alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests Actions Activity

Compare commits

base: alexlebens:main
Branches Tags
alexlebens:main alexlebens:manifests
..
compare: alexlebens:61035b5c2683dada6f3be01cc69820f700731213
Branches Tags
alexlebens:manifests alexlebens:main

1 Commits
main ... 61035b5c26

Author SHA1 Message Date
Renovate Bot
61035b5c26 Update docker.io/postgres Docker tag to v18
All checks were successful
renovate/stability-days Updates have met minimum release age requirement
Details
lint-test-docker / lint-docker-compose (pull_request) Successful in 22s
Details
2025-12-04 20:54:07 +00:00
259 changed files with 932 additions and 1310 deletions
Expand all files Collapse all files

34
.gitea/workflows/lint-test-docker.yaml
View File

@@ -36,20 +36,14 @@ jobs:
id: branch-exists id: branch-exists
if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request' if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request'
run: | run: |
if [ ${{ github.event_name == 'push' }} ]; then echo ">> Branch ${{ gitea.base_ref }} exists, will continue with linting"
echo ">> Action is from a push event, will continue with linting"
else
echo ">> Branch ${{ gitea.base_ref }} exists, will continue with linting"
fi
echo "----" echo "----"
echo "exists=true" >> $GITEA_OUTPUT echo "exists=true" >> $GITEA_OUTPUT
- name: Set up Node.js - name: Set up Node.js
if: steps.branch-exists.outputs.exists == 'true' if: steps.check-branch-exists.outputs.exists == 'true'
uses: actions/setup-node@v6 uses: actions/setup-node@v6
with: with:
node-version: '24' node-version: '24'
@@ -65,11 +59,11 @@ jobs:
if [ "${{ github.event_name }}" == "pull_request" ]; then if [ "${{ github.event_name }}" == "pull_request" ]; then
echo "" echo ""
echo ">> Checking for changes in a pull request ..." echo ">> Checking for changes in a pull request ..."
GIT_DIFF=$(git diff --name-only "${BASE_BRANCH}" | xargs -I {} dirname {} | sort -u) GIT_DIFF=$(git diff --name-only "${BASE_BRANCH}" | xargs -I {} dirname {} | sort -u | grep -E "hosts/[^/]+/[^/]+")
else else
echo "" echo ""
echo ">> Checking for changes from a push ..." echo ">> Checking for changes from a push ..."
GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u) GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u | grep -E "hosts/[^/]+/[^/]+")
fi fi
if [ -n "${GIT_DIFF}" ]; then if [ -n "${GIT_DIFF}" ]; then
@@ -78,12 +72,7 @@ jobs:
echo "$GIT_DIFF" echo "$GIT_DIFF"
for path in $GIT_DIFF; do for path in $GIT_DIFF; do
if echo "$path" | grep -q -E "hosts/[^/]+/[^/]+"; then CHANGED_COMPOSE+=$(echo "$path")
echo ""
echo ">> Adding path: $path"
CHANGED_COMPOSE+=$(echo "$path")
CHANGED_COMPOSE+=$(echo " ")
fi
done done
else else
@@ -95,32 +84,27 @@ jobs:
if [ -n "${CHANGED_COMPOSE}" ]; then if [ -n "${CHANGED_COMPOSE}" ]; then
echo "" echo ""
echo ">> Compose to Lint:" echo ">> Compose to Lint:"
echo "$(echo "${CHANGED_COMPOSE}" | sort -u)" echo "$(echo "${CHANGED_COMPOSE[@]}" | sort -u)"
echo "----" echo "----"
echo "changes-detected=true" >> $GITEA_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
echo "compose-dir<<EOF" >> $GITEA_OUTPUT echo "compose-dir<<EOF" >> $GITEA_OUTPUT
echo "$(echo "${CHANGED_COMPOSE}" | sort -u)" >> $GITEA_OUTPUT echo "$(echo "${CHANGED_COMPOSE[@]}" | sort -u)" >> $GITEA_OUTPUT
echo "EOF" >> $GITEA_OUTPUT echo "EOF" >> $GITEA_OUTPUT
else else
echo ""
echo ">> Did not find any docker compose files to lint"
echo "----"
echo "changes-detected=false" >> $GITEA_OUTPUT echo "changes-detected=false" >> $GITEA_OUTPUT
fi fi
- name: Lint Docker Compose - name: Lint Docker Compose
if: steps.check-dir-changes.outputs.changes-detected == 'true' if: steps.check-branch-exists.outputs.exists == 'true'
env: env:
CHANGED_COMPOSE: ${{ steps.check-dir-changes.outputs.compose-dir }} CHANGED_COMPOSE: ${{ steps.check-dir-changes.outputs.compose-dir }}
run: | run: |
echo ">> Running dclint on changed compose files:" echo ">> Running dclint on changed compose files:"
echo "$CHANGED_COMPOSE" echo "$CHANGED_COMPOSE"
for compose in $CHANGED_COMPOSE; do echo "$CHANGED_COMPOSE" | while read -r compose; do
echo ">> Linting $compose ..." echo ">> Linting $compose ..."
npx dclint $compose npx dclint $compose
done done

34
.gitea/workflows/lint-test-helm.yaml
View File

@@ -5,13 +5,13 @@ on:
branches: branches:
- main - main
paths: paths:
- 'clusters/cl01tl/helm/**' - 'clusters/*/helm/**'
push: push:
branches: branches:
- main - main
paths: paths:
- 'clusters/cl01tl/helm/**' - 'clusters/*/helm/**'
env: env:
CLUSTER: cl01tl CLUSTER: cl01tl
@@ -37,13 +37,7 @@ jobs:
id: branch-exists id: branch-exists
if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request' if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request'
run: | run: |
if [ ${{ github.event_name == 'push' }} ]; then echo ">> Branch ${{ gitea.base_ref }} exists, will continue with linting"
echo ">> Action is from a push event, will continue with linting"
else
echo ">> Branch ${{ gitea.base_ref }} exists, will continue with linting"
fi
echo "----" echo "----"
@@ -54,7 +48,7 @@ jobs:
uses: azure/setup-helm@v4 uses: azure/setup-helm@v4
with: with:
token: ${{ secrets.GITEA_TOKEN }} token: ${{ secrets.GITEA_TOKEN }}
version: v3.19.2 version: v3
- name: Check Directories for Changes - name: Check Directories for Changes
id: check-dir-changes id: check-dir-changes
@@ -67,11 +61,11 @@ jobs:
if [ "${{ github.event_name }}" == "pull_request" ]; then if [ "${{ github.event_name }}" == "pull_request" ]; then
echo "" echo ""
echo ">> Checking for changes in a pull request ..." echo ">> Checking for changes in a pull request ..."
GIT_DIFF=$(git diff --name-only "${BASE_BRANCH}" | xargs -I {} dirname {} | sort -u) GIT_DIFF=$(git diff --name-only "${BASE_BRANCH}" | xargs -I {} dirname {} | sort -u | grep -E "clusters/[^/]+/helm/[^/]+")
else else
echo "" echo ""
echo ">> Checking for changes from a push ..." echo ">> Checking for changes from a push ..."
GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u) GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u | grep -E "clusters/[^/]+/helm/[^/]+")
fi fi
if [ -n "${GIT_DIFF}" ]; then if [ -n "${GIT_DIFF}" ]; then
@@ -80,12 +74,7 @@ jobs:
echo "$GIT_DIFF" echo "$GIT_DIFF"
for path in $GIT_DIFF; do for path in $GIT_DIFF; do
if echo "$path" | grep -q -E "clusters/[^/]+/helm/[^/]+"; then CHANGED_CHARTS+=$(echo "$path" | awk -F '/' '{print $4}')
echo ""
echo ">> Adding path: $path"
CHANGED_CHARTS+=$(echo "$path" | awk -F '/' '{print $4}')
CHANGED_CHARTS+=$(echo " ")
fi
done done
else else
@@ -97,20 +86,15 @@ jobs:
if [ -n "${CHANGED_CHARTS}" ]; then if [ -n "${CHANGED_CHARTS}" ]; then
echo "" echo ""
echo ">> Chart to Lint:" echo ">> Chart to Lint:"
echo "$(echo "${CHANGED_CHARTS}" | sort -u)" echo "$(echo "${CHANGED_CHARTS[@]}" | sort -u)"
echo "----" echo "----"
echo "changes-detected=true" >> $GITEA_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
echo "chart-dir<<EOF" >> $GITEA_OUTPUT echo "chart-dir<<EOF" >> $GITEA_OUTPUT
echo "$(echo "${CHANGED_CHARTS}" | sort -u)" >> $GITEA_OUTPUT echo "$(echo "${CHANGED_CHARTS[@]}" | sort -u)" >> $GITEA_OUTPUT
echo "EOF" >> $GITEA_OUTPUT echo "EOF" >> $GITEA_OUTPUT
else else
echo ""
echo ">> Did not find any helm charts files to lint"
echo "----"
echo "changes-detected=false" >> $GITEA_OUTPUT echo "changes-detected=false" >> $GITEA_OUTPUT
fi fi

31
.gitea/workflows/render-manifests-automerge.yaml
View File

@@ -72,7 +72,6 @@ jobs:
echo "$GIT_DIFF" echo "$GIT_DIFF"
for path in $GIT_DIFF; do for path in $GIT_DIFF; do
RENDER_DIR+=$(echo "$path" | awk -F '/' '{print $4}') RENDER_DIR+=$(echo "$path" | awk -F '/' '{print $4}')
RENDER_DIR+=$(echo " ")
done done
else else
@@ -82,13 +81,13 @@ jobs:
if [ -n "${RENDER_DIR}" ]; then if [ -n "${RENDER_DIR}" ]; then
echo ">> Directories to Render:" echo ">> Directories to Render:"
echo "$(echo "${RENDER_DIR}" | sort -u)" echo "$(echo "${RENDER_DIR[@]}" | sort -u)"
echo "----" echo "----"
echo "changes-detected=true" >> $GITEA_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
echo "render-dir<<EOF" >> $GITEA_OUTPUT echo "render-dir<<EOF" >> $GITEA_OUTPUT
echo "$(echo "${RENDER_DIR}" | sort -u)" >> $GITEA_OUTPUT echo "$(echo "${RENDER_DIR[@]}" | sort -u)" >> $GITEA_OUTPUT
echo "EOF" >> $GITEA_OUTPUT echo "EOF" >> $GITEA_OUTPUT
else else
echo "changes-detected=false" >> $GITEA_OUTPUT echo "changes-detected=false" >> $GITEA_OUTPUT
@@ -161,10 +160,6 @@ jobs:
cd $chart_path cd $chart_path
echo ""
echo ">> Updating helm dependency ..."
helm dependency update --skip-refresh
echo "" echo ""
echo ">> Building helm dependency ..." echo ">> Building helm dependency ..."
helm dependency build --skip-refresh helm dependency build --skip-refresh
@@ -195,12 +190,7 @@ jobs:
echo "" echo ""
echo ">> Formating rendered template ..." echo ">> Formating rendered template ..."
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"' echo "$TEMPLATE" | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
# Strip comments again to ensure formatting correctness
for file in "$OUTPUT_FOLDER"/*; do
yq -i '... comments=""' $file
done
echo "" echo ""
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER" echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
@@ -304,15 +294,10 @@ jobs:
if [ "$HTTP_STATUS" == "201" ]; then if [ "$HTTP_STATUS" == "201" ]; then
echo ">> Pull Request created successfully!" echo ">> Pull Request created successfully!"
PR_URL=$(cat response_body.json | jq -r .html_url) PR_URL=$(cat response_body.json | jq -r .html_url)
echo ">> Pull Request URL: $PR_URL"
echo "pull-request-url=${PR_URL}" >> $GITEA_OUTPUT echo "pull-request-url=${PR_URL}" >> $GITEA_OUTPUT
PR_ID=$(cat response_body.json | jq -r .id)
PR_NUMBER=$(cat response_body.json | jq -r .number) echo "pull-request-id=${PR_ID}" >> $GITEA_OUTPUT
echo ">> Pull Request Number: $PR_NUMBER"
echo "pull-request-number=${PR_NUMBER}" >> $GITEA_OUTPUT
echo "pull-request-operation=created" >> $GITEA_OUTPUT echo "pull-request-operation=created" >> $GITEA_OUTPUT
elif [ "$HTTP_STATUS" == "422" ]; then elif [ "$HTTP_STATUS" == "422" ]; then
@@ -335,17 +320,17 @@ jobs:
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }} GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
GITEA_URL: ${{ secrets.REPO_URL }} GITEA_URL: ${{ secrets.REPO_URL }}
BRANCH_NAME: ${{ steps.prepare-manifest-branch.outputs.BRANCH_NAME }} BRANCH_NAME: ${{ steps.prepare-manifest-branch.outputs.BRANCH_NAME }}
PR_NUMBER: ${{ steps.create-pull-request.outputs.pull-request-number }} PR_ID: ${{ steps.create-pull-request.outputs.pull-request-id }}
run: | run: |
cd ${MANIFEST_DIR} cd ${MANIFEST_DIR}
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls/${PR_NUMBER}/merge" API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls/${PR_ID}/merge"
PAYLOAD=$( jq -n \ PAYLOAD=$( jq -n \
--arg Do "merge" \ --arg Do "merge" \
'{Do: $Do}' ) '{Do: $Do}' )
echo ">> Merging PR with ID: ${PR_NUMBER}" echo ">> Merging PR with ID: ${PR_ID}"
echo ">> With Endpoint of:" echo ">> With Endpoint of:"
echo "$API_ENDPOINT" echo "$API_ENDPOINT"
echo ">> With Payload of:" echo ">> With Payload of:"

15
.gitea/workflows/render-manifests-dispatch.yaml
View File

@@ -67,13 +67,13 @@ jobs:
if [ -n "${RENDER_DIR}" ]; then if [ -n "${RENDER_DIR}" ]; then
echo ">> Directories to Render:" echo ">> Directories to Render:"
echo "$(echo "${RENDER_DIR}" | sort -u)" echo "$(echo "${RENDER_DIR[@]}" | sort -u)"
echo "----" echo "----"
echo "changes-detected=true" >> $GITEA_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
echo "render-dir<<EOF" >> $GITEA_OUTPUT echo "render-dir<<EOF" >> $GITEA_OUTPUT
echo "$(echo "${RENDER_DIR}" | sort -u)" >> $GITEA_OUTPUT echo "$(echo "${RENDER_DIR[@]}" | sort -u)" >> $GITEA_OUTPUT
echo "EOF" >> $GITEA_OUTPUT echo "EOF" >> $GITEA_OUTPUT
else else
echo "changes-detected=false" >> $GITEA_OUTPUT echo "changes-detected=false" >> $GITEA_OUTPUT
@@ -146,10 +146,6 @@ jobs:
cd $chart_path cd $chart_path
echo ""
echo ">> Updating helm dependency ..."
helm dependency update --skip-refresh
echo "" echo ""
echo ">> Building helm dependency ..." echo ">> Building helm dependency ..."
helm dependency build --skip-refresh helm dependency build --skip-refresh
@@ -180,12 +176,7 @@ jobs:
echo "" echo ""
echo ">> Formating rendered template ..." echo ">> Formating rendered template ..."
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"' echo "$TEMPLATE" | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
# Strip comments again to ensure formatting correctness
for file in "$OUTPUT_FOLDER"/*; do
yq -i '... comments=""' $file
done
echo "" echo ""
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER" echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"

16
.gitea/workflows/render-manifests-merge.yaml
View File

@@ -77,7 +77,6 @@ jobs:
echo "$GIT_DIFF" echo "$GIT_DIFF"
for path in $GIT_DIFF; do for path in $GIT_DIFF; do
RENDER_DIR+=$(echo "$path" | awk -F '/' '{print $4}') RENDER_DIR+=$(echo "$path" | awk -F '/' '{print $4}')
RENDER_DIR+=$(echo " ")
done done
else else
@@ -87,13 +86,13 @@ jobs:
if [ -n "${RENDER_DIR}" ]; then if [ -n "${RENDER_DIR}" ]; then
echo ">> Directories to Render:" echo ">> Directories to Render:"
echo "$(echo "${RENDER_DIR}" | sort -u)" echo "$(echo "${RENDER_DIR[@]}" | sort -u)"
echo "----" echo "----"
echo "changes-detected=true" >> $GITEA_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
echo "render-dir<<EOF" >> $GITEA_OUTPUT echo "render-dir<<EOF" >> $GITEA_OUTPUT
echo "$(echo "${RENDER_DIR}" | sort -u)" >> $GITEA_OUTPUT echo "$(echo "${RENDER_DIR[@]}" | sort -u)" >> $GITEA_OUTPUT
echo "EOF" >> $GITEA_OUTPUT echo "EOF" >> $GITEA_OUTPUT
else else
echo "changes-detected=false" >> $GITEA_OUTPUT echo "changes-detected=false" >> $GITEA_OUTPUT
@@ -166,10 +165,6 @@ jobs:
cd $chart_path cd $chart_path
echo ""
echo ">> Updating helm dependency ..."
helm dependency update --skip-refresh
echo "" echo ""
echo ">> Building helm dependency ..." echo ">> Building helm dependency ..."
helm dependency build --skip-refresh helm dependency build --skip-refresh
@@ -200,12 +195,7 @@ jobs:
echo "" echo ""
echo ">> Formating rendered template ..." echo ">> Formating rendered template ..."
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"' echo "$TEMPLATE" | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
# Strip comments again to ensure formatting correctness
for file in "$OUTPUT_FOLDER"/*; do
yq -i '... comments=""' $file
done
echo "" echo ""
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER" echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"

16
.gitea/workflows/render-manifests-push.yaml
View File

@@ -75,7 +75,6 @@ jobs:
echo "$GIT_DIFF" echo "$GIT_DIFF"
for path in $GIT_DIFF; do for path in $GIT_DIFF; do
RENDER_DIR+=$(echo "$path" | awk -F '/' '{print $4}') RENDER_DIR+=$(echo "$path" | awk -F '/' '{print $4}')
RENDER_DIR+=$(echo " ")
done done
else else
@@ -85,13 +84,13 @@ jobs:
if [ -n "${RENDER_DIR}" ]; then if [ -n "${RENDER_DIR}" ]; then
echo ">> Directories to Render:" echo ">> Directories to Render:"
echo "$(echo "${RENDER_DIR}" | sort -u)" echo "$(echo "${RENDER_DIR[@]}" | sort -u)"
echo "----" echo "----"
echo "changes-detected=true" >> $GITEA_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
echo "render-dir<<EOF" >> $GITEA_OUTPUT echo "render-dir<<EOF" >> $GITEA_OUTPUT
echo "$(echo "${RENDER_DIR}" | sort -u)" >> $GITEA_OUTPUT echo "$(echo "${RENDER_DIR[@]}" | sort -u)" >> $GITEA_OUTPUT
echo "EOF" >> $GITEA_OUTPUT echo "EOF" >> $GITEA_OUTPUT
else else
echo "changes-detected=false" >> $GITEA_OUTPUT echo "changes-detected=false" >> $GITEA_OUTPUT
@@ -164,10 +163,6 @@ jobs:
cd $chart_path cd $chart_path
echo ""
echo ">> Updating helm dependency ..."
helm dependency update --skip-refresh
echo "" echo ""
echo ">> Building helm dependency ..." echo ">> Building helm dependency ..."
helm dependency build --skip-refresh helm dependency build --skip-refresh
@@ -198,12 +193,7 @@ jobs:
echo "" echo ""
echo ">> Formating rendered template ..." echo ">> Formating rendered template ..."
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"' echo "$TEMPLATE" | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
# Strip comments again to ensure formatting correctness
for file in "$OUTPUT_FOLDER"/*; do
yq -i '... comments=""' $file
done
echo "" echo ""
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER" echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"

6
clusters/cl01tl/helm/actual/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
digest: sha256:926b8da839684072fd79954aff0c9852c2ff3b618b0fa35177bdec8e2dff4986 digest: sha256:b5d823171e1b4dc1d3856f782f0c67cbb5d49e4fa170df2f21b06303c7aff7f5
generated: "2025-12-05T17:02:01.15162583Z" generated: "2025-11-30T21:05:19.732832-06:00"

4
clusters/cl01tl/helm/actual/Chart.yaml
View File

@@ -16,6 +16,6 @@ dependencies:
- name: app-template - name: app-template
alias: actual alias: actual
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
appVersion: 25.12.0 appVersion: 25.11.0

8
clusters/cl01tl/helm/argo-workflows/Chart.lock
View File

@@ -1,12 +1,12 @@
dependencies: dependencies:
- name: argo-workflows - name: argo-workflows
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
version: 0.46.2 version: 0.46.1
- name: argo-events - name: argo-events
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
version: 2.4.19 version: 2.4.18
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 6.16.1 version: 6.16.1
digest: sha256:40a93dfcabbc5746682bac631e9a620588cf0cb6fdf79a42446a823e93a531c8 digest: sha256:6cc24f6ce2b7f67c2eeab9bb6f64ebfedc082a2e809fc1f03f691f99a3006143
generated: "2025-12-11T15:49:57.970719-06:00" generated: "2025-12-04T01:01:06.532396136Z"

8
clusters/cl01tl/helm/argo-workflows/Chart.yaml
View File

@@ -18,14 +18,14 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: argo-workflows - name: argo-workflows
version: 0.46.2 version: 0.46.1
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
- name: argo-events - name: argo-events
version: 2.4.19 version: 2.4.18
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-17-cluster
version: 6.16.1 version: 6.16.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
appVersion: v3.7.6 appVersion: v3.6.7

8
clusters/cl01tl/helm/argo-workflows/templates/external-secret.yaml
View File

@@ -31,10 +31,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: argo-workflows-postgresql-18-cluster-backup-secret name: argo-workflows-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: argo-workflows-postgresql-18-cluster-backup-secret app.kubernetes.io/name: argo-workflows-postgresql-17-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:
@@ -61,10 +61,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: argo-workflows-postgresql-18-cluster-backup-secret-garage name: argo-workflows-postgresql-17-cluster-backup-secret-garage
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: argo-workflows-postgresql-18-cluster-backup-secret-garage app.kubernetes.io/name: argo-workflows-postgresql-17-cluster-backup-secret-garage
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:

41
clusters/cl01tl/helm/argo-workflows/values.yaml
View File

@@ -9,15 +9,15 @@ argo-workflows:
nodeStatusOffLoad: true nodeStatusOffLoad: true
archive: true archive: true
postgresql: postgresql:
host: argo-workflows-postgresql-18-cluster-rw host: argo-workflows-postgresql-17-cluster-rw
port: 5432 port: 5432
database: app database: app
tableName: app tableName: app
userNameSecret: userNameSecret:
name: argo-workflows-postgresql-18-cluster-app name: argo-workflows-postgresql-17-cluster-app
key: username key: username
passwordSecret: passwordSecret:
name: argo-workflows-postgresql-18-cluster-app name: argo-workflows-postgresql-17-cluster-app
key: password key: password
ssl: false ssl: false
sslMode: disable sslMode: disable
@@ -59,6 +59,20 @@ argo-workflows:
useStaticCredentials: true useStaticCredentials: true
artifactRepository: artifactRepository:
archiveLogs: false archiveLogs: false
s3: {}
# accessKeySecret:
# name: "{{ .Release.Name }}-minio"
# key: accesskey
# secretKeySecret:
# name: "{{ .Release.Name }}-minio"
# key: secretkey
# insecure: true
# bucket:
# endpoint:
# region:
# encryptionOptions:
# enableEncryption: true
argo-events: argo-events:
controller: controller:
resources: resources:
@@ -75,12 +89,9 @@ argo-events:
requests: requests:
cpu: 10m cpu: 10m
memory: 128Mi memory: 128Mi
postgres-18-cluster: postgres-17-cluster:
mode: recovery mode: recovery
cluster: cluster:
image:
repository: ghcr.io/cloudnative-pg/postgresql
tag: 18.1-standard-trixie
storage: storage:
storageClass: local-path storageClass: local-path
walStorage: walStorage:
@@ -92,30 +103,30 @@ postgres-18-cluster:
recovery: recovery:
method: objectStore method: objectStore
objectStore: objectStore:
destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-17-cluster
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
index: 1 index: 1
endpointCredentials: argo-workflows-postgresql-18-cluster-backup-secret-garage endpointCredentials: argo-workflows-postgresql-17-cluster-backup-secret-garage
backup: backup:
objectStore: objectStore:
- name: external - name: external
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/argo-workflows/argo-workflows-postgresql-17-cluster
index: 1 index: 1
retentionPolicy: "30d" retentionPolicy: "30d"
isWALArchiver: false isWALArchiver: false
- name: garage-local - name: garage-local
destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-17-cluster
index: 1 index: 1
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
endpointCredentials: argo-workflows-postgresql-18-cluster-backup-secret-garage endpointCredentials: argo-workflows-postgresql-17-cluster-backup-secret-garage
endpointCredentialsIncludeRegion: true endpointCredentialsIncludeRegion: true
retentionPolicy: "3d" retentionPolicy: "3d"
isWALArchiver: true isWALArchiver: true
# - name: garage-remote # - name: garage-remote
# destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster # destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-17-cluster
# index: 1 # index: 1
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
# endpointCredentials: argo-workflows-postgresql-18-cluster-backup-secret-garage # endpointCredentials: argo-workflows-postgresql-17-cluster-backup-secret-garage
# endpointCredentialsIncludeRegion: true # endpointCredentialsIncludeRegion: true
# retentionPolicy: "30d" # retentionPolicy: "30d"
# data: # data:
@@ -123,7 +134,6 @@ postgres-18-cluster:
scheduledBackups: scheduledBackups:
- name: daily-backup - name: daily-backup
suspend: false suspend: false
immediate: true
schedule: "0 0 0 * * *" schedule: "0 0 0 * * *"
backupName: external backupName: external
- name: live-backup - name: live-backup
@@ -133,6 +143,5 @@ postgres-18-cluster:
backupName: garage-local backupName: garage-local
# - name: weekly-backup # - name: weekly-backup
# suspend: true # suspend: true
# immediate: true
# schedule: "0 0 4 * * SAT" # schedule: "0 0 4 * * SAT"
# backupName: garage-remote # backupName: garage-remote

6
clusters/cl01tl/helm/argocd/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: argo-cd - name: argo-cd
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
version: 9.1.7 version: 9.1.5
digest: sha256:ed1ae26f3e642750f6dd970c1adc4fa14a627fad13daf74169213199f74425b3 digest: sha256:07f7f6d369af426cdd213ddbc58373a4e5b4f54724efd4612662d7da0315232d
generated: "2025-12-09T23:01:55.027301875Z" generated: "2025-12-02T21:27:41.876154-06:00"

4
clusters/cl01tl/helm/argocd/Chart.yaml
View File

@@ -15,7 +15,7 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: argo-cd - name: argo-cd
version: 9.1.7 version: 9.1.5
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
appVersion: v3.2.1 appVersion: 3.0.0

5
clusters/cl01tl/helm/argocd/values.yaml
View File

@@ -25,7 +25,6 @@ argo-cd:
id: authentik id: authentik
params: params:
server.insecure: true server.insecure: true
controller.diff.server.side: true
rbac: rbac:
policy.csv: | policy.csv: |
g, ArgoCD Admins, role:admin g, ArgoCD Admins, role:admin
@@ -61,7 +60,7 @@ argo-cd:
enabled: true enabled: true
auth: false auth: false
redisSecretInit: redisSecretInit:
enabled: false enabled: true
server: server:
replicas: 2 replicas: 2
extensions: extensions:
@@ -280,7 +279,7 @@ argo-cd:
- description: Application has degraded - description: Application has degraded
send: send:
- app-health-degraded - app-health-degraded
when: app.status.health.status == 'Degraded' when: app.status.health.status == 'Degraded' and time.Now().Sub(time.Parse(app.status.health.lastTransitionTime).Minutes() >= 15
trigger.on-sync-failed: | trigger.on-sync-failed: |
- description: Application syncing has failed - description: Application syncing has failed
send: send:

6
clusters/cl01tl/helm/audiobookshelf/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
digest: sha256:977ed15091e9ed30d647a626214701d22f3a8a5232a900e33f753cc7e090042f digest: sha256:f3a9990542f24965fadad0b5493059b78cdc3fae91c8214577fa6f41ca5f7de3
generated: "2025-12-05T17:02:13.674405673Z" generated: "2025-11-30T21:05:21.317114-06:00"

4
clusters/cl01tl/helm/audiobookshelf/Chart.yaml
View File

@@ -18,6 +18,6 @@ dependencies:
- name: app-template - name: app-template
alias: audiobookshelf alias: audiobookshelf
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
appVersion: 2.31.0 appVersion: 2.21.0

6
clusters/cl01tl/helm/authentik/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 2025.10.2 version: 2025.10.2
- name: cloudflared - name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 6.16.1 version: 6.16.1
digest: sha256:fdd5cc597cf958ca0f6f43dd403915c89c45718eff80920c2d322264dc8b09e1 digest: sha256:c3bafb322ca02710c8f325fefef20678957a8c6fd86894e44e5e318997e5cb80
generated: "2025-12-11T16:14:14.729827-06:00" generated: "2025-12-03T23:59:57.54998859Z"

6
clusters/cl01tl/helm/authentik/Chart.yaml
View File

@@ -26,10 +26,10 @@ dependencies:
- name: cloudflared - name: cloudflared
alias: cloudflared alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-17-cluster
version: 6.16.1 version: 6.16.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png
appVersion: 2025.10.2 appVersion: 2025.4.1

8
clusters/cl01tl/helm/authentik/templates/external-secret.yaml
View File

@@ -47,10 +47,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: authentik-postgresql-18-cluster-backup-secret name: authentik-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: authentik-postgresql-18-cluster-backup-secret app.kubernetes.io/name: authentik-postgresql-17-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:
@@ -77,10 +77,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: authentik-postgresql-18-cluster-backup-secret-garage name: authentik-postgresql-17-cluster-backup-secret-garage
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: authentik-postgresql-18-cluster-backup-secret-garage app.kubernetes.io/name: authentik-postgresql-17-cluster-backup-secret-garage
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:

4
clusters/cl01tl/helm/authentik/templates/redis-replication.yaml
View File

@@ -13,7 +13,7 @@ spec:
runAsUser: 1000 runAsUser: 1000
fsGroup: 1000 fsGroup: 1000
kubernetesConfig: kubernetesConfig:
image: quay.io/opstree/redis:v8.4.0 image: quay.io/opstree/redis:v8.0.3
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
resources: resources:
requests: requests:
@@ -29,4 +29,4 @@ spec:
storage: 1Gi storage: 1Gi
redisExporter: redisExporter:
enabled: true enabled: true
image: quay.io/opstree/redis-exporter:v1.80.1 image: quay.io/opstree/redis-exporter:v1.48.0

29
clusters/cl01tl/helm/authentik/values.yaml
View File

@@ -9,22 +9,22 @@ authentik:
- name: AUTHENTIK_POSTGRESQL__HOST - name: AUTHENTIK_POSTGRESQL__HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: authentik-postgresql-18-cluster-app name: authentik-postgresql-17-cluster-app
key: host key: host
- name: AUTHENTIK_POSTGRESQL__NAME - name: AUTHENTIK_POSTGRESQL__NAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: authentik-postgresql-18-cluster-app name: authentik-postgresql-17-cluster-app
key: dbname key: dbname
- name: AUTHENTIK_POSTGRESQL__USER - name: AUTHENTIK_POSTGRESQL__USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: authentik-postgresql-18-cluster-app name: authentik-postgresql-17-cluster-app
key: user key: user
- name: AUTHENTIK_POSTGRESQL__PASSWORD - name: AUTHENTIK_POSTGRESQL__PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: authentik-postgresql-18-cluster-app name: authentik-postgresql-17-cluster-app
key: password key: password
authentik: authentik:
redis: redis:
@@ -50,12 +50,9 @@ authentik:
enabled: false enabled: false
cloudflared: cloudflared:
existingSecretName: authentik-cloudflared-secret existingSecretName: authentik-cloudflared-secret
postgres-18-cluster: postgres-17-cluster:
mode: recovery mode: recovery
cluster: cluster:
image:
repository: ghcr.io/cloudnative-pg/postgresql
tag: 18.1-standard-trixie
storage: storage:
storageClass: local-path storageClass: local-path
walStorage: walStorage:
@@ -67,30 +64,30 @@ postgres-18-cluster:
recovery: recovery:
method: objectStore method: objectStore
objectStore: objectStore:
destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-17-cluster
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
index: 1 index: 1
endpointCredentials: authentik-postgresql-18-cluster-backup-secret-garage endpointCredentials: authentik-postgresql-17-cluster-backup-secret-garage
backup: backup:
objectStore: objectStore:
- name: external - name: external
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/authentik/authentik-postgresql-18-cluster destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/authentik/authentik-postgresql-17-cluster
index: 1 index: 1
retentionPolicy: "30d" retentionPolicy: "30d"
isWALArchiver: false isWALArchiver: false
- name: garage-local - name: garage-local
destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-17-cluster
index: 1 index: 1
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
endpointCredentials: authentik-postgresql-18-cluster-backup-secret-garage endpointCredentials: authentik-postgresql-17-cluster-backup-secret-garage
endpointCredentialsIncludeRegion: true endpointCredentialsIncludeRegion: true
retentionPolicy: "3d" retentionPolicy: "3d"
isWALArchiver: true isWALArchiver: true
# - name: garage-remote # - name: garage-remote
# destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-18-cluster # destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-17-cluster
# index: 1 # index: 1
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
# endpointCredentials: authentik-postgresql-18-cluster-backup-secret-garage # endpointCredentials: authentik-postgresql-17-cluster-backup-secret-garage
# retentionPolicy: "30d" # retentionPolicy: "30d"
# data: # data:
# compression: bzip2 # compression: bzip2
@@ -98,7 +95,6 @@ postgres-18-cluster:
scheduledBackups: scheduledBackups:
- name: daily-backup - name: daily-backup
suspend: false suspend: false
immediate: true
schedule: "0 0 0 * * *" schedule: "0 0 0 * * *"
backupName: external backupName: external
- name: live-backup - name: live-backup
@@ -108,6 +104,5 @@ postgres-18-cluster:
backupName: garage-local backupName: garage-local
# - name: weekly-backup # - name: weekly-backup
# suspend: false # suspend: false
# immediate: true
# schedule: "0 0 4 * * SAT" # schedule: "0 0 4 * * SAT"
# backupName: garage-remote # backupName: garage-remote

6
clusters/cl01tl/helm/backrest/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
digest: sha256:6e6f20320a485b57288a6febae1b7623076059c370f88b7fbe92460fc4047db3 digest: sha256:aa797b99d6d8b7aafe142811938408b7f234df6d429a7e076196337cc63876cb
generated: "2025-12-05T17:02:26.599646463Z" generated: "2025-12-01T20:25:09.888407-06:00"

2
clusters/cl01tl/helm/backrest/Chart.yaml
View File

@@ -16,6 +16,6 @@ dependencies:
- name: app-template - name: app-template
alias: backrest alias: backrest
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/backrest.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/backrest.png
appVersion: v1.10.1 appVersion: v1.10.1

6
clusters/cl01tl/helm/bazarr/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
digest: sha256:54c88d51b4067dec5b22623957970b64092bf3f417fabb58277f6bc3e01eca20 digest: sha256:c6f6d1f2fb9fedf54094920737a6f0bd1a2ab89f0a4122966ca98f6c9d3f11fa
generated: "2025-12-05T17:02:40.843820962Z" generated: "2025-11-30T21:05:22.694344-06:00"

4
clusters/cl01tl/helm/bazarr/Chart.yaml
View File

@@ -18,6 +18,6 @@ dependencies:
- name: app-template - name: app-template
alias: bazarr alias: bazarr
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png
appVersion: 1.5.3 appVersion: 1.5.2

2
clusters/cl01tl/helm/bazarr/values.yaml
View File

@@ -15,7 +15,7 @@ bazarr:
main: main:
image: image:
repository: ghcr.io/linuxserver/bazarr repository: ghcr.io/linuxserver/bazarr
tag: 1.5.3@sha256:4aa1e82d1e96ae712095d881b7e3840e6db6ca862c335be5b00001f31156650b tag: 1.5.3@sha256:ec11e988e8e13411c994a4d9f43ed9b97409aa92c1da54d9f23926c3da7c2032
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: TZ - name: TZ

6
clusters/cl01tl/helm/blocky/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
digest: sha256:b8516161886b87344848ad2b3bdafbd66da61ca8ffc5e9a5ebed462f205c9912 digest: sha256:0009729bcf7f1941401b767fd4ae952b7a8d44f80053090b4a9224de912a14ef
generated: "2025-12-05T17:02:59.562863413Z" generated: "2025-12-01T20:25:13.511406-06:00"

4
clusters/cl01tl/helm/blocky/Chart.yaml
View File

@@ -16,6 +16,6 @@ dependencies:
- name: app-template - name: app-template
alias: blocky alias: blocky
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/blocky.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/blocky.png
appVersion: v0.28.2 appVersion: v0.25

4
clusters/cl01tl/helm/blocky/templates/redis-replication.yaml
View File

@@ -13,7 +13,7 @@ spec:
runAsUser: 1000 runAsUser: 1000
fsGroup: 1000 fsGroup: 1000
kubernetesConfig: kubernetesConfig:
image: quay.io/opstree/redis:v8.4.0 image: quay.io/opstree/redis:v8.0.3
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
resources: resources:
requests: requests:
@@ -29,4 +29,4 @@ spec:
storage: 1Gi storage: 1Gi
redisExporter: redisExporter:
enabled: true enabled: true
image: quay.io/opstree/redis-exporter:v1.80.1 image: quay.io/opstree/redis-exporter:v1.48.0

1
clusters/cl01tl/helm/blocky/values.yaml
View File

@@ -156,7 +156,6 @@ blocky:
radarr-anime IN CNAME traefik-cl01tl radarr-anime IN CNAME traefik-cl01tl
radarr-standup IN CNAME traefik-cl01tl radarr-standup IN CNAME traefik-cl01tl
searxng IN CNAME traefik-cl01tl searxng IN CNAME traefik-cl01tl
seerr IN CNAME traefik-cl01tl
slskd IN CNAME traefik-cl01tl slskd IN CNAME traefik-cl01tl
sonarr IN CNAME traefik-cl01tl sonarr IN CNAME traefik-cl01tl
sonarr-4k IN CNAME traefik-cl01tl sonarr-4k IN CNAME traefik-cl01tl

6
clusters/cl01tl/helm/booklore/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
- name: mariadb-cluster - name: mariadb-cluster
repository: https://helm.mariadb.com/mariadb-operator repository: https://helm.mariadb.com/mariadb-operator
version: 25.10.2 version: 25.10.2
digest: sha256:58d978bd46c61285b06acc6d9a40404d8059f2df7b953dea13c528b35350d0a8 digest: sha256:264725306c1d1f38140293c0820abdc7e8aa4f39764b4d91e20200705ce2ec91
generated: "2025-12-05T17:03:15.7199669Z" generated: "2025-11-30T21:05:24.649316-06:00"

4
clusters/cl01tl/helm/booklore/Chart.yaml
View File

@@ -16,9 +16,9 @@ dependencies:
- name: app-template - name: app-template
alias: booklore alias: booklore
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
- name: mariadb-cluster - name: mariadb-cluster
version: 25.10.2 version: 25.10.2
repository: https://helm.mariadb.com/mariadb-operator repository: https://helm.mariadb.com/mariadb-operator
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/booklore.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/booklore.png
appVersion: v1.13.2 appVersion: v.1.10.0

2
clusters/cl01tl/helm/booklore/values.yaml
View File

@@ -9,7 +9,7 @@ booklore:
main: main:
image: image:
repository: ghcr.io/booklore-app/booklore repository: ghcr.io/booklore-app/booklore
tag: v1.13.2 tag: v1.13.1
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: TZ - name: TZ

6
clusters/cl01tl/helm/cert-manager/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: cert-manager - name: cert-manager
repository: https://charts.jetstack.io repository: https://charts.jetstack.io
version: v1.19.2 version: v1.19.1
digest: sha256:b02bda9b9f2fc886af11d017a27a5761513defee603f9e3aa1d7add2749b925c digest: sha256:0b1238a5552bc6d457d4b1a2a1f387a3e7f2c19f820ecb64e14d20481a1ed1ce
generated: "2025-12-10T15:01:57.196895547Z" generated: "2025-12-01T20:25:17.762628-06:00"

4
clusters/cl01tl/helm/cert-manager/Chart.yaml
View File

@@ -14,7 +14,7 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: cert-manager - name: cert-manager
version: v1.19.2 version: v1.19.1
repository: https://charts.jetstack.io repository: https://charts.jetstack.io
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/cert-manager.png icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/cert-manager.png
appVersion: v1.19.2 appVersion: v1.17.2

2
clusters/cl01tl/helm/cilium/Chart.yaml
View File

@@ -18,4 +18,4 @@ dependencies:
version: 1.18.4 version: 1.18.4
repository: https://helm.cilium.io/ repository: https://helm.cilium.io/
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/cilium.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/cilium.png
appVersion: 1.18.4 appVersion: 1.17.3

3
clusters/cl01tl/helm/cilium/values.yaml
View File

@@ -55,9 +55,6 @@ cilium:
metrics: metrics:
serviceMonitor: serviceMonitor:
enabled: true enabled: true
tls:
auto:
method: cronJob
relay: relay:
enabled: true enabled: true
metrics: metrics:

6
clusters/cl01tl/helm/cloudnative-pg/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies: dependencies:
- name: cloudnative-pg - name: cloudnative-pg
repository: https://cloudnative-pg.io/charts/ repository: https://cloudnative-pg.io/charts/
version: 0.27.0 version: 0.26.1
- name: plugin-barman-cloud - name: plugin-barman-cloud
repository: https://cloudnative-pg.io/charts/ repository: https://cloudnative-pg.io/charts/
version: 0.3.1 version: 0.3.1
digest: sha256:14aa30b7bf75571b03bda19af68cd50c1e7908b883351b196a260609a5b85551 digest: sha256:b38e5104d77ab1737a27a2542eda958e82038443940f07b7c2cbe3b0a477e1e6
generated: "2025-12-10T19:25:17.952954019Z" generated: "2025-12-01T20:25:20.341325-06:00"

4
clusters/cl01tl/helm/cloudnative-pg/Chart.yaml
View File

@@ -16,10 +16,10 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: cloudnative-pg - name: cloudnative-pg
version: 0.27.0 version: 0.26.1
repository: https://cloudnative-pg.io/charts/ repository: https://cloudnative-pg.io/charts/
- name: plugin-barman-cloud - name: plugin-barman-cloud
version: 0.3.1 version: 0.3.1
repository: https://cloudnative-pg.io/charts/ repository: https://cloudnative-pg.io/charts/
icon: https://avatars.githubusercontent.com/u/100373852?s=200&v=4 icon: https://avatars.githubusercontent.com/u/100373852?s=200&v=4
appVersion: 1.28.0 appVersion: 1.26.0

8
clusters/cl01tl/helm/code-server/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
- name: cloudflared - name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
digest: sha256:3cf78630cd7670e1157a87fc7ccbeca248ef4ced8a3170e69140ea3e1b0ff564 digest: sha256:dd687a71edc2f7f03cba6d5f3e3221e2bb5172ed4c00659e327c79da5c01e89f
generated: "2025-12-07T02:54:11.675097664Z" generated: "2025-12-03T06:02:20.44367742Z"

6
clusters/cl01tl/helm/code-server/Chart.yaml
View File

@@ -19,10 +19,10 @@ dependencies:
- name: app-template - name: app-template
alias: code-server alias: code-server
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
- name: cloudflared - name: cloudflared
alias: cloudflared alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/visual-studio-code.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/visual-studio-code.png
appVersion: 4.106.3 appVersion: 4.100.2

2
clusters/cl01tl/helm/coredns/Chart.yaml
View File

@@ -18,4 +18,4 @@ dependencies:
version: 1.45.0 version: 1.45.0
repository: https://coredns.github.io/helm repository: https://coredns.github.io/helm
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/coredns.png icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/coredns.png
appVersion: v1.13.2 appVersion: v1.12.1

2
clusters/cl01tl/helm/descheduler/Chart.yaml
View File

@@ -17,4 +17,4 @@ dependencies:
version: 0.34.0 version: 0.34.0
repository: https://kubernetes-sigs.github.io/descheduler/ repository: https://kubernetes-sigs.github.io/descheduler/
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
appVersion: 0.34.0 appVersion: 0.33.0

21
clusters/cl01tl/helm/descheduler/values.yaml
View File

@@ -39,27 +39,16 @@ descheduler:
- name: RemovePodsViolatingNodeTaints - name: RemovePodsViolatingNodeTaints
- name: RemovePodsViolatingInterPodAntiAffinity - name: RemovePodsViolatingInterPodAntiAffinity
- name: RemovePodsViolatingTopologySpreadConstraint - name: RemovePodsViolatingTopologySpreadConstraint
- name: "HighNodeUtilization"
args:
thresholds:
cpu : 80
memory: 80
pods: 90
evictableNamespaces:
exclude:
- "kube-system"
evictionModes:
- "OnlyThresholdingResources"
- name: LowNodeUtilization - name: LowNodeUtilization
args: args:
thresholds: thresholds:
cpu: 30 cpu: 20
memory: 30 memory: 20
pods: 50 pods: 20
targetThresholds: targetThresholds:
cpu: 60 cpu: 60
memory: 40 memory: 60
pods: 80 pods: 60
plugins: plugins:
balance: balance:
enabled: enabled:

8
clusters/cl01tl/helm/directus/Chart.lock
View File

@@ -1,12 +1,12 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
- name: cloudflared - name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 6.16.1 version: 6.16.1
digest: sha256:636b200b79efdd6ea36afdf29a5e85f3741b362dfcbf2af47c7aff9e55f02812 digest: sha256:0bb36c0da68b901a005703e354f3f00f65c60ec3d1eddc2d08fa190062076944
generated: "2025-12-11T16:47:16.317535-06:00" generated: "2025-12-04T00:00:11.07185823Z"

8
clusters/cl01tl/helm/directus/Chart.yaml
View File

@@ -20,14 +20,14 @@ dependencies:
- name: app-template - name: app-template
alias: directus alias: directus
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
- name: cloudflared - name: cloudflared
alias: cloudflared-directus alias: cloudflared-directus
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-17-cluster
version: 6.16.1 version: 6.16.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png
appVersion: 11.14.0 appVersion: 11.7.2

38
clusters/cl01tl/helm/directus/templates/external-secret.yaml
View File

@@ -151,10 +151,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: directus-postgresql-18-cluster-backup-secret name: directus-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: directus-postgresql-18-cluster-backup-secret app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:
@@ -181,10 +181,40 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: directus-postgresql-18-cluster-backup-secret-garage name: directus-postgresql-17-cluster-backup-secret-weekly
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: directus-postgresql-18-cluster-backup-secret-garage app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret-weekly
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/postgres-backups
metadataPolicy: None
property: ACCESS_KEY_ID
- secretKey: ACCESS_SECRET_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/postgres-backups
metadataPolicy: None
property: ACCESS_SECRET_KEY
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: directus-postgresql-17-cluster-backup-secret-garage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret-garage
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:

4
clusters/cl01tl/helm/directus/templates/redis-replication.yaml
View File

@@ -13,7 +13,7 @@ spec:
runAsUser: 1000 runAsUser: 1000
fsGroup: 1000 fsGroup: 1000
kubernetesConfig: kubernetesConfig:
image: quay.io/opstree/redis:v8.4.0 image: quay.io/opstree/redis:v8.2.1
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
redisSecret: redisSecret:
name: directus-redis-config name: directus-redis-config
@@ -32,4 +32,4 @@ spec:
storage: 1Gi storage: 1Gi
redisExporter: redisExporter:
enabled: true enabled: true
image: quay.io/opstree/redis-exporter:v1.80.1 image: quay.io/opstree/redis-exporter:v1.76.0

2
clusters/cl01tl/helm/directus/templates/redis-sentinel.yaml
View File

@@ -19,7 +19,7 @@ spec:
name: directus-redis-config name: directus-redis-config
key: password key: password
kubernetesConfig: kubernetesConfig:
image: quay.io/opstree/redis-sentinel:v8.4.0 image: quay.io/opstree/redis-sentinel:v7.0.15
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
redisSecret: redisSecret:
name: directus-redis-config name: directus-redis-config

33
clusters/cl01tl/helm/directus/values.yaml
View File

@@ -9,7 +9,7 @@ directus:
main: main:
image: image:
repository: directus/directus repository: directus/directus
tag: 11.14.0 tag: 11.13.4
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: PUBLIC_URL - name: PUBLIC_URL
@@ -41,27 +41,27 @@ directus:
- name: DB_HOST - name: DB_HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: directus-postgresql-18-cluster-app name: directus-postgresql-17-cluster-app
key: host key: host
- name: DB_DATABASE - name: DB_DATABASE
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: directus-postgresql-18-cluster-app name: directus-postgresql-17-cluster-app
key: dbname key: dbname
- name: DB_PORT - name: DB_PORT
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: directus-postgresql-18-cluster-app name: directus-postgresql-17-cluster-app
key: port key: port
- name: DB_USER - name: DB_USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: directus-postgresql-18-cluster-app name: directus-postgresql-17-cluster-app
key: user key: user
- name: DB_PASSWORD - name: DB_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: directus-postgresql-18-cluster-app name: directus-postgresql-17-cluster-app
key: password key: password
- name: SYNCHRONIZATION_STORE - name: SYNCHRONIZATION_STORE
value: redis value: redis
@@ -156,12 +156,9 @@ directus:
cloudflared-directus: cloudflared-directus:
name: cloudflared-directus name: cloudflared-directus
existingSecretName: directus-cloudflared-secret existingSecretName: directus-cloudflared-secret
postgres-18-cluster: postgres-17-cluster:
mode: recovery mode: recovery
cluster: cluster:
image:
repository: ghcr.io/cloudnative-pg/postgresql
tag: 18.1-standard-trixie
storage: storage:
storageClass: local-path storageClass: local-path
walStorage: walStorage:
@@ -173,30 +170,30 @@ postgres-18-cluster:
recovery: recovery:
method: objectStore method: objectStore
objectStore: objectStore:
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
index: 1 index: 1
endpointCredentials: directus-postgresql-18-cluster-backup-secret-garage endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
backup: backup:
objectStore: objectStore:
- name: external - name: external
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-18-cluster destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
index: 1 index: 1
retentionPolicy: "30d" retentionPolicy: "30d"
isWALArchiver: false isWALArchiver: false
- name: garage-local - name: garage-local
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
index: 1 index: 1
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
endpointCredentials: directus-postgresql-18-cluster-backup-secret-garage endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
endpointCredentialsIncludeRegion: true endpointCredentialsIncludeRegion: true
retentionPolicy: "3d" retentionPolicy: "3d"
isWALArchiver: true isWALArchiver: true
# - name: garage-remote # - name: garage-remote
# destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-18-cluster # destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
# index: 1 # index: 1
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
# endpointCredentials: directus-postgresql-18-cluster-backup-secret-garage # endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
# retentionPolicy: "30d" # retentionPolicy: "30d"
# data: # data:
# compression: bzip2 # compression: bzip2
@@ -204,7 +201,6 @@ postgres-18-cluster:
scheduledBackups: scheduledBackups:
- name: daily-backup - name: daily-backup
suspend: false suspend: false
immediate: true
schedule: "0 0 0 * * *" schedule: "0 0 0 * * *"
backupName: external backupName: external
- name: live-backup - name: live-backup
@@ -214,6 +210,5 @@ postgres-18-cluster:
backupName: garage-local backupName: garage-local
# - name: weekly-backup # - name: weekly-backup
# suspend: false # suspend: false
# immediate: true
# schedule: "0 0 4 * * SAT" # schedule: "0 0 4 * * SAT"
# backupName: garage-remote # backupName: garage-remote

2
clusters/cl01tl/helm/elastic-operator/Chart.yaml
View File

@@ -18,4 +18,4 @@ dependencies:
version: 3.2.0 version: 3.2.0
repository: https://helm.elastic.co repository: https://helm.elastic.co
icon: https://helm.elastic.co/icons/eck.png icon: https://helm.elastic.co/icons/eck.png
appVersion: v3.2.0 appVersion: 1.26.0

6
clusters/cl01tl/helm/element-web/Chart.lock
View File

@@ -4,6 +4,6 @@ dependencies:
version: 1.4.26 version: 1.4.26
- name: cloudflared - name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
digest: sha256:f9196cbede894c6da6ecedd9ae05d3f1fd0e20304eca8ca38c18334a923b2235 digest: sha256:601cbb43296add7470b663f64b7bc18a2220d3cfff7bef397f72174929d9ff76
generated: "2025-12-07T02:54:29.895481505Z" generated: "2025-12-03T23:41:18.74872215Z"

4
clusters/cl01tl/helm/element-web/Chart.yaml
View File

@@ -22,6 +22,6 @@ dependencies:
- name: cloudflared - name: cloudflared
alias: cloudflared alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
appVersion: v1.12.6 appVersion: v1.11.100

6
clusters/cl01tl/helm/ephemera/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
digest: sha256:b08b2d3923734ba8844754727803a4b4e1de2ad418c3f755ccd64927266c1b5c digest: sha256:9900009eb6415344d8c5387371a0052259092d92f34c21774f6a6abe9f11f43e
generated: "2025-12-05T17:04:04.30013278Z" generated: "2025-11-30T21:05:32.524168-06:00"

2
clusters/cl01tl/helm/ephemera/Chart.yaml
View File

@@ -18,6 +18,6 @@ dependencies:
- name: app-template - name: app-template
alias: ephemera alias: ephemera
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/ephemera.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/ephemera.png
appVersion: 1.3.1 appVersion: 1.3.1

2
clusters/cl01tl/helm/eraser/Chart.yaml
View File

@@ -17,4 +17,4 @@ dependencies:
version: 1.4.1 version: 1.4.1
repository: https://eraser-dev.github.io/eraser/charts repository: https://eraser-dev.github.io/eraser/charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
appVersion: v1.4.1 appVersion: v1.3.1

2
clusters/cl01tl/helm/external-dns/Chart.yaml
View File

@@ -19,4 +19,4 @@ dependencies:
version: 1.19.0 version: 1.19.0
repository: https://kubernetes-sigs.github.io/external-dns/ repository: https://kubernetes-sigs.github.io/external-dns/
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
appVersion: v0.20.0 appVersion: 1.16.1

6
clusters/cl01tl/helm/external-secrets/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: external-secrets - name: external-secrets
repository: https://charts.external-secrets.io repository: https://charts.external-secrets.io
version: 1.1.1 version: 1.1.0
digest: sha256:d346563864c95c4ca3fe5f04f6b292e417069d171f5866b5af0fe84277481493 digest: sha256:543c98c4f4014f91b05c823444d87990dcdcd9710a0e5ccd953c5dc4e70006ee
generated: "2025-12-06T18:01:23.564488208Z" generated: "2025-12-01T20:25:40.642486-06:00"

4
clusters/cl01tl/helm/external-secrets/Chart.yaml
View File

@@ -12,7 +12,7 @@ sources:
- https://github.com/external-secrets/external-secrets/tree/main/deploy/charts/external-secrets - https://github.com/external-secrets/external-secrets/tree/main/deploy/charts/external-secrets
dependencies: dependencies:
- name: external-secrets - name: external-secrets
version: 1.1.1 version: 1.1.0
repository: https://charts.external-secrets.io repository: https://charts.external-secrets.io
icon: https://avatars.githubusercontent.com/u/68335991?s=48&v=4 icon: https://avatars.githubusercontent.com/u/68335991?s=48&v=4
appVersion: v1.1.1 appVersion: 0.17.0

8
clusters/cl01tl/helm/freshrss/Chart.lock
View File

@@ -1,12 +1,12 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
- name: cloudflared - name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 6.16.1 version: 6.16.1
digest: sha256:dc8829a1f2cea88033bfda5d412dee8124154e26bfbe9e1bd67b8bb351ad7904 digest: sha256:e4d7c431d7c88cf31d53d611b4fe901fb68c11a2666e48d38ac40feb45b904b5
generated: "2025-12-11T17:07:50.35548-06:00" generated: "2025-12-04T00:00:29.398819751Z"

8
clusters/cl01tl/helm/freshrss/Chart.yaml
View File

@@ -20,14 +20,14 @@ dependencies:
- name: app-template - name: app-template
alias: freshrss alias: freshrss
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
- name: cloudflared - name: cloudflared
alias: cloudflared alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-17-cluster
version: 6.16.1 version: 6.16.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png
appVersion: 1.27.1 appVersion: 1.26.2

8
clusters/cl01tl/helm/freshrss/templates/external-secret.yaml
View File

@@ -155,10 +155,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: freshrss-postgresql-18-cluster-backup-secret name: freshrss-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: freshrss-postgresql-18-cluster-backup-secret app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:
@@ -185,10 +185,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: freshrss-postgresql-18-cluster-backup-secret-garage name: freshrss-postgresql-17-cluster-backup-secret-garage
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: freshrss-postgresql-18-cluster-backup-secret-garage app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret-garage
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:

29
clusters/cl01tl/helm/freshrss/values.yaml
View File

@@ -98,22 +98,22 @@ freshrss:
- name: DB_HOST - name: DB_HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: freshrss-postgresql-18-cluster-app name: freshrss-postgresql-17-cluster-app
key: host key: host
- name: DB_BASE - name: DB_BASE
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: freshrss-postgresql-18-cluster-app name: freshrss-postgresql-17-cluster-app
key: dbname key: dbname
- name: DB_USER - name: DB_USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: freshrss-postgresql-18-cluster-app name: freshrss-postgresql-17-cluster-app
key: user key: user
- name: DB_PASSWORD - name: DB_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: freshrss-postgresql-18-cluster-app name: freshrss-postgresql-17-cluster-app
key: password key: password
- name: FRESHRSS_INSTALL - name: FRESHRSS_INSTALL
value: | value: |
@@ -193,12 +193,9 @@ freshrss:
readOnly: false readOnly: false
cloudflared: cloudflared:
existingSecretName: freshrss-cloudflared-secret existingSecretName: freshrss-cloudflared-secret
postgres-18-cluster: postgres-17-cluster:
mode: recovery mode: recovery
cluster: cluster:
image:
repository: ghcr.io/cloudnative-pg/postgresql
tag: 18.1-standard-trixie
storage: storage:
storageClass: local-path storageClass: local-path
walStorage: walStorage:
@@ -210,30 +207,30 @@ postgres-18-cluster:
recovery: recovery:
method: objectStore method: objectStore
objectStore: objectStore:
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
index: 1 index: 1
endpointCredentials: freshrss-postgresql-18-cluster-backup-secret-garage endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
backup: backup:
objectStore: objectStore:
- name: external - name: external
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-18-cluster destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
index: 1 index: 1
retentionPolicy: "30d" retentionPolicy: "30d"
isWALArchiver: false isWALArchiver: false
- name: garage-local - name: garage-local
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
index: 1 index: 1
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
endpointCredentials: freshrss-postgresql-18-cluster-backup-secret-garage endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
endpointCredentialsIncludeRegion: true endpointCredentialsIncludeRegion: true
retentionPolicy: "3d" retentionPolicy: "3d"
isWALArchiver: true isWALArchiver: true
# - name: garage-remote # - name: garage-remote
# destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-18-cluster # destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
# index: 1 # index: 1
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
# endpointCredentials: freshrss-postgresql-18-cluster-backup-secret-garage # endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
# retentionPolicy: "30d" # retentionPolicy: "30d"
# data: # data:
# compression: bzip2 # compression: bzip2
@@ -241,7 +238,6 @@ postgres-18-cluster:
scheduledBackups: scheduledBackups:
- name: daily-backup - name: daily-backup
suspend: false suspend: false
immediate: true
schedule: "0 0 0 * * *" schedule: "0 0 0 * * *"
backupName: external backupName: external
- name: live-backup - name: live-backup
@@ -251,6 +247,5 @@ postgres-18-cluster:
backupName: garage-local backupName: garage-local
# - name: weekly-backup # - name: weekly-backup
# suspend: false # suspend: false
# immediate: true
# schedule: "0 2 4 * * SAT" # schedule: "0 2 4 * * SAT"
# backupName: garage-remote # backupName: garage-remote

6
clusters/cl01tl/helm/garage/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
digest: sha256:36e920ce6efee3b33b40641652f814c888ae3c50272895ef286fb8236a010924 digest: sha256:7977708d7681e8d5cbc066bcda4241144b0c8b5b590be89a394740df167c90da
generated: "2025-12-05T17:04:29.153093714Z" generated: "2025-12-01T20:25:44.910074-06:00"

2
clusters/cl01tl/helm/garage/Chart.yaml
View File

@@ -17,6 +17,6 @@ dependencies:
- name: app-template - name: app-template
alias: garage alias: garage
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
appVersion: v2.1.0 appVersion: v2.1.0

4
clusters/cl01tl/helm/gatus/Chart.lock
View File

@@ -5,5 +5,5 @@ dependencies:
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 6.16.1 version: 6.16.1
digest: sha256:11d46f37e9f98a5562239e1b827a4caccc0ca14dc738681465e27ef5c5edd6d0 digest: sha256:53e3b31b3fa3916ac4478c0ca3733a18f7145a0129b6a9c7aefdaf8169cb525c
generated: "2025-12-11T17:23:01.072262-06:00" generated: "2025-12-04T00:00:45.882393108Z"

4
clusters/cl01tl/helm/gatus/Chart.yaml
View File

@@ -21,8 +21,8 @@ dependencies:
repository: https://twin.github.io/helm-charts repository: https://twin.github.io/helm-charts
version: 1.4.4 version: 1.4.4
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-17-cluster
version: 6.16.1 version: 6.16.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/gatus.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/gatus.png
appVersion: v5.33.0 appVersion: v5.12.0

8
clusters/cl01tl/helm/gatus/templates/external-secret.yaml
View File

@@ -54,10 +54,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: gatus-postgresql-18-cluster-backup-secret name: gatus-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: gatus-postgresql-18-cluster-backup-secret app.kubernetes.io/name: gatus-postgresql-17-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:
@@ -84,10 +84,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: gatus-postgresql-18-cluster-backup-secret-garage name: gatus-postgresql-17-cluster-backup-secret-garage
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: gatus-postgresql-18-cluster-backup-secret-garage app.kubernetes.io/name: gatus-postgresql-17-cluster-backup-secret-garage
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:

106
clusters/cl01tl/helm/gatus/values.yaml
View File

@@ -36,27 +36,27 @@ gatus:
POSTGRES_USER: POSTGRES_USER:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gatus-postgresql-18-cluster-app name: gatus-postgresql-17-cluster-app
key: username key: username
POSTGRES_PASSWORD: POSTGRES_PASSWORD:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gatus-postgresql-18-cluster-app name: gatus-postgresql-17-cluster-app
key: password key: password
POSTGRES_HOST: POSTGRES_HOST:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gatus-postgresql-18-cluster-app name: gatus-postgresql-17-cluster-app
key: host key: host
POSTGRES_PORT: POSTGRES_PORT:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gatus-postgresql-18-cluster-app name: gatus-postgresql-17-cluster-app
key: port key: port
POSTGRES_DB: POSTGRES_DB:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gatus-postgresql-18-cluster-app name: gatus-postgresql-17-cluster-app
key: dbname key: dbname
resources: resources:
requests: requests:
@@ -125,9 +125,6 @@ gatus:
- name: overseerr - name: overseerr
url: https://overseerr.alexlebens.net url: https://overseerr.alexlebens.net
<<: *defaults <<: *defaults
- name: seerr
url: https://seerr.alexlebens.net
<<: *defaults
- name: yamtrack - name: yamtrack
url: https://yamtrack.alexlebens.net url: https://yamtrack.alexlebens.net
<<: *defaults <<: *defaults
@@ -143,9 +140,6 @@ gatus:
- name: audiobookshelf - name: audiobookshelf
url: https://audiobookshelf.alexlebens.net url: https://audiobookshelf.alexlebens.net
<<: *defaults <<: *defaults
- name: booklore
url: https://booklore.alexlebens.net
<<: *defaults
- name: home-assistant - name: home-assistant
url: https://home-assistant.alexlebens.net url: https://home-assistant.alexlebens.net
<<: *defaults <<: *defaults
@@ -182,11 +176,6 @@ gatus:
- name: n8n - name: n8n
url: https://n8n.alexlebens.net url: https://n8n.alexlebens.net
<<: *defaults <<: *defaults
- name: kronic
url: https://kronic.alexlebens.net
<<: *defaults
conditions:
- "[STATUS] == 401"
- name: omni-tools - name: omni-tools
url: https://omni-tools.alexlebens.net url: https://omni-tools.alexlebens.net
<<: *defaults <<: *defaults
@@ -256,9 +245,6 @@ gatus:
- name: ceph - name: ceph
url: https://ceph.alexlebens.net url: https://ceph.alexlebens.net
<<: *defaults <<: *defaults
- name: garage
url: https://garage-webui.alexlebens.net
<<: *defaults
- name: pgadmin - name: pgadmin
url: https://pgadmin.alexlebens.net url: https://pgadmin.alexlebens.net
<<: *defaults <<: *defaults
@@ -268,29 +254,6 @@ gatus:
- name: vault - name: vault
url: https://vault.alexlebens.net url: https://vault.alexlebens.net
<<: *defaults <<: *defaults
- name: backrest
url: https://backrest.alexlebens.net
<<: *defaults
- name: qui
url: https://qui.alexlebens.net
<<: *defaults
- name: qbittorrent
url: https://qbittorrent.alexlebens.net
<<: *defaults
- name: prowlarr
url: https://prowlarr.alexlebens.net
<<: *defaults
- name: huntarr
url: https://huntarr.alexlebens.net
<<: *defaults
- name: bazarr
url: https://bazarr.alexlebens.net
<<: *defaults
conditions:
- "[STATUS] == 401"
- name: tdarr
url: https://tdarr.alexlebens.net
<<: *defaults
- name: sonarr - name: sonarr
url: https://sonarr.alexlebens.net url: https://sonarr.alexlebens.net
<<: *defaults <<: *defaults
@@ -321,11 +284,25 @@ gatus:
- name: slskd - name: slskd
url: https://slskd.alexlebens.net url: https://slskd.alexlebens.net
<<: *defaults <<: *defaults
- name: ephemera - name: qui
url: https://ephemera.alexlebens.net url: https://qui.alexlebens.net
<<: *defaults <<: *defaults
- name: listenarr - name: qbittorrent
url: https://listenarr.alexlebens.net url: https://qbittorrent.alexlebens.net
<<: *defaults
- name: prowlarr
url: https://prowlarr.alexlebens.net
<<: *defaults
- name: bazarr
url: https://bazarr.alexlebens.net
<<: *defaults
conditions:
- "[STATUS] == 401"
- name: huntarr
url: https://huntarr.alexlebens.net
<<: *defaults
- name: tdarr
url: https://tdarr.alexlebens.net
<<: *defaults <<: *defaults
- name: www - name: www
url: https://www.alexlebens.dev url: https://www.alexlebens.dev
@@ -370,20 +347,27 @@ gatus:
url: https://codeserver.alexlebens.dev url: https://codeserver.alexlebens.dev
<<: *defaults <<: *defaults
group: external group: external
- name: authentik
url: https://auth.alexlebens.dev
<<: *defaults
group: external
- name: public homepage - name: public homepage
url: https://home.alexlebens.dev url: https://home.alexlebens.dev
<<: *defaults <<: *defaults
group: external group: external
postgres-18-cluster: - name: discord
group: public
url: https://discord.com/app
conditions:
- "[STATUS] == 200"
- "[RESPONSE_TIME] < 400"
interval: 10s
- name: reddit
group: public
url: https://reddit.com
conditions:
- "[STATUS] == 200"
- "[RESPONSE_TIME] < 400"
interval: 10s
postgres-17-cluster:
mode: recovery mode: recovery
cluster: cluster:
image:
repository: ghcr.io/cloudnative-pg/postgresql
tag: 18.1-standard-trixie
storage: storage:
storageClass: local-path storageClass: local-path
walStorage: walStorage:
@@ -395,19 +379,19 @@ postgres-18-cluster:
recovery: recovery:
method: objectStore method: objectStore
objectStore: objectStore:
destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-17-cluster
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
index: 1 index: 1
endpointCredentials: gatus-postgresql-18-cluster-backup-secret-garage endpointCredentials: gatus-postgresql-17-cluster-backup-secret-garage
backup: backup:
objectStore: objectStore:
- name: external - name: external
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/gatus/gatus-postgresql-18-cluster destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/gatus/gatus-postgresql-17-cluster
index: 2 index: 2
retentionPolicy: "30d" retentionPolicy: "30d"
isWALArchiver: false isWALArchiver: false
- name: garage-local - name: garage-local
destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-17-cluster
index: 1 index: 1
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
endpointCredentials: gatus-postgresql-17-cluster-backup-secret-garage endpointCredentials: gatus-postgresql-17-cluster-backup-secret-garage
@@ -415,10 +399,10 @@ postgres-18-cluster:
retentionPolicy: "3d" retentionPolicy: "3d"
isWALArchiver: true isWALArchiver: true
# - name: garage-remote # - name: garage-remote
# destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-18-cluster # destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-17-cluster
# index: 1 # index: 1
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
# endpointCredentials: gatus-postgresql-18-cluster-backup-secret-garage # endpointCredentials: gatus-postgresql-17-cluster-backup-secret-garage
# retentionPolicy: "30d" # retentionPolicy: "30d"
# data: # data:
# compression: bzip2 # compression: bzip2
@@ -426,7 +410,6 @@ postgres-18-cluster:
scheduledBackups: scheduledBackups:
- name: daily-backup - name: daily-backup
suspend: false suspend: false
immediate: true
schedule: "0 0 0 * * *" schedule: "0 0 0 * * *"
backupName: external backupName: external
- name: live-backup - name: live-backup
@@ -436,6 +419,5 @@ postgres-18-cluster:
backupName: garage-local backupName: garage-local
# - name: weekly-backup # - name: weekly-backup
# suspend: false # suspend: false
# immediate: true
# schedule: "0 0 4 * * SAT" # schedule: "0 0 4 * * SAT"
# backupName: garage-remote # backupName: garage-remote

6
clusters/cl01tl/helm/generic-device-plugin/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: generic-device-plugin - name: generic-device-plugin
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
version: 0.20.5 version: 0.20.3
digest: sha256:329b2d00301ab1467a8654dd92febfd7078db121c00c0960548010c01dee66b6 digest: sha256:70771f4cfa2fa64d06b94cd60f51b1ae36da429232017954d77e675e1df39a56
generated: "2025-12-08T03:02:06.697075532Z" generated: "2025-12-03T00:32:22.249565107Z"

2
clusters/cl01tl/helm/generic-device-plugin/Chart.yaml
View File

@@ -15,6 +15,6 @@ maintainers:
dependencies: dependencies:
- name: generic-device-plugin - name: generic-device-plugin
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
version: 0.20.5 version: 0.20.3
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
appVersion: 1.0.0 appVersion: 1.0.0

8
clusters/cl01tl/helm/gitea/Chart.lock
View File

@@ -7,15 +7,15 @@ dependencies:
version: 0.2.1 version: 0.2.1
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
- name: meilisearch - name: meilisearch
repository: https://meilisearch.github.io/meilisearch-kubernetes repository: https://meilisearch.github.io/meilisearch-kubernetes
version: 0.17.2 version: 0.17.2
- name: cloudflared - name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 6.16.1 version: 6.16.1
digest: sha256:ecb6e0283b564f37b5d60bb64860b71c3b68acc2835364c0488fd7a9e932b941 digest: sha256:b753b6ab3bced4892f4a4662b4c353f1f59345e42f155aef06124e72b3e72468
generated: "2025-12-11T17:38:49.087683-06:00" generated: "2025-12-04T00:01:03.661689761Z"

8
clusters/cl01tl/helm/gitea/Chart.yaml
View File

@@ -34,17 +34,17 @@ dependencies:
- name: app-template - name: app-template
alias: backup alias: backup
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
- name: meilisearch - name: meilisearch
version: 0.17.2 version: 0.17.2
repository: https://meilisearch.github.io/meilisearch-kubernetes repository: https://meilisearch.github.io/meilisearch-kubernetes
- name: cloudflared - name: cloudflared
alias: cloudflared alias: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-17-cluster
version: 6.16.1 version: 6.16.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/gitea.png icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/gitea.png
appVersion: 1.25.2 appVersion: 1.23.7

8
clusters/cl01tl/helm/gitea/templates/external-secret.yaml
View File

@@ -254,10 +254,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: gitea-postgresql-18-cluster-backup-secret name: gitea-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: gitea-postgresql-18-cluster-backup-secret app.kubernetes.io/name: gitea-postgresql-17-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:
@@ -284,10 +284,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: gitea-postgresql-18-cluster-backup-secret-garage name: gitea-postgresql-17-cluster-backup-secret-garage
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: gitea-postgresql-18-cluster-backup-secret-garage app.kubernetes.io/name: gitea-postgresql-17-cluster-backup-secret-garage
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:

8
clusters/cl01tl/helm/gitea/templates/redis-replication.yaml
View File

@@ -13,7 +13,7 @@ spec:
runAsUser: 1000 runAsUser: 1000
fsGroup: 1000 fsGroup: 1000
kubernetesConfig: kubernetesConfig:
image: quay.io/opstree/redis:v8.4.0 image: quay.io/opstree/redis:v8.0.3
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
resources: resources:
requests: requests:
@@ -29,7 +29,7 @@ spec:
storage: 10Gi storage: 10Gi
redisExporter: redisExporter:
enabled: true enabled: true
image: quay.io/opstree/redis-exporter:v1.80.1 image: quay.io/opstree/redis-exporter:v1.48.0
--- ---
apiVersion: redis.redis.opstreelabs.in/v1beta2 apiVersion: redis.redis.opstreelabs.in/v1beta2
@@ -47,7 +47,7 @@ spec:
runAsUser: 1000 runAsUser: 1000
fsGroup: 1000 fsGroup: 1000
kubernetesConfig: kubernetesConfig:
image: quay.io/opstree/redis:v8.4.0 image: quay.io/opstree/redis:v8.0.3
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
resources: resources:
requests: requests:
@@ -63,4 +63,4 @@ spec:
storage: 1Gi storage: 1Gi
redisExporter: redisExporter:
enabled: true enabled: true
image: quay.io/opstree/redis-exporter:v1.80.1 image: quay.io/opstree/redis-exporter:v1.48.0

23
clusters/cl01tl/helm/gitea/templates/redis-sentinel.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisSentinel
metadata:
name: redis-sentinel-gitea
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: redis-sentinel-gitea
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
clusterSize: 3
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
redisSentinelConfig:
redisReplicationName: redis-replication-gitea
kubernetesConfig:
image: quay.io/opstree/redis-sentinel:v8.4.0
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 10m
memory: 128Mi

2
clusters/cl01tl/helm/gitea/templates/service-monitor.yaml
View File

@@ -12,6 +12,8 @@ spec:
matchLabels: matchLabels:
app.kubernetes.io/name: gitea app.kubernetes.io/name: gitea
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
matchExpressions:
- { key: app.kubernetes.io/controller, operator: NotIn, values: [backup] }
endpoints: endpoints:
- port: http - port: http

39
clusters/cl01tl/helm/gitea/values.yaml
View File

@@ -108,22 +108,22 @@ gitea:
- name: GITEA__DATABASE__HOST - name: GITEA__DATABASE__HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gitea-postgresql-18-cluster-app name: gitea-postgresql-17-cluster-app
key: host key: host
- name: GITEA__DATABASE__NAME - name: GITEA__DATABASE__NAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gitea-postgresql-18-cluster-app name: gitea-postgresql-17-cluster-app
key: dbname key: dbname
- name: GITEA__DATABASE__USER - name: GITEA__DATABASE__USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gitea-postgresql-18-cluster-app name: gitea-postgresql-17-cluster-app
key: user key: user
- name: GITEA__DATABASE__PASSWD - name: GITEA__DATABASE__PASSWD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gitea-postgresql-18-cluster-app name: gitea-postgresql-17-cluster-app
key: password key: password
- name: GITEA__INDEXER__ISSUE_INDEXER_CONN_STR - name: GITEA__INDEXER__ISSUE_INDEXER_CONN_STR
valueFrom: valueFrom:
@@ -174,9 +174,6 @@ gitea-actions:
backup: backup:
global: global:
fullnameOverride: gitea-backup fullnameOverride: gitea-backup
labels:
app.kubernetes.io/instance: gitea-backup
app.kubernetes.io/name: gitea-backup
controllers: controllers:
backup: backup:
type: cronjob type: cronjob
@@ -194,9 +191,6 @@ backup:
name: gitea-backup name: gitea-backup
pod: pod:
automountServiceAccountToken: true automountServiceAccountToken: true
labels:
app.kubernetes.io/instance: gitea-backup
app.kubernetes.io/name: gitea-backup
initContainers: initContainers:
backup: backup:
image: image:
@@ -218,7 +212,7 @@ backup:
s3-backup: s3-backup:
image: image:
repository: d3fk/s3cmd repository: d3fk/s3cmd
tag: latest@sha256:a4ef406e37628ee56e608b1567aeb0345e51142f56741b715322111be3b6ebcc tag: latest@sha256:590c42746db1252be8aad33e287c7910698c32b58b4fc34f67592a5bd0841551
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
command: command:
- /bin/sh - /bin/sh
@@ -242,7 +236,7 @@ backup:
s3-prune: s3-prune:
image: image:
repository: d3fk/s3cmd repository: d3fk/s3cmd
tag: latest@sha256:a4ef406e37628ee56e608b1567aeb0345e51142f56741b715322111be3b6ebcc tag: latest@sha256:590c42746db1252be8aad33e287c7910698c32b58b4fc34f67592a5bd0841551
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
command: command:
- /bin/sh - /bin/sh
@@ -322,12 +316,9 @@ meilisearch:
enabled: true enabled: true
cloudflared: cloudflared:
existingSecretName: gitea-cloudflared-secret existingSecretName: gitea-cloudflared-secret
postgres-18-cluster: postgres-17-cluster:
mode: recovery mode: recovery
cluster: cluster:
image:
repository: ghcr.io/cloudnative-pg/postgresql
tag: 18.1-standard-trixie
storage: storage:
storageClass: local-path storageClass: local-path
walStorage: walStorage:
@@ -343,30 +334,30 @@ postgres-18-cluster:
recovery: recovery:
method: objectStore method: objectStore
objectStore: objectStore:
destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-17-cluster
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
index: 1 index: 1
endpointCredentials: gitea-postgresql-18-cluster-backup-secret-garage endpointCredentials: gitea-postgresql-17-cluster-backup-secret-garage
backup: backup:
objectStore: objectStore:
- name: external - name: external
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/gitea/gitea-postgresql-18-cluster destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/gitea/gitea-postgresql-17-cluster
index: 1 index: 1
retentionPolicy: "30d" retentionPolicy: "30d"
isWALArchiver: false isWALArchiver: false
- name: garage-local - name: garage-local
destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-17-cluster
index: 1 index: 1
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
endpointCredentials: gitea-postgresql-18-cluster-backup-secret-garage endpointCredentials: gitea-postgresql-17-cluster-backup-secret-garage
endpointCredentialsIncludeRegion: true endpointCredentialsIncludeRegion: true
retentionPolicy: "3d" retentionPolicy: "3d"
isWALArchiver: true isWALArchiver: true
# - name: garage-remote # - name: garage-remote
# destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-18-cluster # destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-17-cluster
# index: 1 # index: 1
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
# endpointCredentials: gitea-postgresql-18-cluster-backup-secret-garage # endpointCredentials: gitea-postgresql-17-cluster-backup-secret-garage
# retentionPolicy: "30d" # retentionPolicy: "30d"
# data: # data:
# compression: bzip2 # compression: bzip2
@@ -374,7 +365,6 @@ postgres-18-cluster:
scheduledBackups: scheduledBackups:
- name: daily-backup - name: daily-backup
suspend: false suspend: false
immediate: true
schedule: "0 0 0 * * *" schedule: "0 0 0 * * *"
backupName: external backupName: external
- name: live-backup - name: live-backup
@@ -384,6 +374,5 @@ postgres-18-cluster:
backupName: garage-local backupName: garage-local
# - name: weekly-backup # - name: weekly-backup
# suspend: false # suspend: false
# immediate: true
# schedule: "0 0 4 * * SAT" # schedule: "0 0 4 * * SAT"
# backupName: garage-remote # backupName: garage-remote

4
clusters/cl01tl/helm/grafana-operator/Chart.lock
View File

@@ -5,5 +5,5 @@ dependencies:
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 6.16.1 version: 6.16.1
digest: sha256:9640766b4a15b50a759edbc8a2aad816f9240be72bf06364acb387464245d51a digest: sha256:3bd7096e4401df5818733b3e0b08f281c12af9b54a272fbe3e753b2616d725dd
generated: "2025-12-11T19:19:12.375716-06:00" generated: "2025-12-04T00:01:28.278027037Z"

4
clusters/cl01tl/helm/grafana-operator/Chart.yaml
View File

@@ -20,8 +20,8 @@ dependencies:
version: v5.20.0 version: v5.20.0
repository: https://grafana.github.io/helm-charts repository: https://grafana.github.io/helm-charts
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-17-cluster
version: 6.16.1 version: 6.16.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/grafana.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/grafana.png
appVersion: v5.20.0 appVersion: v5.18.0

8
clusters/cl01tl/helm/grafana-operator/templates/external-secret.yaml
View File

@@ -61,10 +61,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: grafana-operator-postgresql-18-cluster-backup-secret name: grafana-operator-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: grafana-operator-postgresql-18-cluster-backup-secret app.kubernetes.io/name: grafana-operator-postgresql-17-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:
@@ -91,10 +91,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: grafana-operator-postgresql-18-cluster-backup-secret-garage name: grafana-operator-postgresql-17-cluster-backup-secret-garage
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: grafana-operator-postgresql-18-cluster-backup-secret-garage app.kubernetes.io/name: grafana-operator-postgresql-17-cluster-backup-secret-garage
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:

10
clusters/cl01tl/helm/grafana-operator/templates/grafana.yaml
View File

@@ -85,25 +85,25 @@ spec:
- name: DB_HOST - name: DB_HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: grafana-operator-postgresql-18-cluster-app name: grafana-operator-postgresql-17-cluster-app
key: host key: host
- name: DB_DATABASE - name: DB_DATABASE
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: grafana-operator-postgresql-18-cluster-app name: grafana-operator-postgresql-17-cluster-app
key: dbname key: dbname
- name: DB_PORT - name: DB_PORT
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: grafana-operator-postgresql-18-cluster-app name: grafana-operator-postgresql-17-cluster-app
key: port key: port
- name: DB_USER - name: DB_USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: grafana-operator-postgresql-18-cluster-app name: grafana-operator-postgresql-17-cluster-app
key: user key: user
- name: DB_PASSWORD - name: DB_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: grafana-operator-postgresql-18-cluster-app name: grafana-operator-postgresql-17-cluster-app
key: password key: password

8
clusters/cl01tl/helm/grafana-operator/templates/redis-replication.yaml
View File

@@ -13,7 +13,7 @@ spec:
runAsUser: 1000 runAsUser: 1000
fsGroup: 1000 fsGroup: 1000
kubernetesConfig: kubernetesConfig:
image: quay.io/opstree/redis:v8.4.0 image: quay.io/opstree/redis:v8.0.3
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
resources: resources:
requests: requests:
@@ -29,7 +29,7 @@ spec:
storage: 1Gi storage: 1Gi
redisExporter: redisExporter:
enabled: true enabled: true
image: quay.io/opstree/redis-exporter:v1.80.1 image: quay.io/opstree/redis-exporter:v1.48.0
--- ---
apiVersion: redis.redis.opstreelabs.in/v1beta2 apiVersion: redis.redis.opstreelabs.in/v1beta2
@@ -47,7 +47,7 @@ spec:
runAsUser: 1000 runAsUser: 1000
fsGroup: 1000 fsGroup: 1000
kubernetesConfig: kubernetesConfig:
image: quay.io/opstree/redis:v8.4.0 image: quay.io/opstree/redis:v8.0.3
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
resources: resources:
requests: requests:
@@ -63,4 +63,4 @@ spec:
storage: 1Gi storage: 1Gi
redisExporter: redisExporter:
enabled: true enabled: true
image: quay.io/opstree/redis-exporter:v1.80.1 image: quay.io/opstree/redis-exporter:v1.48.0

23
clusters/cl01tl/helm/grafana-operator/values.yaml
View File

@@ -12,12 +12,9 @@ grafana-operator:
enabled: true enabled: true
dashboard: dashboard:
enabled: false enabled: false
postgres-18-cluster: postgres-17-cluster:
mode: recovery mode: recovery
cluster: cluster:
image:
repository: ghcr.io/cloudnative-pg/postgresql
tag: 18.1-standard-trixie
storage: storage:
storageClass: local-path storageClass: local-path
walStorage: walStorage:
@@ -29,30 +26,30 @@ postgres-18-cluster:
recovery: recovery:
method: objectStore method: objectStore
objectStore: objectStore:
destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-17-cluster
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
index: 1 index: 1
endpointCredentials: grafana-operator-postgresql-18-cluster-backup-secret-garage endpointCredentials: grafana-operator-postgresql-17-cluster-backup-secret-garage
backup: backup:
objectStore: objectStore:
- name: external - name: external
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/grafana-operator/grafana-operator-postgresql-18-cluster destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/grafana-operator/grafana-operator-postgresql-17-cluster
index: 1 index: 2
retentionPolicy: "30d" retentionPolicy: "30d"
isWALArchiver: false isWALArchiver: false
- name: garage-local - name: garage-local
destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-17-cluster
index: 1 index: 1
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
endpointCredentials: grafana-operator-postgresql-18-cluster-backup-secret-garage endpointCredentials: grafana-operator-postgresql-17-cluster-backup-secret-garage
endpointCredentialsIncludeRegion: true endpointCredentialsIncludeRegion: true
retentionPolicy: "3d" retentionPolicy: "3d"
isWALArchiver: true isWALArchiver: true
# - name: garage-remote # - name: garage-remote
# destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-18-cluster # destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-17-cluster
# index: 1 # index: 1
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
# endpointCredentials: grafana-operator-postgresql-18-cluster-backup-secret-garage # endpointCredentials: grafana-operator-postgresql-17-cluster-backup-secret-garage
# retentionPolicy: "30d" # retentionPolicy: "30d"
# data: # data:
# compression: bzip2 # compression: bzip2
@@ -60,7 +57,6 @@ postgres-18-cluster:
scheduledBackups: scheduledBackups:
- name: daily-backup - name: daily-backup
suspend: false suspend: false
immediate: true
schedule: "0 0 0 * * *" schedule: "0 0 0 * * *"
backupName: external backupName: external
- name: live-backup - name: live-backup
@@ -70,6 +66,5 @@ postgres-18-cluster:
backupName: garage-local backupName: garage-local
# - name: weekly-backup # - name: weekly-backup
# suspend: false # suspend: false
# immediate: true
# schedule: "0 0 4 * * SAT" # schedule: "0 0 4 * * SAT"
# backupName: garage-remote # backupName: garage-remote

9
clusters/cl01tl/helm/harbor/Chart.lock
View File

@@ -1,9 +0,0 @@
dependencies:
- name: harbor
repository: https://helm.goharbor.io
version: 1.18.1
- name: postgres-cluster
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
version: 6.16.1
digest: sha256:a8f5d259fb93f933050c498d9271a5b8606594c968a360f8be151f47b3feb49d
generated: "2025-12-11T20:49:18.650522-06:00"

8
clusters/cl01tl/helm/harbor/Chart.yaml
View File

@@ -17,11 +17,11 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: harbor - name: harbor
version: 1.18.1 version: 1.18.0
repository: https://helm.goharbor.io repository: https://helm.goharbor.io
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-17-cluster
version: 6.16.1 version: 6.16.1
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm repository: http://gitea-http.gitea:3000/api/packages/alexlebens/helm
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/harbor.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/harbor.png
appVersion: v2.14.1 appVersion: v2.13.0

45
clusters/cl01tl/helm/harbor/templates/external-secret.yaml
View File

@@ -101,10 +101,47 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: harbor-postgresql-18-cluster-backup-secret name: harbor-nginx-secret
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: harbor-postgresql-18-cluster-backup-secret app.kubernetes.io/name: harbor-nginx-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: ca.crt
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/harbor/nginx
metadataPolicy: None
property: ca.crt
- secretKey: tls.crt
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/harbor/nginx
metadataPolicy: None
property: tls.crt
- secretKey: tls.key
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/harbor/nginx
metadataPolicy: None
property: tls.key
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: harbor-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: harbor-postgresql-17-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:
@@ -131,10 +168,10 @@ spec:
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: harbor-postgresql-18-cluster-backup-secret-garage name: harbor-postgresql-17-cluster-backup-secret-garage
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: harbor-postgresql-18-cluster-backup-secret-garage app.kubernetes.io/name: harbor-postgresql-17-cluster-backup-secret-garage
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:

27
clusters/cl01tl/helm/seerr/templates/http-route.yaml → clusters/cl01tl/helm/harbor/templates/http-route.yaml
View File

@@ -1,10 +1,10 @@
apiVersion: gateway.networking.k8s.io/v1 apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute kind: HTTPRoute
metadata: metadata:
name: http-route-seerr name: http-route-harbor
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: http-route-seerr app.kubernetes.io/name: http-route-harbor
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }}
spec: spec:
@@ -14,8 +14,27 @@ spec:
name: traefik-gateway name: traefik-gateway
namespace: traefik namespace: traefik
hostnames: hostnames:
- seerr.alexlebens.net - harbor.alexlebens.net
rules: rules:
- matches:
- path:
type: PathPrefix
value: /api/
- path:
type: PathPrefix
value: /service/
- path:
type: PathPrefix
value: /v2/
- path:
type: PathPrefix
value: /c/
backendRefs:
- group: ''
kind: Service
name: harbor-core
port: 80
weight: 100
- matches: - matches:
- path: - path:
type: PathPrefix type: PathPrefix
@@ -23,6 +42,6 @@ spec:
backendRefs: backendRefs:
- group: '' - group: ''
kind: Service kind: Service
name: seerr-seerr-chart name: harbor-portal
port: 80 port: 80
weight: 100 weight: 100

4
clusters/cl01tl/helm/harbor/templates/redis-replication.yaml
View File

@@ -13,7 +13,7 @@ spec:
runAsUser: 1000 runAsUser: 1000
fsGroup: 1000 fsGroup: 1000
kubernetesConfig: kubernetesConfig:
image: quay.io/opstree/redis:v8.4.0 image: quay.io/opstree/redis:v8.0.3
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
resources: resources:
requests: requests:
@@ -29,4 +29,4 @@ spec:
storage: 1Gi storage: 1Gi
redisExporter: redisExporter:
enabled: true enabled: true
image: quay.io/opstree/redis-exporter:v1.80.1 image: quay.io/opstree/redis-exporter:v1.48.0

23
clusters/cl01tl/helm/harbor/templates/redis-sentinel.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisSentinel
metadata:
name: redis-sentinel-harbor
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: redis-sentinel-harbor
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
clusterSize: 3
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
redisSentinelConfig:
redisReplicationName: redis-replication-harbor
kubernetesConfig:
image: quay.io/opstree/redis-sentinel:v8.4.0
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 10m
memory: 128Mi

45
clusters/cl01tl/helm/harbor/values.yaml
View File

@@ -1,16 +1,9 @@
harbor: harbor:
expose: expose:
type: route type: clusterIP
tls: tls:
enabled: false auto:
route: commonName: harbor.alexlebens.net
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hosts:
- harbor.alexlebens.net
externalURL: https://harbor.alexlebens.net externalURL: https://harbor.alexlebens.net
persistence: persistence:
enabled: true enabled: true
@@ -38,6 +31,11 @@ harbor:
enabled: true enabled: true
cache: cache:
enabled: true enabled: true
nginx:
image:
repository: goharbor/nginx-photon
tag: v2.14.1
replicas: 0
portal: portal:
image: image:
repository: goharbor/harbor-portal repository: goharbor/harbor-portal
@@ -82,11 +80,11 @@ harbor:
database: database:
type: external type: external
external: external:
host: harbor-postgresql-18-cluster-rw host: harbor-postgresql-17-cluster-rw
port: "5432" port: "5432"
username: app username: app
coreDatabase: app coreDatabase: app
existingSecret: harbor-postgresql-18-cluster-app existingSecret: harbor-postgresql-17-cluster-app
redis: redis:
type: external type: external
external: external:
@@ -96,12 +94,9 @@ harbor:
repository: goharbor/harbor-exporter repository: goharbor/harbor-exporter
tag: v2.14.1 tag: v2.14.1
replicas: 2 replicas: 2
postgres-18-cluster: postgres-17-cluster:
mode: recovery mode: recovery
cluster: cluster:
image:
repository: ghcr.io/cloudnative-pg/postgresql
tag: 18.1-standard-trixie
storage: storage:
storageClass: local-path storageClass: local-path
walStorage: walStorage:
@@ -113,30 +108,30 @@ postgres-18-cluster:
recovery: recovery:
method: objectStore method: objectStore
objectStore: objectStore:
destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-17-cluster
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
index: 1 index: 1
endpointCredentials: harbor-postgresql-18-cluster-backup-secret-garage endpointCredentials: harbor-postgresql-17-cluster-backup-secret-garage
backup: backup:
objectStore: objectStore:
- name: external - name: external
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/harbor/harbor-postgresql-18-cluster destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/harbor/harbor-postgresql-17-cluster
index: 1 index: 2
retentionPolicy: "30d" retentionPolicy: "30d"
isWALArchiver: false isWALArchiver: false
- name: garage-local - name: garage-local
destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-18-cluster destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-17-cluster
index: 1 index: 1
endpointURL: http://garage-main.garage:3900 endpointURL: http://garage-main.garage:3900
endpointCredentials: harbor-postgresql-18-cluster-backup-secret-garage endpointCredentials: harbor-postgresql-17-cluster-backup-secret-garage
endpointCredentialsIncludeRegion: true endpointCredentialsIncludeRegion: true
retentionPolicy: "3d" retentionPolicy: "3d"
isWALArchiver: true isWALArchiver: true
# - name: garage-remote # - name: garage-remote
# destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-18-cluster # destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-17-cluster
# index: 1 # index: 1
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
# endpointCredentials: harbor-postgresql-18-cluster-backup-secret-garage # endpointCredentials: harbor-postgresql-17-cluster-backup-secret-garage
# retentionPolicy: "30d" # retentionPolicy: "30d"
# data: # data:
# compression: bzip2 # compression: bzip2
@@ -144,7 +139,6 @@ postgres-18-cluster:
scheduledBackups: scheduledBackups:
- name: daily-backup - name: daily-backup
suspend: false suspend: false
immediate: true
schedule: "0 0 0 * * *" schedule: "0 0 0 * * *"
backupName: external backupName: external
- name: live-backup - name: live-backup
@@ -154,6 +148,5 @@ postgres-18-cluster:
backupName: garage-local backupName: garage-local
# - name: weekly-backup # - name: weekly-backup
# suspend: false # suspend: false
# immediate: true
# schedule: "0 0 4 * * SAT" # schedule: "0 0 4 * * SAT"
# backupName: garage-remote # backupName: garage-remote

2
clusters/cl01tl/helm/headlamp/Chart.yaml
View File

@@ -17,4 +17,4 @@ dependencies:
version: 0.38.0 version: 0.38.0
repository: https://kubernetes-sigs.github.io/headlamp/ repository: https://kubernetes-sigs.github.io/headlamp/
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/headlamp.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/headlamp.png
appVersion: 0.38.0 appVersion: 0.37.0

2
clusters/cl01tl/helm/headlamp/templates/cluster-role-binding.yaml
View File

@@ -13,7 +13,7 @@ roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
subjects: subjects:
- kind: User - kind: User
name: https://authentik.alexlebens.net/application/o/headlamp/#alexanderlebens@gmail.com name: alexanderlebens@gmail.com
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
- kind: ServiceAccount - kind: ServiceAccount
name: headlamp-admin name: headlamp-admin

4
clusters/cl01tl/helm/headlamp/templates/external-secret.yaml
View File

@@ -40,14 +40,14 @@ spec:
key: /authentik/oidc/headlamp key: /authentik/oidc/headlamp
metadataPolicy: None metadataPolicy: None
property: scopes property: scopes
- secretKey: HEADLAMP_CONFIG_OIDC_VALIDATOR_IDP_ISSUER_URL - secretKey: OIDC_VALIDATOR_ISSUER_URL
remoteRef: remoteRef:
conversionStrategy: Default conversionStrategy: Default
decodingStrategy: None decodingStrategy: None
key: /authentik/oidc/headlamp key: /authentik/oidc/headlamp
metadataPolicy: None metadataPolicy: None
property: validator-issuer-url property: validator-issuer-url
- secretKey: HEADLAMP_CONFIG_OIDC_VALIDATOR_CLIENT_ID - secretKey: OIDC_VALIDATOR_CLIENT_ID
remoteRef: remoteRef:
conversionStrategy: Default conversionStrategy: Default
decodingStrategy: None decodingStrategy: None

7
clusters/cl01tl/helm/headlamp/values.yaml
View File

@@ -26,9 +26,6 @@ headlamp:
- name: trivy - name: trivy
source: https://artifacthub.io/packages/headlamp/headlamp-trivy/headlamp_trivy source: https://artifacthub.io/packages/headlamp/headlamp-trivy/headlamp_trivy
version: 0.3.1 version: 0.3.1
- name: external-secrets-operator
source: https://artifacthub.io/packages/headlamp/external-secrets-operator-headlamp-plugin/external-secrets-operator
version: 0.1.0-beta7
installOptions: installOptions:
parallel: false parallel: true
maxConcurrent: 1 maxConcurrent: 2

6
clusters/cl01tl/helm/home-assistant/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
digest: sha256:a1961e446ba4361fa5d7ae31260c2ce472f27d0d2de2170cc8303586ef5c33ac digest: sha256:ae6008e107c25dc25e6f595f783d137273207aeb06a8ece9fbba0d895cc0d729
generated: "2025-12-05T17:04:59.022729608Z" generated: "2025-11-30T21:07:04.566378-06:00"

4
clusters/cl01tl/helm/home-assistant/Chart.yaml
View File

@@ -18,6 +18,6 @@ dependencies:
- name: app-template - name: app-template
alias: home-assistant alias: home-assistant
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/home-assistant.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/home-assistant.png
appVersion: 2025.12.2 appVersion: 2025.5.2

2
clusters/cl01tl/helm/home-assistant/values.yaml
View File

@@ -9,7 +9,7 @@ home-assistant:
main: main:
image: image:
repository: ghcr.io/home-assistant/home-assistant repository: ghcr.io/home-assistant/home-assistant
tag: 2025.12.2 tag: 2025.12.0
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: TZ - name: TZ

8
clusters/cl01tl/helm/homepage-dev/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies: dependencies:
- name: app-template - name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.5.0 version: 4.4.0
- name: cloudflared - name: cloudflared
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 1.23.2 version: 1.23.1
digest: sha256:fbfdebf734560044cfe5d2c4771b63cbcabc121d13c44b751f914877b5bdc83f digest: sha256:30b7ad7125b89026f6832679e083f746ef69424e6f1d3dce0cb4304f215ea375
generated: "2025-12-07T02:55:01.91141803Z" generated: "2025-12-03T06:03:31.055093376Z"

Some files were not shown because too many files have changed in this diff Show More