alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Activity

Compare commits

base: alexlebens:913dee6aa236d2d00a0aa7f46a1a1a3eb6aecb13
Branches Tags
alexlebens:main alexlebens:manifests alexlebens:renovate/postgres-cluster-7.x alexlebens:renovate/ghcr.io-siderolabs-talosctl-1.x
...
compare: alexlebens:main
Branches Tags
alexlebens:manifests alexlebens:main alexlebens:renovate/postgres-cluster-7.x alexlebens:renovate/ghcr.io-siderolabs-talosctl-1.x

18 Commits
913dee6aa2 ... main

Author SHA1 Message Date
Alex Lebens
5c307b7743 remove trivy
Some checks failed
lint-test-helm / lint-helm (push) Failing after 1m46s
Details
render-manifests-push / render-manifests-push (push) Successful in 4m2s
Details
renovate / renovate (push) Failing after 6m28s
Details
2025-12-27 11:22:59 -06:00
Alex Lebens
d1b88d31cd disable volsync
Some checks failed
renovate / renovate (push) Waiting to run
Details
lint-test-docker / lint-docker-compose (push) Failing after 36s
Details
lint-test-helm / lint-helm (push) Failing after 1m17s
Details
render-manifests-push / render-manifests-push (push) Waiting to run
Details
2025-12-27 10:59:42 -06:00
Alex Lebens
a35f1a46f9 remove n8n 2025-12-27 10:52:49 -06:00
Alex Lebens
8f90834648 scale 2025-12-27 10:51:40 -06:00
Alex Lebens
fb1f1afbb7 disable trivy
Some checks failed
lint-test-helm / lint-helm (push) Successful in 12s
Details
render-manifests-push / render-manifests-push (push) Successful in 45s
Details
renovate / renovate (push) Failing after 17m52s
Details
2025-12-26 23:19:06 -06:00
Alex Lebens
686bcc7568 comma seperate
Some checks failed
render-manifests-push / render-manifests-push (push) Successful in 40s
Details
lint-test-helm / lint-helm (push) Successful in 43s
Details
renovate / renovate (push) Has been cancelled
Details
2025-12-26 23:13:50 -06:00
Alex Lebens
8b0c4bae1a Merge branch 'main' of https://gitea.alexlebens.net/alexlebens/infrastructure
All checks were successful
lint-test-helm / lint-helm (push) Successful in 1m50s
Details
render-manifests-push / render-manifests-push (push) Successful in 2m44s
Details
renovate / renovate (push) Successful in 2m4s
Details
2025-12-26 21:53:26 -06:00
Alex Lebens
a82ca2ffeb add to allowed hosts 2025-12-26 21:53:22 -06:00
Renovate Bot
0b60f42670 Update harbor.alexlebens.net/images/rayflume Docker tag to v0.0.7 (#2879)
All checks were successful
renovate / renovate (push) Successful in 1m53s
Details
2025-12-27 03:10:26 +00:00
Renovate Bot
50a5933039 Update harbor.alexlebens.net/images/rayflume Docker tag to v0.0.7 (#2879)
Some checks failed
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 14s
Details
renovate / renovate (push) Has been cancelled
Details
2025-12-27 03:10:04 +00:00
Alex Lebens
80e6023b3e scale to 3
All checks were successful
lint-test-helm / lint-helm (push) Successful in 11s
Details
render-manifests-push / render-manifests-push (push) Successful in 1m33s
Details
renovate / renovate (push) Successful in 1m44s
Details
2025-12-27 03:08:02 +00:00
Alex Lebens
774145519e scale cluster down to 2
Some checks failed
lint-test-helm / lint-helm (push) Successful in 11s
Details
render-manifests-push / render-manifests-push (push) Successful in 55s
Details
renovate / renovate (push) Has been cancelled
Details
2025-12-27 03:04:25 +00:00
Renovate Bot
d1d2f93181 Update freshrss/freshrss Docker tag to v1.28.0 (#2851)
All checks were successful
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 33s
Details
renovate / renovate (push) Successful in 1m22s
Details 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [freshrss/freshrss](https://freshrss.org/) ([source](https://github.com/FreshRSS/FreshRSS)) | minor | `1.27.1` -> `1.28.0` |

---

### Release Notes

<details>
<summary>FreshRSS/FreshRSS (freshrss/freshrss)</summary>

### [`v1.28.0`](https://github.com/FreshRSS/FreshRSS/blob/HEAD/CHANGELOG.md#2025-12-24-FreshRSS-1280)

[Compare Source](https://github.com/FreshRSS/FreshRSS/compare/1.27.1...1.28.0)

- Features
  - New sorting and filtering by date of *User modified* [#&#8203;7886](https://github.com/FreshRSS/FreshRSS/pull/7886), [#&#8203;8090](https://github.com/FreshRSS/FreshRSS/pull/8090),
    [#&#8203;8105](https://github.com/FreshRSS/FreshRSS/pull/8105), [#&#8203;8118](https://github.com/FreshRSS/FreshRSS/pull/8118), [#&#8203;8130](https://github.com/FreshRSS/FreshRSS/pull/8130)
    - Corresponding search operator, e.g. `userdate:PT1H` for the past hour [#&#8203;8093](https://github.com/FreshRSS/FreshRSS/pull/8093)
    - Allows finding articles marked by the local user as read/unread or starred/unstarred at specific dates for e.g. undo action.
  - New sorting by article length [#&#8203;8119](https://github.com/FreshRSS/FreshRSS/pull/8119)
  - New advanced search form [#&#8203;8103](https://github.com/FreshRSS/FreshRSS/pull/8103), [#&#8203;8122](https://github.com/FreshRSS/FreshRSS/pull/8122), [#&#8203;8226](https://github.com/FreshRSS/FreshRSS/pull/8226)
  - Add compatibility with PCRE word boundary `\b` and `\B` for regex search using PostgreSQL [#&#8203;8141](https://github.com/FreshRSS/FreshRSS/pull/8141)
  - More uniform SQL search and PHP search for accents and case-sensitivity (e.g. for automatically marking as read) [#&#8203;8329](https://github.com/FreshRSS/FreshRSS/pull/8329)
  - New overview of dates with most unread articles [#&#8203;8089](https://github.com/FreshRSS/FreshRSS/pull/8089)
  - Allow marking as read articles older than 1 or 7 days also when sorting by publication date [#&#8203;8163](https://github.com/FreshRSS/FreshRSS/pull/8163)
  - New option to show user labels instead of tags in RSS share [#&#8203;8112](https://github.com/FreshRSS/FreshRSS/pull/8112)
  - Add new feed visibility (priority) *Show in its feed* [#&#8203;7972](https://github.com/FreshRSS/FreshRSS/pull/7972)
  - New ability to share feed visibility through API (implemented by e.g. Capy Reader) [#&#8203;7583](https://github.com/FreshRSS/FreshRSS/pull/7583), [#&#8203;8158](https://github.com/FreshRSS/FreshRSS/pull/8158)
  - Configurable notification timeout [#&#8203;7942](https://github.com/FreshRSS/FreshRSS/pull/7942)
  - OPML export/import of unicity criteria [#&#8203;8243](https://github.com/FreshRSS/FreshRSS/pull/8243)
  - Ensure stable IDs (categories, feeds, labels) during export/import [#&#8203;7988](https://github.com/FreshRSS/FreshRSS/pull/7988)
  - Add username and timestamp to SQLite export from Web UI [#&#8203;8169](https://github.com/FreshRSS/FreshRSS/pull/8169)
  - Add option to apply filter actions to existing articles [#&#8203;7959](https://github.com/FreshRSS/FreshRSS/pull/7959), [#&#8203;8259](https://github.com/FreshRSS/FreshRSS/pull/8259)
  - Support CSS selector `~` *subsequent-sibling* [#&#8203;8154](https://github.com/FreshRSS/FreshRSS/pull/8154)
    - Upstream PR [phpgt/CssXPath#231](https://github.com/phpgt/CssXPath/pull/231)
  - Rework saving of configuration files for more reliability in case of e.g. full disk [#&#8203;8220](https://github.com/FreshRSS/FreshRSS/pull/8220)
  - Web scraping support date format as milliseconds for Unix epoch [#&#8203;8266](https://github.com/FreshRSS/FreshRSS/pull/8266)
  - Allow negative category sort numbers [#&#8203;8330](https://github.com/FreshRSS/FreshRSS/pull/8330)
- Performance
  - Improve SQL speed for updating cached information [#&#8203;6957](https://github.com/FreshRSS/FreshRSS/pull/6957), [#&#8203;8207](https://github.com/FreshRSS/FreshRSS/pull/8207),
    [#&#8203;8255](https://github.com/FreshRSS/FreshRSS/pull/8255), [#&#8203;8254](https://github.com/FreshRSS/FreshRSS/pull/8254), [#&#8203;8255](https://github.com/FreshRSS/FreshRSS/pull/8255)
  - Fix SQL performance issue with MySQL, using an index hint [#&#8203;8211](https://github.com/FreshRSS/FreshRSS/pull/8211)
  - Scaling of user statistics in Web UI and CLI, to help instances with 1k+ users [#&#8203;8277](https://github.com/FreshRSS/FreshRSS/pull/8277)
  - API streaming of large responses for reducing memory consumption and increasing speed [#&#8203;8041](https://github.com/FreshRSS/FreshRSS/pull/8041)
- Security
  - 💥 Move unsafe autologin to an extension [#&#8203;7958](https://github.com/FreshRSS/FreshRSS/pull/7958)
  - Fix some CSRFs [#&#8203;8035](https://github.com/FreshRSS/FreshRSS/pull/8035)
  - Strengthen some crypto (login, tokens, nonces) [#&#8203;8061](https://github.com/FreshRSS/FreshRSS/pull/8061), [#&#8203;8320](https://github.com/FreshRSS/FreshRSS/pull/8320)
  - Create separate HTTP `Retry-After` rules for proxies [#&#8203;8029](https://github.com/FreshRSS/FreshRSS/pull/8029), [#&#8203;8218](https://github.com/FreshRSS/FreshRSS/pull/8218)
  - Add `data:` to CSP in subscription controller [#&#8203;8253](https://github.com/FreshRSS/FreshRSS/pull/8253)
  - Improve anonymous authentication logic [#&#8203;8165](https://github.com/FreshRSS/FreshRSS/pull/8165)
  - Enable GitHub [release immutability](https://github.blog/changelog/2025-10-28-immutable-releases-are-now-generally-available/) [#&#8203;8205](https://github.com/FreshRSS/FreshRSS/issues/8205)
- Bug fixing
  - Exclude local networks for domain-wide HTTP `Retry-After` [#&#8203;8195](https://github.com/FreshRSS/FreshRSS/pull/8195)
  - Fix OpenID Connect with Debian 13 [#&#8203;8032](https://github.com/FreshRSS/FreshRSS/pull/8032)
  - Fix MySQL / MariaDB bug wrongly sorting new articles [#&#8203;8223](https://github.com/FreshRSS/FreshRSS/pull/8223)
  - Fix MySQL / MariaDB database size calculation [#&#8203;8282](https://github.com/FreshRSS/FreshRSS/pull/8282)
  - Fix SQLite bind bug when adding user label [#&#8203;8101](https://github.com/FreshRSS/FreshRSS/pull/8101)
  - Fix SQL auto-update of field `f.kind` to ease migrations from FreshRSS versions older than 1.20.0 [#&#8203;8148](https://github.com/FreshRSS/FreshRSS/pull/8148)
  - Fix search encoding and quoting [#&#8203;8311](https://github.com/FreshRSS/FreshRSS/pull/8311), [#&#8203;8324](https://github.com/FreshRSS/FreshRSS/pull/8324), [#&#8203;8338](https://github.com/FreshRSS/FreshRSS/pull/8338)
  - Fix handling of database unexpected null content (during migrations) [#&#8203;8319](https://github.com/FreshRSS/FreshRSS/pull/8319), [#&#8203;8321](https://github.com/FreshRSS/FreshRSS/pull/8321)
  - Fix drag & drop of user query losing information [#&#8203;8113](https://github.com/FreshRSS/FreshRSS/pull/8113)
  - Fix DOM error while filtering retrieved full content [#&#8203;8132](https://github.com/FreshRSS/FreshRSS/pull/8132), [#&#8203;8161](https://github.com/FreshRSS/FreshRSS/pull/8161)
  - Fix `config.custom.php` during install [#&#8203;8033](https://github.com/FreshRSS/FreshRSS/pull/8033)
  - Fix do not mark important feeds as read from category [#&#8203;8067](https://github.com/FreshRSS/FreshRSS/pull/8067)
  - Fix regression of warnings in Web browser console due to lack of `window.bcrypt` object [#&#8203;8166](https://github.com/FreshRSS/FreshRSS/pull/8166)
  - Fix chart resize regression due to `chart.js` v4 update [#&#8203;8298](https://github.com/FreshRSS/FreshRSS/pull/8298)
  - Fix CLI user creation warning when language is not given [#&#8203;8283](https://github.com/FreshRSS/FreshRSS/pull/8283)
  - Fix merging of custom HTTP headers [#&#8203;8251](https://github.com/FreshRSS/FreshRSS/pull/8251)
  - Fix bug in the case of duplicated mark-as-read filters [#&#8203;8322](https://github.com/FreshRSS/FreshRSS/pull/8322)
- SimplePie
  - Fix support of HTTP trailer headers [#&#8203;7983](https://github.com/FreshRSS/FreshRSS/pull/7983), [simplepie#943](https://github.com/simplepie/simplepie/pull/943)
  - Apply HTTPS policy also on GUIDs and permalinks [#&#8203;8037](https://github.com/FreshRSS/FreshRSS/pull/8037), [simplepie#951](https://github.com/simplepie/simplepie/pull/951)
    - Fix `WordPress.com` HTTP duplicates with WebSub [Automattic/pushpress#16](https://github.com/Automattic/pushpress/pull/16)
  - Implement HTML whitelist for SimplePie sanitizer [#&#8203;7924](https://github.com/FreshRSS/FreshRSS/pull/7924), [simplepie#947](https://github.com/simplepie/simplepie/pull/947)
  - Various upstream contributions [simplepie#940](https://github.com/simplepie/simplepie/pull/940), [simplepie#944](https://github.com/simplepie/simplepie/pull/944)
- Deployment
  - Docker default image updated to Debian 13 Trixie with PHP 8.4.11 and Apache 2.4.65 [#&#8203;8032](https://github.com/FreshRSS/FreshRSS/pull/8032)
  - Docker alternative image updated to Alpine 3.23 with PHP 8.4.15 and Apache 2.4.65 [#&#8203;8285](https://github.com/FreshRSS/FreshRSS/pull/8285)
  - Fix Docker healthcheck `cli/health.php` compatibility with OpenID Connect [#&#8203;8040](https://github.com/FreshRSS/FreshRSS/pull/8040)
  - Improve Docker for compatibility with other base images such as Arch Linux [#&#8203;8299](https://github.com/FreshRSS/FreshRSS/pull/8299)
    - Improve `cli/access-permissions.sh` to detect the correct permission Web group such as `www-data`, `apache`, or `http`
  - Update PostgreSQL volume for Docker [#&#8203;8216](https://github.com/FreshRSS/FreshRSS/pull/8216), [#&#8203;8224](https://github.com/FreshRSS/FreshRSS/pull/8224)
  - Catch lack of `exec()` function for git update [#&#8203;8228](https://github.com/FreshRSS/FreshRSS/pull/8228)
  - Work around `DOMDocument::saveHTML()` scrambling charset encoding in some versions of libxml2 [#&#8203;8296](https://github.com/FreshRSS/FreshRSS/pull/8296)
  - Improve configuration checks for PHP extensions (in Web UI and CLI), including recommending e.g. `php-intl` [#&#8203;8334](https://github.com/FreshRSS/FreshRSS/pull/8334)
- UI
  - New button for toggling sidebar on desktop view [#&#8203;8201](https://github.com/FreshRSS/FreshRSS/pull/8201), [#&#8203;8286](https://github.com/FreshRSS/FreshRSS/pull/8286)
  - Better transitions between groups of articles [#&#8203;8174](https://github.com/FreshRSS/FreshRSS/pull/8174)
  - New links in transitions and jump ⏭ to next transition [#&#8203;8294](https://github.com/FreshRSS/FreshRSS/pull/8294)
  - More visible selected article [#&#8203;8230](https://github.com/FreshRSS/FreshRSS/pull/8230)
  - Show the parsed search query instead of the original user input [#&#8203;8293](https://github.com/FreshRSS/FreshRSS/pull/8293),
    [#&#8203;8306](https://github.com/FreshRSS/FreshRSS/pull/8306), [#&#8203;8341](https://github.com/FreshRSS/FreshRSS/pull/8341)
  - Show search query in the page title [#&#8203;8217](https://github.com/FreshRSS/FreshRSS/pull/8217)
  - Scroll into filtered feed/category on page load in the sidebar [#&#8203;8281](https://github.com/FreshRSS/FreshRSS/pull/8281), [#&#8203;8307](https://github.com/FreshRSS/FreshRSS/pull/8307)
  - Fix autocomplete issues in change password form [#&#8203;7812](https://github.com/FreshRSS/FreshRSS/pull/7812)
  - Fix navigating between read feeds using shortcut <kbd>shift</kbd>+<kbd>j</kbd>/<kbd>k</kbd> [#&#8203;8057](https://github.com/FreshRSS/FreshRSS/pull/8057)
  - Dark background in Web app manifest to avoid white flash when opening [#&#8203;8140](https://github.com/FreshRSS/FreshRSS/pull/8140)
  - Increase button visibility in UI to change theme [#&#8203;8149](https://github.com/FreshRSS/FreshRSS/pull/8149)
  - Replace arrow navigation in theme switcher with `<select>` [#&#8203;8190](https://github.com/FreshRSS/FreshRSS/pull/8190)
  - Improve scroll of article after load of user labels [#&#8203;7962](https://github.com/FreshRSS/FreshRSS/pull/7962)
  - Keep scroll state of page when closing the slider [#&#8203;8295](https://github.com/FreshRSS/FreshRSS/pull/8295), [#&#8203;8301](https://github.com/FreshRSS/FreshRSS/pull/8301)
  - Scroll into filtered feed/category on page load [#&#8203;8281](https://github.com/FreshRSS/FreshRSS/pull/8281)
  - Display sidebar dropdowns above if no space below [#&#8203;8335](https://github.com/FreshRSS/FreshRSS/pull/8335), [#&#8203;8336](https://github.com/FreshRSS/FreshRSS/pull/8336)
  - Use native CSS instead of SCSS [#&#8203;8200](https://github.com/FreshRSS/FreshRSS/pull/8200), [#&#8203;8241](https://github.com/FreshRSS/FreshRSS/pull/8241)
    - Using [CSS nesting](https://developer.mozilla.org/en-US/docs/Web/CSS/Guides/Nesting) and [relative colours](https://developer.mozilla.org/en-US/docs/Web/CSS/Guides/Colors/Using_relative_colors).
  - Various UI and style improvements: [#&#8203;8171](https://github.com/FreshRSS/FreshRSS/pull/8171), [#&#8203;8185](https://github.com/FreshRSS/FreshRSS/pull/8185), [#&#8203;8196](https://github.com/FreshRSS/FreshRSS/pull/8196)
  - JavaScript finalise migration from `Promise` to `async`/`await`: [#&#8203;8182](https://github.com/FreshRSS/FreshRSS/pull/8182)
- API
  - API performance optimisation: streaming of large responses [#&#8203;8041](https://github.com/FreshRSS/FreshRSS/pull/8041)
  - Fever API: Add `with_ids` parameter to mass-change read/unread/saved/unsaved on lists of articles [#&#8203;8312](https://github.com/FreshRSS/FreshRSS/pull/8312)
  - Misc API: better REST error semantics [#&#8203;8232](https://github.com/FreshRSS/FreshRSS/pull/8232)
- Extensions
  - Add support for extension priority [#&#8203;8038](https://github.com/FreshRSS/FreshRSS/pull/8038)
  - Add support for extension compatibility [#&#8203;8081](https://github.com/FreshRSS/FreshRSS/pull/8081)
  - Improve PHP code with hook enums [#&#8203;8036](https://github.com/FreshRSS/FreshRSS/pull/8036)
  - New hook `nav_entries` [#&#8203;8054](https://github.com/FreshRSS/FreshRSS/pull/8054)
  - Rename [Extensions](https://github.com/FreshRSS/Extensions) default branch from *master* to *main* [#&#8203;8194](https://github.com/FreshRSS/FreshRSS/pull/8194)
- I18n
  - Translation status as text in README [#&#8203;7842](https://github.com/FreshRSS/FreshRSS/pull/7842)
  - Add new translate CLI commands `move` [#&#8203;8214](https://github.com/FreshRSS/FreshRSS/pull/8214)
  - Change some regional language codes to comply with RFC 5646 / IETF BCP 47 / ISO 3166 / ISO 639-1 [#&#8203;8065](https://github.com/FreshRSS/FreshRSS/pull/8065)
  - Improve German [#&#8203;8028](https://github.com/FreshRSS/FreshRSS/pull/8028)
  - Improve Greek [#&#8203;8146](https://github.com/FreshRSS/FreshRSS/pull/8146)
  - Improve Finnish [#&#8203;8073](https://github.com/FreshRSS/FreshRSS/pull/8073), [#&#8203;8092](https://github.com/FreshRSS/FreshRSS/pull/8092)
  - Improve Hungarian [#&#8203;8244](https://github.com/FreshRSS/FreshRSS/pull/8244)
  - Improve Italian [#&#8203;8115](https://github.com/FreshRSS/FreshRSS/pull/8115), [#&#8203;8186](https://github.com/FreshRSS/FreshRSS/pull/8186)
  - Improve Polish [#&#8203;8134](https://github.com/FreshRSS/FreshRSS/pull/8134), [#&#8203;8135](https://github.com/FreshRSS/FreshRSS/pull/8135)
  - Improve Russian [#&#8203;8155](https://github.com/FreshRSS/FreshRSS/pull/8155), [#&#8203;8197](https://github.com/FreshRSS/FreshRSS/pull/8197)
  - Improve Simplified Chinese [#&#8203;8308](https://github.com/FreshRSS/FreshRSS/pull/8308), [#&#8203;8313](https://github.com/FreshRSS/FreshRSS/pull/8313)
- Misc.
  - Add code to modify a search expression [#&#8203;8293](https://github.com/FreshRSS/FreshRSS/pull/8293)
  - Remove *Pocket* sharing service [#&#8203;8127](https://github.com/FreshRSS/FreshRSS/pull/8127), [#&#8203;8128](https://github.com/FreshRSS/FreshRSS/pull/8128)
  - Update to PHPMailer 7.0.1 [#&#8203;8048](https://github.com/FreshRSS/FreshRSS/pull/8048), [#&#8203;8180](https://github.com/FreshRSS/FreshRSS/pull/8180), [#&#8203;8272](https://github.com/FreshRSS/FreshRSS/pull/8272)
  - 💥 Housekeeping of `lib_rss.php` with potential breaking changes for some extensions [#&#8203;8193](https://github.com/FreshRSS/FreshRSS/pull/8193),
  - Use native PHP `#[Deprecated]` [#&#8203;8325](https://github.com/FreshRSS/FreshRSS/pull/8325)
  - Improve PHP code [#&#8203;8156](https://github.com/FreshRSS/FreshRSS/pull/8156), [#&#8203;8203](https://github.com/FreshRSS/FreshRSS/pull/8203), [#&#8203;8284](https://github.com/FreshRSS/FreshRSS/pull/8284),
    [#&#8203;8292](https://github.com/FreshRSS/FreshRSS/pull/8292), [#&#8203;8297](https://github.com/FreshRSS/FreshRSS/pull/8297)
  - GitHub Actions: `--no-progress` [#&#8203;8315](https://github.com/FreshRSS/FreshRSS/pull/8315)
  - Update dev dependencies [#&#8203;8043](https://github.com/FreshRSS/FreshRSS/pull/8043), [#&#8203;8044](https://github.com/FreshRSS/FreshRSS/pull/8044),
    [#&#8203;8045](https://github.com/FreshRSS/FreshRSS/pull/8045), [#&#8203;8046](https://github.com/FreshRSS/FreshRSS/pull/8046), [#&#8203;8047](https://github.com/FreshRSS/FreshRSS/pull/8047),
    [#&#8203;8052](https://github.com/FreshRSS/FreshRSS/pull/8052), [#&#8203;8176](https://github.com/FreshRSS/FreshRSS/pull/8176), [#&#8203;8177](https://github.com/FreshRSS/FreshRSS/pull/8177),
    [#&#8203;8178](https://github.com/FreshRSS/FreshRSS/pull/8178), [#&#8203;8179](https://github.com/FreshRSS/FreshRSS/pull/8179), [#&#8203;8210](https://github.com/FreshRSS/FreshRSS/pull/8210),
    [#&#8203;8270](https://github.com/FreshRSS/FreshRSS/pull/8270), [#&#8203;8271](https://github.com/FreshRSS/FreshRSS/pull/8271), [#&#8203;8273](https://github.com/FreshRSS/FreshRSS/pull/8273),
    [#&#8203;8274](https://github.com/FreshRSS/FreshRSS/pull/8274), [#&#8203;8275](https://github.com/FreshRSS/FreshRSS/pull/8275), [#&#8203;8276](https://github.com/FreshRSS/FreshRSS/pull/8276)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zOS4xIiwidXBkYXRlZEluVmVyIjoiNDIuMzkuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiaW1hZ2UiXX0=-->

Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/2851
Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net>
Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>
 2025-12-26 23:56:14 +00:00
Alex Lebens
f34a0ba929 update image
All checks were successful
lint-test-helm / lint-helm (push) Successful in 11s
Details
renovate / renovate (push) Successful in 1m0s
Details
render-manifests-push / render-manifests-push (push) Successful in 3m16s
Details
2025-12-26 17:18:40 -06:00
Alex Lebens
7a2938a142 upgrade chart 2025-12-26 17:18:18 -06:00
Alex Lebens
cadda99eca scale
All checks were successful
lint-test-helm / lint-helm (push) Successful in 12s
Details
render-manifests-push / render-manifests-push (push) Successful in 37s
Details
renovate / renovate (push) Successful in 1m1s
Details
2025-12-26 17:02:55 -06:00
Renovate Bot
a8ef14d27a Update Helm release local-path-provisioner to v0.0.34 (#2871)
All checks were successful
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 16s
Details
renovate / renovate (push) Successful in 1m7s
Details
2025-12-26 21:55:48 +00:00
Renovate Bot
e9a07a5446 Update searxng/searxng:latest Docker digest to 8d98d5c (#2870)
Some checks failed
render-manifests-push / render-manifests-push (push) Has been skipped
Details
lint-test-helm / lint-helm (push) Successful in 19s
Details
renovate / renovate (push) Has been cancelled
Details
2025-12-26 21:55:22 +00:00
91 changed files with 344 additions and 732 deletions
Expand all files Collapse all files

6
clusters/cl01tl/helm/actual/values.yaml
View File

@@ -77,3 +77,9 @@ actual:
readOnly: false
volsync-target-data:
pvcTarget: actual-data
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/argo-workflows/Chart.yaml
View File

@@ -25,7 +25,7 @@ dependencies:
repository: https://argoproj.github.io/argo-helm
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
# renovate: github=argoproj/argo-workflows

12
clusters/cl01tl/helm/audiobookshelf/values.yaml
View File

@@ -123,5 +123,17 @@ audiobookshelf:
readOnly: false
volsync-target-config:
pvcTarget: audiobookshelf-config
local:
enabled: false
remote:
enabled: false
external:
enabled: false
volsync-target-metadata:
pvcTarget: audiobookshelf-metadata
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/authentik/Chart.yaml
View File

@@ -28,7 +28,7 @@ dependencies:
version: 2.1.4
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: redis-replication
version: 0.5.0

4
clusters/cl01tl/helm/authentik/values.yaml
View File

@@ -109,7 +109,7 @@ redis-replication:
existingSecret:
enabled: false
redisReplication:
clusterSize: 3
clusterSize: 1
redisSentinel:
enabled: true
enabled: false
clusterSize: 3

12
clusters/cl01tl/helm/backrest/values.yaml
View File

@@ -107,5 +107,17 @@ backrest:
readOnly: true
volsync-target-data:
pvcTarget: backrest-data
local:
enabled: false
remote:
enabled: false
external:
enabled: false
volsync-target-config:
pvcTarget: backrest-config
local:
enabled: false
remote:
enabled: false
external:
enabled: false

6
clusters/cl01tl/helm/bazarr/values.yaml
View File

@@ -83,3 +83,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

3
clusters/cl01tl/helm/blocky/values.yaml
View File

@@ -135,7 +135,6 @@ blocky:
lidatube IN CNAME traefik-cl01tl
listenarr IN CNAME traefik-cl01tl
mail IN CNAME traefik-cl01tl
n8n IN CNAME traefik-cl01tl
navidrome IN CNAME traefik-cl01tl
ntfy IN CNAME traefik-cl01tl
objects IN CNAME traefik-cl01tl
@@ -319,6 +318,6 @@ redis-replication:
existingSecret:
enabled: false
redisReplication:
clusterSize: 3
clusterSize: 1
redisSentinel:
enabled: false

6
clusters/cl01tl/helm/booklore/values.yaml
View File

@@ -202,6 +202,12 @@ mariadb-cluster:
key: secret
volsync-target-config:
pvcTarget: booklore-config
local:
enabled: false
remote:
enabled: false
external:
enabled: false
volsync-target-data:
pvcTarget: booklore-data
local:

6
clusters/cl01tl/helm/code-server/values.yaml
View File

@@ -75,3 +75,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/directus/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 2.1.4
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: redis-replication
version: 0.5.0

4
clusters/cl01tl/helm/directus/values.yaml
View File

@@ -216,7 +216,7 @@ redis-replication:
name: directus-redis-config
key: password
redisReplication:
clusterSize: 3
clusterSize: 1
redisSentinel:
enabled: true
enabled: false
clusterSize: 3

6
clusters/cl01tl/helm/ephemera/values.yaml
View File

@@ -129,3 +129,9 @@ ephemera:
readOnly: false
volsync-target-config:
pvcTarget: ephemera
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/freshrss/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 2.1.4
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-data

8
clusters/cl01tl/helm/freshrss/values.yaml
View File

@@ -80,7 +80,7 @@ freshrss:
main:
image:
repository: freshrss/freshrss
tag: 1.27.1
tag: 1.28.0
pullPolicy: IfNotPresent
env:
- name: PGID
@@ -246,3 +246,9 @@ volsync-target-data:
- 100
- 109
- 65539
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/gatus/Chart.yaml
View File

@@ -22,7 +22,7 @@ dependencies:
version: 1.4.4
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-data

9
clusters/cl01tl/helm/gatus/values.yaml
View File

@@ -185,9 +185,6 @@ gatus:
- name: argo-workflows
url: https://argo-workflows.alexlebens.net
<<: *defaults
- name: n8n
url: https://n8n.alexlebens.net
<<: *defaults
- name: omni-tools
url: https://omni-tools.alexlebens.net
<<: *defaults
@@ -426,3 +423,9 @@ postgres-18-cluster:
# backupName: external
volsync-target-data:
pvcTarget: gatus
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/gitea/Chart.yaml
View File

@@ -39,7 +39,7 @@ dependencies:
version: 2.1.4
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: redis-replication
alias: redis-replication-gitea

2
clusters/cl01tl/helm/gitea/values.yaml
View File

@@ -1,7 +1,7 @@
gitea:
global:
imageRegistry: registry.hub.docker.com
replicaCount: 3
replicaCount: 2
image:
repository: gitea/gitea
tag: 1.25.3

2
clusters/cl01tl/helm/grafana-operator/Chart.yaml
View File

@@ -21,7 +21,7 @@ dependencies:
repository: https://grafana.github.io/helm-charts
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: redis-replication
alias: redis-replication-unified-alerting

2
clusters/cl01tl/helm/harbor/Chart.yaml
View File

@@ -21,7 +21,7 @@ dependencies:
repository: https://helm.goharbor.io
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
- name: redis-replication
version: 0.5.0

4
clusters/cl01tl/helm/harbor/values.yaml
View File

@@ -142,7 +142,7 @@ redis-replication:
existingSecret:
enabled: false
redisReplication:
clusterSize: 3
clusterSize: 1
redisSentinel:
enabled: true
enabled: false
clusterSize: 3

6
clusters/cl01tl/helm/home-assistant/values.yaml
View File

@@ -132,3 +132,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

6
clusters/cl01tl/helm/homepage/values.yaml
View File

@@ -331,12 +331,6 @@ homepage:
href: https://argo-workflows.alexlebens.net
siteMonitor: http://argo-workflows-server.argo-workflows:2746
statusStyle: dot
- API Workflows:
icon: sh-n8n.webp
description: n8n
href: https://n8n.alexlebens.net
siteMonitor: http://n8n-main.n8n:80
statusStyle: dot
- Uptime:
icon: sh-gatus.webp
description: Gatus

6
clusters/cl01tl/helm/huntarr/values.yaml
View File

@@ -60,3 +60,9 @@ huntarr:
readOnly: false
volsync-target-config:
pvcTarget: huntarr-config
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/immich/Chart.yaml
View File

@@ -20,7 +20,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: redis-replication
version: 0.5.0

4
clusters/cl01tl/helm/immich/values.yaml
View File

@@ -226,9 +226,9 @@ redis-replication:
existingSecret:
enabled: false
redisReplication:
clusterSize: 3
clusterSize: 1
redisSentinel:
enabled: true
enabled: false
clusterSize: 3
volsync-target-data:
pvcTarget: immich

2
clusters/cl01tl/helm/jellystat/Chart.yaml
View File

@@ -21,7 +21,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-data

6
clusters/cl01tl/helm/jellystat/values.yaml
View File

@@ -144,3 +144,9 @@ postgres-18-cluster:
volsync-target-data:
pvcTarget: jellystat-data
local:
enabled: false
remote:
enabled: false
external:
enabled: false

6
clusters/cl01tl/helm/karakeep/values.yaml
View File

@@ -170,3 +170,9 @@ meilisearch:
enabled: true
volsync-target-data:
pvcTarget: karakeep
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/komodo/Chart.yaml
View File

@@ -23,7 +23,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgresql-17-fdb-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/komodo.png
# renovate: github=moghtech/komodo

4
clusters/cl01tl/helm/kube-prometheus-stack/values.yaml
View File

@@ -174,12 +174,12 @@ redis-replication:
existingSecret:
enabled: false
redisReplication:
clusterSize: 3
clusterSize: 1
volumeClaimTemplate:
spec:
resources:
requests:
storage: 10Gi
redisSentinel:
enabled: true
enabled: false
clusterSize: 3

6
clusters/cl01tl/helm/libation/values.yaml
View File

@@ -62,3 +62,9 @@ libation:
readOnly: false
volsync-target-config:
pvcTarget: libation
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/lidarr/Chart.yaml
View File

@@ -24,7 +24,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-config

6
clusters/cl01tl/helm/lidarr/values.yaml
View File

@@ -170,3 +170,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

6
clusters/cl01tl/helm/lidatube/values.yaml
View File

@@ -92,3 +92,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

6
clusters/cl01tl/helm/listenarr/values.yaml
View File

@@ -73,3 +73,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

6
clusters/cl01tl/helm/local-path-provisioner/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies:
- name: local-path-provisioner
repository: https://charts.containeroo.ch
version: 0.0.33
digest: sha256:323aa6386161d2f5e2f3122082bc1dc63aeae96d2e02520b8d5dc63f80c3be1c
generated: "2025-12-01T20:26:30.26287-06:00"
version: 0.0.34
digest: sha256:f4f946897660d5d65eb2a56144d907c0b48c9a72e20d10a73684eaeb0d50cfd3
generated: "2025-12-26T21:55:29.099967751Z"

2
clusters/cl01tl/helm/local-path-provisioner/Chart.yaml
View File

@@ -15,7 +15,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: local-path-provisioner
version: 0.0.33
version: 0.0.34
repository: https://charts.containeroo.ch
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
# renovate: github=rancher/local-path-provisioner

2
clusters/cl01tl/helm/matrix-synapse/Chart.yaml
View File

@@ -53,7 +53,7 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: redis-replication
alias: redis-replication-matrix-synapse

24
clusters/cl01tl/helm/matrix-synapse/values.yaml
View File

@@ -477,15 +477,39 @@ redis-replication-hookshot:
clusterSize: 3
volsync-target-synapse:
pvcTarget: matrix-synapse
local:
enabled: false
remote:
enabled: false
external:
enabled: false
volsync-target-hookshot:
pvcTarget: matrix-hookshot
local:
enabled: false
remote:
enabled: false
external:
enabled: false
volsync-target-discord:
pvcTarget: mautrix-discord
moverSecurityContext:
runAsUser: 1337
runAsGroup: 1337
local:
enabled: false
remote:
enabled: false
external:
enabled: false
volsync-target-whatsapp:
pvcTarget: mautrix-whatsapp
moverSecurityContext:
runAsUser: 1337
runAsGroup: 1337
local:
enabled: false
remote:
enabled: false
external:
enabled: false

15
clusters/cl01tl/helm/n8n/Chart.lock
View File

@@ -1,15 +0,0 @@
dependencies:
- name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.4.3
- name: redis-replication
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.5.0
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.6.0
digest: sha256:044b0cda285583d8cb792725b75887041f82e5d6906566cd3677d2f67186d7f1
generated: "2025-12-23T22:38:27.330827-06:00"

35
clusters/cl01tl/helm/n8n/Chart.yaml
View File

@@ -1,35 +0,0 @@
apiVersion: v2
name: n8n
version: 1.0.0
description: n8n
keywords:
- n8n
- automation
home: https://wiki.alexlebens.dev/s/e4544bd4-c66a-420c-8020-c54b2078181a
sources:
- https://github.com/n8n-io/n8n
- https://github.com/cloudnative-pg/cloudnative-pg
- https://github.com/n8n-io/n8n/pkgs/container/n8n
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: n8n
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
repository: oci://harbor.alexlebens.net/helm-charts
- name: redis-replication
version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-data
version: 0.6.0
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/n8n.png
# renovate: github=n8n-io/n8n
appVersion: 2.0.1

21
clusters/cl01tl/helm/n8n/templates/external-secret.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: n8n-config-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: n8n-config-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: key
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/n8n/config
metadataPolicy: None
property: key

441
clusters/cl01tl/helm/n8n/values.yaml
View File

@@ -1,441 +0,0 @@
n8n:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: ghcr.io/n8n-io/n8n
tag: 2.2.1
pullPolicy: IfNotPresent
env:
- name: GENERIC_TIMEZONE
value: US/Central
- name: DB_TYPE
value: postgresdb
- name: DB_POSTGRESDB_DATABASE
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: dbname
- name: DB_POSTGRESDB_HOST
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: host
- name: DB_POSTGRESDB_PORT
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: port
- name: DB_POSTGRESDB_USER
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: user
- name: DB_POSTGRESDB_PASSWORD
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: password
- name: N8N_METRICS
value: true
- name: QUEUE_HEALTH_CHECK_ACTIVE
value: true
- name: EXECUTIONS_MODE
value: queue
- name: QUEUE_BULL_REDIS_HOST
value: redis-replication-n8n-master.n8n
- name: N8N_ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: n8n-config-secret
key: key
- name: WEBHOOK_URL
value: https://n8n.alexlebens.net/
probes:
liveness:
enabled: true
custom: true
spec:
httpGet:
path: /healthz
port: 5678
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness:
enabled: true
custom: true
spec:
httpGet:
path: /healthz/readiness
port: 5678
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
resources:
requests:
cpu: 10m
memory: 128Mi
worker:
type: daemonset
revisionHistoryLimit: 3
pod:
nodeSelector:
kubernetes.io/arch: amd64
containers:
main:
image:
repository: ghcr.io/n8n-io/n8n
tag: 2.2.1
pullPolicy: IfNotPresent
command:
- n8n
args:
- worker
# - --concurrency=10
env:
- name: GENERIC_TIMEZONE
value: US/Central
- name: DB_TYPE
value: postgresdb
- name: DB_POSTGRESDB_DATABASE
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: dbname
- name: DB_POSTGRESDB_HOST
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: host
- name: DB_POSTGRESDB_PORT
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: port
- name: DB_POSTGRESDB_USER
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: user
- name: DB_POSTGRESDB_PASSWORD
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: password
- name: N8N_METRICS
value: true
- name: N8N_RUNNERS_ENABLED
value: true
- name: N8N_BLOCK_ENV_ACCESS_IN_NODE
value: true
- name: N8N_GIT_NODE_DISABLE_BARE_REPOS
value: true
- name: QUEUE_HEALTH_CHECK_ACTIVE
value: true
- name: EXECUTIONS_MODE
value: queue
- name: QUEUE_BULL_REDIS_HOST
value: redis-replication-n8n-master.n8n
- name: N8N_ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: n8n-config-secret
key: key
- name: WEBHOOK_URL
value: https://n8n.alexlebens.net/
probes:
liveness:
enabled: false
custom: true
spec:
httpGet:
path: /healthz
port: 5678
initialDelaySeconds: 60
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness:
enabled: false
custom: true
spec:
httpGet:
path: /healthz/readiness
port: 5678
initialDelaySeconds: 60
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
resources:
requests:
cpu: 10m
memory: 128Mi
webhook:
type: daemonset
revisionHistoryLimit: 3
pod:
nodeSelector:
kubernetes.io/arch: amd64
containers:
main:
image:
repository: ghcr.io/n8n-io/n8n
tag: 2.2.1
pullPolicy: IfNotPresent
command:
- n8n
args:
- webhook
env:
- name: GENERIC_TIMEZONE
value: US/Central
- name: DB_TYPE
value: postgresdb
- name: DB_POSTGRESDB_DATABASE
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: dbname
- name: DB_POSTGRESDB_HOST
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: host
- name: DB_POSTGRESDB_PORT
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: port
- name: DB_POSTGRESDB_USER
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: user
- name: DB_POSTGRESDB_PASSWORD
valueFrom:
secretKeyRef:
name: n8n-postgresql-18-cluster-app
key: password
- name: N8N_METRICS
value: true
- name: QUEUE_HEALTH_CHECK_ACTIVE
value: true
- name: EXECUTIONS_MODE
value: queue
- name: QUEUE_BULL_REDIS_HOST
value: redis-replication-n8n-master.n8n
- name: N8N_ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: n8n-config-secret
key: key
- name: WEBHOOK_URL
value: https://n8n.alexlebens.net/
- name: N8N_DIAGNOSTICS_ENABLED
value: false
- name: N8N_VERSION_NOTIFICATIONS_ENABLED
value: false
probes:
liveness:
enabled: true
custom: true
spec:
httpGet:
path: /healthz
port: 5678
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness:
enabled: true
custom: true
spec:
httpGet:
path: /healthz/readiness
port: 5678
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
resources:
requests:
cpu: 10m
memory: 128Mi
service:
main:
controller: main
ports:
http:
port: 80
targetPort: 5678
protocol: HTTP
worker:
controller: worker
ports:
http:
port: 80
targetPort: 5678
protocol: HTTP
webhook:
controller: webhook
ports:
http:
port: 80
targetPort: 5678
protocol: HTTP
serviceMonitor:
main:
selector:
matchLabels:
app.kubernetes.io/name: n8n-main
app.kubernetes.io/instance: n8n-main
serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}'
endpoints:
- port: http
interval: 3m
scrapeTimeout: 1m
path: /metrics
worker:
selector:
matchLabels:
app.kubernetes.io/name: n8n-worker
app.kubernetes.io/instance: n8n-worker
serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}'
endpoints:
- port: http
interval: 3m
scrapeTimeout: 1m
path: /metrics
webhook:
selector:
matchLabels:
app.kubernetes.io/name: n8n-webhook
app.kubernetes.io/instance: n8n-webhook
serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}'
endpoints:
- port: http
interval: 3m
scrapeTimeout: 1m
path: /metrics
route:
main:
kind: HTTPRoute
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- n8n.alexlebens.net
rules:
- backendRefs:
- group: ''
kind: Service
name: n8n-main
port: 80
weight: 100
matches:
- path:
type: PathPrefix
value: /
- path:
type: PathPrefix
value: /webhook-test/
- backendRefs:
- group: ''
kind: Service
name: n8n-webhook
port: 80
weight: 100
matches:
- path:
type: PathPrefix
value: /webhook/
- path:
type: PathPrefix
value: /webhook-waiting/
- path:
type: PathPrefix
value: /form/
persistence:
data:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 5Gi
advancedMounts:
main:
main:
- path: /data
readOnly: false
cache:
type: emptyDir
advancedMounts:
worker:
main:
- path: /home/node/.n8n
readOnly: false
webhook:
main:
- path: /home/node/.n8n
readOnly: false
postgres-18-cluster:
mode: recovery
recovery:
method: objectStore
objectStore:
index: 1
backup:
objectStore:
- name: garage-local
index: 1
destinationBucket: postgres-backups
externalSecretCredentialPath: /garage/home-infra/postgres-backups
isWALArchiver: true
# - name: garage-remote
# index: 1
# destinationBucket: postgres-backups
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
# retentionPolicy: "90d"
# data:
# compression: bzip2
# - name: external
# index: 1
# endpointURL: https://nyc3.digitaloceanspaces.com
# destinationBucket: postgres-backups-ce540ddf106d186bbddca68a
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
# isWALArchiver: false
scheduledBackups:
- name: live-backup
suspend: false
immediate: true
schedule: "0 0 0 * * *"
backupName: garage-local
# - name: weekly-backup
# suspend: true
# immediate: true
# schedule: "0 0 4 * * SAT"
# backupName: garage-remote
# - name: daily-backup
# suspend: true
# immediate: true
# schedule: "0 0 0 * * *"
# backupName: external
redis-replication:
existingSecret:
enabled: false
redisReplication:
clusterSize: 3
redisSentinel:
enabled: true
clusterSize: 3
volsync-target-data:
pvcTarget: n8n

6
clusters/cl01tl/helm/navidrome/values.yaml
View File

@@ -153,3 +153,9 @@ volsync-target-data:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/ollama/Chart.yaml
View File

@@ -23,7 +23,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-data

6
clusters/cl01tl/helm/ollama/values.yaml
View File

@@ -306,3 +306,9 @@ volsync-target-data:
moverSecurityContext:
runAsUser: 1337
runAsGroup: 1337
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/outline/Chart.yaml
View File

@@ -27,7 +27,7 @@ dependencies:
version: 2.1.4
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: redis-replication
version: 0.5.0

4
clusters/cl01tl/helm/outline/values.yaml
View File

@@ -188,7 +188,7 @@ redis-replication:
existingSecret:
enabled: false
redisReplication:
clusterSize: 3
clusterSize: 1
redisSentinel:
enabled: true
enabled: false
clusterSize: 3

2
clusters/cl01tl/helm/photoview/Chart.yaml
View File

@@ -20,7 +20,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/photoview.png
# renovate: github=photoview/photoview

2
clusters/cl01tl/helm/postiz/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 2.1.4
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: redis-replication
version: 0.5.0

16
clusters/cl01tl/helm/postiz/values.yaml
View File

@@ -173,11 +173,23 @@ redis-replication:
name: postiz-redis-config
key: password
redisReplication:
clusterSize: 3
clusterSize: 1
redisSentinel:
enabled: true
enabled: false
clusterSize: 3
volsync-target-config:
pvcTarget: postiz-config
local:
enabled: false
remote:
enabled: false
external:
enabled: false
volsync-target-upload:
pvcTarget: postiz-uploads
local:
enabled: false
remote:
enabled: false
external:
enabled: false

6
clusters/cl01tl/helm/prowlarr/values.yaml
View File

@@ -82,3 +82,9 @@ volsync-target-config:
- 100
- 109
- 65539
local:
enabled: false
remote:
enabled: false
external:
enabled: false

12
clusters/cl01tl/helm/qbittorrent/values.yaml
View File

@@ -453,5 +453,17 @@ volsync-target-config:
volumeSnapshotClassName: ceph-filesystem-snapshot
volsync-target-qbit-manage-config:
pvcTarget: qbittorrent-qbit-manage-config-data
local:
enabled: false
remote:
enabled: false
external:
enabled: false
volsync-target-qui-config:
pvcTarget: qbittorrent-qui-config-data
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/radarr-4k/Chart.yaml
View File

@@ -27,7 +27,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-config

6
clusters/cl01tl/helm/radarr-4k/values.yaml
View File

@@ -170,3 +170,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/radarr-anime/Chart.yaml
View File

@@ -27,7 +27,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-config

6
clusters/cl01tl/helm/radarr-anime/values.yaml
View File

@@ -168,3 +168,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/radarr-standup/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-config

6
clusters/cl01tl/helm/radarr-standup/values.yaml
View File

@@ -168,3 +168,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/radarr/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-config

6
clusters/cl01tl/helm/radarr/values.yaml
View File

@@ -170,3 +170,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/rayflume/Chart.yaml
View File

@@ -24,4 +24,4 @@ dependencies:
alias: volsync-target-data
version: 0.6.0
repository: oci://harbor.alexlebens.net/helm-charts
appVersion: 0.0.1
appVersion: 0.0.3

14
clusters/cl01tl/helm/rayflume/values.yaml
View File

@@ -9,13 +9,13 @@ rayflume:
main:
image:
repository: harbor.alexlebens.net/images/rayflume
tag: 0.0.2
tag: 0.0.7
pullPolicy: IfNotPresent
env:
- name: DEBUG
value: True
- name: ALLOWED_HOSTS
value: rayflume.alexlebens.net
value: rayflume.alexlebens.net,rayflume.rayflume
- name: SECRET_KEY
valueFrom:
secretKeyRef:
@@ -88,9 +88,15 @@ redis-replication:
existingSecret:
enabled: false
redisReplication:
clusterSize: 3
clusterSize: 1
redisSentinel:
enabled: true
enabled: false
clusterSize: 3
volsync-target-data:
pvcTarget: rayflume-data
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/roundcube/Chart.yaml
View File

@@ -21,7 +21,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-data

6
clusters/cl01tl/helm/roundcube/values.yaml
View File

@@ -270,3 +270,9 @@ postgres-18-cluster:
# backupName: external
volsync-target-data:
pvcTarget: roundcube-data
local:
enabled: false
remote:
enabled: false
external:
enabled: false

10
clusters/cl01tl/helm/searxng/values.yaml
View File

@@ -9,7 +9,7 @@ searxng:
main:
image:
repository: searxng/searxng
tag: latest@sha256:3c041584da716339860e903ec923b294e6b3d9fbb25cf2d9cc05dc23957c865a
tag: latest@sha256:8d98d5c1b678714c3b20dacfab5ea5e3b67f79e50df6d5dbc92ed4f0a964ccbd
pullPolicy: IfNotPresent
env:
- name: SEARXNG_BASE_URL
@@ -39,7 +39,7 @@ searxng:
main:
image:
repository: searxng/searxng
tag: latest@sha256:3c041584da716339860e903ec923b294e6b3d9fbb25cf2d9cc05dc23957c865a
tag: latest@sha256:8d98d5c1b678714c3b20dacfab5ea5e3b67f79e50df6d5dbc92ed4f0a964ccbd
pullPolicy: IfNotPresent
env:
- name: SEARXNG_BASE_URL
@@ -219,3 +219,9 @@ searxng:
readOnly: false
volsync-target-data:
pvcTarget: searxng-browser-data
local:
enabled: false
remote:
enabled: false
external:
enabled: false

6
clusters/cl01tl/helm/seerr/values.yaml
View File

@@ -31,3 +31,9 @@ seerr-chart:
memory: 128Mi
volsync-target-config:
pvcTarget: seerr-seerr-chart-config
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/sonarr-4k/Chart.yaml
View File

@@ -27,7 +27,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-config

6
clusters/cl01tl/helm/sonarr-4k/values.yaml
View File

@@ -168,3 +168,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/sonarr-anime/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-config

6
clusters/cl01tl/helm/sonarr-anime/values.yaml
View File

@@ -168,3 +168,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/sonarr/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-config

6
clusters/cl01tl/helm/sonarr/values.yaml
View File

@@ -168,3 +168,9 @@ volsync-target-config:
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
local:
enabled: false
remote:
enabled: false
external:
enabled: false

12
clusters/cl01tl/helm/soulsync/values.yaml
View File

@@ -150,5 +150,17 @@ soulsync:
readOnly: true
volsync-target-config:
pvcTarget: soulsync-config
local:
enabled: false
remote:
enabled: false
external:
enabled: false
volsync-target-database:
pvcTarget: soulsync-database
local:
enabled: false
remote:
enabled: false
external:
enabled: false

2
clusters/cl01tl/helm/stalwart/Chart.yaml
View File

@@ -23,7 +23,7 @@ dependencies:
repository: https://bjw-s-labs.github.io/helm-charts/
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: redis-replication
version: 0.5.0

10
clusters/cl01tl/helm/stalwart/values.yaml
View File

@@ -118,9 +118,15 @@ redis-replication:
existingSecret:
enabled: false
redisReplication:
clusterSize: 3
clusterSize: 1
redisSentinel:
enabled: true
enabled: false
clusterSize: 3
volsync-target-config:
pvcTarget: stalwart-config
local:
enabled: false
remote:
enabled: false
external:
enabled: false

6
clusters/cl01tl/helm/tautulli/values.yaml
View File

@@ -169,3 +169,9 @@ tautulli:
readOnly: false
volsync-target-config:
pvcTarget: tautulli-config
local:
enabled: false
remote:
enabled: false
external:
enabled: false

12
clusters/cl01tl/helm/tdarr/values.yaml
View File

@@ -179,5 +179,17 @@ tdarr-exporter:
memory: 256Mi
volsync-target-config:
pvcTarget: tdarr-config
local:
enabled: false
remote:
enabled: false
external:
enabled: false
volsync-target-server:
pvcTarget: tdarr-server
local:
enabled: false
remote:
enabled: false
external:
enabled: false

6
clusters/cl01tl/helm/trivy/Chart.lock
View File

@@ -1,6 +0,0 @@
dependencies:
- name: trivy-operator
repository: https://aquasecurity.github.io/helm-charts/
version: 0.31.0
digest: sha256:5a71d5ff43d5e36ea500c5dcade70cddc874621ad49ffe7c10ba202a14b9c87f
generated: "2025-12-01T19:56:01.513264-06:00"

23
clusters/cl01tl/helm/trivy/Chart.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: v2
name: trivy
version: 1.0.0
description: Trivy
keywords:
- trivy
- vulnerability
- monitoring
- kubernetes
home: https://wiki.alexlebens.dev/s/5cffa529-4c2e-4126-99eb-cc4aeb5a49b3
sources:
- https://github.com/aquasecurity/trivy
- https://github.com/aquasecurity/trivy-operator
- https://github.com/aquasecurity/trivy-operator/tree/main/deploy/helm
maintainers:
- name: alexlebens
dependencies:
- name: trivy-operator
version: 0.31.0
repository: https://aquasecurity.github.io/helm-charts/
icon: https://raw.githubusercontent.com/aquasecurity/trivy/main/docs/imgs/logo.png
# renovate: github=aquasecurity/trivy
appVersion: 0.31.0

11
clusters/cl01tl/helm/trivy/templates/namespace.yaml
View File

@@ -1,11 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: trivy
labels:
app.kubernetes.io/name: trivy
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/warn: privileged

105
clusters/cl01tl/helm/trivy/values.yaml
View File

@@ -1,105 +0,0 @@
trivy-operator:
targetWorkloads: "pod,replicaset,replicationcontroller,statefulset,daemonset,cronjob,job"
operator:
replicas: 1
vulnerabilityScannerEnabled: false
sbomGenerationEnabled: false
clusterSbomCacheEnabled: false
configAuditScannerEnabled: true
rbacAssessmentScannerEnabled: true
infraAssessmentScannerEnabled: false
clusterComplianceEnabled: false
serviceMonitor:
enabled: true
trivy:
createConfig: true
image:
registry: mirror.gcr.io
repository: aquasec/trivy
tag: 0.68.2
storageClassEnabled: true
storageClassName: ceph-block
storageSize: "5Gi"
registry:
mirror:
"registry-1.docker.io": proxy-registry-1.docker.io
"quay.io": proxy-quay.io
"registry.k8s.io": proxy-registry.k8s
"gcr.io": proxy-gcr.io
"ghcr.io": proxy-ghcr.io
"hub.docker": proxy-hub.docker
severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
slow: true
resources:
requests:
cpu: 100m
memory: 128M
supportedConfigAuditKinds: "Workload,Service,Role,ClusterRole,NetworkPolicy,Ingress,LimitRange,ResourceQuota"
server:
resources:
requests:
cpu: 200m
memory: 512Mi
replicas: 1
compliance:
reportType: summary
cron: 0 5 * * *
specs:
- k8s-cis-1.23
- k8s-nsa-1.0
- k8s-pss-baseline-0.1
- k8s-pss-restricted-0.1
volumeMounts:
- mountPath: /tmp
name: cache-policies
readOnly: false
volumes:
- name: cache-policies
emptyDir: {}
resources:
requests:
cpu: 100m
memory: 128Mi
nodeCollector:
tolerations:
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
volumeMounts:
- name: var-lib-etcd
mountPath: /var/lib/etcd
readOnly: true
- name: var-lib-kubelet
mountPath: /var/lib/kubelet
readOnly: true
- name: var-lib-kube-scheduler
mountPath: /var/lib/kube-scheduler
readOnly: true
- name: var-lib-kube-controller-manager
mountPath: /var/lib/kube-controller-manager
readOnly: true
- name: etc-kubernetes
mountPath: /etc/kubernetes
readOnly: true
- name: etc-cni-netd
mountPath: /etc/cni/net.d/
readOnly: true
volumes:
- name: var-lib-etcd
hostPath:
path: /var/lib/etcd
- name: var-lib-kubelet
hostPath:
path: /var/lib/kubelet
- name: var-lib-kube-scheduler
hostPath:
path: /var/lib/kube-scheduler
- name: var-lib-kube-controller-manager
hostPath:
path: /var/lib/kube-controller-manager
- name: etc-kubernetes
hostPath:
path: /etc/kubernetes
- name: etc-cni-netd
hostPath:
path: /etc/cni/net.d/

4
clusters/cl01tl/helm/tubearchivist/values.yaml
View File

@@ -148,7 +148,7 @@ redis-replication:
existingSecret:
enabled: false
redisReplication:
clusterSize: 3
clusterSize: 1
resources:
requests:
cpu: 200m
@@ -159,5 +159,5 @@ redis-replication:
requests:
storage: 10Gi
redisSentinel:
enabled: true
enabled: false
clusterSize: 3

2
clusters/cl01tl/helm/vaultwarden/Chart.yaml
View File

@@ -27,7 +27,7 @@ dependencies:
version: 2.1.4
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-data

2
clusters/cl01tl/helm/yamtrack/Chart.yaml
View File

@@ -22,7 +22,7 @@ dependencies:
version: 4.5.0
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.4.3
version: 7.4.4
repository: oci://harbor.alexlebens.net/helm-charts
- name: redis-replication
version: 0.5.0

4
clusters/cl01tl/helm/yamtrack/values.yaml
View File

@@ -136,7 +136,7 @@ redis-replication:
existingSecret:
enabled: false
redisReplication:
clusterSize: 3
clusterSize: 1
redisSentinel:
enabled: true
enabled: false
clusterSize: 3

1
hosts/ps08rp/blocky/config.yml
View File

@@ -111,7 +111,6 @@ customDNS:
lidatube IN CNAME traefik-cl01tl
listenarr IN CNAME traefik-cl01tl
mail IN CNAME traefik-cl01tl
n8n IN CNAME traefik-cl01tl
navidrome IN CNAME traefik-cl01tl
ntfy IN CNAME traefik-cl01tl
objects IN CNAME traefik-cl01tl

1
hosts/ps09rp/blocky/config.yml
View File

@@ -111,7 +111,6 @@ customDNS:
lidatube IN CNAME traefik-cl01tl
listenarr IN CNAME traefik-cl01tl
mail IN CNAME traefik-cl01tl
n8n IN CNAME traefik-cl01tl
navidrome IN CNAME traefik-cl01tl
ntfy IN CNAME traefik-cl01tl
objects IN CNAME traefik-cl01tl

1
renovate.json
View File

@@ -99,7 +99,6 @@
"ghcr.io/linuxserver/prowlarr",
"ghcr.io/linuxserver/radarr",
"ghcr.io/linuxserver/sonarr",
"ghcr.io/n8n-io/n8n",
"ghcr.io/prometheus-community/charts/kube-prometheus-stack",
"vectorim/element-web"
],