alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions 4 Activity

Compare commits

base: alexlebens:main
Branches Tags
alexlebens:main alexlebens:renovate/docker.io-postgres-18.x alexlebens:renovate/stalwartlabs-stalwart-0.x
..
compare: alexlebens:d9e04b14d52de188dea6c27a2aba4ac8d3be493f
Branches Tags
alexlebens:renovate/docker.io-postgres-18.x alexlebens:renovate/stalwartlabs-stalwart-0.x alexlebens:main

1 Commits
main ... d9e04b14d5

Author SHA1 Message Date
Renovate Bot
d9e04b14d5 Update actions/checkout action to v5
Some checks failed
lint-test-helm / helm-lint (pull_request) Failing after 5s
Details
2025-11-05 17:54:32 +00:00
85 changed files with 143 additions and 1494 deletions
Expand all files Collapse all files

75
.gitea/workflows/lint-test-docker-push.yaml
View File

@@ -1,75 +0,0 @@
name: lint-test-docker
on:
push:
branches:
- main
paths:
- 'hosts/**'
- ! 'hosts/archive'
jobs:
docker-lint:
runs-on: ubuntu-js
steps:
- name: Checkout
uses: actions/checkout@v5
with:
fetch-depth: 0
- name: Set up Node.js
uses: actions/setup-node@v6
with:
node-version: '24'
- name: Lint Docker Compose
run: |
set -e # Exit immediately if a command exits with a non-zero status.
TARGET_BRANCH="origin/main"
echo ">> Target branch for diff is: $TARGET_BRANCH"
CHANGED_FILES=$(git diff --name-only "$TARGET_BRANCH" -- 'hosts/**')
echo ">> Found changed files:"
echo "$CHANGED_FILES"
# For each changed file, find its parent chart directory (the one with compose.yaml).
# Then, create a unique list of those directories.
CHANGED_COMPOSE=$(echo "$CHANGED_FILES" | while read -r file; do
dir=$(dirname "$file")
while [[ "$dir" != "." && ! -f "$dir/compose.yaml" ]]; do
dir=$(dirname "$dir")
done
if [[ "$dir" != "." ]]; then
echo "$dir"
fi
done | sort -u)
if [[ -z "$CHANGED_COMPOSE" ]]; then
echo ">> Could not determine changed compose files. This will happen if only files outside a compose file were changed."
exit 0
fi
echo ">> Running dclint on changed compose files:"
echo "$CHANGED_COMPOSE"
echo "$CHANGED_COMPOSE" | while read -r compose; do
echo ">> Linting $compose ..."
npx dclint $compose
done
- name: ntfy Failed
uses: niniyas/ntfy-action@master
if: failure()
with:
url: '${{ secrets.NTFY_URL }}'
topic: '${{ secrets.NTFY_TOPIC }}'
title: 'Test Failure - Infrastructure'
priority: 4
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
tags: action,failed
details: 'Docker linting on Push for Infrastructure has failed!'
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=lint-test-docker-push.yaml", "clear": true}]'
image: true

32
.gitea/workflows/lint-test-docker-pull.yaml → .gitea/workflows/lint-test-docker.yaml
View File

@@ -1,6 +1,13 @@
name: lint-test-docker
on:
push:
branches:
- main
paths:
- 'hosts/**'
- ! 'hosts/archive'
pull_request:
branches:
- main
@@ -10,7 +17,7 @@ on:
jobs:
docker-lint:
runs-on: ubuntu-js
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v5
@@ -21,17 +28,17 @@ jobs:
id: check-branch-exists
uses: GuillaumeFalourd/branch-exists@v1.1
with:
branch: "${{ github.base_ref }}"
branch: "origin/${{ github.base_ref }}"
- name: Branch Does Not Exist
if: steps.check-branch-exists.outputs.exists == 'false'
run: echo "Branch ${{ github.base_ref }} was not found, likely already merged"
run: echo "Branch origin/${{ github.base_ref }} was not found, likely already merged"
- name: Set up Node.js
if: steps.check-branch-exists.outputs.exists == 'true'
uses: actions/setup-node@v6
uses: actions/setup-node@v4
with:
node-version: '24'
node-version: '22'
- name: Lint Docker Compose
if: steps.check-branch-exists.outputs.exists == 'true'
@@ -70,18 +77,3 @@ jobs:
echo ">> Linting $compose ..."
npx dclint $compose
done
- name: ntfy Failed
uses: niniyas/ntfy-action@master
if: failure()
with:
url: '${{ secrets.NTFY_URL }}'
topic: '${{ secrets.NTFY_TOPIC }}'
title: 'Test Failure - Infrastructure'
priority: 3
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
tags: action,failed
details: 'Docker linting on Pull Request for Infrastructure has failed!'
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=lint-test-docker-pull.yaml", "clear": true}]'
image: true

78
.gitea/workflows/lint-test-helm-push.yaml
View File

@@ -1,78 +0,0 @@
name: lint-test-helm
on:
push:
branches:
- main
paths:
- 'clusters/**'
- ! 'clusters/*/archive'
jobs:
helm-lint:
runs-on: ubuntu-js
steps:
- name: Checkout
uses: actions/checkout@v5
with:
fetch-depth: 0
- name: Set up Helm
uses: azure/setup-helm@v4
with:
token: ${{ secrets.GITEA_TOKEN }}
version: latest
- name: Lint Helm Chart
run: |
set -e # Exit immediately if a command exits with a non-zero status.
TARGET_BRANCH="origin/main"
echo ">> Target branch for diff is: $TARGET_BRANCH"
CHANGED_FILES=$(git diff --name-only "$TARGET_BRANCH" -- 'clusters/**')
echo ">> Found changed files:"
echo "$CHANGED_FILES"
# For each changed file, find its parent chart directory (the one with Chart.yaml).
# Then, create a unique list of those directories.
CHANGED_CHARTS=$(echo "$CHANGED_FILES" | while read -r file; do
dir=$(dirname "$file")
while [[ "$dir" != "." && ! -f "$dir/Chart.yaml" ]]; do
dir=$(dirname "$dir")
done
if [[ "$dir" != "." ]]; then
echo "$dir"
fi
done | sort -u)
if [[ -z "$CHANGED_CHARTS" ]]; then
echo ">> Could not determine changed charts. This could happen if only files outside a chart were changed."
exit 0
fi
echo ">> Running helm lint on changed charts:"
echo "$CHANGED_CHARTS"
echo "$CHANGED_CHARTS" | while read -r chart; do
echo ">> Building dependency for "$chart" ..."
helm dependency build "$chart"
echo ">> Linting $chart..."
helm lint "$chart"
done
- name: ntfy Failed
uses: niniyas/ntfy-action@master
if: failure()
with:
url: '${{ secrets.NTFY_URL }}'
topic: '${{ secrets.NTFY_TOPIC }}'
title: 'Test Failure - Infrastructure'
priority: 4
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
tags: action,failed
details: 'Helm linting on Push for Infrastructure has failed!'
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=lint-test-helm-push.yaml", "clear": true}]'
image: true

28
.gitea/workflows/lint-test-helm-pull.yaml → .gitea/workflows/lint-test-helm.yaml
View File

@@ -1,6 +1,13 @@
name: lint-test-helm
on:
push:
branches:
- main
paths:
- 'clusters/**'
- ! 'clusters/*/archive'
pull_request:
branches:
- main
@@ -10,7 +17,7 @@ on:
jobs:
helm-lint:
runs-on: ubuntu-js
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v5
@@ -21,11 +28,11 @@ jobs:
id: check-branch-exists
uses: GuillaumeFalourd/branch-exists@v1.1
with:
branch: ${{ github.base_ref }}
branch: "origin/${{ github.base_ref }}"
- name: Branch Does Not Exist
if: steps.check-branch-exists.outputs.exists == 'false'
run: echo "Branch ${{ github.base_ref }} was not found, likely already merged"
run: echo "Branch origin/${{ github.base_ref }} was not found, likely already merged"
- name: Set up Helm
if: steps.check-branch-exists.outputs.exists == 'true'
@@ -73,18 +80,3 @@ jobs:
echo ">> Linting $chart..."
helm lint "$chart"
done
- name: ntfy Failed
uses: niniyas/ntfy-action@master
if: failure()
with:
url: '${{ secrets.NTFY_URL }}'
topic: '${{ secrets.NTFY_TOPIC }}'
title: 'Test Failure - Infrastructure'
priority: 3
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
tags: action,failed
details: 'Helm linting on Pull Request for Infrastructure has failed!'
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=lint-test-helm-pull.yaml", "clear": true}]'
image: true

2
.gitea/workflows/renovate.yaml
View File

@@ -13,7 +13,7 @@ on:
jobs:
renovate:
runs-on: ubuntu-latest
container: ghcr.io/renovatebot/renovate:42
container: ghcr.io/renovatebot/renovate:41
steps:
- name: Checkout
uses: actions/checkout@v5

24
clusters/cl01tl/applications/booklore/Chart.yaml
View File

@@ -1,24 +0,0 @@
apiVersion: v2
name: booklore
version: 1.0.0
description: booklore
keywords:
- booklore
- books
home: https://wiki.alexlebens.dev/
sources:
- https://github.com/booklore-app/BookLore
- https://github.com/booklore-app/booklore/pkgs/container/booklore
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: booklore
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.4.0
- name: mariadb-cluster
version: 25.10.2
repository: https://helm.mariadb.com/mariadb-operator
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/booklore.png
appVersion: v.1.10.0

108
clusters/cl01tl/applications/booklore/templates/external-secret.yaml
View File

@@ -1,108 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: booklore-database-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-database-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: password
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/booklore/database
metadataPolicy: None
property: password
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: booklore-config-backup-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-config-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/booklore/booklore-config"
data:
- secretKey: BUCKET_ENDPOINT
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/volsync/restic/config
metadataPolicy: None
property: S3_BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/volsync/restic/config
metadataPolicy: None
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/volsync/restic/config
metadataPolicy: None
property: AWS_DEFAULT_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None
property: access_key
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None
property: secret_key
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: booklore-mariadb-cluster-backup-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-mariadb-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: access-key-id
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/mariadb-backups
metadataPolicy: None
property: access
- secretKey: secret-access-key
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/mariadb-backups
metadataPolicy: None
property: secret

28
clusters/cl01tl/applications/booklore/templates/http-route.yaml
View File

@@ -1,28 +0,0 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http-route-booklore
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: http-route-booklore
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- booklore.alexlebens.net
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- group: ''
kind: Service
name: booklore
port: 80
weight: 100

36
clusters/cl01tl/applications/booklore/templates/persistent-volume-claim.yaml
View File

@@ -1,36 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: booklore-books-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-books-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: booklore-books-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: booklore-books-import-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-books-import-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: booklore-books-import-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi

48
clusters/cl01tl/applications/booklore/templates/persistent-volume.yaml
View File

@@ -1,48 +0,0 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: booklore-books-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-books-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Books
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: booklore-books-import-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-books-import-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Books Import
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac

26
clusters/cl01tl/applications/booklore/templates/replication-source.yaml
View File

@@ -1,26 +0,0 @@
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: booklore-config-backup-source
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-config-backup-source
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
sourcePVC: booklore-config
trigger:
schedule: 0 4 * * *
restic:
pruneIntervalDays: 7
repository: booklore-config-backup-secret
retain:
hourly: 1
daily: 3
weekly: 2
monthly: 2
yearly: 4
copyMethod: Snapshot
storageClassName: ceph-block
volumeSnapshotClassName: ceph-blockpool-snapshot
cacheCapacity: 10Gi

123
clusters/cl01tl/applications/booklore/values.yaml
View File

@@ -1,123 +0,0 @@
booklore:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: ghcr.io/booklore-app/booklore
tag: v1.10.0
pullPolicy: IfNotPresent
env:
- name: TZ
value: America/Chicago
- name: DATABASE_URL
value: jdbc:mariadb://booklore-mariadb-cluster-primary.booklore:3306/booklore
- name: DATABASE_USERNAME
value: booklore
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: booklore-database-secret
key: password
- name: BOOKLORE_PORT
value: 6060
- name: SWAGGER_ENABLED
value: false
resources:
requests:
cpu: 50m
memory: 128Mi
service:
main:
controller: main
ports:
http:
port: 80
targetPort: 6060
protocol: HTTP
persistence:
config:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 5Gi
retain: true
advancedMounts:
main:
main:
- path: /app/data
readOnly: false
books:
existingClaim: booklore-books-nfs-storage
advancedMounts:
main:
main:
- path: /books
readOnly: false
books-import:
existingClaim: booklore-books-import-nfs-storage
advancedMounts:
main:
main:
- path: /bookdrop
readOnly: false
mariadb-cluster:
mariadb:
rootPasswordSecretKeyRef:
generate: false
name: booklore-database-secret
key: password
storage:
size: 5Gi
replicas: 3
galera:
enabled: true
databases:
- name: booklore
characterSet: utf8
collate: utf8_general_ci
cleanupPolicy: Delete
requeueInterval: 10h
users:
- name: booklore
passwordSecretKeyRef:
name: booklore-database-secret
key: password
host: '%'
cleanupPolicy: Delete
requeueInterval: 10h
retryInterval: 30s
grants:
- name: booklore
privileges:
- "ALL PRIVILEGES"
database: "booklore"
table: "*"
username: booklore
grantOption: true
host: '%'
cleanupPolicy: Delete
requeueInterval: 10h
retryInterval: 30s
backups:
- name: backup
schedule:
cron: "0 0 * * *"
suspend: true
compression: gzip
maxRetention: 720h # 30 days
storage:
s3:
bucket: mariadb-backups-b230a2f5aecf080a4b372c08
prefix: cl01tl
endpoint: https://nyc3.digitaloceanspaces.com
region: us-east-1
accessKeyIdSecretKeyRef:
name: booklore-mariadb-cluster-backup-secret
key: access-key-id
secretAccessKeySecretKeyRef:
name: booklore-mariadb-cluster-backup-secret
key: secret-access-key

4
clusters/cl01tl/applications/calibre-web-automated/values.yaml
View File

@@ -31,7 +31,7 @@ calibre-web-automated:
main:
image:
repository: ghcr.io/calibrain/calibre-web-automated-book-downloader
tag: latest@sha256:b1296c5edc89eee8742d86392ce40707233671044a454e002821e5c76cd58deb
tag: latest@sha256:c2850991e99e278269003d92efa86e865f7df039093fbd03e85141b035cf7a80
pullPolicy: IfNotPresent
env:
- name: FLASK_PORT
@@ -55,7 +55,7 @@ calibre-web-automated:
bypass:
image:
repository: ghcr.io/sarperavci/cloudflarebypassforscraping
tag: latest@sha256:f113570afd4924f10338890571a75e662d5d1b7deed7696ac40f7e063688eb48
tag: latest@sha256:c34ef70a768ddf35c057f893c5392b8f65465fc4fbac634ba68a16d6a9dd0cbb
pullPolicy: IfNotPresent
resources:
requests:

2
clusters/cl01tl/applications/code-server/values.yaml
View File

@@ -9,7 +9,7 @@ code-server:
main:
image:
repository: ghcr.io/linuxserver/code-server
tag: 4.105.1@sha256:f01693e529a6c4db98deb4bb28bf2655a403489831e962e6cc0b2c5f89f220f6
tag: 4.105.1@sha256:c7c66416238b70312df90b5936ea4adb6108552d866dd00a804c86c599b2ab6c
pullPolicy: IfNotPresent
env:
- name: TZ

2
clusters/cl01tl/applications/directus/values.yaml
View File

@@ -9,7 +9,7 @@ directus:
main:
image:
repository: directus/directus
tag: 11.13.2
tag: 11.12.0
pullPolicy: IfNotPresent
env:
- name: PUBLIC_URL

2
clusters/cl01tl/applications/element-web/Chart.yaml
View File

@@ -17,7 +17,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: element-web
version: 1.4.23
version: 1.4.22
repository: https://ananace.gitlab.io/charts
- name: cloudflared
alias: cloudflared

23
clusters/cl01tl/applications/ephemera/Chart.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: v2
name: ephemera
version: 1.0.0
description: ephemera
keywords:
- ephemera
- books
home: https://wiki.alexlebens.dev/
sources:
- https://github.com/OrwellianEpilogue/ephemera
- https://github.com/FlareSolverr/FlareSolverr
- https://github.com/orwellianepilogue/ephemera/pkgs/container/ephemera
- https://github.com/flaresolverr/FlareSolverr/pkgs/container/flaresolverr
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: ephemera
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/ephemera.png
appVersion: 1.3.1

78
clusters/cl01tl/applications/ephemera/templates/external-secret.yaml
View File

@@ -1,78 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: ephemera-key-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: ephemera-key-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: key
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/ephemera/config
metadataPolicy: None
property: key
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: ephemera-config-backup-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: ephemera-config-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/ephemera/ephemera-config"
data:
- secretKey: BUCKET_ENDPOINT
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/volsync/restic/config
metadataPolicy: None
property: S3_BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/volsync/restic/config
metadataPolicy: None
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/volsync/restic/config
metadataPolicy: None
property: AWS_DEFAULT_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None
property: access_key
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None
property: secret_key

28
clusters/cl01tl/applications/ephemera/templates/http-route.yaml
View File

@@ -1,28 +0,0 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http-route-ephemera
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: http-route-ephemera
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- ephemera.alexlebens.net
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- group: ''
kind: Service
name: ephemera
port: 80
weight: 100

17
clusters/cl01tl/applications/ephemera/templates/persistent-volume-claim.yaml
View File

@@ -1,17 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: ephemera-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: ephemera-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: ephemera-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi

23
clusters/cl01tl/applications/ephemera/templates/persistent-volume.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: ephemera-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: ephemera-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Books Import
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac

26
clusters/cl01tl/applications/ephemera/templates/replication-source.yaml
View File

@@ -1,26 +0,0 @@
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: ephemera-config-backup-source
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: ephemera-config-backup-source
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
sourcePVC: ephemera-config
trigger:
schedule: 0 4 * * *
restic:
pruneIntervalDays: 7
repository: ephemera-config-backup-secret
retain:
hourly: 1
daily: 3
weekly: 2
monthly: 2
yearly: 4
copyMethod: Snapshot
storageClassName: ceph-block
volumeSnapshotClassName: ceph-blockpool-snapshot
cacheCapacity: 10Gi

118
clusters/cl01tl/applications/ephemera/values.yaml
View File

@@ -1,118 +0,0 @@
ephemera:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: ghcr.io/orwellianepilogue/ephemera
tag: 1.3.1
pullPolicy: IfNotPresent
env:
- name: AA_BASE_URL
value: 8080
- name: AA_API_KEY
valueFrom:
secretKeyRef:
name: ephemera-key-secret
key: key
- name: FLARESOLVERR_URL
value: http://127.0.0.1:8191
- name: LG_BASE_URL
value: https://gen.com
- name: PUID
value: 0
- name: PGID
value: 0
probes:
liveness:
enabled: true
custom: true
spec:
exec:
command:
- CMD
- wget
- --no-verbose
- --tries=1
- --spider
- http://127.0.0.1:8286/health
failureThreshold: 5
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
resources:
requests:
cpu: 50m
memory: 128Mi
flaresolverr:
image:
repository: ghcr.io/flaresolverr/flaresolverr
tag: v3.4.5
pullPolicy: IfNotPresent
env:
- name: LOG_LEVEL
value: info
- name: LOG_HTML
value: false
- name: CAPTCHA_SOLVER
value: none
- name: TZ
value: America/Chicago
probes:
liveness:
enabled: true
custom: true
spec:
exec:
command:
- CMD
- curl
- -f
- http://127.0.0.1:8191/health
failureThreshold: 5
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
resources:
requests:
cpu: 10m
memory: 128Mi
service:
main:
controller: main
ports:
http:
port: 80
targetPort: 8286
protocol: HTTP
persistence:
config:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 5Gi
retain: true
advancedMounts:
main:
main:
- path: /app/data
readOnly: false
cache:
type: emptyDir
advancedMounts:
main:
main:
- path: /app/downloads
readOnly: false
books-import:
existingClaim: ephemera-nfs-storage
advancedMounts:
main:
main:
- path: /app/ingest
readOnly: false

4
clusters/cl01tl/applications/home-assistant/values.yaml
View File

@@ -9,7 +9,7 @@ home-assistant:
main:
image:
repository: ghcr.io/home-assistant/home-assistant
tag: 2025.11.1
tag: 2025.10.4
pullPolicy: IfNotPresent
env:
- name: TZ
@@ -21,7 +21,7 @@ home-assistant:
code-server:
image:
repository: ghcr.io/linuxserver/code-server
tag: 4.105.1@sha256:f01693e529a6c4db98deb4bb28bf2655a403489831e962e6cc0b2c5f89f220f6
tag: 4.105.1@sha256:c7c66416238b70312df90b5936ea4adb6108552d866dd00a804c86c599b2ab6c
pullPolicy: IfNotPresent
env:
- name: TZ

108
clusters/cl01tl/applications/homepage/values.yaml
View File

@@ -76,9 +76,6 @@ homepage:
- Storage:
tab: Services
icon: mdi-database-#ffffff
- Servarr:
tab: Services
icon: mdi-multimedia-#ffffff
- TV Shows:
tab: Servarr
icon: mdi-television-#ffffff
@@ -88,9 +85,9 @@ homepage:
- Music:
tab: Servarr
icon: mdi-music-box-multiple-#ffffff
- Books:
- Services (Servarr):
tab: Servarr
icon: mdi-book-open-variant-#ffffff
icon: mdi-radar-#ffffff
- External Services:
tab: Bookmarks
icon: mdi-cloud-#ffffff
@@ -183,12 +180,6 @@ homepage:
href: https://calibre.alexlebens.net
siteMonitor: http://calibre-web-automated-main.calibre-web-automated:8083
statusStyle: dot
- Books (Booklore):
icon: sh-booklore.webp
description: Booklore
href: https://booklore.alexlebens.net
siteMonitor: http://booklore.booklore:80
statusStyle: dot
- Public:
- Site:
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
@@ -531,50 +522,6 @@ homepage:
href: https://vault.alexlebens.net
siteMonitor: http://vault.vault:8200
statusStyle: dot
- Backups:
icon: sh-backrest-light.webp
description: Backrest
href: https://backrest.alexlebens.net
siteMonitor: http://backrest.backrest:80
statusStyle: dot
- Servarr:
- qUI:
icon: https://raw.githubusercontent.com/autobrr/qui/8487c818886df9abb2b1456f43b54e0ba180a2bd/web/public/icons.svg
description: qbitorrent
href: https://qui.alexlebens.net
siteMonitor: http://qbittorrent-qui.qbittorrent:80
statusStyle: dot
widget:
type: qbittorrent
url: http://qbittorrent.qbittorrent:8080
enableLeechProgress: true
- Prowlarr:
icon: sh-prowlarr.webp
description: Indexers
href: https://prowlarr.alexlebens.net
siteMonitor: http://prowlarr.prowlarr:80
statusStyle: dot
- Huntarr:
icon: https://raw.githubusercontent.com/plexguide/Huntarr.io/main/frontend/static/logo/128.png
description: Content upgrader
href: https://huntarr.alexlebens.net
siteMonitor: http://huntarr.huntarr:80
statusStyle: dot
- Bazarr:
icon: sh-bazarr.webp
description: Subtitles
href: https://bazarr.alexlebens.net
siteMonitor: http://bazarr.bazarr:80
statusStyle: dot
- Tdarr:
icon: sh-tdarr.webp
description: Media transcoding and health checks
href: https://tdarr.alexlebens.net
siteMonitor: http://tdarr-web.tdarr:8265
statusStyle: dot
widget:
type: tdarr
url: http://tdarr-web.tdarr:8265
- TV Shows:
- Sonarr:
icon: sh-sonarr.webp
@@ -685,25 +632,50 @@ homepage:
href: https://slskd.alexlebens.net
siteMonitor: http://slskd.slskd:5030
statusStyle: dot
- Books:
- Ephemera:
icon: sh-ephemera.webp
description: Books
href: https://ephemera.alexlebens.net
siteMonitor: http://ephemera.ephemera:80
- Services (Servarr):
- qUI:
icon: https://raw.githubusercontent.com/autobrr/qui/8487c818886df9abb2b1456f43b54e0ba180a2bd/web/public/icons.svg
description: qbitorrent
href: https://qui.alexlebens.net
siteMonitor: http://qbittorrent-qui.qbittorrent:80
statusStyle: dot
widget:
type: qbittorrent
url: http://qbittorrent.qbittorrent:8080
enableLeechProgress: true
- Prowlarr:
icon: sh-prowlarr.webp
description: Indexers
href: https://prowlarr.alexlebens.net
siteMonitor: http://prowlarr.prowlarr:80
statusStyle: dot
- Bazarr:
icon: sh-bazarr.webp
description: Indexers
href: https://bazarr.alexlebens.net
siteMonitor: http://bazarr.bazarr:80
statusStyle: dot
- Huntarr:
icon: https://raw.githubusercontent.com/plexguide/Huntarr.io/main/frontend/static/logo/128.png
description: Indexers
href: https://huntarr.alexlebens.net
siteMonitor: http://huntarr.huntarr:80
statusStyle: dot
- CWA Downloader:
icon: sh-cwa-book-downloader.webp
description: Books
icon: sh-calibre.webp
description: Calibre Web Automated Book Downloader
href: https://calibre-downloader.alexlebens.net
siteMonitor: http://calibre-web-automated-downloader.calibre-web-automated:8084
statusStyle: dot
- Listenarr:
icon: sh-audiobookrequest.webp
description: Audiobooks
href: https://listenarr.alexlebens.net
siteMonitor: http://listenarr.listenarr:80
- Tdarr:
icon: sh-tdarr.webp
description: Media transcoding and health checks
href: https://tdarr.alexlebens.net
siteMonitor: http://tdarr-web.tdarr:8265
statusStyle: dot
widget:
type: tdarr
url: http://tdarr-web.tdarr:8265
- Other Homes:
- Dev:
icon: sh-homepage.webp

2
clusters/cl01tl/applications/karakeep/values.yaml
View File

@@ -9,7 +9,7 @@ karakeep:
main:
image:
repository: ghcr.io/karakeep-app/karakeep
tag: 0.28.0
tag: 0.27.1
pullPolicy: IfNotPresent
env:
- name: DATA_DIR

2
clusters/cl01tl/applications/libation/values.yaml
View File

@@ -16,7 +16,7 @@ libation:
main:
image:
repository: rmcrackan/libation
tag: 12.7.1
tag: 12.5.7
pullPolicy: IfNotPresent
env:
- name: SLEEP_TIME

2
clusters/cl01tl/applications/lidatube/values.yaml
View File

@@ -13,7 +13,7 @@ lidatube:
main:
image:
repository: thewicklowwolf/lidatube
tag: 0.2.41
tag: 0.2.40
pullPolicy: IfNotPresent
env:
- name: PUID

20
clusters/cl01tl/applications/listenarr/Chart.yaml
View File

@@ -1,20 +0,0 @@
apiVersion: v2
name: listenarr
version: 1.0.0
description: Listenarr
keywords:
- listenarr
- audiobooks
home: https://wiki.alexlebens.dev/
sources:
- https://github.com/therobbiedavis/Listenarr
- https://hub.docker.com/r/therobbiedavis/listenarr
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: listenarr
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.4.0
appVersion: 0.2.35

28
clusters/cl01tl/applications/listenarr/templates/http-route.yaml
View File

@@ -1,28 +0,0 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http-route-listenarr
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: http-route-listenarr
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- listenarr.alexlebens.net
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- group: ''
kind: Service
name: listenarr
port: 80
weight: 100

17
clusters/cl01tl/applications/listenarr/templates/persistent-volume-claim.yaml
View File

@@ -1,17 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: listenarr-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: listenarr-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: listenarr-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi

23
clusters/cl01tl/applications/listenarr/templates/persistent-volume.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: listenarr-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: listenarr-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Audiobooks
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac

46
clusters/cl01tl/applications/listenarr/values.yaml
View File

@@ -1,46 +0,0 @@
listenarr:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: therobbiedavis/listenarr
tag: canary-0.2.35
pullPolicy: IfNotPresent
env:
- name: LISTENARR_PUBLIC_URL
value: https://listenarr.alexlebens.net
resources:
requests:
cpu: 50m
memory: 128Mi
service:
main:
controller: main
ports:
http:
port: 80
targetPort: 5000
protocol: HTTP
persistence:
config:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 5Gi
retain: true
advancedMounts:
main:
main:
- path: /app/config
readOnly: false
media:
existingClaim: listenarr-nfs-storage
advancedMounts:
main:
main:
- path: /data
readOnly: true

2
clusters/cl01tl/applications/outline/values.yaml
View File

@@ -9,7 +9,7 @@ outline:
main:
image:
repository: outlinewiki/outline
tag: 1.1.0
tag: 1.0.1
pullPolicy: IfNotPresent
env:
- name: NODE_ENV

2
clusters/cl01tl/applications/plex/values.yaml
View File

@@ -9,7 +9,7 @@ plex:
main:
image:
repository: ghcr.io/linuxserver/plex
tag: 1.42.2@sha256:a4749f3b84dc3f923a7bd4d2bc4ddc1e871b5a656b62022d3827d3d98afd5efd
tag: 1.42.2@sha256:a59133e5b94b3ca19158e4ab272657c77c62dc9abdbebe1172b7657da138badb
pullPolicy: IfNotPresent
env:
- name: TZ

4
clusters/cl01tl/applications/searxng/values.yaml
View File

@@ -9,7 +9,7 @@ searxng:
main:
image:
repository: searxng/searxng
tag: latest@sha256:d5a54dde3968851d6a15f394bd1d64e0ac5e440e6b21c73bddf215dfcd82fe16
tag: latest@sha256:0bdb1336bc866df7682b88cc2372f576c5f7984a765f63467a89ed7a6fc57d29
pullPolicy: IfNotPresent
env:
- name: SEARXNG_BASE_URL
@@ -43,7 +43,7 @@ searxng:
main:
image:
repository: searxng/searxng
tag: latest@sha256:d5a54dde3968851d6a15f394bd1d64e0ac5e440e6b21c73bddf215dfcd82fe16
tag: latest@sha256:0bdb1336bc866df7682b88cc2372f576c5f7984a765f63467a89ed7a6fc57d29
pullPolicy: IfNotPresent
env:
- name: SEARXNG_BASE_URL

2
clusters/cl01tl/applications/slskd/values.yaml
View File

@@ -28,7 +28,7 @@ slskd:
main:
image:
repository: slskd/slskd
tag: 0.24.0
tag: 0.23.2
pullPolicy: IfNotPresent
env:
- name: TZ

4
clusters/cl01tl/applications/tdarr/values.yaml
View File

@@ -9,7 +9,7 @@ tdarr:
main:
image:
repository: ghcr.io/haveagitgat/tdarr
tag: 2.54.01
tag: 2.51.03
pullPolicy: IfNotPresent
env:
- name: TZ
@@ -48,7 +48,7 @@ tdarr:
main:
image:
repository: ghcr.io/haveagitgat/tdarr_node
tag: 2.54.01
tag: 2.51.03
pullPolicy: IfNotPresent
env:
- name: TZ

2
clusters/cl01tl/applications/tubearchivist/values.yaml
View File

@@ -9,7 +9,7 @@ tubearchivist:
main:
image:
repository: bbilly1/tubearchivist
tag: v0.5.8
tag: v0.5.7
pullPolicy: IfNotPresent
env:
- name: TZ

2
clusters/cl01tl/deployment/argocd/Chart.yaml
View File

@@ -15,7 +15,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: argo-cd
version: 9.1.3
version: 9.0.6
repository: https://argoproj.github.io/argo-helm
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
appVersion: 3.0.0

5
clusters/cl01tl/deployment/stack/values.yaml
View File

@@ -100,11 +100,6 @@ applicationSet:
syncOptions:
serverSideApply: true
- name: storage
ignoreDifferences:
- group: ""
kind: Service
jqPathExpressions:
- .spec.externalName
syncPolicy:
automated:
prune: true

2
clusters/cl01tl/management/argo-workflows/Chart.yaml
View File

@@ -18,7 +18,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: argo-workflows
version: 0.45.28
version: 0.45.27
repository: https://argoproj.github.io/argo-helm
- name: argo-events
version: 2.4.17

4
clusters/cl01tl/management/headlamp/Chart.yaml
View File

@@ -14,7 +14,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: headlamp
version: 0.38.0
version: 0.37.0
repository: https://kubernetes-sigs.github.io/headlamp/
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/headlamp.png
appVersion: 0.37.0
appVersion: 0.30.1

3
clusters/cl01tl/management/headlamp/templates/cluster-role-binding.yaml
View File

@@ -15,6 +15,3 @@ subjects:
- kind: User
name: alexanderlebens@gmail.com
apiGroup: rbac.authorization.k8s.io
- kind: ServiceAccount
name: headlamp-admin
namespace: headlamp

9
clusters/cl01tl/management/headlamp/templates/service-account.yaml
View File

@@ -1,9 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: headlamp-admin
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: headlamp-admin
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}

2
clusters/cl01tl/management/komodo/values.yaml
View File

@@ -95,7 +95,7 @@ komodo:
main:
image:
repository: ghcr.io/ferretdb/ferretdb
tag: 2.7.0
tag: 2.5.0
pullPolicy: IfNotPresent
env:
- name: FERRETDB_POSTGRESQL_URL

2
clusters/cl01tl/monitoring/gatus/values.yaml
View File

@@ -7,7 +7,7 @@ gatus:
enabled: true
image:
repository: ghcr.io/twin/gatus
tag: v5.31.0
tag: v5.30.0
annotations:
reloader.stakater.com/auto: "true"
service:

2
clusters/cl01tl/monitoring/kube-prometheus-stack/Chart.yaml
View File

@@ -19,7 +19,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: kube-prometheus-stack
version: 79.4.1
version: 79.1.1
repository: oci://ghcr.io/prometheus-community/charts
- name: app-template
alias: ntfy-alertmanager

2
clusters/cl01tl/monitoring/loki/Chart.yaml
View File

@@ -16,7 +16,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: loki
version: 6.46.0
version: 6.44.0
repository: https://grafana.github.io/helm-charts
- name: promtail
version: 6.17.1

2
clusters/cl01tl/platform/external-secrets/Chart.yaml
View File

@@ -12,7 +12,7 @@ sources:
- https://github.com/external-secrets/external-secrets/tree/main/deploy/charts/external-secrets
dependencies:
- name: external-secrets
version: 1.0.0
version: 0.20.4
repository: https://charts.external-secrets.io
icon: https://avatars.githubusercontent.com/u/68335991?s=48&v=4
appVersion: 0.17.0

14
clusters/cl01tl/platform/gitea/values.yaml
View File

@@ -4,7 +4,7 @@ gitea:
replicaCount: 3
image:
repository: gitea/gitea
tag: 1.25.1
tag: 1.25.0
service:
http:
type: ClusterIP
@@ -146,7 +146,7 @@ gitea-actions:
replicas: 6
actRunner:
repository: gitea/act_runner
tag: 0.2.13
tag: 0.2.11
config: |
log:
level: debug
@@ -154,10 +154,10 @@ gitea-actions:
enabled: false
runner:
labels:
- "ubuntu-latest:docker://harbor.alexlebens.net/proxy-hub.docker/gitea/runner-images:ubuntu-24.04"
- "ubuntu-js:docker://harbor.alexlebens.net/proxy-ghcr.io/catthehacker/ubuntu:js-24.04"
- "ubuntu-24.04:docker://harbor.alexlebens.net/proxy-hub.docker/gitea/runner-images:ubuntu-24.04"
- "ubuntu-latest:docker://harbor.alexlebens.net/proxy-ghcr.io/catthehacker/ubuntu:runner-24.04"
- "ubuntu-24.04:docker://harbor.alexlebens.net/proxy-ghcr.io/catthehacker/ubuntu:runner-24.04"
- "ubuntu-22.04:docker://harbor.alexlebens.net/proxy-hub.docker/gitea/runner-images:ubuntu-22.04"
- "ubuntu-20.04:docker://harbor.alexlebens.net/proxy-hub.docker/gitea/runner-images:ubuntu-20.04"
dind:
repository: docker
tag: 25.0.2-dind
@@ -212,7 +212,7 @@ backup:
s3-backup:
image:
repository: d3fk/s3cmd
tag: latest@sha256:4252b3d04c18dc7fec2117259ab5dc0e51cb46b8719e661762222b44f6559189
tag: latest@sha256:33181474927de824a1d209a7bda39e877e2ce78e1aa34d2e7acdf490ef1b7601
pullPolicy: IfNotPresent
command:
- /bin/sh
@@ -236,7 +236,7 @@ backup:
s3-prune:
image:
repository: d3fk/s3cmd
tag: latest@sha256:4252b3d04c18dc7fec2117259ab5dc0e51cb46b8719e661762222b44f6559189
tag: latest@sha256:33181474927de824a1d209a7bda39e877e2ce78e1aa34d2e7acdf490ef1b7601
pullPolicy: IfNotPresent
command:
- /bin/sh

2
clusters/cl01tl/platform/matrix-synapse/Chart.yaml
View File

@@ -29,7 +29,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: matrix-synapse
version: 3.12.14
version: 3.12.13
repository: https://ananace.gitlab.io/charts
- name: app-template
alias: matrix-hookshot

6
clusters/cl01tl/platform/n8n/values.yaml
View File

@@ -9,7 +9,7 @@ n8n:
main:
image:
repository: ghcr.io/n8n-io/n8n
tag: 1.119.1
tag: 1.119.0
pullPolicy: IfNotPresent
env:
- name: GENERIC_TIMEZONE
@@ -93,7 +93,7 @@ n8n:
main:
image:
repository: ghcr.io/n8n-io/n8n
tag: 1.119.1
tag: 1.119.0
pullPolicy: IfNotPresent
command:
- n8n
@@ -188,7 +188,7 @@ n8n:
main:
image:
repository: ghcr.io/n8n-io/n8n
tag: 1.119.1
tag: 1.119.0
pullPolicy: IfNotPresent
command:
- n8n

2
clusters/cl01tl/platform/ntfy/values.yaml
View File

@@ -9,7 +9,7 @@ ntfy:
main:
image:
repository: binwiederhier/ntfy
tag: v2.15.0
tag: v2.14.0
pullPolicy: IfNotPresent
args: ["serve"]
env:

8
clusters/cl01tl/platform/ollama/values.yaml
View File

@@ -22,7 +22,7 @@ ollama:
main:
image:
repository: ollama/ollama
tag: 0.12.11
tag: 0.12.9
pullPolicy: IfNotPresent
env:
- name: OLLAMA_KEEP_ALIVE
@@ -58,7 +58,7 @@ ollama:
main:
image:
repository: ollama/ollama
tag: 0.12.11
tag: 0.12.9
pullPolicy: IfNotPresent
env:
- name: OLLAMA_KEEP_ALIVE
@@ -94,7 +94,7 @@ ollama:
main:
image:
repository: ollama/ollama
tag: 0.12.11
tag: 0.12.9
pullPolicy: IfNotPresent
env:
- name: OLLAMA_KEEP_ALIVE
@@ -117,7 +117,7 @@ ollama:
main:
image:
repository: ghcr.io/open-webui/open-webui
tag: v0.6.36
tag: 0.6.34
pullPolicy: IfNotPresent
env:
- name: ENV

4
clusters/cl01tl/platform/qbittorrent/values.yaml
View File

@@ -28,7 +28,7 @@ qbittorrent:
qbittorrent:
image:
repository: ghcr.io/linuxserver/qbittorrent
tag: 5.1.2@sha256:7034f73a3c6fa4ea40fd67df462939d1665d765231b572523921c98c2db5362e
tag: 5.1.2@sha256:3908cec5685242ab49b4842124df38c7ff09f82e543c17e0f81e883788f6a611
pullPolicy: IfNotPresent
env:
- name: TZ
@@ -186,7 +186,7 @@ qbittorrent:
qui:
image:
repository: ghcr.io/autobrr/qui
tag: v1.7.0
tag: v1.6.1
pullPolicy: IfNotPresent
env:
- name: QUI__METRICS_ENABLED

2
clusters/cl01tl/platform/vault/values.yaml
View File

@@ -198,7 +198,7 @@ snapshot:
s3-backup:
image:
repository: d3fk/s3cmd
tag: latest@sha256:4252b3d04c18dc7fec2117259ab5dc0e51cb46b8719e661762222b44f6559189
tag: latest@sha256:33181474927de824a1d209a7bda39e877e2ce78e1aa34d2e7acdf490ef1b7601
pullPolicy: IfNotPresent
command:
- /bin/sh

4
clusters/cl01tl/services/blocky/values.yaml
View File

@@ -109,14 +109,11 @@ blocky:
argocd IN CNAME traefik-cl01tl
audiobookshelf IN CNAME traefik-cl01tl
authentik IN CNAME traefik-cl01tl
backrest IN CNAME traefik-cl01tl
bazarr IN CNAME traefik-cl01tl
booklore IN CNAME traefik-cl01tl
calibre IN CNAME traefik-cl01tl
calibre-downloader IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl
code-server IN CNAME traefik-cl01tl
ephemera IN CNAME traefik-cl01tl
garage-s3 IN CNAME traefik-cl01tl
garage-webui IN CNAME traefik-cl01tl
gatus IN CNAME traefik-cl01tl
@@ -137,7 +134,6 @@ blocky:
kronic IN CNAME traefik-cl01tl
lidarr IN CNAME traefik-cl01tl
lidatube IN CNAME traefik-cl01tl
listenarr IN CNAME traefik-cl01tl
mail IN CNAME traefik-cl01tl
n8n IN CNAME traefik-cl01tl
ntfy IN CNAME traefik-cl01tl

2
clusters/cl01tl/services/generic-device-plugin/Chart.yaml
View File

@@ -15,6 +15,6 @@ maintainers:
dependencies:
- name: generic-device-plugin
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
version: 0.20.0
version: 0.17.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
appVersion: 1.0.0

2
clusters/cl01tl/services/reloader/Chart.yaml
View File

@@ -14,7 +14,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: reloader
version: 2.2.5
version: 2.2.4
repository: https://stakater.github.io/stakater-charts
icon: https://raw.githubusercontent.com/stakater/Reloader/refs/heads/master/assets/web/reloader.jpg
appVersion: v1.4.2

8
clusters/cl01tl/services/talos/values.yaml
View File

@@ -73,7 +73,7 @@ etcd-backup:
s3-prune:
image:
repository: d3fk/s3cmd
tag: latest@sha256:4252b3d04c18dc7fec2117259ab5dc0e51cb46b8719e661762222b44f6559189
tag: latest@sha256:33181474927de824a1d209a7bda39e877e2ce78e1aa34d2e7acdf490ef1b7601
pullPolicy: IfNotPresent
command:
- /bin/sh
@@ -169,7 +169,7 @@ etcd-defrag:
main:
image:
repository: ghcr.io/siderolabs/talosctl
tag: v1.11.5
tag: v1.11.3
pullPolicy: IfNotPresent
args:
- etcd
@@ -206,7 +206,7 @@ etcd-defrag:
main:
image:
repository: ghcr.io/siderolabs/talosctl
tag: v1.11.5
tag: v1.11.3
pullPolicy: IfNotPresent
args:
- etcd
@@ -243,7 +243,7 @@ etcd-defrag:
main:
image:
repository: ghcr.io/siderolabs/talosctl
tag: v1.11.5
tag: v1.11.3
pullPolicy: IfNotPresent
args:
- etcd

2
clusters/cl01tl/services/traefik/Chart.yaml
View File

@@ -15,7 +15,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: traefik
version: 37.3.0
version: 37.2.0
repository: https://traefik.github.io/charts
# enable pending:
# https://github.com/traefik/traefik-helm-chart/pull/1340

2
clusters/cl01tl/standalone/cilium/Chart.yaml
View File

@@ -15,7 +15,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: cilium
version: 1.18.4
version: 1.18.3
repository: https://helm.cilium.io/
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/cilium.png
appVersion: 1.17.3

2
clusters/cl01tl/standalone/prometheus-operator-crds/Chart.yaml
View File

@@ -15,7 +15,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: prometheus-operator-crds
version: 24.0.2
version: 24.0.1
repository: oci://ghcr.io/prometheus-community/charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/prometheus.png
appVersion: v0.82.0

21
clusters/cl01tl/storage/backrest/Chart.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: v2
name: backrest
version: 1.0.0
description: backrest
keywords:
- backrest
- backup
home: https://wiki.alexlebens.dev/
sources:
- https://github.com/garethgeorge/backrest
- https://hub.docker.com/r/garethgeorge/backrest
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: backrest
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/backrest.png
appVersion: v1.10.1

28
clusters/cl01tl/storage/backrest/templates/http-route.yaml
View File

@@ -1,28 +0,0 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http-route-backrest
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: http-route-backrest
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- backrest.alexlebens.net
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- group: ''
kind: Service
name: backrest
port: 80
weight: 100

36
clusters/cl01tl/storage/backrest/templates/persistent-volume-claim.yaml
View File

@@ -1,36 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: backrest-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: backrest-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: backrest-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: backrest-nfs-share
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: backrest-nfs-share
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: backrest-nfs-share
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi

48
clusters/cl01tl/storage/backrest/templates/persistent-volume.yaml
View File

@@ -1,48 +0,0 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: backrest-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: backrest-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: backrest-nfs-share
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: backrest-nfs-share
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Share
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac

14
clusters/cl01tl/storage/backrest/templates/service.yaml
View File

@@ -1,14 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: garage-ps10rp
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: garage-ps10rp
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
annotations:
tailscale.com/tailnet-fqdn: garage-ps10rp.boreal-beaufort.ts.net
spec:
externalName: placeholder
type: ExternalName

84
clusters/cl01tl/storage/backrest/values.yaml
View File

@@ -1,84 +0,0 @@
backrest:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
containers:
main:
image:
repository: garethgeorge/backrest
tag: v1.10.1
pullPolicy: IfNotPresent
env:
- name: TZ
value: America/Chicago
- name: BACKREST_DATA
value: /data
- name: BACKREST_CONFIG
value: /config/config.json
- name: XDG_CACHE_HOME
value: /cache
- name: TMPDIR
value: /tmp
resources:
requests:
cpu: 10m
memory: 256Mi
service:
main:
controller: main
ports:
http:
port: 80
targetPort: 9898
protocol: TCP
persistence:
data:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 10Gi
retain: true
advancedMounts:
main:
main:
- path: /data
readOnly: false
config:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 1Gi
retain: true
advancedMounts:
main:
main:
- path: /config
readOnly: false
cache:
type: emptyDir
advancedMounts:
main:
main:
- path: /cache
readOnly: false
tmp:
type: emptyDir
advancedMounts:
main:
main:
- path: /tmp
readOnly: false
storage:
existingClaim: backrest-nfs-storage
advancedMounts:
main:
main:
- path: /mnt/storage
readOnly: true
share:
existingClaim: backrest-nfs-share
advancedMounts:
main:
main:
- path: /mnt/share
readOnly: true

2
clusters/cl01tl/storage/cloudnative-pg/Chart.yaml
View File

@@ -19,7 +19,7 @@ dependencies:
version: 0.26.1
repository: https://cloudnative-pg.io/charts/
- name: plugin-barman-cloud
version: 0.3.1
version: 0.2.0
repository: https://cloudnative-pg.io/charts/
icon: https://avatars.githubusercontent.com/u/100373852?s=200&v=4
appVersion: 1.26.0

4
clusters/cl01tl/storage/cloudnative-pg/values.yaml
View File

@@ -7,10 +7,10 @@ plugin-barman-cloud:
image:
registry: ghcr.io
repository: cloudnative-pg/plugin-barman-cloud
tag: v0.9.0
tag: v0.8.0
sidecarImage:
registry: ghcr.io
repository: cloudnative-pg/plugin-barman-cloud-sidecar
tag: v0.9.0
tag: v0.8.0
crds:
create: true

29
clusters/cl01tl/storage/garage/values.yaml
View File

@@ -52,13 +52,10 @@ garage:
metadata_dir = "/var/lib/garage/meta"
data_dir = "/var/lib/garage/data"
metadata_snapshots_dir = "/var/lib/garage/snapshots"
db_engine = "lmdb"
db_engine = "sqlite"
metadata_auto_snapshot_interval = "6h"
compression_level = 3
compression_level = 1
rpc_bind_addr = "[::]:3901"
rpc_public_addr = "127.0.0.1:3901"
@@ -122,16 +119,6 @@ garage:
readOnly: true
mountPropagation: None
subPath: garage.toml
db:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 10Gi
retain: true
advancedMounts:
main:
main:
- path: /var/lib/garage/meta
readOnly: false
data:
storageClass: synology-iscsi-delete
accessMode: ReadWriteOnce
@@ -140,15 +127,5 @@ garage:
advancedMounts:
main:
main:
- path: /var/lib/garage/data
readOnly: false
snapshots:
storageClass: synology-iscsi-delete
accessMode: ReadWriteOnce
size: 50Gi
retain: true
advancedMounts:
main:
main:
- path: /var/lib/garage/snapshots
- path: /var/lib/garage
readOnly: false

24
clusters/cl01tl/storage/mariadb-operator/Chart.yaml
View File

@@ -1,24 +0,0 @@
apiVersion: v2
name: mariadb-operator
version: 1.0.0
description: MariaDB Operator
keywords:
- mariadb-operator
- database
- storage
- kubernetes
home: https://wiki.alexlebens.dev/
sources:
- https://github.com/mariadb-operator/mariadb-operator
- https://github.com/mariadb-operator/mariadb-operator/tree/main/deploy/charts/mariadb-operator
maintainers:
- name: alexlebens
dependencies:
- name: mariadb-operator
version: 25.10.2
repository: https://helm.mariadb.com/mariadb-operator
- name: mariadb-operator-crds
version: 25.10.2
repository: https://helm.mariadb.com/mariadb-operator
icon: https://mariadb-operator.github.io/mariadb-operator/assets/mariadb_profile.svg
appVersion: 25.10.2

11
clusters/cl01tl/storage/mariadb-operator/values.yaml
View File

@@ -1,11 +0,0 @@
mariadb-operator:
ha:
enabled: true
replicas: 3
metrics:
enabled: true
serviceMonitor:
enabled: true
pdb:
enabled: true
maxUnavailable: 1

2
clusters/cl01tl/storage/pgadmin/values.yaml
View File

@@ -28,7 +28,7 @@ pgadmin4:
runAsGroup: 5050
image:
repository: dpage/pgadmin4
tag: "9.10"
tag: "9.9"
pullPolicy: IfNotPresent
env:
- name: PGADMIN_CONFIG_ENHANCED_COOKIE_PROTECTION

4
clusters/cl01tl/storage/rook-ceph/Chart.yaml
View File

@@ -16,10 +16,10 @@ maintainers:
- name: alexlebens
dependencies:
- name: rook-ceph
version: v1.18.7
version: v1.18.6
repository: https://charts.rook.io/release
- name: rook-ceph-cluster
version: v1.18.7
version: v1.18.6
repository: https://charts.rook.io/release
- name: cloudflared
alias: cloudflared-rgw

16
clusters/cl01tl/storage/rook-ceph/values.yaml
View File

@@ -3,8 +3,8 @@ rook-ceph:
enabled: true
csi:
rookUseCsiOperator: true
cephFSKernelMountOptions: "ms_mode=secure"
enableMetadata: true
cephFSKernelMountOptions: "ms_mode=secure"
provisionerReplicas: 3
serviceMonitor:
enabled: true
@@ -13,6 +13,7 @@ rook-ceph:
enabled: true
rook-ceph-cluster:
operatorNamespace: rook-ceph
toolbox:
enabled: true
monitoring:
@@ -21,11 +22,12 @@ rook-ceph-cluster:
prometheusRuleOverrides:
CephNodeDiskspaceWarning:
disabled: true
cephImage:
# https://quay.io/repository/ceph/ceph?tab=tags
repository: quay.io/ceph/ceph
tag: v19.2.3-20250717
cephClusterSpec:
cephVersion:
# https://quay.io/repository/ceph/ceph?tab=tags
image: quay.io/ceph/ceph:v19.2.3-20250717
mon:
count: 3
mgr:
count: 1
modules:
@@ -83,9 +85,11 @@ rook-ceph-cluster:
cpu: 100m
memory: 128Mi
storage:
useAllNodes: true
useAllDevices: true
deviceFilter: sda
config:
osdsPerDevice: "1"
osdsPerDevice: "1"
csi:
readAffinity:
enabled: true

2
clusters/cl01tl/storage/whodb/values.yaml
View File

@@ -8,7 +8,7 @@ whodb:
main:
image:
repository: clidey/whodb
tag: 0.75.0
tag: 0.61.0
pullPolicy: IfNotPresent
env:
- name: WHODB_OLLAMA_HOST

4
hosts/ps08rp/blocky/config.yml
View File

@@ -85,14 +85,11 @@ customDNS:
argocd IN CNAME traefik-cl01tl
audiobookshelf IN CNAME traefik-cl01tl
authentik IN CNAME traefik-cl01tl
backrest IN CNAME traefik-cl01tl
bazarr IN CNAME traefik-cl01tl
booklore IN CNAME traefik-cl01tl
calibre IN CNAME traefik-cl01tl
calibre-downloader IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl
code-server IN CNAME traefik-cl01tl
ephemera IN CNAME traefik-cl01tl
garage-s3 IN CNAME traefik-cl01tl
garage-webui IN CNAME traefik-cl01tl
gatus IN CNAME traefik-cl01tl
@@ -113,7 +110,6 @@ customDNS:
kronic IN CNAME traefik-cl01tl
lidarr IN CNAME traefik-cl01tl
lidatube IN CNAME traefik-cl01tl
listenarr IN CNAME traefik-cl01tl
mail IN CNAME traefik-cl01tl
n8n IN CNAME traefik-cl01tl
ntfy IN CNAME traefik-cl01tl

2
hosts/ps08rp/traefik/compose.yaml
View File

@@ -1,7 +1,7 @@
---
services:
traefik:
image: ghcr.io/traefik/traefik:v3.6.0
image: ghcr.io/traefik/traefik:v3.5.4
container_name: traefik
command:
- "--global.checkNewVersion=false"

4
hosts/ps09rp/blocky/config.yml
View File

@@ -85,14 +85,11 @@ customDNS:
argocd IN CNAME traefik-cl01tl
audiobookshelf IN CNAME traefik-cl01tl
authentik IN CNAME traefik-cl01tl
backrest IN CNAME traefik-cl01tl
bazarr IN CNAME traefik-cl01tl
booklore IN CNAME traefik-cl01tl
calibre IN CNAME traefik-cl01tl
calibre-downloader IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl
code-server IN CNAME traefik-cl01tl
ephemera IN CNAME traefik-cl01tl
garage-s3 IN CNAME traefik-cl01tl
garage-webui IN CNAME traefik-cl01tl
gatus IN CNAME traefik-cl01tl
@@ -113,7 +110,6 @@ customDNS:
kronic IN CNAME traefik-cl01tl
lidarr IN CNAME traefik-cl01tl
lidatube IN CNAME traefik-cl01tl
listenarr IN CNAME traefik-cl01tl
mail IN CNAME traefik-cl01tl
n8n IN CNAME traefik-cl01tl
ntfy IN CNAME traefik-cl01tl

2
hosts/ps09rp/traefik/compose.yaml
View File

@@ -1,7 +1,7 @@
---
services:
traefik:
image: ghcr.io/traefik/traefik:v3.6.0
image: ghcr.io/traefik/traefik:v3.5.4
container_name: traefik
command:
- "--global.checkNewVersion=false"

4
hosts/ps10rp/gitea/compose.yaml
View File

@@ -19,7 +19,7 @@ services:
- /dev/net/tun:/dev/net/tun
postgresql:
image: docker.io/postgres:17.7-alpine3.21
image: docker.io/postgres:17.6-alpine3.21
container_name: gitea-postgres
env_file:
- .env
@@ -33,7 +33,7 @@ services:
- postgresql:/var/lib/postgresql/data
gitea:
image: gitea/gitea:1.25.1
image: gitea/gitea:1.25.0
container_name: gitea
depends_on:
- postgresql

2
hosts/ps10rp/traefik/compose.yaml
View File

@@ -20,7 +20,7 @@ services:
- /dev/net/tun:/dev/net/tun
traefik:
image: ghcr.io/traefik/traefik:v3.6.0
image: ghcr.io/traefik/traefik:v3.5.4
container_name: traefik
command:
- "--global.checkNewVersion=false"