Update stalwartlabs/stalwart Docker tag to v0.15.0

move volsync to chart
2025-12-17 17:36:08 +00:00 · 2025-12-17 11:34:10 -06:00 · 2025-12-17 11:32:45 -06:00
10 changed files with 43 additions and 260 deletions
--- a/clusters/cl01tl/helm/postiz/Chart.lock
+++ b/clusters/cl01tl/helm/postiz/Chart.lock
@@ -11,5 +11,11 @@ dependencies:
 - name: redis-replication
  repository: oci://harbor.alexlebens.net/helm-charts
  version: 0.5.0
-digest: sha256:89320b12971fe3aca51771776352f6841cc8ad85ce4e67799e47d34c28d0dd10
-generated: "2025-12-17T16:11:43.175332626Z"
+- name: volsync-target
+  repository: oci://harbor.alexlebens.net/helm-charts
+  version: 0.5.0
+- name: volsync-target
+  repository: oci://harbor.alexlebens.net/helm-charts
+  version: 0.5.0
+digest: sha256:8bca371950ea2088ed3229f2e2dbfaa859668de408077b3ffc6c9ade8cacc4b7
+generated: "2025-12-17T11:32:26.293547-06:00"
--- a/clusters/cl01tl/helm/postiz/Chart.yaml
+++ b/clusters/cl01tl/helm/postiz/Chart.yaml
@@ -31,5 +31,13 @@ dependencies:
  - name: redis-replication
    version: 0.5.0
    repository: oci://harbor.alexlebens.net/helm-charts
+  - name: volsync-target
+    alias: volsync-target-config
+    version: 0.5.0
+    repository: oci://harbor.alexlebens.net/helm-charts
+  - name: volsync-target
+    alias: volsync-target-upload
+    version: 0.5.0
+    repository: oci://harbor.alexlebens.net/helm-charts
 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/postiz.png
 appVersion: v2.10.1
--- a/clusters/cl01tl/helm/postiz/templates/external-secret.yaml
+++ b/clusters/cl01tl/helm/postiz/templates/external-secret.yaml
@@ -87,120 +87,6 @@ spec:
        metadataPolicy: None
        property: secret

---
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: postiz-config-backup-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: postiz-config-backup-secret
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  target:
-    template:
-      mergePolicy: Merge
-      engineVersion: v2
-      data:
-        RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/postiz/postiz-config"
-  data:
-    - secretKey: BUCKET_ENDPOINT
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: S3_BUCKET_ENDPOINT
-    - secretKey: RESTIC_PASSWORD
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: RESTIC_PASSWORD
-    - secretKey: AWS_DEFAULT_REGION
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: AWS_DEFAULT_REGION
-    - secretKey: AWS_ACCESS_KEY_ID
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/volsync-backups
-        metadataPolicy: None
-        property: access_key
-    - secretKey: AWS_SECRET_ACCESS_KEY
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/volsync-backups
-        metadataPolicy: None
-        property: secret_key
-
---
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: postiz-uploads-backup-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: postiz-uploads-backup-secret
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  target:
-    template:
-      mergePolicy: Merge
-      engineVersion: v2
-      data:
-        RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/postiz/postiz-uploads"
-  data:
-    - secretKey: BUCKET_ENDPOINT
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: S3_BUCKET_ENDPOINT
-    - secretKey: RESTIC_PASSWORD
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: RESTIC_PASSWORD
-    - secretKey: AWS_DEFAULT_REGION
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: AWS_DEFAULT_REGION
-    - secretKey: AWS_ACCESS_KEY_ID
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/volsync-backups
-        metadataPolicy: None
-        property: access_key
-    - secretKey: AWS_SECRET_ACCESS_KEY
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/volsync-backups
-        metadataPolicy: None
-        property: secret_key
-
 ---
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
--- a/clusters/cl01tl/helm/postiz/templates/replication-source.yaml
+++ b/clusters/cl01tl/helm/postiz/templates/replication-source.yaml
@@ -1,52 +0,0 @@
-apiVersion: volsync.backube/v1alpha1
-kind: ReplicationSource
-metadata:
-  name: postiz-config-backup-source
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: postiz-config-backup-source
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  sourcePVC: postiz-config
-  trigger:
-    schedule: 0 4 * * *
-  restic:
-    pruneIntervalDays: 7
-    repository: postiz-config-backup-secret
-    retain:
-      hourly: 1
-      daily: 3
-      weekly: 2
-      monthly: 2
-      yearly: 4
-    copyMethod: Snapshot
-    storageClassName: ceph-block
-    volumeSnapshotClassName: ceph-blockpool-snapshot
-
---
-apiVersion: volsync.backube/v1alpha1
-kind: ReplicationSource
-metadata:
-  name: postiz-uploads-backup-source
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: postiz-uploads-backup-source
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  sourcePVC: postiz-uploads
-  trigger:
-    schedule: 0 4 * * *
-  restic:
-    pruneIntervalDays: 7
-    repository: postiz-uploads-backup-secret
-    retain:
-      hourly: 1
-      daily: 3
-      weekly: 2
-      monthly: 2
-      yearly: 4
-    copyMethod: Snapshot
-    storageClassName: ceph-block
-    volumeSnapshotClassName: ceph-blockpool-snapshot
--- a/clusters/cl01tl/helm/postiz/values.yaml
+++ b/clusters/cl01tl/helm/postiz/values.yaml
@@ -83,6 +83,7 @@ postiz:
          protocol: HTTP
  persistence:
    config:
+      forceRename: postiz-config
      storageClass: ceph-block
      accessMode: ReadWriteOnce
      size: 2Gi
@@ -93,6 +94,7 @@ postiz:
            - path: /config
              readOnly: false
    uploads:
+      forceRename: postiz-uploads
      storageClass: ceph-block
      accessMode: ReadWriteOnce
      size: 10Gi
@@ -169,3 +171,7 @@ redis-replication:
  redisSentinel:
    enabled: true
    clusterSize: 3
+volsync-target-config:
+  pvcTarget: postiz-config
+volsync-target-upload:
+  pvcTarget: postiz-uploads
--- a/clusters/cl01tl/helm/prowlarr/Chart.lock
+++ b/clusters/cl01tl/helm/prowlarr/Chart.lock
@@ -2,5 +2,8 @@ dependencies:
 - name: app-template
  repository: https://bjw-s-labs.github.io/helm-charts/
  version: 4.5.0
-digest: sha256:dfdb5ed2a8dafc2d0cb125af396032c4d7b4bff96eb54934fcb776df39dee5e9
-generated: "2025-12-05T17:10:55.27077318Z"
+- name: volsync-target
+  repository: oci://harbor.alexlebens.net/helm-charts
+  version: 0.5.0
+digest: sha256:e6c51831324467888dcfcf2434761f15e165312d38fa583c495096d59cb741d6
+generated: "2025-12-17T11:34:01.003589-06:00"
--- a/clusters/cl01tl/helm/prowlarr/Chart.yaml
+++ b/clusters/cl01tl/helm/prowlarr/Chart.yaml
@@ -19,5 +19,9 @@ dependencies:
    alias: prowlarr
    repository: https://bjw-s-labs.github.io/helm-charts/
    version: 4.5.0
+  - name: volsync-target
+    alias: volsync-target-config
+    version: 0.5.0
+    repository: oci://harbor.alexlebens.net/helm-charts
 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/prowlarr.png
 appVersion: 2.3.0
--- a/clusters/cl01tl/helm/prowlarr/templates/external-secret.yaml
+++ b/clusters/cl01tl/helm/prowlarr/templates/external-secret.yaml
@@ -1,55 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: prowlarr-config-backup-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: prowlarr-config-backup-secret
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  target:
-    template:
-      mergePolicy: Merge
-      engineVersion: v2
-      data:
-        RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/prowlarr/prowlarr-config"
-  data:
-    - secretKey: BUCKET_ENDPOINT
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: S3_BUCKET_ENDPOINT
-    - secretKey: RESTIC_PASSWORD
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: RESTIC_PASSWORD
-    - secretKey: AWS_DEFAULT_REGION
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/volsync/restic/config
-        metadataPolicy: None
-        property: AWS_DEFAULT_REGION
-    - secretKey: AWS_ACCESS_KEY_ID
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/volsync-backups
-        metadataPolicy: None
-        property: access_key
-    - secretKey: AWS_SECRET_ACCESS_KEY
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/volsync-backups
-        metadataPolicy: None
-        property: secret_key
--- a/clusters/cl01tl/helm/prowlarr/templates/replication-source.yaml
+++ b/clusters/cl01tl/helm/prowlarr/templates/replication-source.yaml
@@ -1,35 +0,0 @@
-apiVersion: volsync.backube/v1alpha1
-kind: ReplicationSource
-metadata:
-  name: prowlarr-config-backup-source
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: prowlarr-config-backup-source
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  sourcePVC: prowlarr-config
-  trigger:
-    schedule: 0 4 * * *
-  restic:
-    pruneIntervalDays: 7
-    repository: prowlarr-config-backup-secret
-    retain:
-      hourly: 1
-      daily: 3
-      weekly: 2
-      monthly: 2
-      yearly: 4
-    moverSecurityContext:
-      runAsUser: 568
-      runAsGroup: 568
-      fsGroup: 568
-      fsGroupChangePolicy: OnRootMismatch
-      supplementalGroups:
-        - 44
-        - 100
-        - 109
-        - 65539
-    copyMethod: Snapshot
-    storageClassName: ceph-block
-    volumeSnapshotClassName: ceph-blockpool-snapshot
--- a/clusters/cl01tl/helm/prowlarr/values.yaml
+++ b/clusters/cl01tl/helm/prowlarr/values.yaml
@@ -49,3 +49,15 @@ prowlarr:
          main:
            - path: /config
              readOnly: false
+volsync-target-config:
+  pvcTarget: prowlarr-config
+  moverSecurityContext:
+    runAsUser: 568
+    runAsGroup: 568
+    fsGroup: 568
+    fsGroupChangePolicy: OnRootMismatch
+    supplementalGroups:
+      - 44
+      - 100
+      - 109
+      - 65539
Author	SHA1	Message	Date
Renovate Bot	c9a3b2bede	Update stalwartlabs/stalwart Docker tag to v0.15.0 All checks were successful renovate/stability-days Updates have met minimum release age requirement Details lint-test-helm / lint-helm (pull_request) Successful in 18s Details	2025-12-17 17:36:08 +00:00
Alex Lebens	c89f3ced65	move volsync to chart All checks were successful renovate / renovate (push) Successful in 1m50s Details lint-test-helm / lint-helm (push) Successful in 10s Details render-manifests-push / render-manifests-push (push) Successful in 26s Details	2025-12-17 11:34:10 -06:00
Alex Lebens	a1d73da0a1	move volsync to chart Some checks failed lint-test-helm / lint-helm (push) Successful in 8s Details render-manifests-push / render-manifests-push (push) Successful in 36s Details renovate / renovate (push) Has been cancelled Details	2025-12-17 11:32:45 -06:00