Compare commits
1 Commits
main
...
405ece8ef6
| Author | SHA1 | Date | |
|---|---|---|---|
405ece8ef6
|
@@ -55,7 +55,6 @@ jobs:
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: v3.19.2
|
||||
cache: true
|
||||
|
||||
- name: Check Directories for Changes
|
||||
id: check-dir-changes
|
||||
|
||||
@@ -38,7 +38,6 @@ jobs:
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: v3.17.2 # Pending https://github.com/helm/helm/pull/30743
|
||||
cache: true
|
||||
|
||||
- name: Prepare Manifest Branch
|
||||
id: prepare-manifest-branch
|
||||
|
||||
@@ -32,7 +32,6 @@ jobs:
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: v3.17.2 # Pending https://github.com/helm/helm/pull/30743
|
||||
cache: true
|
||||
|
||||
- name: Prepare Manifest Branch
|
||||
run: |
|
||||
|
||||
@@ -39,7 +39,6 @@ jobs:
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: v3.17.2 # Pending https://github.com/helm/helm/pull/30743
|
||||
cache: true
|
||||
|
||||
- name: Prepare Manifest Branch
|
||||
run: |
|
||||
|
||||
@@ -37,7 +37,6 @@ jobs:
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: v3.17.2 # Pending https://github.com/helm/helm/pull/30743
|
||||
cache: true
|
||||
|
||||
- name: Prepare Manifest Branch
|
||||
run: |
|
||||
|
||||
1
.gitignore
vendored
1
.gitignore
vendored
@@ -1,4 +1,3 @@
|
||||
/**/archive/
|
||||
/**/charts/
|
||||
/**/manifests/
|
||||
/**/tmpcharts*/
|
||||
|
||||
@@ -2,12 +2,6 @@
|
||||
|
||||
GitOps definied infrastrucutre for the alexlebens.net domain.
|
||||
|
||||
## Stack-cl01tl
|
||||
|
||||
https://argocd.alexlebens.net/api/badge?name=stack-cl01tl&revision=true&showAppName=true
|
||||
|
||||
App-of-Apps Application for cl01tl
|
||||
|
||||
## License
|
||||
|
||||
This project is licensed under the terms of the Apache 2.0 License license.
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:09dae69cd64556ed0b8ce2d8afe304720af3a71f64610ee6c70219572ccfdf5e
|
||||
generated: "2025-12-18T02:42:53.481944952Z"
|
||||
version: 0.3.0
|
||||
digest: sha256:3763d6c5c0b45219235229aa1d72bfa426abd29aa8d92c1b1ca958b6afb3bfc8
|
||||
generated: "2025-12-15T17:43:51.908308-06:00"
|
||||
|
||||
@@ -19,7 +19,7 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.6.0
|
||||
version: 0.3.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
||||
appVersion: 25.12.0
|
||||
|
||||
@@ -7,6 +7,6 @@ dependencies:
|
||||
version: 2.4.19
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.4
|
||||
digest: sha256:00c41114fb6f1b408ad5667779eead345f8d2dbc0a5383494fa6e98e6686fcad
|
||||
generated: "2025-12-21T19:01:39.778602988Z"
|
||||
version: 7.1.1
|
||||
digest: sha256:796a0f9ae054268c9a4e2752f29004b6547e5ee41e623b8506b531f6836b7313
|
||||
generated: "2025-12-15T14:27:02.068848-06:00"
|
||||
|
||||
@@ -25,7 +25,7 @@ dependencies:
|
||||
repository: https://argoproj.github.io/argo-helm
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
|
||||
appVersion: v3.7.6
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
dependencies:
|
||||
- name: argo-cd
|
||||
repository: https://argoproj.github.io/argo-helm
|
||||
version: 9.1.9
|
||||
digest: sha256:20cb350f423b4a9352085a7f44aa832e9640120f10c4ea1899d0b341d482a761
|
||||
generated: "2025-12-19T13:02:04.764462089Z"
|
||||
version: 9.1.7
|
||||
digest: sha256:ed1ae26f3e642750f6dd970c1adc4fa14a627fad13daf74169213199f74425b3
|
||||
generated: "2025-12-09T23:01:55.027301875Z"
|
||||
|
||||
@@ -15,7 +15,7 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: argo-cd
|
||||
version: 9.1.9
|
||||
version: 9.1.7
|
||||
repository: https://argoproj.github.io/argo-helm
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
|
||||
appVersion: v3.2.1
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
version: 0.3.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:67571554c39c1acdb1cd286024e7bdc0d7c94f0c4bfff5bf5fb225817f495616
|
||||
generated: "2025-12-18T02:43:02.876706511Z"
|
||||
version: 0.3.0
|
||||
digest: sha256:88e0d8008795451a64f3a2e4fa4fc120d48cef4badb4305e8e60afbb494352c5
|
||||
generated: "2025-12-15T18:19:02.989735-06:00"
|
||||
|
||||
@@ -21,11 +21,11 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.6.0
|
||||
version: 0.3.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-metadata
|
||||
version: 0.6.0
|
||||
version: 0.3.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
|
||||
appVersion: 2.31.0
|
||||
|
||||
@@ -1,15 +1,15 @@
|
||||
dependencies:
|
||||
- name: authentik
|
||||
repository: https://charts.goauthentik.io/
|
||||
version: 2025.10.3
|
||||
version: 2025.10.2
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:1126f39ebc7e18ae1aa96fefa42e7450ffe0b7339017abd22aa453a08608efda
|
||||
generated: "2025-12-21T19:01:52.261263152Z"
|
||||
digest: sha256:e593d25ebf07b1274768045f028e1ceeccbcdc1c8e35414d6bbd9a8d09086991
|
||||
generated: "2025-12-15T14:36:33.783343-06:00"
|
||||
|
||||
@@ -21,14 +21,15 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: authentik
|
||||
version: 2025.10.3
|
||||
version: 2025.10.2
|
||||
repository: https://charts.goauthentik.io/
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: redis-replication
|
||||
version: 0.5.0
|
||||
|
||||
@@ -20,6 +20,29 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: authentik-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: authentik-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/authentik
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -48,6 +48,8 @@ authentik:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: false
|
||||
cloudflared:
|
||||
existingSecretName: authentik-cloudflared-secret
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
version: 0.3.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:ba31d044402f9da6705f64d21a0947730a37526fce047891162cfd2b21b8d08a
|
||||
generated: "2025-12-18T02:43:14.604382042Z"
|
||||
version: 0.3.0
|
||||
digest: sha256:13c950ad5cd6accd192e6768557c0df74af2cd767d2372dc38c1cdb7e1563399
|
||||
generated: "2025-12-15T18:33:59.961957-06:00"
|
||||
|
||||
@@ -19,11 +19,11 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.6.0
|
||||
version: 0.3.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.6.0
|
||||
version: 0.3.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/backrest.png
|
||||
appVersion: v1.10.1
|
||||
|
||||
14
clusters/cl01tl/helm/backrest/templates/service.yaml
Normal file
14
clusters/cl01tl/helm/backrest/templates/service.yaml
Normal file
@@ -0,0 +1,14 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: garage-ps10rp
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: garage-ps10rp
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
tailscale.com/tailnet-fqdn: garage-ps10rp.boreal-beaufort.ts.net
|
||||
spec:
|
||||
externalName: placeholder
|
||||
type: ExternalName
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:20237b7a0548ae3458b4765e01aef39b5e072da5390305eb7815b086eef4983a
|
||||
generated: "2025-12-18T02:43:26.844170003Z"
|
||||
version: 0.5.0
|
||||
digest: sha256:cb702f316026bdb487ace1abec56cc3c505376cf14a45528e3e593e4cc7effab
|
||||
generated: "2025-12-15T19:04:05.574701-06:00"
|
||||
|
||||
@@ -21,7 +21,7 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.6.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png
|
||||
appVersion: 1.5.3
|
||||
|
||||
@@ -15,7 +15,7 @@ bazarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/bazarr
|
||||
tag: 1.5.3@sha256:648f694532a3a53d8cf78bc888919ef538659bad41af4c680b0427ad1047d171
|
||||
tag: 1.5.3@sha256:4aa1e82d1e96ae712095d881b7e3840e6db6ca862c335be5b00001f31156650b
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -129,6 +129,7 @@ blocky:
|
||||
huntarr IN CNAME traefik-cl01tl
|
||||
immich IN CNAME traefik-cl01tl
|
||||
jellyfin IN CNAME traefik-cl01tl
|
||||
jellyfin-vue IN CNAME traefik-cl01tl
|
||||
jellystat IN CNAME traefik-cl01tl
|
||||
kiwix IN CNAME traefik-cl01tl
|
||||
komodo IN CNAME traefik-cl01tl
|
||||
|
||||
@@ -7,9 +7,9 @@ dependencies:
|
||||
version: 25.10.2
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
version: 0.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:bc29fb12a2a7fde74e243be7ee4c22f4de82cdb6867ab95ddbd47e1d755b8a82
|
||||
generated: "2025-12-18T02:43:39.236584539Z"
|
||||
version: 0.5.0
|
||||
digest: sha256:6981b2c060c19bac6517578bd9b5b11a300a4deb431110bf90da317237a4a252
|
||||
generated: "2025-12-15T19:15:49.886575-06:00"
|
||||
|
||||
@@ -22,11 +22,11 @@ dependencies:
|
||||
repository: https://helm.mariadb.com/mariadb-operator
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.6.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.6.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/booklore.png
|
||||
appVersion: v1.13.2
|
||||
|
||||
@@ -8,6 +8,3 @@ metadata:
|
||||
app.kubernetes.io/name: booklore
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
pod-security.kubernetes.io/audit: privileged
|
||||
pod-security.kubernetes.io/enforce: privileged
|
||||
pod-security.kubernetes.io/warn: privileged
|
||||
|
||||
14
clusters/cl01tl/helm/booklore/templates/service.yaml
Normal file
14
clusters/cl01tl/helm/booklore/templates/service.yaml
Normal file
@@ -0,0 +1,14 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: garage-ps10rp
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: garage-ps10rp
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
tailscale.com/tailnet-fqdn: garage-ps10rp.boreal-beaufort.ts.net
|
||||
spec:
|
||||
externalName: placeholder
|
||||
type: ExternalName
|
||||
@@ -9,7 +9,7 @@ booklore:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/booklore-app/booklore
|
||||
tag: v1.15.0
|
||||
tag: v1.13.2
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
dependencies:
|
||||
- name: cilium
|
||||
repository: https://helm.cilium.io/
|
||||
version: 1.18.5
|
||||
digest: sha256:b997853961dca1ed43d32b58b17e6e592581eb555db0b1457b168251cf3aaa45
|
||||
generated: "2025-12-17T16:05:05.870297681Z"
|
||||
version: 1.18.4
|
||||
digest: sha256:e38eb92ee87c9a52b0f45a2451142ade02bac7d484b246d32379eacce3800bc8
|
||||
generated: "2025-12-02T17:17:49.043599-06:00"
|
||||
|
||||
@@ -15,7 +15,7 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: cilium
|
||||
version: 1.18.5
|
||||
version: 1.18.4
|
||||
repository: https://helm.cilium.io/
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/cilium.png
|
||||
appVersion: 1.18.4
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:8f24ac0aa7245c517cd68f4e9fb97de110620922b9bbdf3270e83aa4ad201324
|
||||
generated: "2025-12-18T02:43:53.325443712Z"
|
||||
version: 0.5.0
|
||||
digest: sha256:bd1cbd66ccb360978a342ee218bfb01006a486fb85c5714acd593b9e1389b151
|
||||
generated: "2025-12-15T21:50:58.968382-06:00"
|
||||
|
||||
@@ -21,11 +21,12 @@ dependencies:
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.6.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/visual-studio-code.png
|
||||
appVersion: 4.106.3
|
||||
|
||||
@@ -26,3 +26,26 @@ spec:
|
||||
key: /cl01tl/code-server/auth
|
||||
metadataPolicy: None
|
||||
property: SUDO_PASSWORD
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: code-server-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: code-server-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/codeserver
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
@@ -9,7 +9,7 @@ code-server:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/code-server
|
||||
tag: 4.107.0@sha256:0d48d3a48b7db214556bea453ed371f0d295130fb5c3d43534aedb41627446f2
|
||||
tag: 4.106.3@sha256:83793e4460090d6c46f4842ff6ab8aa26ad8a567885112bbe754b45c61935055
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -47,6 +47,8 @@ code-server:
|
||||
main:
|
||||
- path: /config
|
||||
readOnly: false
|
||||
cloudflared:
|
||||
existingSecretName: code-server-cloudflared-secret
|
||||
volsync-target-config:
|
||||
pvcTarget: code-server-config
|
||||
moverSecurityContext:
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
coredns:
|
||||
image:
|
||||
repository: registry.k8s.io/coredns/coredns
|
||||
tag: v1.13.2
|
||||
tag: v1.13.1
|
||||
replicaCount: 3
|
||||
resources:
|
||||
requests:
|
||||
|
||||
@@ -4,12 +4,12 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:291cc8a8dc77d554ee24c641c38322217f8540a8c7c41ff00704adb0cbcc6dfd
|
||||
generated: "2025-12-21T19:02:03.688822042Z"
|
||||
digest: sha256:1035fe225f5439c73fdc8b498c2164bad362e0198bc2ad40eab6b5d0bae9f86d
|
||||
generated: "2025-12-15T14:37:45.474556-06:00"
|
||||
|
||||
@@ -22,11 +22,12 @@ dependencies:
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
alias: cloudflared-directus
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: redis-replication
|
||||
version: 0.5.0
|
||||
|
||||
@@ -41,36 +41,6 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-oidc-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-oidc-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: OIDC_CLIENT_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/directus
|
||||
metadataPolicy: None
|
||||
property: client
|
||||
- secretKey: OIDC_CLIENT_SECRET
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/directus
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
@@ -124,6 +94,59 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-oidc-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-oidc-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: OIDC_CLIENT_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/directus
|
||||
metadataPolicy: None
|
||||
property: client
|
||||
- secretKey: OIDC_CLIENT_SECRET
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/directus
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/directus
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -153,6 +153,9 @@ directus:
|
||||
port: 80
|
||||
targetPort: 8055
|
||||
protocol: TCP
|
||||
cloudflared-directus:
|
||||
name: cloudflared-directus
|
||||
existingSecretName: directus-cloudflared-secret
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 1.4.26
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
digest: sha256:640ff55a95ff9fd12716bc76106d13189867832f905eaa393b5f67553bd8c961
|
||||
generated: "2025-12-17T19:05:53.062353-06:00"
|
||||
version: 1.23.2
|
||||
digest: sha256:f9196cbede894c6da6ecedd9ae05d3f1fd0e20304eca8ca38c18334a923b2235
|
||||
generated: "2025-12-07T02:54:29.895481505Z"
|
||||
|
||||
@@ -20,7 +20,8 @@ dependencies:
|
||||
version: 1.4.26
|
||||
repository: https://ananace.gitlab.io/charts
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
||||
appVersion: v1.12.6
|
||||
|
||||
@@ -0,0 +1,21 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: element-web-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: element-web-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/element
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
@@ -2,7 +2,7 @@ element-web:
|
||||
replicaCount: 1
|
||||
image:
|
||||
repository: vectorim/element-web
|
||||
tag: v1.12.7
|
||||
tag: v1.12.6
|
||||
pullPolicy: IfNotPresent
|
||||
defaultServer:
|
||||
url: https://matrix.alexlebens.dev
|
||||
@@ -24,3 +24,5 @@ element-web:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
cloudflared:
|
||||
existingSecretName: element-web-cloudflared-secret
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:c6d6edb1e46805147b2b8bc9371e807113480c9a97687c5a856cf7b64a204cbd
|
||||
generated: "2025-12-18T02:44:09.319124495Z"
|
||||
version: 0.3.0
|
||||
digest: sha256:476021b852fbbd829570bcb88309eea92bd096cb4ec79efe2d895ee0c46f1c49
|
||||
generated: "2025-12-15T21:43:24.262051-06:00"
|
||||
|
||||
@@ -21,7 +21,7 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.6.0
|
||||
version: 0.3.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/ephemera.png
|
||||
appVersion: 1.3.1
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
dependencies:
|
||||
- name: external-secrets
|
||||
repository: https://charts.external-secrets.io
|
||||
version: 1.2.0
|
||||
digest: sha256:6e713c4b50c14d9daf1758d9f169d10a8c7274d2c42490846817b6fb1a3ce558
|
||||
generated: "2025-12-20T01:04:35.136580598Z"
|
||||
version: 1.1.1
|
||||
digest: sha256:d346563864c95c4ca3fe5f04f6b292e417069d171f5866b5af0fe84277481493
|
||||
generated: "2025-12-06T18:01:23.564488208Z"
|
||||
|
||||
@@ -12,7 +12,7 @@ sources:
|
||||
- https://github.com/external-secrets/external-secrets/tree/main/deploy/charts/external-secrets
|
||||
dependencies:
|
||||
- name: external-secrets
|
||||
version: 1.2.0
|
||||
version: 1.1.1
|
||||
repository: https://charts.external-secrets.io
|
||||
icon: https://avatars.githubusercontent.com/u/68335991?s=48&v=4
|
||||
appVersion: v1.1.1
|
||||
|
||||
@@ -4,12 +4,12 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:6822455e1f04e22e355a8ca9be206c4bb365dcb427045dcc66dda3940e197c42
|
||||
generated: "2025-12-21T19:02:14.387002721Z"
|
||||
version: 0.5.0
|
||||
digest: sha256:80a27ffb18fd1a635f16e70b90c2395f2de300ed50d072a8b87353f1ec3304cb
|
||||
generated: "2025-12-15T21:47:10.578165-06:00"
|
||||
|
||||
@@ -22,15 +22,16 @@ dependencies:
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.6.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png
|
||||
appVersion: 1.27.1
|
||||
|
||||
@@ -71,6 +71,29 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: crypto-key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: freshrss-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: freshrss-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/freshrss
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -11,7 +11,7 @@ freshrss:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.23.2
|
||||
tag: 3.23.0
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -35,7 +35,7 @@ freshrss:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.23.2
|
||||
tag: 3.23.0
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -59,7 +59,7 @@ freshrss:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.23.2
|
||||
tag: 3.23.0
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -192,6 +192,8 @@ freshrss:
|
||||
main:
|
||||
- path: /var/www/FreshRSS/extensions
|
||||
readOnly: false
|
||||
cloudflared:
|
||||
existingSecretName: freshrss-cloudflared-secret
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:61c919869d56032bfa09b2e159a6b2dd2a43debf34968be2d66cf2211100a2c5
|
||||
generated: "2025-12-18T02:44:33.509296082Z"
|
||||
version: 0.5.0
|
||||
digest: sha256:3d3469c5177b9501cbb34a5faf376fbe4d9b98bd033ad51ee51487a1c2f28d4e
|
||||
generated: "2025-12-15T22:10:00.495878-06:00"
|
||||
|
||||
@@ -20,7 +20,7 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-db
|
||||
version: 0.6.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
|
||||
appVersion: v2.1.0
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 1.4.4
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:2c011d2b3bff02620538b23cedd11c15cabdb23d070231e9e8716fabd815d849
|
||||
generated: "2025-12-21T19:02:25.462673369Z"
|
||||
version: 0.5.0
|
||||
digest: sha256:367bfee3e6811bfd4591cf76f09a419f312007d797b83311e76c8d01318e73fe
|
||||
generated: "2025-12-15T22:11:48.014486-06:00"
|
||||
|
||||
@@ -22,11 +22,11 @@ dependencies:
|
||||
version: 1.4.4
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.6.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/gatus.png
|
||||
appVersion: v5.33.0
|
||||
|
||||
@@ -7,7 +7,7 @@ gatus:
|
||||
enabled: true
|
||||
image:
|
||||
repository: ghcr.io/twin/gatus
|
||||
tag: v5.33.1
|
||||
tag: v5.33.0
|
||||
annotations:
|
||||
reloader.stakater.com/auto: "true"
|
||||
service:
|
||||
@@ -122,6 +122,9 @@ gatus:
|
||||
- name: jellyfin
|
||||
url: https://jellyfin.alexlebens.net
|
||||
<<: *defaults
|
||||
- name: jellyfin-vue
|
||||
url: https://jellyfin-vue.alexlebens.net
|
||||
<<: *defaults
|
||||
- name: overseerr
|
||||
url: https://overseerr.alexlebens.net
|
||||
<<: *defaults
|
||||
|
||||
@@ -10,18 +10,15 @@ dependencies:
|
||||
version: 0.19.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:c1b58db78b9924a6b2e0ef0b642e324849c2f82f977e0704d7eada5f32c5a96d
|
||||
generated: "2025-12-21T19:02:38.107239054Z"
|
||||
digest: sha256:8f5a3bcef164285d41a087683f7c18b23ee4dba512ac43344f8e6e805f34f9ce
|
||||
generated: "2025-12-16T21:01:01.059812652Z"
|
||||
|
||||
@@ -35,11 +35,12 @@ dependencies:
|
||||
version: 0.19.0
|
||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: redis-replication
|
||||
alias: redis-replication-gitea
|
||||
@@ -49,9 +50,9 @@ dependencies:
|
||||
alias: redis-replication-renovate
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-storage
|
||||
version: 0.6.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
# - name: volsync-target
|
||||
# alias: volsync-target-storage
|
||||
# version: 0.5.0
|
||||
# repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/gitea.png
|
||||
appVersion: 1.25.2
|
||||
|
||||
@@ -197,6 +197,29 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: MEILI_MASTER_KEY
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: gitea-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: gitea-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/gitea
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -4,7 +4,7 @@ gitea:
|
||||
replicaCount: 3
|
||||
image:
|
||||
repository: gitea/gitea
|
||||
tag: 1.25.3
|
||||
tag: 1.25.2
|
||||
service:
|
||||
http:
|
||||
type: ClusterIP
|
||||
@@ -185,6 +185,8 @@ meilisearch:
|
||||
memory: 128Mi
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
cloudflared:
|
||||
existingSecretName: gitea-cloudflared-secret
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
@@ -272,11 +274,6 @@ redis-replication-renovate:
|
||||
enabled: false
|
||||
volsync-target-storage:
|
||||
pvcTarget: gitea-shared-storage
|
||||
moverSecurityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
local:
|
||||
enabled: true
|
||||
schedule: 0 0 0 * * *
|
||||
@@ -290,8 +287,8 @@ volsync-target-storage:
|
||||
yearly: 0
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-filesystem
|
||||
volumeSnapshotClassName: ceph-filesystem-snapshot
|
||||
cacheCapacity: 10Gi
|
||||
volumeSnapshotClassName: ceph-filesystem
|
||||
cacheCapacity: 40Gi
|
||||
external:
|
||||
enabled: false
|
||||
remote:
|
||||
|
||||
@@ -1,15 +1,15 @@
|
||||
dependencies:
|
||||
- name: grafana-operator
|
||||
repository: https://grafana.github.io/helm-charts
|
||||
version: 5.21.3
|
||||
version: v5.20.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:24990cf2d70eea485351cf2b760a376dfdcaa75b700bf0a9ffe3ef4f3ee4327f
|
||||
generated: "2025-12-21T19:02:53.831678265Z"
|
||||
digest: sha256:7089382a69a87a15afef83277e5b59a59b192a734c402384a61e4c65319f4891
|
||||
generated: "2025-12-15T15:30:54.939003-06:00"
|
||||
|
||||
@@ -17,11 +17,11 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: grafana-operator
|
||||
version: 5.21.3
|
||||
version: v5.20.0
|
||||
repository: https://grafana.github.io/helm-charts
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: redis-replication
|
||||
alias: redis-replication-unified-alerting
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 1.18.1
|
||||
- name: postgres-cluster
|
||||
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:7cea680b9916e657e3120b01bd434f50b15eaf489d1f7cee3b506aa95955f1c0
|
||||
generated: "2025-12-21T19:03:07.066453096Z"
|
||||
digest: sha256:8bd072dc65397b6c1dc8ff319e87f8df1afd50cebcd3f8c46ed753e3dcdba13a
|
||||
generated: "2025-12-15T15:36:05.141898-06:00"
|
||||
|
||||
@@ -21,7 +21,7 @@ dependencies:
|
||||
repository: https://helm.goharbor.io
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
|
||||
- name: redis-replication
|
||||
version: 0.5.0
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
dependencies:
|
||||
- name: headlamp
|
||||
repository: https://kubernetes-sigs.github.io/headlamp/
|
||||
version: 0.39.0
|
||||
digest: sha256:870e456773199684c150585c12c2e18b3f0895ee8cc73481a53b23c8e94560b1
|
||||
generated: "2025-12-20T00:03:40.10414707Z"
|
||||
version: 0.38.0
|
||||
digest: sha256:3f4c6bb308a1e5e757368ea9eee902d5ade7d33881c0f6c8402d6ed41641e260
|
||||
generated: "2025-12-01T19:55:48.64361-06:00"
|
||||
|
||||
@@ -14,7 +14,7 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: headlamp
|
||||
version: 0.39.0
|
||||
version: 0.38.0
|
||||
repository: https://kubernetes-sigs.github.io/headlamp/
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/headlamp.png
|
||||
appVersion: 0.38.0
|
||||
|
||||
@@ -2,8 +2,5 @@ dependencies:
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:626ca9cabfd6d48e3b5895b32d35c7764dde4569127241ce75117801b9b83170
|
||||
generated: "2025-12-18T02:45:13.984217826Z"
|
||||
digest: sha256:a1961e446ba4361fa5d7ae31260c2ce472f27d0d2de2170cc8303586ef5c33ac
|
||||
generated: "2025-12-05T17:04:59.022729608Z"
|
||||
|
||||
@@ -19,9 +19,5 @@ dependencies:
|
||||
alias: home-assistant
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.6.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/home-assistant.png
|
||||
appVersion: 2025.12.2
|
||||
|
||||
@@ -9,7 +9,7 @@ home-assistant:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/home-assistant/home-assistant
|
||||
tag: 2025.12.4
|
||||
tag: 2025.12.2
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -21,7 +21,7 @@ home-assistant:
|
||||
code-server:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/code-server
|
||||
tag: 4.107.0@sha256:0d48d3a48b7db214556bea453ed371f0d295130fb5c3d43534aedb41627446f2
|
||||
tag: 4.106.3@sha256:83793e4460090d6c46f4842ff6ab8aa26ad8a567885112bbe754b45c61935055
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -68,10 +68,3 @@ home-assistant:
|
||||
code-server:
|
||||
- path: /config/home-assistant
|
||||
readOnly: false
|
||||
volsync-target-config:
|
||||
pvcTarget: home-assistant-config
|
||||
moverSecurityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
digest: sha256:875983aebd62e7454d38c95fcf596bb6beae48db7445a68cae95ea588bbba5a9
|
||||
generated: "2025-12-17T19:06:26.918869-06:00"
|
||||
version: 1.23.2
|
||||
digest: sha256:fbfdebf734560044cfe5d2c4771b63cbcabc121d13c44b751f914877b5bdc83f
|
||||
generated: "2025-12-07T02:55:01.91141803Z"
|
||||
|
||||
@@ -20,7 +20,8 @@ dependencies:
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
version: 1.23.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||
appVersion: v1.8.0
|
||||
|
||||
@@ -0,0 +1,21 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: homepage-dev-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage-dev-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/homepage-dev
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
@@ -163,3 +163,5 @@ homepage:
|
||||
readOnly: true
|
||||
mountPropagation: None
|
||||
subPath: widgets.yaml
|
||||
cloudflared:
|
||||
existingSecretName: homepage-dev-cloudflared-secret
|
||||
|
||||
46
clusters/cl01tl/helm/homepage/templates/service.yaml
Normal file
46
clusters/cl01tl/helm/homepage/templates/service.yaml
Normal file
@@ -0,0 +1,46 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: gitea-ps10rp
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: gitea-ps10rp
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
tailscale.com/tailnet-fqdn: gitea-ps10rp.boreal-beaufort.ts.net
|
||||
spec:
|
||||
externalName: placeholder
|
||||
type: ExternalName
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: home-ps10rp
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: home-ps10rp
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
tailscale.com/tailnet-fqdn: home-ps10rp.boreal-beaufort.ts.net
|
||||
spec:
|
||||
externalName: placeholder
|
||||
type: ExternalName
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: garage-ui-ps10rp
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: garage-ui-ps10rp
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
tailscale.com/tailnet-fqdn: garage-ui-ps10rp.boreal-beaufort.ts.net
|
||||
spec:
|
||||
externalName: placeholder
|
||||
type: ExternalName
|
||||
@@ -141,6 +141,12 @@ homepage:
|
||||
href: https://jellyfin.alexlebens.net
|
||||
siteMonitor: http://jellyfin.jellyfin:80
|
||||
statusStyle: dot
|
||||
- Jellyfin (Alt):
|
||||
icon: sh-jellyfin.webp
|
||||
description: Media server (Alternate UI)
|
||||
href: https://jellyfin-vue.alexlebens.net
|
||||
siteMonitor: http://jellyfin-vue.jellyfin:80
|
||||
statusStyle: dot
|
||||
- Media Requests:
|
||||
icon: sh-overseerr.webp
|
||||
description: Overseerr
|
||||
|
||||
@@ -2,8 +2,5 @@ dependencies:
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:5df38c1b38d310e20b905a22a6224849c4c806ce8b31688cd8caa16e286d5cd3
|
||||
generated: "2025-12-18T02:45:24.918485555Z"
|
||||
digest: sha256:44805f836d7cfcd7511616ad0d93da02b3e6cfdb58d823f6dcf17b17bb47d3a1
|
||||
generated: "2025-12-05T17:05:35.445002111Z"
|
||||
|
||||
@@ -17,9 +17,5 @@ dependencies:
|
||||
alias: huntarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.6.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/huntarr.png
|
||||
appVersion: 8.2.10
|
||||
|
||||
@@ -37,5 +37,3 @@ huntarr:
|
||||
main:
|
||||
- path: /config
|
||||
readOnly: false
|
||||
volsync-target-config:
|
||||
pvcTarget: huntarr-config
|
||||
|
||||
@@ -4,12 +4,9 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:3a10865d91a8d0816c06d8bf78b2f95bbd12d3374c7d567d239d7349779c83af
|
||||
generated: "2025-12-21T19:03:20.997227314Z"
|
||||
digest: sha256:f0fb98c302e8749494c4ebe612cd9ea69e9b11d062dc5a16710dffd13802f475
|
||||
generated: "2025-12-15T15:31:14.966284-06:00"
|
||||
|
||||
@@ -20,14 +20,10 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.4
|
||||
version: 7.1.1
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: redis-replication
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.6.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/immich.png
|
||||
appVersion: v2.3.1
|
||||
|
||||
@@ -20,6 +20,177 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: immich.json
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: immich-data-backup-secret-local
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-data-backup-secret-local
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/immich/immich"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /volsync/restic/garage-local
|
||||
metadataPolicy: None
|
||||
property: BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /volsync/restic/garage-local
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: immich-data-backup-secret-remote
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-data-backup-secret-remote
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/immich/immich"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /volsync/restic/garage-remote
|
||||
metadataPolicy: None
|
||||
property: BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /volsync/restic/garage-remote
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: immich-data-backup-secret-external
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-data-backup-secret-external
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/immich/immich"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /volsync/restic/digital-ocean
|
||||
metadataPolicy: None
|
||||
property: BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /volsync/restic/digital-ocean
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: AWS_ACCESS_KEY_ID
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: AWS_SECRET_ACCESS_KEY
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -0,0 +1,82 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: immich-data-backup-source-local
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-data-backup-source-local
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: immich
|
||||
trigger:
|
||||
schedule: 0 2 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: immich-data-backup-secret-local
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
cacheCapacity: 50Gi
|
||||
|
||||
---
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: immich-data-backup-source-remote
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-data-backup-source-remote
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: immich
|
||||
trigger:
|
||||
schedule: 0 3 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: immich-data-backup-secret-remote
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
cacheCapacity: 50Gi
|
||||
|
||||
---
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: immich-data-backup-source-external
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-data-backup-source-external
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: immich
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: immich-data-backup-secret-external
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
cacheCapacity: 50Gi
|
||||
@@ -9,7 +9,7 @@ immich:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/immich-app/immich-server
|
||||
tag: v2.4.1
|
||||
tag: v2.3.1
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -117,7 +117,6 @@ immich:
|
||||
mountPropagation: None
|
||||
subPath: immich.json
|
||||
data:
|
||||
forceRename: immich
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 50Gi
|
||||
@@ -203,14 +202,3 @@ redis-replication:
|
||||
redisSentinel:
|
||||
enabled: true
|
||||
clusterSize: 3
|
||||
volsync-target-data:
|
||||
pvcTarget: immich
|
||||
local:
|
||||
restic:
|
||||
cacheCapacity: 10Gi
|
||||
remote:
|
||||
restic:
|
||||
cacheCapacity: 10Gi
|
||||
external:
|
||||
restic:
|
||||
cacheCapacity: 10Gi
|
||||
|
||||
@@ -2,8 +2,5 @@ dependencies:
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:ca1dd0e86544b79c9e3048447a2f7613317df0ab11118bbeabceb32e845119d2
|
||||
generated: "2025-12-18T02:45:45.65978763Z"
|
||||
digest: sha256:042995f7609eaf4036fa416dcdf60e9c7f3fb90a5614322f4e2f6cce17c236ff
|
||||
generated: "2025-12-05T17:05:59.576358789Z"
|
||||
|
||||
@@ -21,9 +21,5 @@ dependencies:
|
||||
alias: jellyfin
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.6.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellyfin.png
|
||||
appVersion: 10.11.4
|
||||
|
||||
55
clusters/cl01tl/helm/jellyfin/templates/external-secret.yaml
Normal file
55
clusters/cl01tl/helm/jellyfin/templates/external-secret.yaml
Normal file
@@ -0,0 +1,55 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: jellyfin-config-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: jellyfin-config-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/jellyfin/jellyfin-config"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
@@ -26,3 +26,33 @@ spec:
|
||||
name: jellyfin
|
||||
port: 80
|
||||
weight: 100
|
||||
|
||||
---
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
name: http-route-jellyfin-vue
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-jellyfin-vue
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
- group: gateway.networking.k8s.io
|
||||
kind: Gateway
|
||||
name: traefik-gateway
|
||||
namespace: traefik
|
||||
hostnames:
|
||||
- jellyfin-vue.alexlebens.net
|
||||
rules:
|
||||
- matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: jellyfin-vue
|
||||
port: 80
|
||||
weight: 100
|
||||
|
||||
@@ -0,0 +1,26 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: jellyfin-config-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: jellyfin-config-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: jellyfin-config
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: jellyfin-config-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
cacheCapacity: 10Gi
|
||||
@@ -9,7 +9,7 @@ jellyfin:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/jellyfin/jellyfin
|
||||
tag: 10.11.5
|
||||
tag: 10.11.4
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -25,6 +25,22 @@ jellyfin:
|
||||
gpu.intel.com/i915: 1
|
||||
cpu: 1
|
||||
memory: 2Gi
|
||||
vue:
|
||||
type: deployment
|
||||
replicas: 3
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/jellyfin/jellyfin-vue
|
||||
tag: unstable@sha256:0083110ab7def4f4e2eefe02b55bce92c40c72abc7efcd622dd5c24fc1ab48b2
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: DEFAULT_SERVERS
|
||||
value: https://jellyfin.alexlebens.net
|
||||
- name: DISABLE_SERVER_SELECTION
|
||||
value: true
|
||||
service:
|
||||
main:
|
||||
forceRename: jellyfin
|
||||
@@ -34,6 +50,13 @@ jellyfin:
|
||||
port: 80
|
||||
targetPort: 8096
|
||||
protocol: HTTP
|
||||
vue:
|
||||
controller: vue
|
||||
ports:
|
||||
http:
|
||||
port: 80
|
||||
targetPort: 80
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
config:
|
||||
forceRename: jellyfin-config
|
||||
@@ -67,14 +90,3 @@ jellyfin:
|
||||
main:
|
||||
- path: /mnt/youtube
|
||||
readOnly: true
|
||||
volsync-target-config:
|
||||
pvcTarget: jellyfin-config
|
||||
local:
|
||||
restic:
|
||||
cacheCapacity: 10Gi
|
||||
remote:
|
||||
restic:
|
||||
cacheCapacity: 10Gi
|
||||
external:
|
||||
restic:
|
||||
cacheCapacity: 10Gi
|
||||
|
||||
@@ -4,9 +4,6 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.4
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:e78c421c8c0d03aff0e873ef37790183d19dd08a1b9150056a6f85a6740ad77e
|
||||
generated: "2025-12-21T19:03:32.744669228Z"
|
||||
version: 7.1.1
|
||||
digest: sha256:1420b2a4ee76b1e6085fb81f60802bfae1273622c2d91085e7baebcce3e845fd
|
||||
generated: "2025-12-15T15:31:26.51811-06:00"
|
||||
|
||||
@@ -21,11 +21,7 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.4
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.6.0
|
||||
version: 7.1.1
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellystat.png
|
||||
appVersion: 1.1.6
|
||||
|
||||
@@ -34,6 +34,63 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: jellystat-data-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: jellystat-data-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/jellystat/jellystat-data"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -0,0 +1,25 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: jellystat-data-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: jellystat-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: jellystat-data
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: jellystat-data-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
@@ -9,7 +9,7 @@ jellystat:
|
||||
main:
|
||||
image:
|
||||
repository: cyfershepard/jellystat
|
||||
tag: 1.1.7
|
||||
tag: 1.1.6
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -132,5 +132,3 @@ postgres-18-cluster:
|
||||
# immediate: true
|
||||
# schedule: "0 0 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
volsync-target-data:
|
||||
pvcTarget: jellystat-data
|
||||
|
||||
@@ -7,9 +7,6 @@ dependencies:
|
||||
version: 0.19.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.6.0
|
||||
digest: sha256:68db68d55b6dba608a8e86457eb122b9278e9fc3153129f4fa30cc685eee85f0
|
||||
generated: "2025-12-18T02:46:05.710950531Z"
|
||||
version: 1.23.2
|
||||
digest: sha256:0819a80daf6d407b45dde4c2469f95187e9b84d02618f7efea57e6bc9fd43a80
|
||||
generated: "2025-12-16T21:01:27.119792961Z"
|
||||
|
||||
@@ -25,11 +25,8 @@ dependencies:
|
||||
version: 0.19.0
|
||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.1.4
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.6.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/webp/karakeep.webp
|
||||
appVersion: 0.29.1
|
||||
|
||||
@@ -79,3 +79,83 @@ spec:
|
||||
key: /cl01tl/karakeep/meilisearch
|
||||
metadataPolicy: None
|
||||
property: MEILI_MASTER_KEY
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: karakeep-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/karakeep
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: karakeep-data-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep-data-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/karakeep/karakeep-data"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user