Compare commits
1 Commits
main
...
8c1175ad72
| Author | SHA1 | Date | |
|---|---|---|---|
8c1175ad72
|
@@ -36,20 +36,14 @@ jobs:
|
|||||||
id: branch-exists
|
id: branch-exists
|
||||||
if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request'
|
if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request'
|
||||||
run: |
|
run: |
|
||||||
if [ ${{ github.event_name == 'push' }} ]; then
|
|
||||||
echo ">> Action is from a push event, will continue with linting"
|
|
||||||
|
|
||||||
else
|
|
||||||
echo ">> Branch ${{ gitea.base_ref }} exists, will continue with linting"
|
echo ">> Branch ${{ gitea.base_ref }} exists, will continue with linting"
|
||||||
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "----"
|
echo "----"
|
||||||
|
|
||||||
echo "exists=true" >> $GITEA_OUTPUT
|
echo "exists=true" >> $GITEA_OUTPUT
|
||||||
|
|
||||||
- name: Set up Node.js
|
- name: Set up Node.js
|
||||||
if: steps.branch-exists.outputs.exists == 'true'
|
if: steps.check-branch-exists.outputs.exists == 'true'
|
||||||
uses: actions/setup-node@v6
|
uses: actions/setup-node@v6
|
||||||
with:
|
with:
|
||||||
node-version: '24'
|
node-version: '24'
|
||||||
@@ -65,11 +59,11 @@ jobs:
|
|||||||
if [ "${{ github.event_name }}" == "pull_request" ]; then
|
if [ "${{ github.event_name }}" == "pull_request" ]; then
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Checking for changes in a pull request ..."
|
echo ">> Checking for changes in a pull request ..."
|
||||||
GIT_DIFF=$(git diff --name-only "${BASE_BRANCH}" | xargs -I {} dirname {} | sort -u)
|
GIT_DIFF=$(git diff --name-only "${BASE_BRANCH}" | xargs -I {} dirname {} | sort -u | grep -E "hosts/[^/]+/[^/]+")
|
||||||
else
|
else
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Checking for changes from a push ..."
|
echo ">> Checking for changes from a push ..."
|
||||||
GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u)
|
GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u | grep -E "hosts/[^/]+/[^/]+")
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -n "${GIT_DIFF}" ]; then
|
if [ -n "${GIT_DIFF}" ]; then
|
||||||
@@ -78,12 +72,7 @@ jobs:
|
|||||||
echo "$GIT_DIFF"
|
echo "$GIT_DIFF"
|
||||||
|
|
||||||
for path in $GIT_DIFF; do
|
for path in $GIT_DIFF; do
|
||||||
if echo "$path" | grep -q -E "hosts/[^/]+/[^/]+"; then
|
|
||||||
echo ""
|
|
||||||
echo ">> Adding path: $path"
|
|
||||||
CHANGED_COMPOSE+=$(echo "$path")
|
CHANGED_COMPOSE+=$(echo "$path")
|
||||||
CHANGED_COMPOSE+=$(echo " ")
|
|
||||||
fi
|
|
||||||
done
|
done
|
||||||
|
|
||||||
else
|
else
|
||||||
@@ -95,32 +84,27 @@ jobs:
|
|||||||
if [ -n "${CHANGED_COMPOSE}" ]; then
|
if [ -n "${CHANGED_COMPOSE}" ]; then
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Compose to Lint:"
|
echo ">> Compose to Lint:"
|
||||||
echo "$(echo "${CHANGED_COMPOSE}" | sort -u)"
|
echo "$(echo "${CHANGED_COMPOSE[@]}" | sort -u)"
|
||||||
|
|
||||||
echo "----"
|
echo "----"
|
||||||
|
|
||||||
echo "changes-detected=true" >> $GITEA_OUTPUT
|
echo "changes-detected=true" >> $GITEA_OUTPUT
|
||||||
echo "compose-dir<<EOF" >> $GITEA_OUTPUT
|
echo "compose-dir<<EOF" >> $GITEA_OUTPUT
|
||||||
echo "$(echo "${CHANGED_COMPOSE}" | sort -u)" >> $GITEA_OUTPUT
|
echo "$(echo "${CHANGED_COMPOSE[@]}" | sort -u)" >> $GITEA_OUTPUT
|
||||||
echo "EOF" >> $GITEA_OUTPUT
|
echo "EOF" >> $GITEA_OUTPUT
|
||||||
else
|
else
|
||||||
echo ""
|
|
||||||
echo ">> Did not find any docker compose files to lint"
|
|
||||||
|
|
||||||
echo "----"
|
|
||||||
|
|
||||||
echo "changes-detected=false" >> $GITEA_OUTPUT
|
echo "changes-detected=false" >> $GITEA_OUTPUT
|
||||||
fi
|
fi
|
||||||
|
|
||||||
- name: Lint Docker Compose
|
- name: Lint Docker Compose
|
||||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
if: steps.check-branch-exists.outputs.exists == 'true'
|
||||||
env:
|
env:
|
||||||
CHANGED_COMPOSE: ${{ steps.check-dir-changes.outputs.compose-dir }}
|
CHANGED_COMPOSE: ${{ steps.check-dir-changes.outputs.compose-dir }}
|
||||||
run: |
|
run: |
|
||||||
echo ">> Running dclint on changed compose files:"
|
echo ">> Running dclint on changed compose files:"
|
||||||
echo "$CHANGED_COMPOSE"
|
echo "$CHANGED_COMPOSE"
|
||||||
|
|
||||||
for compose in $CHANGED_COMPOSE; do
|
echo "$CHANGED_COMPOSE" | while read -r compose; do
|
||||||
echo ">> Linting $compose ..."
|
echo ">> Linting $compose ..."
|
||||||
npx dclint $compose
|
npx dclint $compose
|
||||||
done
|
done
|
||||||
|
|||||||
@@ -37,14 +37,8 @@ jobs:
|
|||||||
id: branch-exists
|
id: branch-exists
|
||||||
if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request'
|
if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request'
|
||||||
run: |
|
run: |
|
||||||
if [ ${{ github.event_name == 'push' }} ]; then
|
|
||||||
echo ">> Action is from a push event, will continue with linting"
|
|
||||||
|
|
||||||
else
|
|
||||||
echo ">> Branch ${{ gitea.base_ref }} exists, will continue with linting"
|
echo ">> Branch ${{ gitea.base_ref }} exists, will continue with linting"
|
||||||
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "----"
|
echo "----"
|
||||||
|
|
||||||
echo "exists=true" >> $GITEA_OUTPUT
|
echo "exists=true" >> $GITEA_OUTPUT
|
||||||
@@ -54,7 +48,7 @@ jobs:
|
|||||||
uses: azure/setup-helm@v4
|
uses: azure/setup-helm@v4
|
||||||
with:
|
with:
|
||||||
token: ${{ secrets.GITEA_TOKEN }}
|
token: ${{ secrets.GITEA_TOKEN }}
|
||||||
version: v3.19.2
|
version: v3
|
||||||
|
|
||||||
- name: Check Directories for Changes
|
- name: Check Directories for Changes
|
||||||
id: check-dir-changes
|
id: check-dir-changes
|
||||||
@@ -67,11 +61,11 @@ jobs:
|
|||||||
if [ "${{ github.event_name }}" == "pull_request" ]; then
|
if [ "${{ github.event_name }}" == "pull_request" ]; then
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Checking for changes in a pull request ..."
|
echo ">> Checking for changes in a pull request ..."
|
||||||
GIT_DIFF=$(git diff --name-only "${BASE_BRANCH}" | xargs -I {} dirname {} | sort -u)
|
GIT_DIFF=$(git diff --name-only "${BASE_BRANCH}" | xargs -I {} dirname {} | sort -u | grep -E "clusters/[^/]+/helm/[^/]+")
|
||||||
else
|
else
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Checking for changes from a push ..."
|
echo ">> Checking for changes from a push ..."
|
||||||
GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u)
|
GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u | grep -E "clusters/[^/]+/helm/[^/]+")
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -n "${GIT_DIFF}" ]; then
|
if [ -n "${GIT_DIFF}" ]; then
|
||||||
@@ -80,12 +74,7 @@ jobs:
|
|||||||
echo "$GIT_DIFF"
|
echo "$GIT_DIFF"
|
||||||
|
|
||||||
for path in $GIT_DIFF; do
|
for path in $GIT_DIFF; do
|
||||||
if echo "$path" | grep -q -E "clusters/[^/]+/helm/[^/]+"; then
|
|
||||||
echo ""
|
|
||||||
echo ">> Adding path: $path"
|
|
||||||
CHANGED_CHARTS+=$(echo "$path" | awk -F '/' '{print $4}')
|
CHANGED_CHARTS+=$(echo "$path" | awk -F '/' '{print $4}')
|
||||||
CHANGED_CHARTS+=$(echo " ")
|
|
||||||
fi
|
|
||||||
done
|
done
|
||||||
|
|
||||||
else
|
else
|
||||||
@@ -97,20 +86,15 @@ jobs:
|
|||||||
if [ -n "${CHANGED_CHARTS}" ]; then
|
if [ -n "${CHANGED_CHARTS}" ]; then
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Chart to Lint:"
|
echo ">> Chart to Lint:"
|
||||||
echo "$(echo "${CHANGED_CHARTS}" | sort -u)"
|
echo "$(echo "${CHANGED_CHARTS[@]}" | sort -u)"
|
||||||
|
|
||||||
echo "----"
|
echo "----"
|
||||||
|
|
||||||
echo "changes-detected=true" >> $GITEA_OUTPUT
|
echo "changes-detected=true" >> $GITEA_OUTPUT
|
||||||
echo "chart-dir<<EOF" >> $GITEA_OUTPUT
|
echo "chart-dir<<EOF" >> $GITEA_OUTPUT
|
||||||
echo "$(echo "${CHANGED_CHARTS}" | sort -u)" >> $GITEA_OUTPUT
|
echo "$(echo "${CHANGED_CHARTS[@]}" | sort -u)" >> $GITEA_OUTPUT
|
||||||
echo "EOF" >> $GITEA_OUTPUT
|
echo "EOF" >> $GITEA_OUTPUT
|
||||||
else
|
else
|
||||||
echo ""
|
|
||||||
echo ">> Did not find any helm charts files to lint"
|
|
||||||
|
|
||||||
echo "----"
|
|
||||||
|
|
||||||
echo "changes-detected=false" >> $GITEA_OUTPUT
|
echo "changes-detected=false" >> $GITEA_OUTPUT
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
@@ -161,10 +161,6 @@ jobs:
|
|||||||
|
|
||||||
cd $chart_path
|
cd $chart_path
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo ">> Updating helm dependency ..."
|
|
||||||
helm dependency update --skip-refresh
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Building helm dependency ..."
|
echo ">> Building helm dependency ..."
|
||||||
helm dependency build --skip-refresh
|
helm dependency build --skip-refresh
|
||||||
@@ -197,11 +193,6 @@ jobs:
|
|||||||
echo ">> Formating rendered template ..."
|
echo ">> Formating rendered template ..."
|
||||||
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
|
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
|
||||||
|
|
||||||
# Strip comments again to ensure formatting correctness
|
|
||||||
for file in "$OUTPUT_FOLDER"/*; do
|
|
||||||
yq -i '... comments=""' $file
|
|
||||||
done
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
|
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
|
||||||
ls $OUTPUT_FOLDER
|
ls $OUTPUT_FOLDER
|
||||||
|
|||||||
@@ -146,10 +146,6 @@ jobs:
|
|||||||
|
|
||||||
cd $chart_path
|
cd $chart_path
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo ">> Updating helm dependency ..."
|
|
||||||
helm dependency update --skip-refresh
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Building helm dependency ..."
|
echo ">> Building helm dependency ..."
|
||||||
helm dependency build --skip-refresh
|
helm dependency build --skip-refresh
|
||||||
@@ -182,11 +178,6 @@ jobs:
|
|||||||
echo ">> Formating rendered template ..."
|
echo ">> Formating rendered template ..."
|
||||||
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
|
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
|
||||||
|
|
||||||
# Strip comments again to ensure formatting correctness
|
|
||||||
for file in "$OUTPUT_FOLDER"/*; do
|
|
||||||
yq -i '... comments=""' $file
|
|
||||||
done
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
|
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
|
||||||
ls $OUTPUT_FOLDER
|
ls $OUTPUT_FOLDER
|
||||||
|
|||||||
@@ -166,10 +166,6 @@ jobs:
|
|||||||
|
|
||||||
cd $chart_path
|
cd $chart_path
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo ">> Updating helm dependency ..."
|
|
||||||
helm dependency update --skip-refresh
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Building helm dependency ..."
|
echo ">> Building helm dependency ..."
|
||||||
helm dependency build --skip-refresh
|
helm dependency build --skip-refresh
|
||||||
@@ -202,11 +198,6 @@ jobs:
|
|||||||
echo ">> Formating rendered template ..."
|
echo ">> Formating rendered template ..."
|
||||||
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
|
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
|
||||||
|
|
||||||
# Strip comments again to ensure formatting correctness
|
|
||||||
for file in "$OUTPUT_FOLDER"/*; do
|
|
||||||
yq -i '... comments=""' $file
|
|
||||||
done
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
|
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
|
||||||
ls $OUTPUT_FOLDER
|
ls $OUTPUT_FOLDER
|
||||||
|
|||||||
@@ -164,10 +164,6 @@ jobs:
|
|||||||
|
|
||||||
cd $chart_path
|
cd $chart_path
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo ">> Updating helm dependency ..."
|
|
||||||
helm dependency update --skip-refresh
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Building helm dependency ..."
|
echo ">> Building helm dependency ..."
|
||||||
helm dependency build --skip-refresh
|
helm dependency build --skip-refresh
|
||||||
@@ -200,11 +196,6 @@ jobs:
|
|||||||
echo ">> Formating rendered template ..."
|
echo ">> Formating rendered template ..."
|
||||||
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
|
echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
|
||||||
|
|
||||||
# Strip comments again to ensure formatting correctness
|
|
||||||
for file in "$OUTPUT_FOLDER"/*; do
|
|
||||||
yq -i '... comments=""' $file
|
|
||||||
done
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
|
echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
|
||||||
ls $OUTPUT_FOLDER
|
ls $OUTPUT_FOLDER
|
||||||
|
|||||||
@@ -18,4 +18,4 @@ dependencies:
|
|||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.5.0
|
version: 4.5.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
||||||
appVersion: 25.12.0
|
appVersion: 25.11.0
|
||||||
|
|||||||
@@ -1,12 +1,12 @@
|
|||||||
dependencies:
|
dependencies:
|
||||||
- name: argo-workflows
|
- name: argo-workflows
|
||||||
repository: https://argoproj.github.io/argo-helm
|
repository: https://argoproj.github.io/argo-helm
|
||||||
version: 0.46.2
|
version: 0.46.1
|
||||||
- name: argo-events
|
- name: argo-events
|
||||||
repository: https://argoproj.github.io/argo-helm
|
repository: https://argoproj.github.io/argo-helm
|
||||||
version: 2.4.19
|
version: 2.4.18
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
digest: sha256:40a93dfcabbc5746682bac631e9a620588cf0cb6fdf79a42446a823e93a531c8
|
digest: sha256:6cc24f6ce2b7f67c2eeab9bb6f64ebfedc082a2e809fc1f03f691f99a3006143
|
||||||
generated: "2025-12-11T15:49:57.970719-06:00"
|
generated: "2025-12-04T01:01:06.532396136Z"
|
||||||
|
|||||||
@@ -18,14 +18,14 @@ maintainers:
|
|||||||
- name: alexlebens
|
- name: alexlebens
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: argo-workflows
|
- name: argo-workflows
|
||||||
version: 0.46.2
|
version: 0.46.1
|
||||||
repository: https://argoproj.github.io/argo-helm
|
repository: https://argoproj.github.io/argo-helm
|
||||||
- name: argo-events
|
- name: argo-events
|
||||||
version: 2.4.19
|
version: 2.4.18
|
||||||
repository: https://argoproj.github.io/argo-helm
|
repository: https://argoproj.github.io/argo-helm
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
|
||||||
appVersion: v3.7.6
|
appVersion: v3.6.7
|
||||||
|
|||||||
@@ -31,10 +31,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: argo-workflows-postgresql-18-cluster-backup-secret
|
name: argo-workflows-postgresql-17-cluster-backup-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: argo-workflows-postgresql-18-cluster-backup-secret
|
app.kubernetes.io/name: argo-workflows-postgresql-17-cluster-backup-secret
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -61,10 +61,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: argo-workflows-postgresql-18-cluster-backup-secret-garage
|
name: argo-workflows-postgresql-17-cluster-backup-secret-garage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: argo-workflows-postgresql-18-cluster-backup-secret-garage
|
app.kubernetes.io/name: argo-workflows-postgresql-17-cluster-backup-secret-garage
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
|
|||||||
@@ -9,15 +9,15 @@ argo-workflows:
|
|||||||
nodeStatusOffLoad: true
|
nodeStatusOffLoad: true
|
||||||
archive: true
|
archive: true
|
||||||
postgresql:
|
postgresql:
|
||||||
host: argo-workflows-postgresql-18-cluster-rw
|
host: argo-workflows-postgresql-17-cluster-rw
|
||||||
port: 5432
|
port: 5432
|
||||||
database: app
|
database: app
|
||||||
tableName: app
|
tableName: app
|
||||||
userNameSecret:
|
userNameSecret:
|
||||||
name: argo-workflows-postgresql-18-cluster-app
|
name: argo-workflows-postgresql-17-cluster-app
|
||||||
key: username
|
key: username
|
||||||
passwordSecret:
|
passwordSecret:
|
||||||
name: argo-workflows-postgresql-18-cluster-app
|
name: argo-workflows-postgresql-17-cluster-app
|
||||||
key: password
|
key: password
|
||||||
ssl: false
|
ssl: false
|
||||||
sslMode: disable
|
sslMode: disable
|
||||||
@@ -59,6 +59,20 @@ argo-workflows:
|
|||||||
useStaticCredentials: true
|
useStaticCredentials: true
|
||||||
artifactRepository:
|
artifactRepository:
|
||||||
archiveLogs: false
|
archiveLogs: false
|
||||||
|
s3: {}
|
||||||
|
# accessKeySecret:
|
||||||
|
# name: "{{ .Release.Name }}-minio"
|
||||||
|
# key: accesskey
|
||||||
|
# secretKeySecret:
|
||||||
|
# name: "{{ .Release.Name }}-minio"
|
||||||
|
# key: secretkey
|
||||||
|
# insecure: true
|
||||||
|
# bucket:
|
||||||
|
# endpoint:
|
||||||
|
# region:
|
||||||
|
# encryptionOptions:
|
||||||
|
# enableEncryption: true
|
||||||
|
|
||||||
argo-events:
|
argo-events:
|
||||||
controller:
|
controller:
|
||||||
resources:
|
resources:
|
||||||
@@ -75,12 +89,9 @@ argo-events:
|
|||||||
requests:
|
requests:
|
||||||
cpu: 10m
|
cpu: 10m
|
||||||
memory: 128Mi
|
memory: 128Mi
|
||||||
postgres-18-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: recovery
|
||||||
cluster:
|
cluster:
|
||||||
image:
|
|
||||||
repository: ghcr.io/cloudnative-pg/postgresql
|
|
||||||
tag: 18.1-standard-trixie
|
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
walStorage:
|
walStorage:
|
||||||
@@ -92,30 +103,30 @@ postgres-18-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-17-cluster
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
index: 1
|
index: 1
|
||||||
endpointCredentials: argo-workflows-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: argo-workflows-postgresql-17-cluster-backup-secret-garage
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
objectStore:
|
||||||
- name: external
|
- name: external
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/argo-workflows/argo-workflows-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
retentionPolicy: "30d"
|
retentionPolicy: "30d"
|
||||||
isWALArchiver: false
|
isWALArchiver: false
|
||||||
- name: garage-local
|
- name: garage-local
|
||||||
destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
endpointCredentials: argo-workflows-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: argo-workflows-postgresql-17-cluster-backup-secret-garage
|
||||||
endpointCredentialsIncludeRegion: true
|
endpointCredentialsIncludeRegion: true
|
||||||
retentionPolicy: "3d"
|
retentionPolicy: "3d"
|
||||||
isWALArchiver: true
|
isWALArchiver: true
|
||||||
# - name: garage-remote
|
# - name: garage-remote
|
||||||
# destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster
|
# destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-17-cluster
|
||||||
# index: 1
|
# index: 1
|
||||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||||
# endpointCredentials: argo-workflows-postgresql-18-cluster-backup-secret-garage
|
# endpointCredentials: argo-workflows-postgresql-17-cluster-backup-secret-garage
|
||||||
# endpointCredentialsIncludeRegion: true
|
# endpointCredentialsIncludeRegion: true
|
||||||
# retentionPolicy: "30d"
|
# retentionPolicy: "30d"
|
||||||
# data:
|
# data:
|
||||||
@@ -123,7 +134,6 @@ postgres-18-cluster:
|
|||||||
scheduledBackups:
|
scheduledBackups:
|
||||||
- name: daily-backup
|
- name: daily-backup
|
||||||
suspend: false
|
suspend: false
|
||||||
immediate: true
|
|
||||||
schedule: "0 0 0 * * *"
|
schedule: "0 0 0 * * *"
|
||||||
backupName: external
|
backupName: external
|
||||||
- name: live-backup
|
- name: live-backup
|
||||||
@@ -133,6 +143,5 @@ postgres-18-cluster:
|
|||||||
backupName: garage-local
|
backupName: garage-local
|
||||||
# - name: weekly-backup
|
# - name: weekly-backup
|
||||||
# suspend: true
|
# suspend: true
|
||||||
# immediate: true
|
|
||||||
# schedule: "0 0 4 * * SAT"
|
# schedule: "0 0 4 * * SAT"
|
||||||
# backupName: garage-remote
|
# backupName: garage-remote
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
dependencies:
|
dependencies:
|
||||||
- name: argo-cd
|
- name: argo-cd
|
||||||
repository: https://argoproj.github.io/argo-helm
|
repository: https://argoproj.github.io/argo-helm
|
||||||
version: 9.1.7
|
version: 9.1.6
|
||||||
digest: sha256:ed1ae26f3e642750f6dd970c1adc4fa14a627fad13daf74169213199f74425b3
|
digest: sha256:488b8e826e7cc7179f154c1b7555e2cec78b69becb9f8cdbe4937b3546d87e5d
|
||||||
generated: "2025-12-09T23:01:55.027301875Z"
|
generated: "2025-12-05T04:02:40.060511766Z"
|
||||||
|
|||||||
@@ -15,7 +15,7 @@ maintainers:
|
|||||||
- name: alexlebens
|
- name: alexlebens
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: argo-cd
|
- name: argo-cd
|
||||||
version: 9.1.7
|
version: 9.1.6
|
||||||
repository: https://argoproj.github.io/argo-helm
|
repository: https://argoproj.github.io/argo-helm
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
|
||||||
appVersion: v3.2.1
|
appVersion: 3.0.0
|
||||||
|
|||||||
@@ -25,7 +25,6 @@ argo-cd:
|
|||||||
id: authentik
|
id: authentik
|
||||||
params:
|
params:
|
||||||
server.insecure: true
|
server.insecure: true
|
||||||
controller.diff.server.side: true
|
|
||||||
rbac:
|
rbac:
|
||||||
policy.csv: |
|
policy.csv: |
|
||||||
g, ArgoCD Admins, role:admin
|
g, ArgoCD Admins, role:admin
|
||||||
@@ -61,7 +60,7 @@ argo-cd:
|
|||||||
enabled: true
|
enabled: true
|
||||||
auth: false
|
auth: false
|
||||||
redisSecretInit:
|
redisSecretInit:
|
||||||
enabled: false
|
enabled: true
|
||||||
server:
|
server:
|
||||||
replicas: 2
|
replicas: 2
|
||||||
extensions:
|
extensions:
|
||||||
@@ -280,7 +279,7 @@ argo-cd:
|
|||||||
- description: Application has degraded
|
- description: Application has degraded
|
||||||
send:
|
send:
|
||||||
- app-health-degraded
|
- app-health-degraded
|
||||||
when: app.status.health.status == 'Degraded'
|
when: app.status.health.status == 'Degraded' and time.Now().Sub(time.Parse(app.status.health.lastTransitionTime).Minutes() >= 15
|
||||||
trigger.on-sync-failed: |
|
trigger.on-sync-failed: |
|
||||||
- description: Application syncing has failed
|
- description: Application syncing has failed
|
||||||
send:
|
send:
|
||||||
|
|||||||
@@ -20,4 +20,4 @@ dependencies:
|
|||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.5.0
|
version: 4.5.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
|
||||||
appVersion: 2.31.0
|
appVersion: 2.21.0
|
||||||
|
|||||||
@@ -8,5 +8,5 @@ dependencies:
|
|||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
digest: sha256:fdd5cc597cf958ca0f6f43dd403915c89c45718eff80920c2d322264dc8b09e1
|
digest: sha256:e6ea05d8bdb96164bc19da117078b5101f329ad5f1b461fa02f198bef45454f3
|
||||||
generated: "2025-12-11T16:14:14.729827-06:00"
|
generated: "2025-12-07T02:54:01.695741198Z"
|
||||||
|
|||||||
@@ -28,8 +28,8 @@ dependencies:
|
|||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.23.2
|
version: 1.23.2
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png
|
||||||
appVersion: 2025.10.2
|
appVersion: 2025.4.1
|
||||||
|
|||||||
@@ -47,10 +47,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: authentik-postgresql-18-cluster-backup-secret
|
name: authentik-postgresql-17-cluster-backup-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: authentik-postgresql-18-cluster-backup-secret
|
app.kubernetes.io/name: authentik-postgresql-17-cluster-backup-secret
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -77,10 +77,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: authentik-postgresql-18-cluster-backup-secret-garage
|
name: authentik-postgresql-17-cluster-backup-secret-garage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: authentik-postgresql-18-cluster-backup-secret-garage
|
app.kubernetes.io/name: authentik-postgresql-17-cluster-backup-secret-garage
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ spec:
|
|||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
fsGroup: 1000
|
fsGroup: 1000
|
||||||
kubernetesConfig:
|
kubernetesConfig:
|
||||||
image: quay.io/opstree/redis:v8.4.0
|
image: quay.io/opstree/redis:v8.0.3
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@@ -29,4 +29,4 @@ spec:
|
|||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
redisExporter:
|
redisExporter:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: quay.io/opstree/redis-exporter:v1.80.1
|
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||||
|
|||||||
@@ -9,22 +9,22 @@ authentik:
|
|||||||
- name: AUTHENTIK_POSTGRESQL__HOST
|
- name: AUTHENTIK_POSTGRESQL__HOST
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: authentik-postgresql-18-cluster-app
|
name: authentik-postgresql-17-cluster-app
|
||||||
key: host
|
key: host
|
||||||
- name: AUTHENTIK_POSTGRESQL__NAME
|
- name: AUTHENTIK_POSTGRESQL__NAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: authentik-postgresql-18-cluster-app
|
name: authentik-postgresql-17-cluster-app
|
||||||
key: dbname
|
key: dbname
|
||||||
- name: AUTHENTIK_POSTGRESQL__USER
|
- name: AUTHENTIK_POSTGRESQL__USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: authentik-postgresql-18-cluster-app
|
name: authentik-postgresql-17-cluster-app
|
||||||
key: user
|
key: user
|
||||||
- name: AUTHENTIK_POSTGRESQL__PASSWORD
|
- name: AUTHENTIK_POSTGRESQL__PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: authentik-postgresql-18-cluster-app
|
name: authentik-postgresql-17-cluster-app
|
||||||
key: password
|
key: password
|
||||||
authentik:
|
authentik:
|
||||||
redis:
|
redis:
|
||||||
@@ -50,12 +50,9 @@ authentik:
|
|||||||
enabled: false
|
enabled: false
|
||||||
cloudflared:
|
cloudflared:
|
||||||
existingSecretName: authentik-cloudflared-secret
|
existingSecretName: authentik-cloudflared-secret
|
||||||
postgres-18-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: recovery
|
||||||
cluster:
|
cluster:
|
||||||
image:
|
|
||||||
repository: ghcr.io/cloudnative-pg/postgresql
|
|
||||||
tag: 18.1-standard-trixie
|
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
walStorage:
|
walStorage:
|
||||||
@@ -67,30 +64,30 @@ postgres-18-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-17-cluster
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
index: 1
|
index: 1
|
||||||
endpointCredentials: authentik-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: authentik-postgresql-17-cluster-backup-secret-garage
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
objectStore:
|
||||||
- name: external
|
- name: external
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/authentik/authentik-postgresql-18-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/authentik/authentik-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
retentionPolicy: "30d"
|
retentionPolicy: "30d"
|
||||||
isWALArchiver: false
|
isWALArchiver: false
|
||||||
- name: garage-local
|
- name: garage-local
|
||||||
destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
endpointCredentials: authentik-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: authentik-postgresql-17-cluster-backup-secret-garage
|
||||||
endpointCredentialsIncludeRegion: true
|
endpointCredentialsIncludeRegion: true
|
||||||
retentionPolicy: "3d"
|
retentionPolicy: "3d"
|
||||||
isWALArchiver: true
|
isWALArchiver: true
|
||||||
# - name: garage-remote
|
# - name: garage-remote
|
||||||
# destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-18-cluster
|
# destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-17-cluster
|
||||||
# index: 1
|
# index: 1
|
||||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||||
# endpointCredentials: authentik-postgresql-18-cluster-backup-secret-garage
|
# endpointCredentials: authentik-postgresql-17-cluster-backup-secret-garage
|
||||||
# retentionPolicy: "30d"
|
# retentionPolicy: "30d"
|
||||||
# data:
|
# data:
|
||||||
# compression: bzip2
|
# compression: bzip2
|
||||||
@@ -98,7 +95,6 @@ postgres-18-cluster:
|
|||||||
scheduledBackups:
|
scheduledBackups:
|
||||||
- name: daily-backup
|
- name: daily-backup
|
||||||
suspend: false
|
suspend: false
|
||||||
immediate: true
|
|
||||||
schedule: "0 0 0 * * *"
|
schedule: "0 0 0 * * *"
|
||||||
backupName: external
|
backupName: external
|
||||||
- name: live-backup
|
- name: live-backup
|
||||||
@@ -108,6 +104,5 @@ postgres-18-cluster:
|
|||||||
backupName: garage-local
|
backupName: garage-local
|
||||||
# - name: weekly-backup
|
# - name: weekly-backup
|
||||||
# suspend: false
|
# suspend: false
|
||||||
# immediate: true
|
|
||||||
# schedule: "0 0 4 * * SAT"
|
# schedule: "0 0 4 * * SAT"
|
||||||
# backupName: garage-remote
|
# backupName: garage-remote
|
||||||
|
|||||||
@@ -20,4 +20,4 @@ dependencies:
|
|||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.5.0
|
version: 4.5.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png
|
||||||
appVersion: 1.5.3
|
appVersion: 1.5.2
|
||||||
|
|||||||
@@ -15,7 +15,7 @@ bazarr:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linuxserver/bazarr
|
repository: ghcr.io/linuxserver/bazarr
|
||||||
tag: 1.5.3@sha256:4aa1e82d1e96ae712095d881b7e3840e6db6ca862c335be5b00001f31156650b
|
tag: 1.5.3@sha256:ec11e988e8e13411c994a4d9f43ed9b97409aa92c1da54d9f23926c3da7c2032
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
|
|||||||
@@ -18,4 +18,4 @@ dependencies:
|
|||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.5.0
|
version: 4.5.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/blocky.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/blocky.png
|
||||||
appVersion: v0.28.2
|
appVersion: v0.25
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ spec:
|
|||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
fsGroup: 1000
|
fsGroup: 1000
|
||||||
kubernetesConfig:
|
kubernetesConfig:
|
||||||
image: quay.io/opstree/redis:v8.4.0
|
image: quay.io/opstree/redis:v8.0.3
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@@ -29,4 +29,4 @@ spec:
|
|||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
redisExporter:
|
redisExporter:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: quay.io/opstree/redis-exporter:v1.80.1
|
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||||
|
|||||||
@@ -156,7 +156,6 @@ blocky:
|
|||||||
radarr-anime IN CNAME traefik-cl01tl
|
radarr-anime IN CNAME traefik-cl01tl
|
||||||
radarr-standup IN CNAME traefik-cl01tl
|
radarr-standup IN CNAME traefik-cl01tl
|
||||||
searxng IN CNAME traefik-cl01tl
|
searxng IN CNAME traefik-cl01tl
|
||||||
seerr IN CNAME traefik-cl01tl
|
|
||||||
slskd IN CNAME traefik-cl01tl
|
slskd IN CNAME traefik-cl01tl
|
||||||
sonarr IN CNAME traefik-cl01tl
|
sonarr IN CNAME traefik-cl01tl
|
||||||
sonarr-4k IN CNAME traefik-cl01tl
|
sonarr-4k IN CNAME traefik-cl01tl
|
||||||
|
|||||||
@@ -21,4 +21,4 @@ dependencies:
|
|||||||
version: 25.10.2
|
version: 25.10.2
|
||||||
repository: https://helm.mariadb.com/mariadb-operator
|
repository: https://helm.mariadb.com/mariadb-operator
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/booklore.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/booklore.png
|
||||||
appVersion: v1.13.2
|
appVersion: v.1.10.0
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ booklore:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/booklore-app/booklore
|
repository: ghcr.io/booklore-app/booklore
|
||||||
tag: v1.13.2
|
tag: v1.13.1
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
dependencies:
|
dependencies:
|
||||||
- name: cert-manager
|
- name: cert-manager
|
||||||
repository: https://charts.jetstack.io
|
repository: https://charts.jetstack.io
|
||||||
version: v1.19.2
|
version: v1.19.1
|
||||||
digest: sha256:b02bda9b9f2fc886af11d017a27a5761513defee603f9e3aa1d7add2749b925c
|
digest: sha256:0b1238a5552bc6d457d4b1a2a1f387a3e7f2c19f820ecb64e14d20481a1ed1ce
|
||||||
generated: "2025-12-10T15:01:57.196895547Z"
|
generated: "2025-12-01T20:25:17.762628-06:00"
|
||||||
|
|||||||
@@ -14,7 +14,7 @@ maintainers:
|
|||||||
- name: alexlebens
|
- name: alexlebens
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: cert-manager
|
- name: cert-manager
|
||||||
version: v1.19.2
|
version: v1.19.1
|
||||||
repository: https://charts.jetstack.io
|
repository: https://charts.jetstack.io
|
||||||
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/cert-manager.png
|
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/cert-manager.png
|
||||||
appVersion: v1.19.2
|
appVersion: v1.17.2
|
||||||
|
|||||||
@@ -18,4 +18,4 @@ dependencies:
|
|||||||
version: 1.18.4
|
version: 1.18.4
|
||||||
repository: https://helm.cilium.io/
|
repository: https://helm.cilium.io/
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/cilium.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/cilium.png
|
||||||
appVersion: 1.18.4
|
appVersion: 1.17.3
|
||||||
|
|||||||
@@ -55,9 +55,6 @@ cilium:
|
|||||||
metrics:
|
metrics:
|
||||||
serviceMonitor:
|
serviceMonitor:
|
||||||
enabled: true
|
enabled: true
|
||||||
tls:
|
|
||||||
auto:
|
|
||||||
method: cronJob
|
|
||||||
relay:
|
relay:
|
||||||
enabled: true
|
enabled: true
|
||||||
metrics:
|
metrics:
|
||||||
|
|||||||
@@ -1,9 +1,9 @@
|
|||||||
dependencies:
|
dependencies:
|
||||||
- name: cloudnative-pg
|
- name: cloudnative-pg
|
||||||
repository: https://cloudnative-pg.io/charts/
|
repository: https://cloudnative-pg.io/charts/
|
||||||
version: 0.27.0
|
version: 0.26.1
|
||||||
- name: plugin-barman-cloud
|
- name: plugin-barman-cloud
|
||||||
repository: https://cloudnative-pg.io/charts/
|
repository: https://cloudnative-pg.io/charts/
|
||||||
version: 0.3.1
|
version: 0.3.1
|
||||||
digest: sha256:14aa30b7bf75571b03bda19af68cd50c1e7908b883351b196a260609a5b85551
|
digest: sha256:b38e5104d77ab1737a27a2542eda958e82038443940f07b7c2cbe3b0a477e1e6
|
||||||
generated: "2025-12-10T19:25:17.952954019Z"
|
generated: "2025-12-01T20:25:20.341325-06:00"
|
||||||
|
|||||||
@@ -16,10 +16,10 @@ maintainers:
|
|||||||
- name: alexlebens
|
- name: alexlebens
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: cloudnative-pg
|
- name: cloudnative-pg
|
||||||
version: 0.27.0
|
version: 0.26.1
|
||||||
repository: https://cloudnative-pg.io/charts/
|
repository: https://cloudnative-pg.io/charts/
|
||||||
- name: plugin-barman-cloud
|
- name: plugin-barman-cloud
|
||||||
version: 0.3.1
|
version: 0.3.1
|
||||||
repository: https://cloudnative-pg.io/charts/
|
repository: https://cloudnative-pg.io/charts/
|
||||||
icon: https://avatars.githubusercontent.com/u/100373852?s=200&v=4
|
icon: https://avatars.githubusercontent.com/u/100373852?s=200&v=4
|
||||||
appVersion: 1.28.0
|
appVersion: 1.26.0
|
||||||
|
|||||||
@@ -25,4 +25,4 @@ dependencies:
|
|||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.23.2
|
version: 1.23.2
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/visual-studio-code.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/visual-studio-code.png
|
||||||
appVersion: 4.106.3
|
appVersion: 4.100.2
|
||||||
|
|||||||
@@ -18,4 +18,4 @@ dependencies:
|
|||||||
version: 1.45.0
|
version: 1.45.0
|
||||||
repository: https://coredns.github.io/helm
|
repository: https://coredns.github.io/helm
|
||||||
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/coredns.png
|
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/coredns.png
|
||||||
appVersion: v1.13.2
|
appVersion: v1.12.1
|
||||||
|
|||||||
@@ -17,4 +17,4 @@ dependencies:
|
|||||||
version: 0.34.0
|
version: 0.34.0
|
||||||
repository: https://kubernetes-sigs.github.io/descheduler/
|
repository: https://kubernetes-sigs.github.io/descheduler/
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
|
||||||
appVersion: 0.34.0
|
appVersion: 0.33.0
|
||||||
|
|||||||
@@ -8,5 +8,5 @@ dependencies:
|
|||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
digest: sha256:636b200b79efdd6ea36afdf29a5e85f3741b362dfcbf2af47c7aff9e55f02812
|
digest: sha256:73ab37385c3d0ec2db83a3640bc03b08ddd06fd015e1b7138e49bc8c3be9382e
|
||||||
generated: "2025-12-11T16:47:16.317535-06:00"
|
generated: "2025-12-07T02:54:20.639142398Z"
|
||||||
|
|||||||
@@ -26,8 +26,8 @@ dependencies:
|
|||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.23.2
|
version: 1.23.2
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png
|
||||||
appVersion: 11.14.0
|
appVersion: 11.7.2
|
||||||
|
|||||||
@@ -151,10 +151,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: directus-postgresql-18-cluster-backup-secret
|
name: directus-postgresql-17-cluster-backup-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: directus-postgresql-18-cluster-backup-secret
|
app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -181,10 +181,40 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: directus-postgresql-18-cluster-backup-secret-garage
|
name: directus-postgresql-17-cluster-backup-secret-weekly
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: directus-postgresql-18-cluster-backup-secret-garage
|
app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret-weekly
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: ACCESS_KEY_ID
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /garage/home-infra/postgres-backups
|
||||||
|
metadataPolicy: None
|
||||||
|
property: ACCESS_KEY_ID
|
||||||
|
- secretKey: ACCESS_SECRET_KEY
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /garage/home-infra/postgres-backups
|
||||||
|
metadataPolicy: None
|
||||||
|
property: ACCESS_SECRET_KEY
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: directus-postgresql-17-cluster-backup-secret-garage
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret-garage
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ spec:
|
|||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
fsGroup: 1000
|
fsGroup: 1000
|
||||||
kubernetesConfig:
|
kubernetesConfig:
|
||||||
image: quay.io/opstree/redis:v8.4.0
|
image: quay.io/opstree/redis:v8.2.1
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
redisSecret:
|
redisSecret:
|
||||||
name: directus-redis-config
|
name: directus-redis-config
|
||||||
@@ -32,4 +32,4 @@ spec:
|
|||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
redisExporter:
|
redisExporter:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: quay.io/opstree/redis-exporter:v1.80.1
|
image: quay.io/opstree/redis-exporter:v1.76.0
|
||||||
|
|||||||
@@ -19,7 +19,7 @@ spec:
|
|||||||
name: directus-redis-config
|
name: directus-redis-config
|
||||||
key: password
|
key: password
|
||||||
kubernetesConfig:
|
kubernetesConfig:
|
||||||
image: quay.io/opstree/redis-sentinel:v8.4.0
|
image: quay.io/opstree/redis-sentinel:v7.0.15
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
redisSecret:
|
redisSecret:
|
||||||
name: directus-redis-config
|
name: directus-redis-config
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ directus:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: directus/directus
|
repository: directus/directus
|
||||||
tag: 11.14.0
|
tag: 11.13.4
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: PUBLIC_URL
|
- name: PUBLIC_URL
|
||||||
@@ -41,27 +41,27 @@ directus:
|
|||||||
- name: DB_HOST
|
- name: DB_HOST
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: directus-postgresql-18-cluster-app
|
name: directus-postgresql-17-cluster-app
|
||||||
key: host
|
key: host
|
||||||
- name: DB_DATABASE
|
- name: DB_DATABASE
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: directus-postgresql-18-cluster-app
|
name: directus-postgresql-17-cluster-app
|
||||||
key: dbname
|
key: dbname
|
||||||
- name: DB_PORT
|
- name: DB_PORT
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: directus-postgresql-18-cluster-app
|
name: directus-postgresql-17-cluster-app
|
||||||
key: port
|
key: port
|
||||||
- name: DB_USER
|
- name: DB_USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: directus-postgresql-18-cluster-app
|
name: directus-postgresql-17-cluster-app
|
||||||
key: user
|
key: user
|
||||||
- name: DB_PASSWORD
|
- name: DB_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: directus-postgresql-18-cluster-app
|
name: directus-postgresql-17-cluster-app
|
||||||
key: password
|
key: password
|
||||||
- name: SYNCHRONIZATION_STORE
|
- name: SYNCHRONIZATION_STORE
|
||||||
value: redis
|
value: redis
|
||||||
@@ -156,12 +156,9 @@ directus:
|
|||||||
cloudflared-directus:
|
cloudflared-directus:
|
||||||
name: cloudflared-directus
|
name: cloudflared-directus
|
||||||
existingSecretName: directus-cloudflared-secret
|
existingSecretName: directus-cloudflared-secret
|
||||||
postgres-18-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: recovery
|
||||||
cluster:
|
cluster:
|
||||||
image:
|
|
||||||
repository: ghcr.io/cloudnative-pg/postgresql
|
|
||||||
tag: 18.1-standard-trixie
|
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
walStorage:
|
walStorage:
|
||||||
@@ -173,30 +170,30 @@ postgres-18-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
index: 1
|
index: 1
|
||||||
endpointCredentials: directus-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
objectStore:
|
||||||
- name: external
|
- name: external
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-18-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
retentionPolicy: "30d"
|
retentionPolicy: "30d"
|
||||||
isWALArchiver: false
|
isWALArchiver: false
|
||||||
- name: garage-local
|
- name: garage-local
|
||||||
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
endpointCredentials: directus-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
|
||||||
endpointCredentialsIncludeRegion: true
|
endpointCredentialsIncludeRegion: true
|
||||||
retentionPolicy: "3d"
|
retentionPolicy: "3d"
|
||||||
isWALArchiver: true
|
isWALArchiver: true
|
||||||
# - name: garage-remote
|
# - name: garage-remote
|
||||||
# destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-18-cluster
|
# destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
|
||||||
# index: 1
|
# index: 1
|
||||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||||
# endpointCredentials: directus-postgresql-18-cluster-backup-secret-garage
|
# endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
|
||||||
# retentionPolicy: "30d"
|
# retentionPolicy: "30d"
|
||||||
# data:
|
# data:
|
||||||
# compression: bzip2
|
# compression: bzip2
|
||||||
@@ -204,7 +201,6 @@ postgres-18-cluster:
|
|||||||
scheduledBackups:
|
scheduledBackups:
|
||||||
- name: daily-backup
|
- name: daily-backup
|
||||||
suspend: false
|
suspend: false
|
||||||
immediate: true
|
|
||||||
schedule: "0 0 0 * * *"
|
schedule: "0 0 0 * * *"
|
||||||
backupName: external
|
backupName: external
|
||||||
- name: live-backup
|
- name: live-backup
|
||||||
@@ -214,6 +210,5 @@ postgres-18-cluster:
|
|||||||
backupName: garage-local
|
backupName: garage-local
|
||||||
# - name: weekly-backup
|
# - name: weekly-backup
|
||||||
# suspend: false
|
# suspend: false
|
||||||
# immediate: true
|
|
||||||
# schedule: "0 0 4 * * SAT"
|
# schedule: "0 0 4 * * SAT"
|
||||||
# backupName: garage-remote
|
# backupName: garage-remote
|
||||||
|
|||||||
@@ -18,4 +18,4 @@ dependencies:
|
|||||||
version: 3.2.0
|
version: 3.2.0
|
||||||
repository: https://helm.elastic.co
|
repository: https://helm.elastic.co
|
||||||
icon: https://helm.elastic.co/icons/eck.png
|
icon: https://helm.elastic.co/icons/eck.png
|
||||||
appVersion: v3.2.0
|
appVersion: 1.26.0
|
||||||
|
|||||||
@@ -24,4 +24,4 @@ dependencies:
|
|||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.23.2
|
version: 1.23.2
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
||||||
appVersion: v1.12.6
|
appVersion: v1.11.100
|
||||||
|
|||||||
@@ -8,7 +8,7 @@ metadata:
|
|||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
sourcePVC: ephemera
|
sourcePVC: ephemera-config
|
||||||
trigger:
|
trigger:
|
||||||
schedule: 0 4 * * *
|
schedule: 0 4 * * *
|
||||||
restic:
|
restic:
|
||||||
|
|||||||
@@ -17,4 +17,4 @@ dependencies:
|
|||||||
version: 1.4.1
|
version: 1.4.1
|
||||||
repository: https://eraser-dev.github.io/eraser/charts
|
repository: https://eraser-dev.github.io/eraser/charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
|
||||||
appVersion: v1.4.1
|
appVersion: v1.3.1
|
||||||
|
|||||||
@@ -19,4 +19,4 @@ dependencies:
|
|||||||
version: 1.19.0
|
version: 1.19.0
|
||||||
repository: https://kubernetes-sigs.github.io/external-dns/
|
repository: https://kubernetes-sigs.github.io/external-dns/
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
|
||||||
appVersion: v0.20.0
|
appVersion: 1.16.1
|
||||||
|
|||||||
@@ -15,4 +15,4 @@ dependencies:
|
|||||||
version: 1.1.1
|
version: 1.1.1
|
||||||
repository: https://charts.external-secrets.io
|
repository: https://charts.external-secrets.io
|
||||||
icon: https://avatars.githubusercontent.com/u/68335991?s=48&v=4
|
icon: https://avatars.githubusercontent.com/u/68335991?s=48&v=4
|
||||||
appVersion: v1.1.1
|
appVersion: 0.17.0
|
||||||
|
|||||||
@@ -8,5 +8,5 @@ dependencies:
|
|||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
digest: sha256:dc8829a1f2cea88033bfda5d412dee8124154e26bfbe9e1bd67b8bb351ad7904
|
digest: sha256:d4b26fd1608a0c767c6ebb226173cef133ed53f45098851713121e429bc614a1
|
||||||
generated: "2025-12-11T17:07:50.35548-06:00"
|
generated: "2025-12-07T02:54:39.594902963Z"
|
||||||
|
|||||||
@@ -26,8 +26,8 @@ dependencies:
|
|||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.23.2
|
version: 1.23.2
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png
|
||||||
appVersion: 1.27.1
|
appVersion: 1.26.2
|
||||||
|
|||||||
@@ -155,10 +155,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: freshrss-postgresql-18-cluster-backup-secret
|
name: freshrss-postgresql-17-cluster-backup-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: freshrss-postgresql-18-cluster-backup-secret
|
app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -185,10 +185,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: freshrss-postgresql-18-cluster-backup-secret-garage
|
name: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: freshrss-postgresql-18-cluster-backup-secret-garage
|
app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
|
|||||||
@@ -98,22 +98,22 @@ freshrss:
|
|||||||
- name: DB_HOST
|
- name: DB_HOST
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: freshrss-postgresql-18-cluster-app
|
name: freshrss-postgresql-17-cluster-app
|
||||||
key: host
|
key: host
|
||||||
- name: DB_BASE
|
- name: DB_BASE
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: freshrss-postgresql-18-cluster-app
|
name: freshrss-postgresql-17-cluster-app
|
||||||
key: dbname
|
key: dbname
|
||||||
- name: DB_USER
|
- name: DB_USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: freshrss-postgresql-18-cluster-app
|
name: freshrss-postgresql-17-cluster-app
|
||||||
key: user
|
key: user
|
||||||
- name: DB_PASSWORD
|
- name: DB_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: freshrss-postgresql-18-cluster-app
|
name: freshrss-postgresql-17-cluster-app
|
||||||
key: password
|
key: password
|
||||||
- name: FRESHRSS_INSTALL
|
- name: FRESHRSS_INSTALL
|
||||||
value: |
|
value: |
|
||||||
@@ -193,12 +193,9 @@ freshrss:
|
|||||||
readOnly: false
|
readOnly: false
|
||||||
cloudflared:
|
cloudflared:
|
||||||
existingSecretName: freshrss-cloudflared-secret
|
existingSecretName: freshrss-cloudflared-secret
|
||||||
postgres-18-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: recovery
|
||||||
cluster:
|
cluster:
|
||||||
image:
|
|
||||||
repository: ghcr.io/cloudnative-pg/postgresql
|
|
||||||
tag: 18.1-standard-trixie
|
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
walStorage:
|
walStorage:
|
||||||
@@ -210,30 +207,30 @@ postgres-18-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
index: 1
|
index: 1
|
||||||
endpointCredentials: freshrss-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
objectStore:
|
||||||
- name: external
|
- name: external
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-18-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
retentionPolicy: "30d"
|
retentionPolicy: "30d"
|
||||||
isWALArchiver: false
|
isWALArchiver: false
|
||||||
- name: garage-local
|
- name: garage-local
|
||||||
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
endpointCredentials: freshrss-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||||
endpointCredentialsIncludeRegion: true
|
endpointCredentialsIncludeRegion: true
|
||||||
retentionPolicy: "3d"
|
retentionPolicy: "3d"
|
||||||
isWALArchiver: true
|
isWALArchiver: true
|
||||||
# - name: garage-remote
|
# - name: garage-remote
|
||||||
# destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-18-cluster
|
# destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||||
# index: 1
|
# index: 1
|
||||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||||
# endpointCredentials: freshrss-postgresql-18-cluster-backup-secret-garage
|
# endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||||
# retentionPolicy: "30d"
|
# retentionPolicy: "30d"
|
||||||
# data:
|
# data:
|
||||||
# compression: bzip2
|
# compression: bzip2
|
||||||
@@ -241,7 +238,6 @@ postgres-18-cluster:
|
|||||||
scheduledBackups:
|
scheduledBackups:
|
||||||
- name: daily-backup
|
- name: daily-backup
|
||||||
suspend: false
|
suspend: false
|
||||||
immediate: true
|
|
||||||
schedule: "0 0 0 * * *"
|
schedule: "0 0 0 * * *"
|
||||||
backupName: external
|
backupName: external
|
||||||
- name: live-backup
|
- name: live-backup
|
||||||
@@ -251,6 +247,5 @@ postgres-18-cluster:
|
|||||||
backupName: garage-local
|
backupName: garage-local
|
||||||
# - name: weekly-backup
|
# - name: weekly-backup
|
||||||
# suspend: false
|
# suspend: false
|
||||||
# immediate: true
|
|
||||||
# schedule: "0 2 4 * * SAT"
|
# schedule: "0 2 4 * * SAT"
|
||||||
# backupName: garage-remote
|
# backupName: garage-remote
|
||||||
|
|||||||
@@ -5,5 +5,5 @@ dependencies:
|
|||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
digest: sha256:11d46f37e9f98a5562239e1b827a4caccc0ca14dc738681465e27ef5c5edd6d0
|
digest: sha256:53e3b31b3fa3916ac4478c0ca3733a18f7145a0129b6a9c7aefdaf8169cb525c
|
||||||
generated: "2025-12-11T17:23:01.072262-06:00"
|
generated: "2025-12-04T00:00:45.882393108Z"
|
||||||
|
|||||||
@@ -21,8 +21,8 @@ dependencies:
|
|||||||
repository: https://twin.github.io/helm-charts
|
repository: https://twin.github.io/helm-charts
|
||||||
version: 1.4.4
|
version: 1.4.4
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/gatus.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/gatus.png
|
||||||
appVersion: v5.33.0
|
appVersion: v5.12.0
|
||||||
|
|||||||
@@ -54,10 +54,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: gatus-postgresql-18-cluster-backup-secret
|
name: gatus-postgresql-17-cluster-backup-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gatus-postgresql-18-cluster-backup-secret
|
app.kubernetes.io/name: gatus-postgresql-17-cluster-backup-secret
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -84,10 +84,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: gatus-postgresql-18-cluster-backup-secret-garage
|
name: gatus-postgresql-17-cluster-backup-secret-garage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gatus-postgresql-18-cluster-backup-secret-garage
|
app.kubernetes.io/name: gatus-postgresql-17-cluster-backup-secret-garage
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
|
|||||||
@@ -36,27 +36,27 @@ gatus:
|
|||||||
POSTGRES_USER:
|
POSTGRES_USER:
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gatus-postgresql-18-cluster-app
|
name: gatus-postgresql-17-cluster-app
|
||||||
key: username
|
key: username
|
||||||
POSTGRES_PASSWORD:
|
POSTGRES_PASSWORD:
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gatus-postgresql-18-cluster-app
|
name: gatus-postgresql-17-cluster-app
|
||||||
key: password
|
key: password
|
||||||
POSTGRES_HOST:
|
POSTGRES_HOST:
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gatus-postgresql-18-cluster-app
|
name: gatus-postgresql-17-cluster-app
|
||||||
key: host
|
key: host
|
||||||
POSTGRES_PORT:
|
POSTGRES_PORT:
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gatus-postgresql-18-cluster-app
|
name: gatus-postgresql-17-cluster-app
|
||||||
key: port
|
key: port
|
||||||
POSTGRES_DB:
|
POSTGRES_DB:
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gatus-postgresql-18-cluster-app
|
name: gatus-postgresql-17-cluster-app
|
||||||
key: dbname
|
key: dbname
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@@ -125,9 +125,6 @@ gatus:
|
|||||||
- name: overseerr
|
- name: overseerr
|
||||||
url: https://overseerr.alexlebens.net
|
url: https://overseerr.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
- name: seerr
|
|
||||||
url: https://seerr.alexlebens.net
|
|
||||||
<<: *defaults
|
|
||||||
- name: yamtrack
|
- name: yamtrack
|
||||||
url: https://yamtrack.alexlebens.net
|
url: https://yamtrack.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
@@ -143,9 +140,6 @@ gatus:
|
|||||||
- name: audiobookshelf
|
- name: audiobookshelf
|
||||||
url: https://audiobookshelf.alexlebens.net
|
url: https://audiobookshelf.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
- name: booklore
|
|
||||||
url: https://booklore.alexlebens.net
|
|
||||||
<<: *defaults
|
|
||||||
- name: home-assistant
|
- name: home-assistant
|
||||||
url: https://home-assistant.alexlebens.net
|
url: https://home-assistant.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
@@ -182,11 +176,6 @@ gatus:
|
|||||||
- name: n8n
|
- name: n8n
|
||||||
url: https://n8n.alexlebens.net
|
url: https://n8n.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
- name: kronic
|
|
||||||
url: https://kronic.alexlebens.net
|
|
||||||
<<: *defaults
|
|
||||||
conditions:
|
|
||||||
- "[STATUS] == 401"
|
|
||||||
- name: omni-tools
|
- name: omni-tools
|
||||||
url: https://omni-tools.alexlebens.net
|
url: https://omni-tools.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
@@ -256,9 +245,6 @@ gatus:
|
|||||||
- name: ceph
|
- name: ceph
|
||||||
url: https://ceph.alexlebens.net
|
url: https://ceph.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
- name: garage
|
|
||||||
url: https://garage-webui.alexlebens.net
|
|
||||||
<<: *defaults
|
|
||||||
- name: pgadmin
|
- name: pgadmin
|
||||||
url: https://pgadmin.alexlebens.net
|
url: https://pgadmin.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
@@ -268,29 +254,6 @@ gatus:
|
|||||||
- name: vault
|
- name: vault
|
||||||
url: https://vault.alexlebens.net
|
url: https://vault.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
- name: backrest
|
|
||||||
url: https://backrest.alexlebens.net
|
|
||||||
<<: *defaults
|
|
||||||
- name: qui
|
|
||||||
url: https://qui.alexlebens.net
|
|
||||||
<<: *defaults
|
|
||||||
- name: qbittorrent
|
|
||||||
url: https://qbittorrent.alexlebens.net
|
|
||||||
<<: *defaults
|
|
||||||
- name: prowlarr
|
|
||||||
url: https://prowlarr.alexlebens.net
|
|
||||||
<<: *defaults
|
|
||||||
- name: huntarr
|
|
||||||
url: https://huntarr.alexlebens.net
|
|
||||||
<<: *defaults
|
|
||||||
- name: bazarr
|
|
||||||
url: https://bazarr.alexlebens.net
|
|
||||||
<<: *defaults
|
|
||||||
conditions:
|
|
||||||
- "[STATUS] == 401"
|
|
||||||
- name: tdarr
|
|
||||||
url: https://tdarr.alexlebens.net
|
|
||||||
<<: *defaults
|
|
||||||
- name: sonarr
|
- name: sonarr
|
||||||
url: https://sonarr.alexlebens.net
|
url: https://sonarr.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
@@ -321,11 +284,25 @@ gatus:
|
|||||||
- name: slskd
|
- name: slskd
|
||||||
url: https://slskd.alexlebens.net
|
url: https://slskd.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
- name: ephemera
|
- name: qui
|
||||||
url: https://ephemera.alexlebens.net
|
url: https://qui.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
- name: listenarr
|
- name: qbittorrent
|
||||||
url: https://listenarr.alexlebens.net
|
url: https://qbittorrent.alexlebens.net
|
||||||
|
<<: *defaults
|
||||||
|
- name: prowlarr
|
||||||
|
url: https://prowlarr.alexlebens.net
|
||||||
|
<<: *defaults
|
||||||
|
- name: bazarr
|
||||||
|
url: https://bazarr.alexlebens.net
|
||||||
|
<<: *defaults
|
||||||
|
conditions:
|
||||||
|
- "[STATUS] == 401"
|
||||||
|
- name: huntarr
|
||||||
|
url: https://huntarr.alexlebens.net
|
||||||
|
<<: *defaults
|
||||||
|
- name: tdarr
|
||||||
|
url: https://tdarr.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
- name: www
|
- name: www
|
||||||
url: https://www.alexlebens.dev
|
url: https://www.alexlebens.dev
|
||||||
@@ -370,20 +347,27 @@ gatus:
|
|||||||
url: https://codeserver.alexlebens.dev
|
url: https://codeserver.alexlebens.dev
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
group: external
|
group: external
|
||||||
- name: authentik
|
|
||||||
url: https://auth.alexlebens.dev
|
|
||||||
<<: *defaults
|
|
||||||
group: external
|
|
||||||
- name: public homepage
|
- name: public homepage
|
||||||
url: https://home.alexlebens.dev
|
url: https://home.alexlebens.dev
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
group: external
|
group: external
|
||||||
postgres-18-cluster:
|
- name: discord
|
||||||
|
group: public
|
||||||
|
url: https://discord.com/app
|
||||||
|
conditions:
|
||||||
|
- "[STATUS] == 200"
|
||||||
|
- "[RESPONSE_TIME] < 400"
|
||||||
|
interval: 10s
|
||||||
|
- name: reddit
|
||||||
|
group: public
|
||||||
|
url: https://reddit.com
|
||||||
|
conditions:
|
||||||
|
- "[STATUS] == 200"
|
||||||
|
- "[RESPONSE_TIME] < 400"
|
||||||
|
interval: 10s
|
||||||
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: recovery
|
||||||
cluster:
|
cluster:
|
||||||
image:
|
|
||||||
repository: ghcr.io/cloudnative-pg/postgresql
|
|
||||||
tag: 18.1-standard-trixie
|
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
walStorage:
|
walStorage:
|
||||||
@@ -395,19 +379,19 @@ postgres-18-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-17-cluster
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
index: 1
|
index: 1
|
||||||
endpointCredentials: gatus-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: gatus-postgresql-17-cluster-backup-secret-garage
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
objectStore:
|
||||||
- name: external
|
- name: external
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/gatus/gatus-postgresql-18-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/gatus/gatus-postgresql-17-cluster
|
||||||
index: 2
|
index: 2
|
||||||
retentionPolicy: "30d"
|
retentionPolicy: "30d"
|
||||||
isWALArchiver: false
|
isWALArchiver: false
|
||||||
- name: garage-local
|
- name: garage-local
|
||||||
destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
endpointCredentials: gatus-postgresql-17-cluster-backup-secret-garage
|
endpointCredentials: gatus-postgresql-17-cluster-backup-secret-garage
|
||||||
@@ -415,10 +399,10 @@ postgres-18-cluster:
|
|||||||
retentionPolicy: "3d"
|
retentionPolicy: "3d"
|
||||||
isWALArchiver: true
|
isWALArchiver: true
|
||||||
# - name: garage-remote
|
# - name: garage-remote
|
||||||
# destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-18-cluster
|
# destinationPath: s3://postgres-backups/cl01tl/gatus/gatus-postgresql-17-cluster
|
||||||
# index: 1
|
# index: 1
|
||||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||||
# endpointCredentials: gatus-postgresql-18-cluster-backup-secret-garage
|
# endpointCredentials: gatus-postgresql-17-cluster-backup-secret-garage
|
||||||
# retentionPolicy: "30d"
|
# retentionPolicy: "30d"
|
||||||
# data:
|
# data:
|
||||||
# compression: bzip2
|
# compression: bzip2
|
||||||
@@ -426,7 +410,6 @@ postgres-18-cluster:
|
|||||||
scheduledBackups:
|
scheduledBackups:
|
||||||
- name: daily-backup
|
- name: daily-backup
|
||||||
suspend: false
|
suspend: false
|
||||||
immediate: true
|
|
||||||
schedule: "0 0 0 * * *"
|
schedule: "0 0 0 * * *"
|
||||||
backupName: external
|
backupName: external
|
||||||
- name: live-backup
|
- name: live-backup
|
||||||
@@ -436,6 +419,5 @@ postgres-18-cluster:
|
|||||||
backupName: garage-local
|
backupName: garage-local
|
||||||
# - name: weekly-backup
|
# - name: weekly-backup
|
||||||
# suspend: false
|
# suspend: false
|
||||||
# immediate: true
|
|
||||||
# schedule: "0 0 4 * * SAT"
|
# schedule: "0 0 4 * * SAT"
|
||||||
# backupName: garage-remote
|
# backupName: garage-remote
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
dependencies:
|
dependencies:
|
||||||
- name: generic-device-plugin
|
- name: generic-device-plugin
|
||||||
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
|
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
|
||||||
version: 0.20.5
|
version: 0.20.4
|
||||||
digest: sha256:329b2d00301ab1467a8654dd92febfd7078db121c00c0960548010c01dee66b6
|
digest: sha256:4aa24e57233783f99d3de453f997ff4dddecaea729ab09b78745ee89ffa0e4a8
|
||||||
generated: "2025-12-08T03:02:06.697075532Z"
|
generated: "2025-12-06T01:01:30.343689275Z"
|
||||||
|
|||||||
@@ -15,6 +15,6 @@ maintainers:
|
|||||||
dependencies:
|
dependencies:
|
||||||
- name: generic-device-plugin
|
- name: generic-device-plugin
|
||||||
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
|
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
|
||||||
version: 0.20.5
|
version: 0.20.4
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
|
||||||
appVersion: 1.0.0
|
appVersion: 1.0.0
|
||||||
|
|||||||
@@ -17,5 +17,5 @@ dependencies:
|
|||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
digest: sha256:ecb6e0283b564f37b5d60bb64860b71c3b68acc2835364c0488fd7a9e932b941
|
digest: sha256:392636c97a9be96f21c70f9b53559398aa15e67a0cae551041ee64f23088b59a
|
||||||
generated: "2025-12-11T17:38:49.087683-06:00"
|
generated: "2025-12-07T02:54:49.861996743Z"
|
||||||
|
|||||||
@@ -43,8 +43,8 @@ dependencies:
|
|||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.23.2
|
version: 1.23.2
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/gitea.png
|
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/gitea.png
|
||||||
appVersion: 1.25.2
|
appVersion: 1.23.7
|
||||||
|
|||||||
@@ -254,10 +254,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: gitea-postgresql-18-cluster-backup-secret
|
name: gitea-postgresql-17-cluster-backup-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gitea-postgresql-18-cluster-backup-secret
|
app.kubernetes.io/name: gitea-postgresql-17-cluster-backup-secret
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -284,10 +284,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: gitea-postgresql-18-cluster-backup-secret-garage
|
name: gitea-postgresql-17-cluster-backup-secret-garage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gitea-postgresql-18-cluster-backup-secret-garage
|
app.kubernetes.io/name: gitea-postgresql-17-cluster-backup-secret-garage
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ spec:
|
|||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
fsGroup: 1000
|
fsGroup: 1000
|
||||||
kubernetesConfig:
|
kubernetesConfig:
|
||||||
image: quay.io/opstree/redis:v8.4.0
|
image: quay.io/opstree/redis:v8.0.3
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@@ -29,7 +29,7 @@ spec:
|
|||||||
storage: 10Gi
|
storage: 10Gi
|
||||||
redisExporter:
|
redisExporter:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: quay.io/opstree/redis-exporter:v1.80.1
|
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||||
@@ -47,7 +47,7 @@ spec:
|
|||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
fsGroup: 1000
|
fsGroup: 1000
|
||||||
kubernetesConfig:
|
kubernetesConfig:
|
||||||
image: quay.io/opstree/redis:v8.4.0
|
image: quay.io/opstree/redis:v8.0.3
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@@ -63,4 +63,4 @@ spec:
|
|||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
redisExporter:
|
redisExporter:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: quay.io/opstree/redis-exporter:v1.80.1
|
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||||
|
|||||||
@@ -1,23 +0,0 @@
|
|||||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
|
||||||
kind: RedisSentinel
|
|
||||||
metadata:
|
|
||||||
name: redis-sentinel-gitea
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-sentinel-gitea
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
clusterSize: 3
|
|
||||||
podSecurityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
fsGroup: 1000
|
|
||||||
redisSentinelConfig:
|
|
||||||
redisReplicationName: redis-replication-gitea
|
|
||||||
kubernetesConfig:
|
|
||||||
image: quay.io/opstree/redis-sentinel:v8.4.0
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 10m
|
|
||||||
memory: 128Mi
|
|
||||||
@@ -12,6 +12,8 @@ spec:
|
|||||||
matchLabels:
|
matchLabels:
|
||||||
app.kubernetes.io/name: gitea
|
app.kubernetes.io/name: gitea
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
matchExpressions:
|
||||||
|
- { key: app.kubernetes.io/controller, operator: NotIn, values: [backup] }
|
||||||
endpoints:
|
endpoints:
|
||||||
- port: http
|
- port: http
|
||||||
|
|
||||||
|
|||||||
@@ -108,22 +108,22 @@ gitea:
|
|||||||
- name: GITEA__DATABASE__HOST
|
- name: GITEA__DATABASE__HOST
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gitea-postgresql-18-cluster-app
|
name: gitea-postgresql-17-cluster-app
|
||||||
key: host
|
key: host
|
||||||
- name: GITEA__DATABASE__NAME
|
- name: GITEA__DATABASE__NAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gitea-postgresql-18-cluster-app
|
name: gitea-postgresql-17-cluster-app
|
||||||
key: dbname
|
key: dbname
|
||||||
- name: GITEA__DATABASE__USER
|
- name: GITEA__DATABASE__USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gitea-postgresql-18-cluster-app
|
name: gitea-postgresql-17-cluster-app
|
||||||
key: user
|
key: user
|
||||||
- name: GITEA__DATABASE__PASSWD
|
- name: GITEA__DATABASE__PASSWD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gitea-postgresql-18-cluster-app
|
name: gitea-postgresql-17-cluster-app
|
||||||
key: password
|
key: password
|
||||||
- name: GITEA__INDEXER__ISSUE_INDEXER_CONN_STR
|
- name: GITEA__INDEXER__ISSUE_INDEXER_CONN_STR
|
||||||
valueFrom:
|
valueFrom:
|
||||||
@@ -174,9 +174,6 @@ gitea-actions:
|
|||||||
backup:
|
backup:
|
||||||
global:
|
global:
|
||||||
fullnameOverride: gitea-backup
|
fullnameOverride: gitea-backup
|
||||||
labels:
|
|
||||||
app.kubernetes.io/instance: gitea-backup
|
|
||||||
app.kubernetes.io/name: gitea-backup
|
|
||||||
controllers:
|
controllers:
|
||||||
backup:
|
backup:
|
||||||
type: cronjob
|
type: cronjob
|
||||||
@@ -194,9 +191,6 @@ backup:
|
|||||||
name: gitea-backup
|
name: gitea-backup
|
||||||
pod:
|
pod:
|
||||||
automountServiceAccountToken: true
|
automountServiceAccountToken: true
|
||||||
labels:
|
|
||||||
app.kubernetes.io/instance: gitea-backup
|
|
||||||
app.kubernetes.io/name: gitea-backup
|
|
||||||
initContainers:
|
initContainers:
|
||||||
backup:
|
backup:
|
||||||
image:
|
image:
|
||||||
@@ -218,7 +212,7 @@ backup:
|
|||||||
s3-backup:
|
s3-backup:
|
||||||
image:
|
image:
|
||||||
repository: d3fk/s3cmd
|
repository: d3fk/s3cmd
|
||||||
tag: latest@sha256:a4ef406e37628ee56e608b1567aeb0345e51142f56741b715322111be3b6ebcc
|
tag: latest@sha256:590c42746db1252be8aad33e287c7910698c32b58b4fc34f67592a5bd0841551
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
command:
|
command:
|
||||||
- /bin/sh
|
- /bin/sh
|
||||||
@@ -242,7 +236,7 @@ backup:
|
|||||||
s3-prune:
|
s3-prune:
|
||||||
image:
|
image:
|
||||||
repository: d3fk/s3cmd
|
repository: d3fk/s3cmd
|
||||||
tag: latest@sha256:a4ef406e37628ee56e608b1567aeb0345e51142f56741b715322111be3b6ebcc
|
tag: latest@sha256:590c42746db1252be8aad33e287c7910698c32b58b4fc34f67592a5bd0841551
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
command:
|
command:
|
||||||
- /bin/sh
|
- /bin/sh
|
||||||
@@ -322,12 +316,9 @@ meilisearch:
|
|||||||
enabled: true
|
enabled: true
|
||||||
cloudflared:
|
cloudflared:
|
||||||
existingSecretName: gitea-cloudflared-secret
|
existingSecretName: gitea-cloudflared-secret
|
||||||
postgres-18-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: recovery
|
||||||
cluster:
|
cluster:
|
||||||
image:
|
|
||||||
repository: ghcr.io/cloudnative-pg/postgresql
|
|
||||||
tag: 18.1-standard-trixie
|
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
walStorage:
|
walStorage:
|
||||||
@@ -343,30 +334,30 @@ postgres-18-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-17-cluster
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
index: 1
|
index: 1
|
||||||
endpointCredentials: gitea-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: gitea-postgresql-17-cluster-backup-secret-garage
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
objectStore:
|
||||||
- name: external
|
- name: external
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/gitea/gitea-postgresql-18-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/gitea/gitea-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
retentionPolicy: "30d"
|
retentionPolicy: "30d"
|
||||||
isWALArchiver: false
|
isWALArchiver: false
|
||||||
- name: garage-local
|
- name: garage-local
|
||||||
destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
endpointCredentials: gitea-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: gitea-postgresql-17-cluster-backup-secret-garage
|
||||||
endpointCredentialsIncludeRegion: true
|
endpointCredentialsIncludeRegion: true
|
||||||
retentionPolicy: "3d"
|
retentionPolicy: "3d"
|
||||||
isWALArchiver: true
|
isWALArchiver: true
|
||||||
# - name: garage-remote
|
# - name: garage-remote
|
||||||
# destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-18-cluster
|
# destinationPath: s3://postgres-backups/cl01tl/gitea/gitea-postgresql-17-cluster
|
||||||
# index: 1
|
# index: 1
|
||||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||||
# endpointCredentials: gitea-postgresql-18-cluster-backup-secret-garage
|
# endpointCredentials: gitea-postgresql-17-cluster-backup-secret-garage
|
||||||
# retentionPolicy: "30d"
|
# retentionPolicy: "30d"
|
||||||
# data:
|
# data:
|
||||||
# compression: bzip2
|
# compression: bzip2
|
||||||
@@ -374,7 +365,6 @@ postgres-18-cluster:
|
|||||||
scheduledBackups:
|
scheduledBackups:
|
||||||
- name: daily-backup
|
- name: daily-backup
|
||||||
suspend: false
|
suspend: false
|
||||||
immediate: true
|
|
||||||
schedule: "0 0 0 * * *"
|
schedule: "0 0 0 * * *"
|
||||||
backupName: external
|
backupName: external
|
||||||
- name: live-backup
|
- name: live-backup
|
||||||
@@ -384,6 +374,5 @@ postgres-18-cluster:
|
|||||||
backupName: garage-local
|
backupName: garage-local
|
||||||
# - name: weekly-backup
|
# - name: weekly-backup
|
||||||
# suspend: false
|
# suspend: false
|
||||||
# immediate: true
|
|
||||||
# schedule: "0 0 4 * * SAT"
|
# schedule: "0 0 4 * * SAT"
|
||||||
# backupName: garage-remote
|
# backupName: garage-remote
|
||||||
|
|||||||
@@ -5,5 +5,5 @@ dependencies:
|
|||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
digest: sha256:9640766b4a15b50a759edbc8a2aad816f9240be72bf06364acb387464245d51a
|
digest: sha256:3bd7096e4401df5818733b3e0b08f281c12af9b54a272fbe3e753b2616d725dd
|
||||||
generated: "2025-12-11T19:19:12.375716-06:00"
|
generated: "2025-12-04T00:01:28.278027037Z"
|
||||||
|
|||||||
@@ -20,8 +20,8 @@ dependencies:
|
|||||||
version: v5.20.0
|
version: v5.20.0
|
||||||
repository: https://grafana.github.io/helm-charts
|
repository: https://grafana.github.io/helm-charts
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/grafana.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/grafana.png
|
||||||
appVersion: v5.20.0
|
appVersion: v5.18.0
|
||||||
|
|||||||
@@ -61,10 +61,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: grafana-operator-postgresql-18-cluster-backup-secret
|
name: grafana-operator-postgresql-17-cluster-backup-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-operator-postgresql-18-cluster-backup-secret
|
app.kubernetes.io/name: grafana-operator-postgresql-17-cluster-backup-secret
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -91,10 +91,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: grafana-operator-postgresql-18-cluster-backup-secret-garage
|
name: grafana-operator-postgresql-17-cluster-backup-secret-garage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-operator-postgresql-18-cluster-backup-secret-garage
|
app.kubernetes.io/name: grafana-operator-postgresql-17-cluster-backup-secret-garage
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
|
|||||||
@@ -85,25 +85,25 @@ spec:
|
|||||||
- name: DB_HOST
|
- name: DB_HOST
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: grafana-operator-postgresql-18-cluster-app
|
name: grafana-operator-postgresql-17-cluster-app
|
||||||
key: host
|
key: host
|
||||||
- name: DB_DATABASE
|
- name: DB_DATABASE
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: grafana-operator-postgresql-18-cluster-app
|
name: grafana-operator-postgresql-17-cluster-app
|
||||||
key: dbname
|
key: dbname
|
||||||
- name: DB_PORT
|
- name: DB_PORT
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: grafana-operator-postgresql-18-cluster-app
|
name: grafana-operator-postgresql-17-cluster-app
|
||||||
key: port
|
key: port
|
||||||
- name: DB_USER
|
- name: DB_USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: grafana-operator-postgresql-18-cluster-app
|
name: grafana-operator-postgresql-17-cluster-app
|
||||||
key: user
|
key: user
|
||||||
- name: DB_PASSWORD
|
- name: DB_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: grafana-operator-postgresql-18-cluster-app
|
name: grafana-operator-postgresql-17-cluster-app
|
||||||
key: password
|
key: password
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ spec:
|
|||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
fsGroup: 1000
|
fsGroup: 1000
|
||||||
kubernetesConfig:
|
kubernetesConfig:
|
||||||
image: quay.io/opstree/redis:v8.4.0
|
image: quay.io/opstree/redis:v8.0.3
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@@ -29,7 +29,7 @@ spec:
|
|||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
redisExporter:
|
redisExporter:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: quay.io/opstree/redis-exporter:v1.80.1
|
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||||
@@ -47,7 +47,7 @@ spec:
|
|||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
fsGroup: 1000
|
fsGroup: 1000
|
||||||
kubernetesConfig:
|
kubernetesConfig:
|
||||||
image: quay.io/opstree/redis:v8.4.0
|
image: quay.io/opstree/redis:v8.0.3
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@@ -63,4 +63,4 @@ spec:
|
|||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
redisExporter:
|
redisExporter:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: quay.io/opstree/redis-exporter:v1.80.1
|
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||||
|
|||||||
@@ -12,12 +12,9 @@ grafana-operator:
|
|||||||
enabled: true
|
enabled: true
|
||||||
dashboard:
|
dashboard:
|
||||||
enabled: false
|
enabled: false
|
||||||
postgres-18-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: recovery
|
||||||
cluster:
|
cluster:
|
||||||
image:
|
|
||||||
repository: ghcr.io/cloudnative-pg/postgresql
|
|
||||||
tag: 18.1-standard-trixie
|
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
walStorage:
|
walStorage:
|
||||||
@@ -29,30 +26,30 @@ postgres-18-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-17-cluster
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
index: 1
|
index: 1
|
||||||
endpointCredentials: grafana-operator-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: grafana-operator-postgresql-17-cluster-backup-secret-garage
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
objectStore:
|
||||||
- name: external
|
- name: external
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/grafana-operator/grafana-operator-postgresql-18-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/grafana-operator/grafana-operator-postgresql-17-cluster
|
||||||
index: 1
|
index: 2
|
||||||
retentionPolicy: "30d"
|
retentionPolicy: "30d"
|
||||||
isWALArchiver: false
|
isWALArchiver: false
|
||||||
- name: garage-local
|
- name: garage-local
|
||||||
destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
endpointCredentials: grafana-operator-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: grafana-operator-postgresql-17-cluster-backup-secret-garage
|
||||||
endpointCredentialsIncludeRegion: true
|
endpointCredentialsIncludeRegion: true
|
||||||
retentionPolicy: "3d"
|
retentionPolicy: "3d"
|
||||||
isWALArchiver: true
|
isWALArchiver: true
|
||||||
# - name: garage-remote
|
# - name: garage-remote
|
||||||
# destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-18-cluster
|
# destinationPath: s3://postgres-backups/cl01tl/grafana-operator/grafana-operator-postgresql-17-cluster
|
||||||
# index: 1
|
# index: 1
|
||||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||||
# endpointCredentials: grafana-operator-postgresql-18-cluster-backup-secret-garage
|
# endpointCredentials: grafana-operator-postgresql-17-cluster-backup-secret-garage
|
||||||
# retentionPolicy: "30d"
|
# retentionPolicy: "30d"
|
||||||
# data:
|
# data:
|
||||||
# compression: bzip2
|
# compression: bzip2
|
||||||
@@ -60,7 +57,6 @@ postgres-18-cluster:
|
|||||||
scheduledBackups:
|
scheduledBackups:
|
||||||
- name: daily-backup
|
- name: daily-backup
|
||||||
suspend: false
|
suspend: false
|
||||||
immediate: true
|
|
||||||
schedule: "0 0 0 * * *"
|
schedule: "0 0 0 * * *"
|
||||||
backupName: external
|
backupName: external
|
||||||
- name: live-backup
|
- name: live-backup
|
||||||
@@ -70,6 +66,5 @@ postgres-18-cluster:
|
|||||||
backupName: garage-local
|
backupName: garage-local
|
||||||
# - name: weekly-backup
|
# - name: weekly-backup
|
||||||
# suspend: false
|
# suspend: false
|
||||||
# immediate: true
|
|
||||||
# schedule: "0 0 4 * * SAT"
|
# schedule: "0 0 4 * * SAT"
|
||||||
# backupName: garage-remote
|
# backupName: garage-remote
|
||||||
|
|||||||
@@ -1,9 +0,0 @@
|
|||||||
dependencies:
|
|
||||||
- name: harbor
|
|
||||||
repository: https://helm.goharbor.io
|
|
||||||
version: 1.18.1
|
|
||||||
- name: postgres-cluster
|
|
||||||
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
|
|
||||||
version: 6.16.1
|
|
||||||
digest: sha256:a8f5d259fb93f933050c498d9271a5b8606594c968a360f8be151f47b3feb49d
|
|
||||||
generated: "2025-12-11T20:49:18.650522-06:00"
|
|
||||||
@@ -17,11 +17,11 @@ maintainers:
|
|||||||
- name: alexlebens
|
- name: alexlebens
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: harbor
|
- name: harbor
|
||||||
version: 1.18.1
|
version: 1.18.0
|
||||||
repository: https://helm.goharbor.io
|
repository: https://helm.goharbor.io
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
|
repository: http://gitea-http.gitea:3000/api/packages/alexlebens/helm
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/harbor.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/harbor.png
|
||||||
appVersion: v2.14.1
|
appVersion: v2.13.0
|
||||||
|
|||||||
@@ -101,10 +101,47 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: harbor-postgresql-18-cluster-backup-secret
|
name: harbor-nginx-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: harbor-postgresql-18-cluster-backup-secret
|
app.kubernetes.io/name: harbor-nginx-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: ca.crt
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/harbor/nginx
|
||||||
|
metadataPolicy: None
|
||||||
|
property: ca.crt
|
||||||
|
- secretKey: tls.crt
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/harbor/nginx
|
||||||
|
metadataPolicy: None
|
||||||
|
property: tls.crt
|
||||||
|
- secretKey: tls.key
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/harbor/nginx
|
||||||
|
metadataPolicy: None
|
||||||
|
property: tls.key
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: harbor-postgresql-17-cluster-backup-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: harbor-postgresql-17-cluster-backup-secret
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -131,10 +168,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: harbor-postgresql-18-cluster-backup-secret-garage
|
name: harbor-postgresql-17-cluster-backup-secret-garage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: harbor-postgresql-18-cluster-backup-secret-garage
|
app.kubernetes.io/name: harbor-postgresql-17-cluster-backup-secret-garage
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
|
|||||||
@@ -1,10 +1,10 @@
|
|||||||
apiVersion: gateway.networking.k8s.io/v1
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
kind: HTTPRoute
|
kind: HTTPRoute
|
||||||
metadata:
|
metadata:
|
||||||
name: http-route-seerr
|
name: http-route-harbor
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: http-route-seerr
|
app.kubernetes.io/name: http-route-harbor
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -14,8 +14,27 @@ spec:
|
|||||||
name: traefik-gateway
|
name: traefik-gateway
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
hostnames:
|
hostnames:
|
||||||
- seerr.alexlebens.net
|
- harbor.alexlebens.net
|
||||||
rules:
|
rules:
|
||||||
|
- matches:
|
||||||
|
- path:
|
||||||
|
type: PathPrefix
|
||||||
|
value: /api/
|
||||||
|
- path:
|
||||||
|
type: PathPrefix
|
||||||
|
value: /service/
|
||||||
|
- path:
|
||||||
|
type: PathPrefix
|
||||||
|
value: /v2/
|
||||||
|
- path:
|
||||||
|
type: PathPrefix
|
||||||
|
value: /c/
|
||||||
|
backendRefs:
|
||||||
|
- group: ''
|
||||||
|
kind: Service
|
||||||
|
name: harbor-core
|
||||||
|
port: 80
|
||||||
|
weight: 100
|
||||||
- matches:
|
- matches:
|
||||||
- path:
|
- path:
|
||||||
type: PathPrefix
|
type: PathPrefix
|
||||||
@@ -23,6 +42,6 @@ spec:
|
|||||||
backendRefs:
|
backendRefs:
|
||||||
- group: ''
|
- group: ''
|
||||||
kind: Service
|
kind: Service
|
||||||
name: seerr-seerr-chart
|
name: harbor-portal
|
||||||
port: 80
|
port: 80
|
||||||
weight: 100
|
weight: 100
|
||||||
@@ -13,7 +13,7 @@ spec:
|
|||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
fsGroup: 1000
|
fsGroup: 1000
|
||||||
kubernetesConfig:
|
kubernetesConfig:
|
||||||
image: quay.io/opstree/redis:v8.4.0
|
image: quay.io/opstree/redis:v8.0.3
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@@ -29,4 +29,4 @@ spec:
|
|||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
redisExporter:
|
redisExporter:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: quay.io/opstree/redis-exporter:v1.80.1
|
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||||
|
|||||||
@@ -1,23 +0,0 @@
|
|||||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
|
||||||
kind: RedisSentinel
|
|
||||||
metadata:
|
|
||||||
name: redis-sentinel-harbor
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-sentinel-harbor
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
clusterSize: 3
|
|
||||||
podSecurityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
fsGroup: 1000
|
|
||||||
redisSentinelConfig:
|
|
||||||
redisReplicationName: redis-replication-harbor
|
|
||||||
kubernetesConfig:
|
|
||||||
image: quay.io/opstree/redis-sentinel:v8.4.0
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 10m
|
|
||||||
memory: 128Mi
|
|
||||||
@@ -1,16 +1,9 @@
|
|||||||
harbor:
|
harbor:
|
||||||
expose:
|
expose:
|
||||||
type: route
|
type: clusterIP
|
||||||
tls:
|
tls:
|
||||||
enabled: false
|
auto:
|
||||||
route:
|
commonName: harbor.alexlebens.net
|
||||||
parentRefs:
|
|
||||||
- group: gateway.networking.k8s.io
|
|
||||||
kind: Gateway
|
|
||||||
name: traefik-gateway
|
|
||||||
namespace: traefik
|
|
||||||
hosts:
|
|
||||||
- harbor.alexlebens.net
|
|
||||||
externalURL: https://harbor.alexlebens.net
|
externalURL: https://harbor.alexlebens.net
|
||||||
persistence:
|
persistence:
|
||||||
enabled: true
|
enabled: true
|
||||||
@@ -38,6 +31,11 @@ harbor:
|
|||||||
enabled: true
|
enabled: true
|
||||||
cache:
|
cache:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
nginx:
|
||||||
|
image:
|
||||||
|
repository: goharbor/nginx-photon
|
||||||
|
tag: v2.14.1
|
||||||
|
replicas: 0
|
||||||
portal:
|
portal:
|
||||||
image:
|
image:
|
||||||
repository: goharbor/harbor-portal
|
repository: goharbor/harbor-portal
|
||||||
@@ -82,11 +80,11 @@ harbor:
|
|||||||
database:
|
database:
|
||||||
type: external
|
type: external
|
||||||
external:
|
external:
|
||||||
host: harbor-postgresql-18-cluster-rw
|
host: harbor-postgresql-17-cluster-rw
|
||||||
port: "5432"
|
port: "5432"
|
||||||
username: app
|
username: app
|
||||||
coreDatabase: app
|
coreDatabase: app
|
||||||
existingSecret: harbor-postgresql-18-cluster-app
|
existingSecret: harbor-postgresql-17-cluster-app
|
||||||
redis:
|
redis:
|
||||||
type: external
|
type: external
|
||||||
external:
|
external:
|
||||||
@@ -96,12 +94,9 @@ harbor:
|
|||||||
repository: goharbor/harbor-exporter
|
repository: goharbor/harbor-exporter
|
||||||
tag: v2.14.1
|
tag: v2.14.1
|
||||||
replicas: 2
|
replicas: 2
|
||||||
postgres-18-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: recovery
|
||||||
cluster:
|
cluster:
|
||||||
image:
|
|
||||||
repository: ghcr.io/cloudnative-pg/postgresql
|
|
||||||
tag: 18.1-standard-trixie
|
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
walStorage:
|
walStorage:
|
||||||
@@ -113,30 +108,30 @@ postgres-18-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-17-cluster
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
index: 1
|
index: 1
|
||||||
endpointCredentials: harbor-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: harbor-postgresql-17-cluster-backup-secret-garage
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
objectStore:
|
||||||
- name: external
|
- name: external
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/harbor/harbor-postgresql-18-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/harbor/harbor-postgresql-17-cluster
|
||||||
index: 1
|
index: 2
|
||||||
retentionPolicy: "30d"
|
retentionPolicy: "30d"
|
||||||
isWALArchiver: false
|
isWALArchiver: false
|
||||||
- name: garage-local
|
- name: garage-local
|
||||||
destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
endpointCredentials: harbor-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: harbor-postgresql-17-cluster-backup-secret-garage
|
||||||
endpointCredentialsIncludeRegion: true
|
endpointCredentialsIncludeRegion: true
|
||||||
retentionPolicy: "3d"
|
retentionPolicy: "3d"
|
||||||
isWALArchiver: true
|
isWALArchiver: true
|
||||||
# - name: garage-remote
|
# - name: garage-remote
|
||||||
# destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-18-cluster
|
# destinationPath: s3://postgres-backups/cl01tl/harbor/harbor-postgresql-17-cluster
|
||||||
# index: 1
|
# index: 1
|
||||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||||
# endpointCredentials: harbor-postgresql-18-cluster-backup-secret-garage
|
# endpointCredentials: harbor-postgresql-17-cluster-backup-secret-garage
|
||||||
# retentionPolicy: "30d"
|
# retentionPolicy: "30d"
|
||||||
# data:
|
# data:
|
||||||
# compression: bzip2
|
# compression: bzip2
|
||||||
@@ -144,7 +139,6 @@ postgres-18-cluster:
|
|||||||
scheduledBackups:
|
scheduledBackups:
|
||||||
- name: daily-backup
|
- name: daily-backup
|
||||||
suspend: false
|
suspend: false
|
||||||
immediate: true
|
|
||||||
schedule: "0 0 0 * * *"
|
schedule: "0 0 0 * * *"
|
||||||
backupName: external
|
backupName: external
|
||||||
- name: live-backup
|
- name: live-backup
|
||||||
@@ -154,6 +148,5 @@ postgres-18-cluster:
|
|||||||
backupName: garage-local
|
backupName: garage-local
|
||||||
# - name: weekly-backup
|
# - name: weekly-backup
|
||||||
# suspend: false
|
# suspend: false
|
||||||
# immediate: true
|
|
||||||
# schedule: "0 0 4 * * SAT"
|
# schedule: "0 0 4 * * SAT"
|
||||||
# backupName: garage-remote
|
# backupName: garage-remote
|
||||||
|
|||||||
@@ -17,4 +17,4 @@ dependencies:
|
|||||||
version: 0.38.0
|
version: 0.38.0
|
||||||
repository: https://kubernetes-sigs.github.io/headlamp/
|
repository: https://kubernetes-sigs.github.io/headlamp/
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/headlamp.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/headlamp.png
|
||||||
appVersion: 0.38.0
|
appVersion: 0.37.0
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ roleRef:
|
|||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
subjects:
|
subjects:
|
||||||
- kind: User
|
- kind: User
|
||||||
name: https://authentik.alexlebens.net/application/o/headlamp/#alexanderlebens@gmail.com
|
name: alexanderlebens@gmail.com
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
- kind: ServiceAccount
|
- kind: ServiceAccount
|
||||||
name: headlamp-admin
|
name: headlamp-admin
|
||||||
|
|||||||
@@ -40,14 +40,14 @@ spec:
|
|||||||
key: /authentik/oidc/headlamp
|
key: /authentik/oidc/headlamp
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: scopes
|
property: scopes
|
||||||
- secretKey: HEADLAMP_CONFIG_OIDC_VALIDATOR_IDP_ISSUER_URL
|
- secretKey: OIDC_VALIDATOR_ISSUER_URL
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
conversionStrategy: Default
|
||||||
decodingStrategy: None
|
decodingStrategy: None
|
||||||
key: /authentik/oidc/headlamp
|
key: /authentik/oidc/headlamp
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: validator-issuer-url
|
property: validator-issuer-url
|
||||||
- secretKey: HEADLAMP_CONFIG_OIDC_VALIDATOR_CLIENT_ID
|
- secretKey: OIDC_VALIDATOR_CLIENT_ID
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
conversionStrategy: Default
|
||||||
decodingStrategy: None
|
decodingStrategy: None
|
||||||
|
|||||||
@@ -20,4 +20,4 @@ dependencies:
|
|||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.5.0
|
version: 4.5.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/home-assistant.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/home-assistant.png
|
||||||
appVersion: 2025.12.2
|
appVersion: 2025.5.2
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ home-assistant:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/home-assistant/home-assistant
|
repository: ghcr.io/home-assistant/home-assistant
|
||||||
tag: 2025.12.2
|
tag: 2025.12.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
|
|||||||
@@ -24,4 +24,4 @@ dependencies:
|
|||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.23.2
|
version: 1.23.2
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||||
appVersion: v1.8.0
|
appVersion: v1.2.0
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ homepage:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/gethomepage/homepage
|
repository: ghcr.io/gethomepage/homepage
|
||||||
tag: v1.8.0
|
tag: v1.7.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: HOMEPAGE_ALLOWED_HOSTS
|
- name: HOMEPAGE_ALLOWED_HOSTS
|
||||||
|
|||||||
@@ -18,4 +18,4 @@ dependencies:
|
|||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.5.0
|
version: 4.5.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||||
appVersion: v1.8.0
|
appVersion: v1.2.0
|
||||||
|
|||||||
@@ -15,7 +15,7 @@ homepage:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/gethomepage/homepage
|
repository: ghcr.io/gethomepage/homepage
|
||||||
tag: v1.8.0
|
tag: v1.7.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: HOMEPAGE_ALLOWED_HOSTS
|
- name: HOMEPAGE_ALLOWED_HOSTS
|
||||||
@@ -143,16 +143,10 @@ homepage:
|
|||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Media Requests:
|
- Media Requests:
|
||||||
icon: sh-overseerr.webp
|
icon: sh-overseerr.webp
|
||||||
description: Overseerr
|
description: Overseer
|
||||||
href: https://overseerr.alexlebens.net
|
href: https://overseerr.alexlebens.net
|
||||||
siteMonitor: http://overseerr.overseerr:80
|
siteMonitor: http://overseerr.overseerr:80
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Media Requests (New):
|
|
||||||
icon: sh-overseerr.webp
|
|
||||||
description: Seerr
|
|
||||||
href: https://seerr.alexlebens.net
|
|
||||||
siteMonitor: http://seerr-seerr-chart.seerr:80
|
|
||||||
statusStyle: dot
|
|
||||||
- Media Tracking:
|
- Media Tracking:
|
||||||
icon: sh-yamtrack.webp
|
icon: sh-yamtrack.webp
|
||||||
description: Yamtrack
|
description: Yamtrack
|
||||||
@@ -169,7 +163,7 @@ homepage:
|
|||||||
icon: sh-immich.webp
|
icon: sh-immich.webp
|
||||||
description: Immich
|
description: Immich
|
||||||
href: https://immich.alexlebens.net
|
href: https://immich.alexlebens.net
|
||||||
siteMonitor: http://immich.immich:2283
|
siteMonitor: http://immich-main.immich:2283
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Pictures:
|
- Pictures:
|
||||||
icon: sh-photoview.webp
|
icon: sh-photoview.webp
|
||||||
|
|||||||
@@ -18,4 +18,4 @@ dependencies:
|
|||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.5.0
|
version: 4.5.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/huntarr.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/huntarr.png
|
||||||
appVersion: 8.2.10
|
appVersion: 7.0.0
|
||||||
|
|||||||
@@ -5,5 +5,5 @@ dependencies:
|
|||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
digest: sha256:0efb7efad85276191f07755520291b6a549472af4bbd6ac32c58b29f36984e60
|
digest: sha256:fa72554b2aeb7710212e3cbff3f7d080d04ee205c4cee95f27f5e12cdeab78a9
|
||||||
generated: "2025-12-11T21:59:26.978234-06:00"
|
generated: "2025-12-05T17:05:47.565602786Z"
|
||||||
|
|||||||
@@ -19,8 +19,8 @@ dependencies:
|
|||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.5.0
|
version: 4.5.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.16.1
|
version: 6.16.1
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/immich.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/immich.png
|
||||||
appVersion: v2.3.1
|
appVersion: v2.0.1
|
||||||
|
|||||||
@@ -24,181 +24,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: immich-data-backup-secret-local
|
name: immich-postgresql-17-cluster-backup-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: immich-data-backup-secret-local
|
app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
target:
|
|
||||||
template:
|
|
||||||
mergePolicy: Merge
|
|
||||||
engineVersion: v2
|
|
||||||
data:
|
|
||||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/immich/immich"
|
|
||||||
data:
|
|
||||||
- secretKey: BUCKET_ENDPOINT
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /volsync/restic/garage-local
|
|
||||||
metadataPolicy: None
|
|
||||||
property: BUCKET_ENDPOINT
|
|
||||||
- secretKey: RESTIC_PASSWORD
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /volsync/restic/garage-local
|
|
||||||
metadataPolicy: None
|
|
||||||
property: RESTIC_PASSWORD
|
|
||||||
- secretKey: AWS_DEFAULT_REGION
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/volsync-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_REGION
|
|
||||||
- secretKey: AWS_ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/volsync-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/volsync-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: immich-data-backup-secret-remote
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: immich-data-backup-secret-remote
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
target:
|
|
||||||
template:
|
|
||||||
mergePolicy: Merge
|
|
||||||
engineVersion: v2
|
|
||||||
data:
|
|
||||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/immich/immich"
|
|
||||||
data:
|
|
||||||
- secretKey: BUCKET_ENDPOINT
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /volsync/restic/garage-remote
|
|
||||||
metadataPolicy: None
|
|
||||||
property: BUCKET_ENDPOINT
|
|
||||||
- secretKey: RESTIC_PASSWORD
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /volsync/restic/garage-remote
|
|
||||||
metadataPolicy: None
|
|
||||||
property: RESTIC_PASSWORD
|
|
||||||
- secretKey: AWS_DEFAULT_REGION
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/volsync-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_REGION
|
|
||||||
- secretKey: AWS_ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/volsync-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/volsync-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: immich-data-backup-secret-external
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: immich-data-backup-secret-external
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
target:
|
|
||||||
template:
|
|
||||||
mergePolicy: Merge
|
|
||||||
engineVersion: v2
|
|
||||||
data:
|
|
||||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/immich/immich"
|
|
||||||
data:
|
|
||||||
- secretKey: BUCKET_ENDPOINT
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /volsync/restic/digital-ocean
|
|
||||||
metadataPolicy: None
|
|
||||||
property: BUCKET_ENDPOINT
|
|
||||||
- secretKey: RESTIC_PASSWORD
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /volsync/restic/digital-ocean
|
|
||||||
metadataPolicy: None
|
|
||||||
property: RESTIC_PASSWORD
|
|
||||||
- secretKey: AWS_DEFAULT_REGION
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /digital-ocean/home-infra/volsync-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: AWS_DEFAULT_REGION
|
|
||||||
- secretKey: AWS_ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /digital-ocean/home-infra/volsync-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: AWS_ACCESS_KEY_ID
|
|
||||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /digital-ocean/home-infra/volsync-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: AWS_SECRET_ACCESS_KEY
|
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: immich-postgresql-18-cluster-backup-secret
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: immich-postgresql-18-cluster-backup-secret
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -225,10 +54,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: immich-postgresql-18-cluster-backup-secret-garage
|
name: immich-postgresql-17-cluster-backup-secret-garage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: immich-postgresql-18-cluster-backup-secret-garage
|
app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret-garage
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
|
|||||||
@@ -23,6 +23,6 @@ spec:
|
|||||||
backendRefs:
|
backendRefs:
|
||||||
- group: ''
|
- group: ''
|
||||||
kind: Service
|
kind: Service
|
||||||
name: immich
|
name: immich-main
|
||||||
port: 2283
|
port: 2283
|
||||||
weight: 100
|
weight: 100
|
||||||
|
|||||||
@@ -0,0 +1,17 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: immich-nfs-storage
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: immich-nfs-storage
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
volumeName: immich-nfs-storage
|
||||||
|
storageClassName: nfs-client
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 1Gi
|
||||||
23
clusters/cl01tl/helm/immich/templates/persistent-volume.yaml
Normal file
23
clusters/cl01tl/helm/immich/templates/persistent-volume.yaml
Normal file
@@ -0,0 +1,23 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolume
|
||||||
|
metadata:
|
||||||
|
name: immich-nfs-storage
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: immich-nfs-storage
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
persistentVolumeReclaimPolicy: Retain
|
||||||
|
storageClassName: nfs-client
|
||||||
|
capacity:
|
||||||
|
storage: 1Gi
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
nfs:
|
||||||
|
path: /volume2/Storage/Immich
|
||||||
|
server: synologybond.alexlebens.net
|
||||||
|
mountOptions:
|
||||||
|
- vers=4
|
||||||
|
- minorversion=1
|
||||||
|
- noac
|
||||||
@@ -13,7 +13,7 @@ spec:
|
|||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
fsGroup: 1000
|
fsGroup: 1000
|
||||||
kubernetesConfig:
|
kubernetesConfig:
|
||||||
image: quay.io/opstree/redis:v8.4.0
|
image: quay.io/opstree/redis:v8.0.3
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@@ -29,4 +29,4 @@ spec:
|
|||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
redisExporter:
|
redisExporter:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: quay.io/opstree/redis-exporter:v1.80.1
|
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||||
|
|||||||
@@ -1,23 +0,0 @@
|
|||||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
|
||||||
kind: RedisSentinel
|
|
||||||
metadata:
|
|
||||||
name: redis-sentinel-immich
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-sentinel-immich
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
clusterSize: 3
|
|
||||||
podSecurityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
fsGroup: 1000
|
|
||||||
redisSentinelConfig:
|
|
||||||
redisReplicationName: redis-replication-immich
|
|
||||||
kubernetesConfig:
|
|
||||||
image: quay.io/opstree/redis-sentinel:v8.4.0
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 10m
|
|
||||||
memory: 128Mi
|
|
||||||
@@ -1,82 +0,0 @@
|
|||||||
apiVersion: volsync.backube/v1alpha1
|
|
||||||
kind: ReplicationSource
|
|
||||||
metadata:
|
|
||||||
name: immich-data-backup-source-local
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: immich-data-backup-source-local
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
sourcePVC: immich
|
|
||||||
trigger:
|
|
||||||
schedule: 0 2 * * *
|
|
||||||
restic:
|
|
||||||
pruneIntervalDays: 7
|
|
||||||
repository: immich-data-backup-secret-local
|
|
||||||
retain:
|
|
||||||
hourly: 1
|
|
||||||
daily: 3
|
|
||||||
weekly: 2
|
|
||||||
monthly: 2
|
|
||||||
yearly: 4
|
|
||||||
copyMethod: Snapshot
|
|
||||||
storageClassName: ceph-block
|
|
||||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
|
||||||
cacheCapacity: 50Gi
|
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: volsync.backube/v1alpha1
|
|
||||||
kind: ReplicationSource
|
|
||||||
metadata:
|
|
||||||
name: immich-data-backup-source-remote
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: immich-data-backup-source-remote
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
sourcePVC: immich
|
|
||||||
trigger:
|
|
||||||
schedule: 0 3 * * *
|
|
||||||
restic:
|
|
||||||
pruneIntervalDays: 7
|
|
||||||
repository: immich-data-backup-secret-remote
|
|
||||||
retain:
|
|
||||||
hourly: 1
|
|
||||||
daily: 3
|
|
||||||
weekly: 2
|
|
||||||
monthly: 2
|
|
||||||
yearly: 4
|
|
||||||
copyMethod: Snapshot
|
|
||||||
storageClassName: ceph-block
|
|
||||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
|
||||||
cacheCapacity: 50Gi
|
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: volsync.backube/v1alpha1
|
|
||||||
kind: ReplicationSource
|
|
||||||
metadata:
|
|
||||||
name: immich-data-backup-source-external
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: immich-data-backup-source-external
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
sourcePVC: immich
|
|
||||||
trigger:
|
|
||||||
schedule: 0 4 * * *
|
|
||||||
restic:
|
|
||||||
pruneIntervalDays: 7
|
|
||||||
repository: immich-data-backup-secret-external
|
|
||||||
retain:
|
|
||||||
hourly: 1
|
|
||||||
daily: 3
|
|
||||||
weekly: 2
|
|
||||||
monthly: 2
|
|
||||||
yearly: 4
|
|
||||||
copyMethod: Snapshot
|
|
||||||
storageClassName: ceph-block
|
|
||||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
|
||||||
cacheCapacity: 50Gi
|
|
||||||
@@ -18,6 +18,8 @@ immich:
|
|||||||
value: all
|
value: all
|
||||||
- name: IMMICH_CONFIG_FILE
|
- name: IMMICH_CONFIG_FILE
|
||||||
value: /config/immich.json
|
value: /config/immich.json
|
||||||
|
- name: IMMICH_MACHINE_LEARNING_URL
|
||||||
|
value: http://immich-machine-learning.immich:3003
|
||||||
- name: REDIS_HOSTNAME
|
- name: REDIS_HOSTNAME
|
||||||
value: redis-replication-immich-master
|
value: redis-replication-immich-master
|
||||||
- name: DB_VECTOR_EXTENSION
|
- name: DB_VECTOR_EXTENSION
|
||||||
@@ -25,27 +27,27 @@ immich:
|
|||||||
- name: DB_HOSTNAME
|
- name: DB_HOSTNAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: immich-postgresql-18-cluster-app
|
name: immich-postgresql-17-cluster-app
|
||||||
key: host
|
key: host
|
||||||
- name: DB_DATABASE_NAME
|
- name: DB_DATABASE_NAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: immich-postgresql-18-cluster-app
|
name: immich-postgresql-17-cluster-app
|
||||||
key: dbname
|
key: dbname
|
||||||
- name: DB_PORT
|
- name: DB_PORT
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: immich-postgresql-18-cluster-app
|
name: immich-postgresql-17-cluster-app
|
||||||
key: port
|
key: port
|
||||||
- name: DB_USERNAME
|
- name: DB_USERNAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: immich-postgresql-18-cluster-app
|
name: immich-postgresql-17-cluster-app
|
||||||
key: user
|
key: user
|
||||||
- name: DB_PASSWORD
|
- name: DB_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: immich-postgresql-18-cluster-app
|
name: immich-postgresql-17-cluster-app
|
||||||
key: password
|
key: password
|
||||||
probes:
|
probes:
|
||||||
liveness:
|
liveness:
|
||||||
@@ -88,6 +90,52 @@ immich:
|
|||||||
gpu.intel.com/i915: 1
|
gpu.intel.com/i915: 1
|
||||||
cpu: 10m
|
cpu: 10m
|
||||||
memory: 512Mi
|
memory: 512Mi
|
||||||
|
machine-learning:
|
||||||
|
type: deployment
|
||||||
|
replicas: 1
|
||||||
|
strategy: Recreate
|
||||||
|
revisionHistoryLimit: 3
|
||||||
|
containers:
|
||||||
|
main:
|
||||||
|
image:
|
||||||
|
repository: ghcr.io/immich-app/immich-machine-learning
|
||||||
|
tag: v2.3.1
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
env:
|
||||||
|
- name: TRANSFORMERS_CACHE
|
||||||
|
value: /cache
|
||||||
|
probes:
|
||||||
|
liveness:
|
||||||
|
enabled: true
|
||||||
|
custom: true
|
||||||
|
spec:
|
||||||
|
httpGet:
|
||||||
|
path: /ping
|
||||||
|
port: 3003
|
||||||
|
initialDelaySeconds: 0
|
||||||
|
periodSeconds: 10
|
||||||
|
timeoutSeconds: 1
|
||||||
|
failureThreshold: 3
|
||||||
|
readiness:
|
||||||
|
enabled: true
|
||||||
|
custom: true
|
||||||
|
spec:
|
||||||
|
httpGet:
|
||||||
|
path: /ping
|
||||||
|
port: 3003
|
||||||
|
initialDelaySeconds: 0
|
||||||
|
periodSeconds: 10
|
||||||
|
timeoutSeconds: 1
|
||||||
|
failureThreshold: 3
|
||||||
|
startup:
|
||||||
|
enabled: false
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
gpu.intel.com/i915: 1
|
||||||
|
requests:
|
||||||
|
gpu.intel.com/i915: 1
|
||||||
|
cpu: 10m
|
||||||
|
memory: 256Mi
|
||||||
service:
|
service:
|
||||||
main:
|
main:
|
||||||
controller: main
|
controller: main
|
||||||
@@ -104,6 +152,13 @@ immich:
|
|||||||
port: 8082
|
port: 8082
|
||||||
targetPort: 8082
|
targetPort: 8082
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
machine-learning:
|
||||||
|
controller: machine-learning
|
||||||
|
ports:
|
||||||
|
http:
|
||||||
|
port: 3003
|
||||||
|
targetPort: 3003
|
||||||
|
protocol: TCP
|
||||||
persistence:
|
persistence:
|
||||||
config:
|
config:
|
||||||
enabled: true
|
enabled: true
|
||||||
@@ -116,22 +171,29 @@ immich:
|
|||||||
readOnly: true
|
readOnly: true
|
||||||
mountPropagation: None
|
mountPropagation: None
|
||||||
subPath: immich.json
|
subPath: immich.json
|
||||||
data:
|
cache:
|
||||||
storageClass: ceph-block
|
storageClass: ceph-block
|
||||||
accessMode: ReadWriteOnce
|
accessMode: ReadWriteOnce
|
||||||
size: 50Gi
|
size: 10Gi
|
||||||
retain: true
|
retain: true
|
||||||
|
advancedMounts:
|
||||||
|
machine-learning:
|
||||||
|
main:
|
||||||
|
- path: /cache
|
||||||
|
readOnly: false
|
||||||
|
media:
|
||||||
|
existingClaim: immich-nfs-storage
|
||||||
advancedMounts:
|
advancedMounts:
|
||||||
main:
|
main:
|
||||||
main:
|
main:
|
||||||
- path: /usr/src/app/upload
|
- path: /usr/src/app/upload
|
||||||
readOnly: false
|
readOnly: false
|
||||||
postgres-18-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: recovery
|
||||||
cluster:
|
cluster:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/tensorchord/cloudnative-vectorchord
|
repository: ghcr.io/tensorchord/cloudnative-vectorchord
|
||||||
tag: 18.0-0.5.3
|
tag: 17.5-0.4.3
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
walStorage:
|
walStorage:
|
||||||
@@ -154,30 +216,30 @@ postgres-18-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
index: 1
|
index: 1
|
||||||
endpointCredentials: immich-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: immich-postgresql-17-cluster-backup-secret-garage
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
objectStore:
|
||||||
- name: external
|
- name: external
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-18-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster
|
||||||
index: 1
|
index: 2
|
||||||
retentionPolicy: "30d"
|
retentionPolicy: "30d"
|
||||||
isWALArchiver: false
|
isWALArchiver: false
|
||||||
- name: garage-local
|
- name: garage-local
|
||||||
destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-18-cluster
|
destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster
|
||||||
index: 1
|
index: 1
|
||||||
endpointURL: http://garage-main.garage:3900
|
endpointURL: http://garage-main.garage:3900
|
||||||
endpointCredentials: immich-postgresql-18-cluster-backup-secret-garage
|
endpointCredentials: immich-postgresql-17-cluster-backup-secret-garage
|
||||||
endpointCredentialsIncludeRegion: true
|
endpointCredentialsIncludeRegion: true
|
||||||
retentionPolicy: "3d"
|
retentionPolicy: "3d"
|
||||||
isWALArchiver: true
|
isWALArchiver: true
|
||||||
# - name: garage-remote
|
# - name: garage-remote
|
||||||
# destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-18-cluster
|
# destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster
|
||||||
# index: 1
|
# index: 1
|
||||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||||
# endpointCredentials: immich-postgresql-18-cluster-backup-secret-garage
|
# endpointCredentials: immich-postgresql-17-cluster-backup-secret-garage
|
||||||
# retentionPolicy: "30d"
|
# retentionPolicy: "30d"
|
||||||
# data:
|
# data:
|
||||||
# compression: bzip2
|
# compression: bzip2
|
||||||
@@ -185,7 +247,6 @@ postgres-18-cluster:
|
|||||||
scheduledBackups:
|
scheduledBackups:
|
||||||
- name: daily-backup
|
- name: daily-backup
|
||||||
suspend: false
|
suspend: false
|
||||||
immediate: true
|
|
||||||
schedule: "0 0 0 * * *"
|
schedule: "0 0 0 * * *"
|
||||||
backupName: external
|
backupName: external
|
||||||
- name: live-backup
|
- name: live-backup
|
||||||
@@ -195,6 +256,5 @@ postgres-18-cluster:
|
|||||||
backupName: garage-local
|
backupName: garage-local
|
||||||
# - name: weekly-backup
|
# - name: weekly-backup
|
||||||
# suspend: false
|
# suspend: false
|
||||||
# immediate: true
|
|
||||||
# schedule: "0 4 4 * * SAT"
|
# schedule: "0 4 4 * * SAT"
|
||||||
# backupName: garage-remote
|
# backupName: garage-remote
|
||||||
|
|||||||
@@ -8,7 +8,7 @@ metadata:
|
|||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
sourcePVC: karakeep
|
sourcePVC: karakeep-data
|
||||||
trigger:
|
trigger:
|
||||||
schedule: 0 4 * * *
|
schedule: 0 4 * * *
|
||||||
restic:
|
restic:
|
||||||
|
|||||||
@@ -1,9 +1,9 @@
|
|||||||
dependencies:
|
dependencies:
|
||||||
- name: kube-prometheus-stack
|
- name: kube-prometheus-stack
|
||||||
repository: oci://ghcr.io/prometheus-community/charts
|
repository: oci://ghcr.io/prometheus-community/charts
|
||||||
version: 80.2.0
|
version: 79.12.0
|
||||||
- name: app-template
|
- name: app-template
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.5.0
|
version: 4.5.0
|
||||||
digest: sha256:78e60a6bd6407b1a2d0e1bb9f7717faedd7ad43ded9cb4b6a93e29e85bdf294a
|
digest: sha256:e7edbec86ffbb16885333a6e1eeffec5c336bed8c161c52165949987eca4392d
|
||||||
generated: "2025-12-10T21:05:54.967633057Z"
|
generated: "2025-12-05T21:30:48.985834989Z"
|
||||||
|
|||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user