customDNS:
objects IN CNAME traefik-cl01tl objects IN CNAME traefik-cl01tl
ollama IN CNAME traefik-cl01tl ollama IN CNAME traefik-cl01tl
omni-tools IN CNAME traefik-cl01tl omni-tools IN CNAME traefik-cl01tl
paperless-ngx IN CNAME traefik-cl01tl
photoview IN CNAME traefik-cl01tl photoview IN CNAME traefik-cl01tl
plex IN CNAME traefik-cl01tl plex IN CNAME traefik-cl01tl
postiz IN CNAME traefik-cl01tl postiz IN CNAME traefik-cl01tl

1
hosts/ps09rp/blocky/config.yml
View File

@@ -142,6 +142,7 @@ customDNS:
objects IN CNAME traefik-cl01tl objects IN CNAME traefik-cl01tl
ollama IN CNAME traefik-cl01tl ollama IN CNAME traefik-cl01tl
omni-tools IN CNAME traefik-cl01tl omni-tools IN CNAME traefik-cl01tl
paperless-ngx IN CNAME traefik-cl01tl
photoview IN CNAME traefik-cl01tl photoview IN CNAME traefik-cl01tl
plex IN CNAME traefik-cl01tl plex IN CNAME traefik-cl01tl
postiz IN CNAME traefik-cl01tl postiz IN CNAME traefik-cl01tl

2
hosts/ps10rp/cloudflare-ddns/compose.yaml
View File

@@ -1,7 +1,7 @@
--- ---
services: services:
cloudflare-ddns: cloudflare-ddns:
image: favonia/cloudflare-ddns:1.15.1@sha256:a4e2089b3531eec8c9328c7a9a586f80e8d67dcd94856e0b596b7896e1de3f62 image: favonia/cloudflare-ddns:1.16.0@sha256:8e0f869aed97beeed4e172a01e97090673cb9b04e7e1d62fcb6cfc656f9761ad
container_name: cloudflare-ddns container_name: cloudflare-ddns
cap_drop: cap_drop:
- all - all

2
hosts/ps10rp/homepage/compose.yaml
View File

@@ -32,7 +32,7 @@ services:
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
homepage: homepage:
image: ghcr.io/gethomepage/homepage:v1.12.1@sha256:9627769818fbfb14147d3e633e57cef9c27c0c5f07585f5a1d6c3d3425b3b33c image: ghcr.io/gethomepage/homepage:v1.12.2@sha256:ea801368eac6b1f0d08ad35dabcbbd0a91147a49ba9761df84b2e047532d74e5
container_name: homepage container_name: homepage
labels: labels:
traefik.enable: true traefik.enable: true