chore(deps): update helm release cilium to v1.19.0

2026-02-04 03:50:41 +00:00
29 changed files with 107 additions and 98 deletions
--- a/clusters/cl01tl/helm/argo-workflows/Chart.yaml
+++ b/clusters/cl01tl/helm/argo-workflows/Chart.yaml
@@ -29,4 +29,4 @@ dependencies:
    repository: oci://harbor.alexlebens.net/helm-charts
 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
 # renovate: datasource=github-releases depName=argoproj/argo-workflows
-appVersion: v4.0.0
+appVersion: v3.7.9
--- a/clusters/cl01tl/helm/blocky/values.yaml
+++ b/clusters/cl01tl/helm/blocky/values.yaml
@@ -124,7 +124,7 @@ blocky:
              home                            IN      CNAME   traefik-cl01tl
              home-assistant                  IN      CNAME   traefik-cl01tl
              home-assistant-code-server      IN      CNAME   traefik-cl01tl
-              hubble                          IN      CNAME   cilium-cl01tl
+              hubble                          IN      CNAME   traefik-cl01tl
              huntarr                         IN      CNAME   traefik-cl01tl
              immich                          IN      CNAME   traefik-cl01tl
              jellyfin                        IN      CNAME   traefik-cl01tl
--- a/clusters/cl01tl/helm/cilium/Chart.lock
+++ b/clusters/cl01tl/helm/cilium/Chart.lock
@@ -3,4 +3,4 @@ dependencies:
  repository: https://helm.cilium.io/
  version: 1.19.0
 digest: sha256:d2319facc93cab2a0a137588d8bd93315b52025b3ec86bc89edb0e236a74c814
-generated: "2026-02-05T03:57:48.602182388Z"
+generated: "2026-02-04T03:50:36.82666656Z"
--- a/clusters/cl01tl/helm/cilium/Chart.yaml
+++ b/clusters/cl01tl/helm/cilium/Chart.yaml
@@ -19,4 +19,4 @@ dependencies:
    repository: https://helm.cilium.io/
 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/cilium.png
 # renovate: datasource=github-releases depName=cilium/cilium
-appVersion: 1.19.0
+appVersion: 1.18.6
--- a/clusters/cl01tl/helm/cilium/templates/cilium-bgp-advertisement.yaml
+++ b/clusters/cl01tl/helm/cilium/templates/cilium-bgp-advertisement.yaml
@@ -1,4 +1,4 @@
-# apiVersion: cilium.io/v2
+# apiVersion: cilium.io/v2alpha1
 # kind: CiliumBGPAdvertisement
 # metadata:
 #   name: cilium-bgp-advertisements
--- a/clusters/cl01tl/helm/cilium/templates/cilium-bgp-cluster-config.yaml
+++ b/clusters/cl01tl/helm/cilium/templates/cilium-bgp-cluster-config.yaml
@@ -1,4 +1,4 @@
-# apiVersion: cilium.io/v2
+# apiVersion: cilium.io/v2alpha1
 # kind: CiliumBGPClusterConfig
 # metadata:
 #   name: cilium-bgp
--- a/clusters/cl01tl/helm/cilium/templates/cilium-bgp-peer-config.yaml
+++ b/clusters/cl01tl/helm/cilium/templates/cilium-bgp-peer-config.yaml
@@ -1,4 +1,4 @@
-# apiVersion: cilium.io/v2
+# apiVersion: cilium.io/v2alpha1
 # kind: CiliumBGPPeerConfig
 # metadata:
 #   name: cilium-peer
--- a/clusters/cl01tl/helm/cilium/templates/cilium-l2-announcement-policy.yaml
+++ b/clusters/cl01tl/helm/cilium/templates/cilium-l2-announcement-policy.yaml
@@ -1,18 +1,19 @@
-apiVersion: "cilium.io/v2alpha1"
+# apiVersion: "cilium.io/v2alpha1"
-kind: CiliumL2AnnouncementPolicy
+# kind: CiliumL2AnnouncementPolicy
-metadata:
+# metadata:
-  name: node-gateway-l2-policy
+#   name: general-l2-policy
-  namespace: {{ .Release.Namespace }}
+#   namespace: {{ .Release.Namespace }}
-  labels:
+#   labels:
-    app.kubernetes.io/name: node-gateway-l2-policy
+#     app.kubernetes.io/name: general-l2-policy
-    app.kubernetes.io/instance: {{ .Release.Name }}
+#     app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
+#     app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
+# spec:
-  nodeSelector:
+#   nodeSelector:
-    matchLabels:
+#     matchExpressions:
-      kubernetes.io/hostname: talos-ix7-xku
+#       - key: kubernetes.io/hostname
-  interfaces:
+#         operator: Exists
-    - end0
+#   interfaces:
-    - enp6s0
+#     - end0
-  externalIPs: true
+#     - enp6s0
-  loadBalancerIPs: true
+#   externalIPs: true
 #   loadBalancerIPs: true
--- a/clusters/cl01tl/helm/cilium/templates/cilium-load-balancer-ip-pool.yaml
+++ b/clusters/cl01tl/helm/cilium/templates/cilium-load-balancer-ip-pool.yaml
@@ -1,4 +1,4 @@
-apiVersion: cilium.io/v2
+apiVersion: "cilium.io/v2alpha1"
 kind: CiliumLoadBalancerIPPool
 metadata:
  name: default-ip-pool
@@ -15,7 +15,7 @@ spec:
      stop: "10.232.2.23"
 ---
-apiVersion: cilium.io/v2
+apiVersion: "cilium.io/v2alpha1"
 kind: CiliumLoadBalancerIPPool
 metadata:
  name: bgp-ip-pool
--- a/clusters/cl01tl/helm/cilium/templates/gateway.yaml
+++ b/clusters/cl01tl/helm/cilium/templates/gateway.yaml
@@ -1,46 +1,35 @@
-apiVersion: gateway.networking.k8s.io/v1
+# apiVersion: gateway.networking.k8s.io/v1
-kind: Gateway
+# kind: Gateway
-metadata:
+# metadata:
-  name: cilium-tls-gateway
+#   name: cilium-tls-gateway
-  namespace: {{ .Release.Namespace }}
+#   namespace: {{ .Release.Namespace }}
-  labels:
+#   labels:
-    app.kubernetes.io/name: cilium-tls-gateway
+#     app.kubernetes.io/name: tls-gateway
-    app.kubernetes.io/instance: {{ .Release.Name }}
+#     app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/part-of: {{ .Release.Name }}
+#     app.kubernetes.io/part-of: {{ .Release.Name }}
-  annotations:
+#   annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-issuer
+#     cert-manager.io/cluster-issuer: letsencrypt-issuer
-    io.cilium/lb-ipam-ips: "10.232.1.23"
+# spec:
-spec:
+#   gatewayClassName: cilium
-  addresses:
+#   listeners:
-    - type: IPAddress
+#     - allowedRoutes:
-      value: 10.232.1.23
+#         namespaces:
-  gatewayClassName: cilium
+#           from: All
-  listeners:
+#       hostname: '*.alexlebens.net'
-    - allowedRoutes:
+#       name: http
-        namespaces:
+#       port: 80
-          from: All
+#       protocol: HTTP
-      hostname: '*.alexlebens.net'
+#     - allowedRoutes:
-      name: https
+#         namespaces:
-      port: 443
+#           from: All
-      protocol: HTTPS
+#       hostname: '*.alexlebens.net'
-      tls:
+#       name: https
-        certificateRefs:
+#       port: 443
-          - group: ''
+#       protocol: HTTPS
-            kind: Secret
+#       tls:
-            name: https-gateway-cert
+#         certificateRefs:
-            namespace: kube-system
+#           - group: ''
-        mode: Terminate
+#             kind: Secret
-    - allowedRoutes:
+#             name: https-gateway-cert
-        namespaces:
+#             namespace: kube-system
-          from: All
+#         mode: Terminate
      hostname: 'alexlebens.net'
      name: https-domain
      port: 443
      protocol: HTTPS
      tls:
        certificateRefs:
          - group: ''
            kind: Secret
            name: https-gateway-cert
            namespace: kube-system
        mode: Terminate
--- a/clusters/cl01tl/helm/cilium/templates/http-route.yaml
+++ b/clusters/cl01tl/helm/cilium/templates/http-route.yaml
@@ -11,8 +11,8 @@ spec:
  parentRefs:
    - group: gateway.networking.k8s.io
      kind: Gateway
-      name: cilium-tls-gateway
+      name: traefik-gateway
-      namespace: kube-system
+      namespace: traefik
  hostnames:
    - hubble.alexlebens.net
  rules:
--- a/clusters/cl01tl/helm/cilium/values.yaml
+++ b/clusters/cl01tl/helm/cilium/values.yaml
@@ -35,8 +35,6 @@ cilium:
      enabled: true
    routerIDAllocation:
      mode: "default"
  bpf:
    hostLegacyRouting: true
  devices: end0 enp6s0
  enableK8sEndpointSlice: true
  ciliumEndpointSlice:
--- a/clusters/cl01tl/helm/cloudnative-pg/Chart.lock
+++ b/clusters/cl01tl/helm/cloudnative-pg/Chart.lock
@@ -4,6 +4,6 @@ dependencies:
  version: 0.27.0
 - name: plugin-barman-cloud
  repository: https://cloudnative-pg.io/charts/
-  version: 0.5.0
+  version: 0.4.0
-digest: sha256:960d00c93523c5669d0f200d440ffa1009eb1c37629485bf7de320ee3a41fd8f
+digest: sha256:5e2a32fa5ed8b180ae5e556d65c67eeb3dcf38e2974b0d668eff4ee3c83258ce
-generated: "2026-02-04T19:02:19.528616588Z"
+generated: "2025-12-30T21:01:48.755246408Z"
--- a/clusters/cl01tl/helm/cloudnative-pg/Chart.yaml
+++ b/clusters/cl01tl/helm/cloudnative-pg/Chart.yaml
@@ -19,7 +19,7 @@ dependencies:
    version: 0.27.0
    repository: https://cloudnative-pg.io/charts/
  - name: plugin-barman-cloud
-    version: 0.5.0
+    version: 0.4.0
    repository: https://cloudnative-pg.io/charts/
 icon: https://avatars.githubusercontent.com/u/100373852?s=200&v=4
 # renovate: datasource=github-releases depName=cloudnative-pg/cloudnative-pg
--- a/clusters/cl01tl/helm/headlamp/Chart.lock
+++ b/clusters/cl01tl/helm/headlamp/Chart.lock
@@ -1,6 +1,6 @@
 dependencies:
 - name: headlamp
  repository: https://kubernetes-sigs.github.io/headlamp/
-  version: 0.40.0
+  version: 0.39.0
-digest: sha256:b7f8f176f8c4902130e87660adb39211fd5ca454f89f5a7e9ed577cd4c3a2255
+digest: sha256:870e456773199684c150585c12c2e18b3f0895ee8cc73481a53b23c8e94560b1
-generated: "2026-02-05T18:23:45.100522813Z"
+generated: "2025-12-20T00:03:40.10414707Z"
--- a/clusters/cl01tl/helm/headlamp/Chart.yaml
+++ b/clusters/cl01tl/helm/headlamp/Chart.yaml
@@ -14,7 +14,7 @@ maintainers:
  - name: alexlebens
 dependencies:
  - name: headlamp
-    version: 0.40.0
+    version: 0.39.0
    repository: https://kubernetes-sigs.github.io/headlamp/
 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/headlamp.png
 # renovate: datasource=github-releases depName=headlamp-k8s/headlamp
--- a/clusters/cl01tl/helm/home-assistant/Chart.yaml
+++ b/clusters/cl01tl/helm/home-assistant/Chart.yaml
@@ -25,4 +25,4 @@ dependencies:
    repository: oci://harbor.alexlebens.net/helm-charts
 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/home-assistant.png
 # renovate: datasource=github-releases depName=home-assistant/core
-appVersion: 2026.2.0
+appVersion: 2026.1.3
--- a/clusters/cl01tl/helm/home-assistant/values.yaml
+++ b/clusters/cl01tl/helm/home-assistant/values.yaml
@@ -9,7 +9,7 @@ home-assistant:
        main:
          image:
            repository: ghcr.io/home-assistant/home-assistant
-            tag: 2026.2.0
+            tag: 2026.1.3
            pullPolicy: IfNotPresent
          env:
            - name: TZ
--- a/clusters/cl01tl/helm/huntarr/Chart.yaml
+++ b/clusters/cl01tl/helm/huntarr/Chart.yaml
@@ -23,4 +23,4 @@ dependencies:
    repository: oci://harbor.alexlebens.net/helm-charts
 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/huntarr.png
 # renovate: datasource=github-releases depName=plexguide/huntarr
-appVersion: 9.1.12
+appVersion: 9.1.9
--- a/clusters/cl01tl/helm/huntarr/values.yaml
+++ b/clusters/cl01tl/helm/huntarr/values.yaml
@@ -9,7 +9,7 @@ huntarr:
        main:
          image:
            repository: ghcr.io/plexguide/huntarr
-            tag: 9.1.12
+            tag: 9.1.9
            pullPolicy: IfNotPresent
          env:
            - name: TZ
--- a/clusters/cl01tl/helm/lidarr/values.yaml
+++ b/clusters/cl01tl/helm/lidarr/values.yaml
@@ -15,7 +15,7 @@ lidarr:
        main:
          image:
            repository: ghcr.io/linuxserver/lidarr
-            tag: 3.1.2-nightly@sha256:adc776c4deb0b36909472a8d22ce00306b4a37f0d584407d846efd59060279ac
+            tag: 3.1.2-nightly@sha256:21aec279552ea35deaf86b4fbb68876d9a4f5cf53cefd6b0c667889153c778db
            pullPolicy: IfNotPresent
          env:
            - name: TZ
--- a/clusters/cl01tl/helm/prowlarr/values.yaml
+++ b/clusters/cl01tl/helm/prowlarr/values.yaml
@@ -20,7 +20,7 @@ prowlarr:
        main:
          image:
            repository: ghcr.io/linuxserver/prowlarr
-            tag: 2.3.0@sha256:5339e9050cfcc0cb5331e9c98610ed9d4ce70ef481a5461ea664a13dda3f1eb0
+            tag: 2.3.0@sha256:d3e9307b320b6772749a2cf8fc2712e9e824c4930b034680ad4d08a9e2f25884
            pullPolicy: IfNotPresent
          env:
            - name: TZ
--- a/clusters/cl01tl/helm/roundcube/values.yaml
+++ b/clusters/cl01tl/helm/roundcube/values.yaml
@@ -58,7 +58,7 @@ roundcube:
        nginx:
          image:
            repository: nginx
-            tag: 1.29.5-alpine-slim
+            tag: 1.29.4-alpine
            pullPolicy: IfNotPresent
          env:
            - name: NGINX_HOST
--- a/clusters/cl01tl/helm/vault/values.yaml
+++ b/clusters/cl01tl/helm/vault/values.yaml
@@ -12,7 +12,7 @@ vault:
    enabled: true
    image:
      repository: hashicorp/vault
-      tag: 1.21.3
+      tag: 1.21.2
    updateStrategyType: "RollingUpdate"
    logLevel: debug
    logFormat: standard
@@ -170,7 +170,7 @@ snapshot:
        snapshot:
          image:
            repository: hashicorp/vault
-            tag: 1.21.3
+            tag: 1.21.2
            pullPolicy: IfNotPresent
          command:
            - /bin/ash
--- a/clusters/cl01tl/helm/whodb/Chart.yaml
+++ b/clusters/cl01tl/helm/whodb/Chart.yaml
@@ -20,4 +20,4 @@ dependencies:
    version: 4.6.2
 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/whodb.png
 # renovate: datasource=github-releases depName=clidey/whodb
-appVersion: 0.91.0
+appVersion: 0.90.0
--- a/clusters/cl01tl/helm/whodb/values.yaml
+++ b/clusters/cl01tl/helm/whodb/values.yaml
@@ -8,7 +8,7 @@ whodb:
        main:
          image:
            repository: clidey/whodb
-            tag: 0.91.0
+            tag: 0.90.0
            pullPolicy: IfNotPresent
          env:
            - name: WHODB_OLLAMA_HOST
--- a/hosts/ps08rp/blocky/config.yml
+++ b/hosts/ps08rp/blocky/config.yml
@@ -99,7 +99,7 @@ customDNS:
    home                            IN      CNAME   traefik-cl01tl
    home-assistant                  IN      CNAME   traefik-cl01tl
    home-assistant-code-server      IN      CNAME   traefik-cl01tl
-    hubble                          IN      CNAME   cilium-cl01tl
+    hubble                          IN      CNAME   traefik-cl01tl
    huntarr                         IN      CNAME   traefik-cl01tl
    immich                          IN      CNAME   traefik-cl01tl
    jellyfin                        IN      CNAME   traefik-cl01tl
--- a/hosts/ps09rp/blocky/config.yml
+++ b/hosts/ps09rp/blocky/config.yml
@@ -120,7 +120,7 @@ customDNS:
    home                            IN      CNAME   traefik-cl01tl
    home-assistant                  IN      CNAME   traefik-cl01tl
    home-assistant-code-server      IN      CNAME   traefik-cl01tl
-    hubble                          IN      CNAME   cilium-cl01tl
+    hubble                          IN      CNAME   traefik-cl01tl
    huntarr                         IN      CNAME   traefik-cl01tl
    immich                          IN      CNAME   traefik-cl01tl
    jellyfin                        IN      CNAME   traefik-cl01tl
--- a/hosts/ps10rp/komodo-periphery/compose.yaml
+++ b/hosts/ps10rp/komodo-periphery/compose.yaml
@@ -12,6 +12,8 @@ services:
            - TS_HOSTNAME=komodo-periphery-ps10rp
        env_file:
            - .ts-env
        labels:
            - "com.centurylinklabs.watchtower.scope=komodo"
        network_mode: service:komodo-periphery
        restart: always
        volumes:
@@ -19,6 +21,23 @@ services:
        devices:
            - /dev/net/tun:/dev/net/tun
    watchtower:
        image: ghcr.io/containrrr/watchtower:latest
        container_name: komodo-periphery-watchtower
        command: --scope komodo
        environment:
            - TZ=America/Chicago
            - WATCHTOWER_HTTP_API_METRICS=true
            - WATCHTOWER_HTTP_API_TOKEN=token
            - WATCHTOWER_CLEANUP=true
            - WATCHTOWER_POLL_INTERVAL=3600
        labels:
            - "com.centurylinklabs.watchtower.scope=komodo"
        network_mode: service:komodo-periphery
        restart: always
        volumes:
            - /var/run/docker.sock:/var/run/docker.sock
    komodo-periphery:
        image: ghcr.io/moghtech/komodo-periphery:latest
        container_name: komodo-periphery
@@ -26,6 +45,8 @@ services:
            - .env
        environment:
            - TZ=America/Chicago
        labels:
            - "com.centurylinklabs.watchtower.scope=komodo"
        restart: always
        volumes:
            - /var/run/docker.sock:/var/run/docker.sock