chore(deps): update helm release cilium to v1.19.0

chore(deps): update searxng/searxng:latest docker digest to a98ec93 (#3777 )
feat: enable backup
2026-02-06 11:04:58 +00:00 · 2026-02-06 11:02:17 +00:00 · 2026-02-05 22:57:19 -06:00 · 2026-02-05 22:55:30 -06:00 · 2026-02-05 22:42:12 -06:00 · 2026-02-05 22:38:07 -06:00
4 changed files with 44 additions and 19 deletions
--- a/clusters/cl01tl/helm/cilium/Chart.lock
+++ b/clusters/cl01tl/helm/cilium/Chart.lock
@@ -3,4 +3,4 @@ dependencies:
  repository: https://helm.cilium.io/
  version: 1.19.0
 digest: sha256:d2319facc93cab2a0a137588d8bd93315b52025b3ec86bc89edb0e236a74c814
-generated: "2026-02-06T04:28:04.257103528Z"
+generated: "2026-02-06T11:04:51.450789011Z"
--- a/clusters/cl01tl/helm/komodo/templates/external-secret.yaml
+++ b/clusters/cl01tl/helm/komodo/templates/external-secret.yaml
@@ -47,3 +47,33 @@ spec:
        key: /authentik/oidc/komodo
        metadataPolicy: None
        property: secret
+
+---
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: komodo-postgresql-17-fdb-cluster-ferret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: komodo-postgresql-17-fdb-cluster-ferret
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: uri
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/komodo/ferret
+        metadataPolicy: None
+        property: uri
+    - secretKey: password
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/komodo/ferret
+        metadataPolicy: None
+        property: password
--- a/clusters/cl01tl/helm/komodo/values.yaml
+++ b/clusters/cl01tl/helm/komodo/values.yaml
@@ -2,7 +2,7 @@ komodo:
  controllers:
    main:
      type: deployment
-      replicas: 0
+      replicas: 1
      strategy: Recreate
      revisionHistoryLimit: 3
      containers:
@@ -53,14 +53,11 @@ komodo:
            - name: PERIPHERY_SSL_ENABLED
              value: false
            - name: DB_USERNAME
-              valueFrom:
-                secretKeyRef:
-                  name: komodo-postgresql-17-fdb-cluster-app
-                  key: user
+              value: ferret
            - name: DB_PASSWORD
              valueFrom:
                secretKeyRef:
-                  name: komodo-postgresql-17-fdb-cluster-app
+                  name: komodo-postgresql-17-fdb-cluster-ferret
                  key: password
            - name: KOMODO_DATABASE_URI
              value: mongodb://$(DB_USERNAME):$(DB_PASSWORD)@komodo-ferretdb-2.komodo:27017/komodo
@@ -98,11 +95,15 @@ komodo:
            tag: 2.7.0
            pullPolicy: IfNotPresent
          env:
-            - name: FERRETDB_POSTGRESQL_URL
+            - name: DB_USERNAME
+              value: ferret
+            - name: DB_PASSWORD
              valueFrom:
                secretKeyRef:
-                  name: komodo-postgresql-17-fdb-cluster-superuser
-                  key: uri
+                  name: komodo-postgresql-17-fdb-cluster-ferret
+                  key: password
+            - name: FERRETDB_POSTGRESQL_URL
+              value: postgresql://$(DB_USERNAME):$(DB_PASSWORD)@komodo-postgresql-17-fdb-cluster-rw.komodo.svc.cluster.local:5432/ferretDB
          resources:
            requests:
              cpu: 10m
@@ -173,7 +174,6 @@ postgresql-17-fdb-cluster:
      tag: "17-0.106.0-ferretdb-2.5.0"
    postgresUID: 999
    postgresGID: 999
-    enableSuperuserAccess: true
    postgresql:
      parameters:
        cron.database_name: 'ferretDB'
@@ -202,11 +202,6 @@ postgresql-17-fdb-cluster:
        - CREATE EXTENSION IF NOT EXISTS pg_cron;
        - CREATE EXTENSION IF NOT EXISTS documentdb CASCADE;
        - GRANT documentdb_admin_role TO ferret;
-        - GRANT USAGE ON SCHEMA documentdb_core TO ferret;
-        - GRANT USAGE ON SCHEMA documentdb_api TO ferret;
-        - GRANT USAGE ON SCHEMA documentdb_core TO pg_monitor;
-        - GRANT USAGE ON SCHEMA documentdb_api TO pg_monitor;
-        - GRANT SELECT ON ALL TABLES IN SCHEMA documentdb_core TO pg_monitor;
  recovery:
    method: objectStore
    objectStore:
@@ -233,7 +228,7 @@ postgresql-17-fdb-cluster:
      #   isWALArchiver: false
    scheduledBackups:
      - name: live-backup
-        suspend: true
+        suspend: false
        immediate: true
        schedule: "0 0 0 * * *"
        backupName: garage-local
--- a/clusters/cl01tl/helm/searxng/values.yaml
+++ b/clusters/cl01tl/helm/searxng/values.yaml
@@ -9,7 +9,7 @@ searxng:
        main:
          image:
            repository: searxng/searxng
-            tag: latest@sha256:8d77102a0d2c615e88c5184868dc2c32cd361413dbc104abc301f54079fd40a2
+            tag: latest@sha256:a98ec935e9c5c2adb77c8f94938c21ae8bbbb2c3dc0b90c35661dbe6d94794ba
            pullPolicy: IfNotPresent
          env:
            - name: SEARXNG_BASE_URL
@@ -39,7 +39,7 @@ searxng:
        main:
          image:
            repository: searxng/searxng
-            tag: latest@sha256:8d77102a0d2c615e88c5184868dc2c32cd361413dbc104abc301f54079fd40a2
+            tag: latest@sha256:a98ec935e9c5c2adb77c8f94938c21ae8bbbb2c3dc0b90c35661dbe6d94794ba
            pullPolicy: IfNotPresent
          env:
            - name: SEARXNG_BASE_URL
Author	SHA1	Message	Date
Renovate Bot	636c4a787e	chore(deps): update helm release cilium to v1.19.0 All checks were successful lint-test-helm / lint-helm (pull_request) Successful in 17s Details	2026-02-06 11:04:58 +00:00
Renovate Bot	5d86ac411e	chore(deps): update searxng/searxng:latest docker digest to a98ec93 (#3777 ) Some checks are pending render-manifests-push / render-manifests-push (push) Has been skipped Details lint-test-helm / lint-helm (push) Successful in 22s Details renovate / renovate (push) Has started running Details	2026-02-06 11:02:17 +00:00
Alex Lebens	60b73c4c75	feat: enable backup All checks were successful lint-test-helm / lint-helm (push) Successful in 14s Details render-manifests-push / render-manifests-push (push) Successful in 33s Details renovate / renovate (push) Successful in 2m16s Details	2026-02-05 22:57:19 -06:00
Alex Lebens	8933422e12	feat: store ferret secret, scale All checks were successful lint-test-helm / lint-helm (push) Successful in 58s Details render-manifests-push / render-manifests-push (push) Successful in 1m47s Details renovate / renovate (push) Successful in 2m23s Details	2026-02-05 22:55:30 -06:00
Alex Lebens	3eda30bae0	fix: add grant All checks were successful lint-test-helm / lint-helm (push) Successful in 17s Details render-manifests-push / render-manifests-push (push) Successful in 1m20s Details renovate / renovate (push) Successful in 2m35s Details	2026-02-05 22:42:12 -06:00
Alex Lebens	eae4f059ba	fix: fix path All checks were successful lint-test-helm / lint-helm (push) Successful in 15s Details renovate / renovate (push) Successful in 1m35s Details render-manifests-push / render-manifests-push (push) Successful in 1m44s Details	2026-02-05 22:38:07 -06:00
Alex Lebens	008845d653	fix: ensure ferret user Some checks failed lint-test-helm / lint-helm (push) Successful in 23s Details render-manifests-push / render-manifests-push (push) Successful in 1m4s Details renovate / renovate (push) Has been cancelled Details	2026-02-05 22:35:53 -06:00