Compare commits
38 Commits
renovate/t
...
renovate/g
| Author | SHA1 | Date | |
|---|---|---|---|
0cf0f7cea7
|
|||
| feb8ae9e0b | |||
| 2ed60a2759 | |||
| 64a63b957f | |||
| a5004835ad | |||
| 09628ea5ed | |||
| 365f657493 | |||
| 47d625d244 | |||
| ebae841fa2 | |||
| 24a97d65e9 | |||
| 9c080b9407 | |||
| 0f11d6ed6b | |||
| 7383156468 | |||
| 763bff2371 | |||
| 6df133a384 | |||
| 15645efda7 | |||
| bdd9fbfcad | |||
| f2a000f286 | |||
| 51c9aa1b48 | |||
| c7e9835f54 | |||
| 4861f22e95 | |||
| 577bad693b | |||
| 2664810903 | |||
| 01f12f9408 | |||
| f838adb8fc | |||
| 605b170072 | |||
| fc478400c6 | |||
| c89f3ced65 | |||
| a1d73da0a1 | |||
| 6f43520c94 | |||
| e135f87ef5 | |||
| 313eb2423f | |||
| 47e9e9f1a2 | |||
| a12ee3b161 | |||
| 4bbbefbe72 | |||
| a14474690e | |||
| aba571167a | |||
| b1c587f6bb |
1
.gitignore
vendored
1
.gitignore
vendored
@@ -1,3 +1,4 @@
|
||||
/**/archive/
|
||||
/**/charts/
|
||||
/**/manifests/
|
||||
/**/tmpcharts*/
|
||||
|
||||
@@ -2,6 +2,12 @@
|
||||
|
||||
GitOps definied infrastrucutre for the alexlebens.net domain.
|
||||
|
||||
## Stack-cl01tl
|
||||
|
||||
https://argocd.alexlebens.net/api/badge?name=stack-cl01tl&revision=true&showAppName=true
|
||||
|
||||
App-of-Apps Application for cl01tl
|
||||
|
||||
## License
|
||||
|
||||
This project is licensed under the terms of the Apache 2.0 License license.
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.3.0
|
||||
digest: sha256:3763d6c5c0b45219235229aa1d72bfa426abd29aa8d92c1b1ca958b6afb3bfc8
|
||||
generated: "2025-12-15T17:43:51.908308-06:00"
|
||||
version: 0.5.0
|
||||
digest: sha256:bec79e67c86a1cd074c421313d4637012248b2a66fbac1972de69b8fd17f10d6
|
||||
generated: "2025-12-17T16:30:59.656583956Z"
|
||||
|
||||
@@ -19,7 +19,7 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.3.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
||||
appVersion: 25.12.0
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.3.0
|
||||
version: 0.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.3.0
|
||||
digest: sha256:88e0d8008795451a64f3a2e4fa4fc120d48cef4badb4305e8e60afbb494352c5
|
||||
generated: "2025-12-15T18:19:02.989735-06:00"
|
||||
version: 0.5.0
|
||||
digest: sha256:72965155699ed10d43c41c2efdd11685e8d2e272eaab1706131d17a4bd103fc2
|
||||
generated: "2025-12-17T16:31:16.276478437Z"
|
||||
|
||||
@@ -21,11 +21,11 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.3.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-metadata
|
||||
version: 0.3.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
|
||||
appVersion: 2.31.0
|
||||
|
||||
@@ -4,12 +4,12 @@ dependencies:
|
||||
version: 2025.10.3
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:529f2ddaef6ef3584461ae31e4e3ffcc1146f19ece74ef054a7ddbc7eb36a0d8
|
||||
generated: "2025-12-17T16:09:03.696627571Z"
|
||||
digest: sha256:ec4d196c502021555fef8e13789b7ce683163270dc0dc76ee63df614e74b5969
|
||||
generated: "2025-12-17T16:33:20.824676-06:00"
|
||||
|
||||
@@ -26,7 +26,7 @@ dependencies:
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.3
|
||||
|
||||
@@ -20,29 +20,6 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: authentik-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: authentik-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/authentik
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -48,8 +48,6 @@ authentik:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: false
|
||||
cloudflared:
|
||||
existingSecretName: authentik-cloudflared-secret
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.3.0
|
||||
version: 0.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.3.0
|
||||
digest: sha256:13c950ad5cd6accd192e6768557c0df74af2cd767d2372dc38c1cdb7e1563399
|
||||
generated: "2025-12-15T18:33:59.961957-06:00"
|
||||
version: 0.5.0
|
||||
digest: sha256:b7d1700ed373d9a9b761989a8e63f01e0e969491ac05d94cf888f9f5befb32bf
|
||||
generated: "2025-12-17T16:31:33.168858369Z"
|
||||
|
||||
@@ -19,11 +19,11 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.3.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.3.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/backrest.png
|
||||
appVersion: v1.10.1
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:bd1cbd66ccb360978a342ee218bfb01006a486fb85c5714acd593b9e1389b151
|
||||
generated: "2025-12-15T21:50:58.968382-06:00"
|
||||
digest: sha256:f1b9b79c1c7fb5730f85637e6191978b1b75cebe2102453f7a3b2303ca055501
|
||||
generated: "2025-12-17T16:29:17.857247-06:00"
|
||||
|
||||
@@ -23,7 +23,7 @@ dependencies:
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.5.0
|
||||
|
||||
@@ -26,26 +26,3 @@ spec:
|
||||
key: /cl01tl/code-server/auth
|
||||
metadataPolicy: None
|
||||
property: SUDO_PASSWORD
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: code-server-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: code-server-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/codeserver
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
@@ -47,8 +47,6 @@ code-server:
|
||||
main:
|
||||
- path: /config
|
||||
readOnly: false
|
||||
cloudflared:
|
||||
existingSecretName: code-server-cloudflared-secret
|
||||
volsync-target-config:
|
||||
pvcTarget: code-server-config
|
||||
moverSecurityContext:
|
||||
|
||||
@@ -4,12 +4,12 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:984cd51b50663cda85c4861949d2dc724de730a415344936a4fe39745aca31d3
|
||||
generated: "2025-12-17T16:09:15.230017239Z"
|
||||
digest: sha256:381d2e9dba91716b569b4533c55f922baea35e36e631626e12e509ba0ff42abf
|
||||
generated: "2025-12-17T16:40:44.294195-06:00"
|
||||
|
||||
@@ -24,7 +24,7 @@ dependencies:
|
||||
- name: cloudflared
|
||||
alias: cloudflared-directus
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.3
|
||||
|
||||
@@ -41,6 +41,36 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-oidc-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-oidc-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: OIDC_CLIENT_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/directus
|
||||
metadataPolicy: None
|
||||
property: client
|
||||
- secretKey: OIDC_CLIENT_SECRET
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/directus
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
@@ -94,59 +124,6 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-oidc-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-oidc-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: OIDC_CLIENT_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/directus
|
||||
metadataPolicy: None
|
||||
property: client
|
||||
- secretKey: OIDC_CLIENT_SECRET
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/directus
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/directus
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -153,9 +153,6 @@ directus:
|
||||
port: 80
|
||||
targetPort: 8055
|
||||
protocol: TCP
|
||||
cloudflared-directus:
|
||||
name: cloudflared-directus
|
||||
existingSecretName: directus-cloudflared-secret
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 1.4.26
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
digest: sha256:f9196cbede894c6da6ecedd9ae05d3f1fd0e20304eca8ca38c18334a923b2235
|
||||
generated: "2025-12-07T02:54:29.895481505Z"
|
||||
version: 2.0.1
|
||||
digest: sha256:167c380390784b7f9838ae1123f60c546fcb25cbba026e1de6820546a4e28c01
|
||||
generated: "2025-12-17T16:40:48.510486-06:00"
|
||||
|
||||
@@ -22,6 +22,6 @@ dependencies:
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
||||
appVersion: v1.12.6
|
||||
|
||||
@@ -1,21 +0,0 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: element-web-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: element-web-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/element
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
@@ -24,5 +24,3 @@ element-web:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
cloudflared:
|
||||
existingSecretName: element-web-cloudflared-secret
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.3.0
|
||||
digest: sha256:476021b852fbbd829570bcb88309eea92bd096cb4ec79efe2d895ee0c46f1c49
|
||||
generated: "2025-12-15T21:43:24.262051-06:00"
|
||||
version: 0.5.0
|
||||
digest: sha256:72f17798177136bbc72e8c96b588735b40833e9520430aa82968c0f7335354d3
|
||||
generated: "2025-12-17T16:31:50.696337227Z"
|
||||
|
||||
@@ -21,7 +21,7 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.3.0
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/ephemera.png
|
||||
appVersion: 1.3.1
|
||||
|
||||
@@ -4,12 +4,12 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:5900e87dbe27e52b72edc6dd34e36aeb89c491ac8729b3be499cbd6e09ce88ff
|
||||
generated: "2025-12-17T16:09:27.525526677Z"
|
||||
digest: sha256:65c3f3e803b60090d43f6b5d8eca56e1da6bfeb8212d66d23cfdb8460d13ecba
|
||||
generated: "2025-12-17T16:40:58.956142-06:00"
|
||||
|
||||
@@ -24,7 +24,7 @@ dependencies:
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.3
|
||||
|
||||
@@ -71,29 +71,6 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: crypto-key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: freshrss-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: freshrss-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/freshrss
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -192,8 +192,6 @@ freshrss:
|
||||
main:
|
||||
- path: /var/www/FreshRSS/extensions
|
||||
readOnly: false
|
||||
cloudflared:
|
||||
existingSecretName: freshrss-cloudflared-secret
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
|
||||
@@ -10,7 +10,7 @@ dependencies:
|
||||
version: 0.18.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
@@ -23,5 +23,5 @@ dependencies:
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:4d1894d82bb3c9ca4672378e79ba8c6a7b1d1d691c6ac0e5ac369759a015f1dd
|
||||
generated: "2025-12-17T16:09:49.625523528Z"
|
||||
digest: sha256:15b7a7d8b69b876dc63705a75070cb522e90d6f8ead610209fd88b39f1ba28e4
|
||||
generated: "2025-12-17T16:41:08.82906-06:00"
|
||||
|
||||
@@ -37,7 +37,7 @@ dependencies:
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.3
|
||||
|
||||
@@ -197,29 +197,6 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: MEILI_MASTER_KEY
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: gitea-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: gitea-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/gitea
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -185,8 +185,6 @@ meilisearch:
|
||||
memory: 128Mi
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
cloudflared:
|
||||
existingSecretName: gitea-cloudflared-secret
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
dependencies:
|
||||
- name: grafana-operator
|
||||
repository: https://grafana.github.io/helm-charts
|
||||
version: v5.20.0
|
||||
version: 5.21.1
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
@@ -11,5 +11,5 @@ dependencies:
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:7efeacd496cb0dc009013164641868c9de71acc3f26dab8c6eee10e0a9f82c06
|
||||
generated: "2025-12-17T16:10:04.690538844Z"
|
||||
digest: sha256:485cf44121c365717b671a4c9538d7498bd9279f7cceb856dad5a796f9482afe
|
||||
generated: "2025-12-17T22:47:19.041363006Z"
|
||||
|
||||
@@ -17,7 +17,7 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: grafana-operator
|
||||
version: v5.20.0
|
||||
version: 5.21.1
|
||||
repository: https://grafana.github.io/helm-charts
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
digest: sha256:fbfdebf734560044cfe5d2c4771b63cbcabc121d13c44b751f914877b5bdc83f
|
||||
generated: "2025-12-07T02:55:01.91141803Z"
|
||||
version: 2.0.1
|
||||
digest: sha256:96923099c2893374540fe8cf354fc1805205c08819dcb6367f4f8ac14b4221bc
|
||||
generated: "2025-12-17T16:41:26.330656-06:00"
|
||||
|
||||
@@ -22,6 +22,6 @@ dependencies:
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||
appVersion: v1.8.0
|
||||
|
||||
@@ -1,21 +0,0 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: homepage-dev-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage-dev-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/homepage-dev
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
@@ -163,5 +163,3 @@ homepage:
|
||||
readOnly: true
|
||||
mountPropagation: None
|
||||
subPath: widgets.yaml
|
||||
cloudflared:
|
||||
existingSecretName: homepage-dev-cloudflared-secret
|
||||
|
||||
@@ -27,7 +27,7 @@ jellyfin:
|
||||
memory: 2Gi
|
||||
vue:
|
||||
type: deployment
|
||||
replicas: 3
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
|
||||
@@ -7,9 +7,9 @@ dependencies:
|
||||
version: 0.18.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:75ae21505394e7f5d2c0308665400aa249598612b141c6632bffe99230d454d3
|
||||
generated: "2025-12-16T23:01:47.968439-06:00"
|
||||
digest: sha256:9e808d0a415bb032c8565c99c59b15f25cbffd22df8c1c70e16c80e8799505fb
|
||||
generated: "2025-12-17T16:41:40.280667-06:00"
|
||||
|
||||
@@ -27,7 +27,7 @@ dependencies:
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.5.0
|
||||
|
||||
@@ -79,26 +79,3 @@ spec:
|
||||
key: /cl01tl/karakeep/meilisearch
|
||||
metadataPolicy: None
|
||||
property: MEILI_MASTER_KEY
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: karakeep-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/karakeep
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
@@ -152,7 +152,5 @@ meilisearch:
|
||||
memory: 128Mi
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
cloudflared:
|
||||
existingSecretName: karakeep-cloudflared-secret
|
||||
volsync-target-data:
|
||||
pvcTarget: karakeep
|
||||
|
||||
@@ -149,7 +149,7 @@ redis-replication:
|
||||
spec:
|
||||
resources:
|
||||
requests:
|
||||
storage: 5Gi
|
||||
storage: 10Gi
|
||||
redisSentinel:
|
||||
enabled: true
|
||||
clusterSize: 3
|
||||
|
||||
@@ -8,8 +8,8 @@ kubernetes-cloudflare-ddns:
|
||||
timeZone: US/Central
|
||||
schedule: "30 4 * * *"
|
||||
startingDeadlineSeconds: 90
|
||||
successfulJobsHistory: 3
|
||||
failedJobsHistory: 3
|
||||
successfulJobsHistory: 1
|
||||
failedJobsHistory: 1
|
||||
backoffLimit: 3
|
||||
parallelism: 1
|
||||
containers:
|
||||
|
||||
@@ -1,24 +1,5 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: libation-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: libation-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
storageClassName: nfs-client
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
volumeMode: Filesystem
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: libation-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
@@ -8,8 +8,8 @@ libation:
|
||||
timeZone: US/Central
|
||||
schedule: 0 0 1 1 *
|
||||
startingDeadlineSeconds: 90
|
||||
successfulJobsHistory: 3
|
||||
failedJobsHistory: 3
|
||||
successfulJobsHistory: 1
|
||||
failedJobsHistory: 1
|
||||
backoffLimit: 3
|
||||
parallelism: 1
|
||||
containers:
|
||||
@@ -45,7 +45,7 @@ libation:
|
||||
cpu: 10m
|
||||
memory: 32Mi
|
||||
persistence:
|
||||
config-new:
|
||||
config:
|
||||
forceRename: libation
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
|
||||
@@ -5,5 +5,8 @@ dependencies:
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
digest: sha256:66944bedb53a1cf3aff6cb8e1218f23cd9ccf3cca9489064f0eee46c66f59ac4
|
||||
generated: "2025-12-17T16:10:52.803256851Z"
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:b12b64a6fac9ef6c2743b404547e40451bb47d04c13b509f8a07179aaad6071d
|
||||
generated: "2025-12-17T10:41:06.633712-06:00"
|
||||
|
||||
@@ -26,5 +26,9 @@ dependencies:
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.3
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/lidarr.png
|
||||
appVersion: 3.1.0
|
||||
|
||||
@@ -1,62 +1,5 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: lidarr-config-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: lidarr-config-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/lidarr2/lidarr2-config"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: lidarr-postgresql-18-cluster-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
@@ -1,28 +0,0 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: lidarr-config-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: lidarr-config-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: lidarr-config
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: lidarr-config-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
moverSecurityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
@@ -144,3 +144,10 @@ postgres-18-cluster:
|
||||
# immediate: true
|
||||
# schedule: "0 0 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
volsync-target-config:
|
||||
pvcTarget: lidarr-config
|
||||
moverSecurityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
@@ -2,5 +2,8 @@ dependencies:
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
digest: sha256:486139f48e88e912593a7ee18973bc4872a6ddc4881fcfa933558f5a7749503b
|
||||
generated: "2025-12-05T17:08:12.627557611Z"
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:8dc18a31138c2e4eb4f6499058aaec0437ecd76ba4f0c5db4ec1ef46e90f9628
|
||||
generated: "2025-12-17T10:07:48.72533-06:00"
|
||||
|
||||
@@ -18,5 +18,9 @@ dependencies:
|
||||
alias: lidatube
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/lidatube.png
|
||||
appVersion: 0.2.42
|
||||
|
||||
@@ -64,3 +64,10 @@ lidatube:
|
||||
main:
|
||||
- path: /lidatube/downloads
|
||||
readOnly: false
|
||||
volsync-target-config:
|
||||
pvcTarget: lidatube-config
|
||||
moverSecurityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
@@ -2,5 +2,8 @@ dependencies:
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
digest: sha256:1f215356d77b524ae23c0bb178d48fd2d602d9224dd7459658628903ff5b6e4c
|
||||
generated: "2025-12-05T17:08:24.614701742Z"
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:bb2dd513e76b8f2597967ea48a9c7df7018ed5d40a5f8dabc3402e15cdb4c74a
|
||||
generated: "2025-12-17T10:10:10.316764-06:00"
|
||||
|
||||
@@ -17,4 +17,8 @@ dependencies:
|
||||
alias: listenarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
appVersion: 0.2.35
|
||||
|
||||
@@ -28,6 +28,7 @@ listenarr:
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
config:
|
||||
forceRename: listenarr
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
@@ -44,3 +45,10 @@ listenarr:
|
||||
main:
|
||||
- path: /data
|
||||
readOnly: false
|
||||
volsync-target-config:
|
||||
pvcTarget: listenarr
|
||||
moverSecurityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
@@ -13,10 +13,10 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
@@ -26,5 +26,17 @@ dependencies:
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:c08d2fd5436ca9f0d1b159d6d424ab42d171a967ca97178b2f8dd60de83f9cc9
|
||||
generated: "2025-12-15T15:56:54.377467-06:00"
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:ccb371d89141f57b6fcddbb132406ef783e27be124e8f44af480e5f0eeb11de6
|
||||
generated: "2025-12-17T16:42:10.9332-06:00"
|
||||
|
||||
@@ -45,11 +45,11 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
alias: cloudflared-synapse
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: cloudflared
|
||||
alias: cloudflared-hookshot
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
@@ -63,5 +63,21 @@ dependencies:
|
||||
alias: redis-replication-hookshot
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-synapse
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-hookshot
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-discord
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-whatsapp
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/matrix.png
|
||||
appVersion: 1.144.0
|
||||
|
||||
@@ -199,221 +199,6 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: matrix-synapse-cloudflared-synapse-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-synapse-cloudflared-synapse-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/matrix-synapse
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: matrix-synapse-cloudflared-hookshot-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-synapse-cloudflared-hookshot-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/matrix-hookshot
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: matrix-synapse-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-synapse-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/matrix-synapse/matrix-synapse"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: mautrix-discord-data-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/matrix-synapse/mautrix-discord-data"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: mautrix-whatsapp-data-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/matrix-synapse/mautrix-whatsapp-data"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -1,85 +0,0 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: matrix-synapse-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-synapse-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: matrix-synapse
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: matrix-synapse-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
|
||||
---
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: mautrix-discord-data-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: mautrix-discord-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: mautrix-discord
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: mautrix-discord-data-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
moverSecurityContext:
|
||||
runAsUser: 1337
|
||||
runAsGroup: 1337
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
|
||||
---
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: mautrix-whatsapp-data-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: mautrix-whatsapp-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: mautrix-whatsapp
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: mautrix-whatsapp-data-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
moverSecurityContext:
|
||||
runAsUser: 1337
|
||||
runAsGroup: 1337
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
@@ -204,6 +204,7 @@ matrix-hookshot:
|
||||
mountPropagation: None
|
||||
subPath: passkey.pem
|
||||
data:
|
||||
forceRename: matrix-hookshot
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 500Mi
|
||||
@@ -285,6 +286,7 @@ mautrix-discord:
|
||||
mountPropagation: None
|
||||
subPath: mautrix-discord-registration.yaml
|
||||
data:
|
||||
forceRename: mautrix-discord
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 500Mi
|
||||
@@ -369,6 +371,7 @@ mautrix-whatsapp:
|
||||
mountPropagation: None
|
||||
subPath: mautrix-whatsapp-registration.yaml
|
||||
data:
|
||||
forceRename: mautrix-whatsapp
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 500Mi
|
||||
@@ -381,12 +384,6 @@ mautrix-whatsapp:
|
||||
main:
|
||||
- path: /data
|
||||
readOnly: false
|
||||
cloudflared-synapse:
|
||||
name: cloudflared-synapse
|
||||
existingSecretName: matrix-synapse-cloudflared-synapse-secret
|
||||
cloudflared-hookshot:
|
||||
name: cloudflared-hookshot
|
||||
existingSecretName: matrix-synapse-cloudflared-hookshot-secret
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
@@ -473,3 +470,17 @@ redis-replication-hookshot:
|
||||
redisSentinel:
|
||||
enabled: true
|
||||
clusterSize: 3
|
||||
volsync-target-synapse:
|
||||
pvcTarget: matrix-synapse
|
||||
volsync-target-hookshot:
|
||||
pvcTarget: matrix-hookshot
|
||||
volsync-target-discord:
|
||||
pvcTarget: mautrix-discord
|
||||
moverSecurityContext:
|
||||
runAsUser: 1337
|
||||
runAsGroup: 1337
|
||||
volsync-target-whatsapp:
|
||||
pvcTarget: mautrix-whatsapp
|
||||
moverSecurityContext:
|
||||
runAsUser: 1337
|
||||
runAsGroup: 1337
|
||||
|
||||
@@ -8,5 +8,8 @@ dependencies:
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:4f3ed81241b432b988d6b6277192d360f98a5258ad34c88ac0645505d0acc0a5
|
||||
generated: "2025-12-17T16:11:02.717745162Z"
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:d5f9a1471b38c11f4ca44bd764243309b5be739a3bb1605ee229e1f456d19643
|
||||
generated: "2025-12-17T10:42:04.895167-06:00"
|
||||
|
||||
@@ -26,5 +26,9 @@ dependencies:
|
||||
- name: redis-replication
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/n8n.png
|
||||
appVersion: 2.0.1
|
||||
|
||||
@@ -375,3 +375,5 @@ redis-replication:
|
||||
redisSentinel:
|
||||
enabled: true
|
||||
clusterSize: 3
|
||||
volsync-target-data:
|
||||
pvcTarget: n8n
|
||||
|
||||
@@ -5,5 +5,8 @@ dependencies:
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
digest: sha256:639e6a2931f61cba27b306b6949bf5dd1fffb04682b4179f29b2561dc1f22b48
|
||||
generated: "2025-12-17T16:11:11.863081712Z"
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:d3b6a59e3f33b0f9b75ab5de98a027df2cff8d8a8fd5eb921d86eb2b62f6b072
|
||||
generated: "2025-12-17T11:28:44.339984-06:00"
|
||||
|
||||
@@ -25,5 +25,9 @@ dependencies:
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.3
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/ollama.png
|
||||
appVersion: 0.13.3
|
||||
|
||||
@@ -51,63 +51,6 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: ollama-web-data-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: ollama-web-data-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/ollama/ollama-web"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -1,28 +0,0 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: ollama-web-data-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: ollama-web-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: ollama-web-data
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: ollama-web-data-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
moverSecurityContext:
|
||||
runAsUser: 1337
|
||||
runAsGroup: 1337
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
@@ -227,6 +227,7 @@ ollama:
|
||||
- path: /root/.ollama
|
||||
readOnly: false
|
||||
web-data:
|
||||
forceRename: ollama-web-data
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
@@ -292,3 +293,8 @@ postgres-18-cluster:
|
||||
# immediate: true
|
||||
# schedule: "0 0 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
volsync-target-data:
|
||||
pvcTarget: ollama-web-data
|
||||
moverSecurityContext:
|
||||
runAsUser: 1337
|
||||
runAsGroup: 1337
|
||||
|
||||
@@ -4,12 +4,12 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:f88a6de488648be3e889b6791ea10f2bbdc93b185b23fe1ce6f011e0c52e8795
|
||||
generated: "2025-12-17T16:11:20.961903473Z"
|
||||
digest: sha256:522fd84d35b1aa3e761cce7e878bfbaa3981a7abca590b1cae87395ad8f0c354
|
||||
generated: "2025-12-17T16:42:30.713283-06:00"
|
||||
|
||||
@@ -25,7 +25,7 @@ dependencies:
|
||||
- name: cloudflared
|
||||
alias: cloudflared-outline
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.3
|
||||
|
||||
@@ -57,29 +57,6 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: outline-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: outline-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/outline
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -142,9 +142,6 @@ outline:
|
||||
port: 3000
|
||||
targetPort: 3000
|
||||
protocol: HTTP
|
||||
cloudflared-outline:
|
||||
existingSecretName: outline-cloudflared-secret
|
||||
name: cloudflared-outline
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
|
||||
@@ -4,12 +4,18 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
- name: redis-replication
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:89320b12971fe3aca51771776352f6841cc8ad85ce4e67799e47d34c28d0dd10
|
||||
generated: "2025-12-17T16:11:43.175332626Z"
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:87746040a5bc493b609900567800bd57764849ffc35949df11ba8c1a53c77852
|
||||
generated: "2025-12-17T16:42:38.213421-06:00"
|
||||
|
||||
@@ -23,7 +23,7 @@ dependencies:
|
||||
version: 4.5.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.23.2
|
||||
version: 2.0.1
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.3
|
||||
@@ -31,5 +31,13 @@ dependencies:
|
||||
- name: redis-replication
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-upload
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/postiz.png
|
||||
appVersion: v2.10.1
|
||||
|
||||
@@ -87,143 +87,6 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: postiz-config-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: postiz-config-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/postiz/postiz-config"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: postiz-uploads-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: postiz-uploads-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/postiz/postiz-uploads"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: postiz-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: postiz-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/postiz
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
|
||||
@@ -1,52 +0,0 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: postiz-config-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: postiz-config-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: postiz-config
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: postiz-config-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
|
||||
---
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: postiz-uploads-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: postiz-uploads-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: postiz-uploads
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: postiz-uploads-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
@@ -83,6 +83,7 @@ postiz:
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
config:
|
||||
forceRename: postiz-config
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 2Gi
|
||||
@@ -93,6 +94,7 @@ postiz:
|
||||
- path: /config
|
||||
readOnly: false
|
||||
uploads:
|
||||
forceRename: postiz-uploads
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 10Gi
|
||||
@@ -102,9 +104,6 @@ postiz:
|
||||
main:
|
||||
- path: /uploads
|
||||
readOnly: false
|
||||
cloudflared:
|
||||
name: cloudflared-postiz
|
||||
existingSecretName: postiz-cloudflared-secret
|
||||
postgres-18-cluster:
|
||||
mode: recovery
|
||||
cluster:
|
||||
@@ -169,3 +168,7 @@ redis-replication:
|
||||
redisSentinel:
|
||||
enabled: true
|
||||
clusterSize: 3
|
||||
volsync-target-config:
|
||||
pvcTarget: postiz-config
|
||||
volsync-target-upload:
|
||||
pvcTarget: postiz-uploads
|
||||
|
||||
@@ -2,5 +2,8 @@ dependencies:
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
digest: sha256:dfdb5ed2a8dafc2d0cb125af396032c4d7b4bff96eb54934fcb776df39dee5e9
|
||||
generated: "2025-12-05T17:10:55.27077318Z"
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:e6c51831324467888dcfcf2434761f15e165312d38fa583c495096d59cb741d6
|
||||
generated: "2025-12-17T11:34:01.003589-06:00"
|
||||
|
||||
@@ -19,5 +19,9 @@ dependencies:
|
||||
alias: prowlarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/prowlarr.png
|
||||
appVersion: 2.3.0
|
||||
|
||||
@@ -1,55 +0,0 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: prowlarr-config-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: prowlarr-config-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/prowlarr/prowlarr-config"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
@@ -1,35 +0,0 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: prowlarr-config-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: prowlarr-config-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: prowlarr-config
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: prowlarr-config-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
moverSecurityContext:
|
||||
runAsUser: 568
|
||||
runAsGroup: 568
|
||||
fsGroup: 568
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
supplementalGroups:
|
||||
- 44
|
||||
- 100
|
||||
- 109
|
||||
- 65539
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
@@ -49,3 +49,15 @@ prowlarr:
|
||||
main:
|
||||
- path: /config
|
||||
readOnly: false
|
||||
volsync-target-config:
|
||||
pvcTarget: prowlarr-config
|
||||
moverSecurityContext:
|
||||
runAsUser: 568
|
||||
runAsGroup: 568
|
||||
fsGroup: 568
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
supplementalGroups:
|
||||
- 44
|
||||
- 100
|
||||
- 109
|
||||
- 65539
|
||||
|
||||
@@ -2,5 +2,14 @@ dependencies:
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
digest: sha256:6a7348951304a43f3e848889ceae04a0a66c4dc6ebf619efe6d69397d8af3437
|
||||
generated: "2025-12-05T17:11:05.489733462Z"
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:2a52a5e028dbfd6c197857815b084e474f0a2c34e2b17fdd718386fd4a949287
|
||||
generated: "2025-12-17T12:42:06.415903-06:00"
|
||||
|
||||
@@ -26,5 +26,17 @@ dependencies:
|
||||
alias: qbittorrent
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.5.0
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-qbit-manage-config
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-qui-config
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/qbittorrent.png
|
||||
appVersion: 5.1.4
|
||||
|
||||
@@ -14,10 +14,86 @@ data:
|
||||
echo "curl could not be found, installing";
|
||||
apk add curl;
|
||||
fi;
|
||||
curl -i -X POST --silent --write-out '%{http_code}' -d "json={\"random_port\": \"true\"}" "http://localhost:8080/api/v2/app/setPreferences";
|
||||
sleep 10
|
||||
echo "updating port with $1";
|
||||
curl -i -X POST --silent --write-out '%{http_code}' -d "json={\"listen_port\": \"${1}\"}" "http://localhost:8080/api/v2/app/setPreferences";
|
||||
|
||||
if ! command -v jq 2>&1 >/dev/null
|
||||
then
|
||||
echo "jq could not be found, installing";
|
||||
apk add jq;
|
||||
fi;
|
||||
|
||||
API_ENDPOINT="http://localhost:8080/api/v2";
|
||||
|
||||
# echo " ";
|
||||
# echo ">> Authentication ...";
|
||||
# curl -i --silent --header 'Referer: http://localhost:8080' --output response_body_auth.json --data 'username=admin&password=adminadmin' "${API_ENDPOINT}/auth/login" -c cookie;
|
||||
|
||||
echo " ";
|
||||
echo ">> Test access ...";
|
||||
HTTP_STATUS=$(curl -i -X GET --silent --write-out '%{http_code}' --output response_body_test.json -b cookie -c cookie "${API_ENDPOINT}/app/version");
|
||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
||||
|
||||
VERSION=$(tail -n 1 response_body_test.json)
|
||||
|
||||
if [ "$HTTP_STATUS" == "200" ]; then
|
||||
echo ">> Access confirmed, qBittorrent version: ${VERSION}"
|
||||
HTTP_STATUS=""
|
||||
else
|
||||
echo ">> ERROR: HTTP status code: $HTTP_STATUS"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PAYLOAD=$( jq -n \
|
||||
--arg random_port "true" \
|
||||
'{random_port: $random_port}' );
|
||||
|
||||
echo " ";
|
||||
echo ">> Setting port to random ...";
|
||||
HTTP_STATUS=$(curl -i -X POST --silent -b cookie -c cookie --write-out '%{http_code}' --output response_body_random.json --data "$PAYLOAD" "${API_ENDPOINT}/app/setPreferences");
|
||||
|
||||
if [ "$HTTP_STATUS" == "200" ]; then
|
||||
echo ">> Random port set"
|
||||
HTTP_STATUS=""
|
||||
else
|
||||
echo ">> ERROR: HTTP status code: $HTTP_STATUS"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo " ";
|
||||
echo ">> Sleeping for changes to take effect";
|
||||
sleep 5;
|
||||
|
||||
PAYLOAD=$( jq -n \
|
||||
--arg listen_port "${1}" \
|
||||
'{listen_port: $listen_port}' );
|
||||
|
||||
echo " ";
|
||||
echo ">> Updating port with ${1} ...";
|
||||
curl -i -X POST --silent -b cookie -c cookie --write-out '%{http_code}' --output response_body_update.json --data "$PAYLOAD" "${API_ENDPOINT}/app/setPreferences";
|
||||
|
||||
if [ "$HTTP_STATUS" == "200" ]; then
|
||||
echo ">> Port set"
|
||||
HTTP_STATUS=""
|
||||
else
|
||||
echo ">> ERROR: HTTP status code: $HTTP_STATUS"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo " ";
|
||||
echo ">> Sleeping for changes to take effect";
|
||||
sleep 5;
|
||||
|
||||
echo " ";
|
||||
echo ">> Qbittorrent's post is now:";
|
||||
curl -i -X GET --silent -b cookie -c cookie --write-out '%{http_code}' --output response_body_check.json "${API_ENDPOINT}/app/preferences";
|
||||
|
||||
LISTEN_PORT=$(cat response_body_check.json | jq -r .listen_port)
|
||||
|
||||
[[ "$HTTP_STATUS" == "200" || "$LISTEN_PORT" == "${1}" ]];
|
||||
echo ">> Port updated successfully!"
|
||||
else
|
||||
echo ">> ERROR: HTTP status code: $HTTP_STATUS"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
|
||||
@@ -1,24 +1,5 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: qbittorrent-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: qbittorrent-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: qbittorrent-config
|
||||
storageClassName: nfs-client
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: qbittorrent-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
@@ -1,30 +1,5 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: qbittorrent-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: qbittorrent-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
storageClassName: nfs-client
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
nfs:
|
||||
path: /volume2/Storage/Torrent/QBITTORRENT
|
||||
server: synologybond.alexlebens.net
|
||||
mountOptions:
|
||||
- vers=4
|
||||
- minorversion=1
|
||||
- noac
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: qbittorrent-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
@@ -41,12 +41,6 @@ qbittorrent:
|
||||
value: "002"
|
||||
- name: WEBUI_PORT
|
||||
value: 8080
|
||||
- name: DOCKER_MODS
|
||||
value: ghcr.io/themepark-dev/theme.park:qbittorrent
|
||||
- name: TP_COMMUNITY_THEME
|
||||
value: true
|
||||
- name: TP_THEME
|
||||
value: catppuccin-mocha
|
||||
resources:
|
||||
requests:
|
||||
cpu: 500m
|
||||
@@ -257,28 +251,6 @@ qbittorrent:
|
||||
targetPort: 9074
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
config:
|
||||
type: persistentVolumeClaim
|
||||
existingClaim: qbittorrent-config
|
||||
advancedMounts:
|
||||
main:
|
||||
qbittorrent:
|
||||
- path: /config
|
||||
readOnly: false
|
||||
qbit-manage:
|
||||
qbit-manage:
|
||||
- path: /qbittorrent
|
||||
readOnly: false
|
||||
theme-data:
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 1Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
main:
|
||||
qbittorrent:
|
||||
- path: /themepark
|
||||
readOnly: false
|
||||
update-script:
|
||||
enabled: true
|
||||
type: configMap
|
||||
@@ -289,19 +261,6 @@ qbittorrent:
|
||||
gluetun:
|
||||
- path: /gluetun/update.sh
|
||||
subPath: update.sh
|
||||
qbit-manage-config-data:
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 1Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
qbit-manage:
|
||||
init-copy-config:
|
||||
- path: /app/config
|
||||
readOnly: false
|
||||
qbit-manage:
|
||||
- path: /app/config
|
||||
readOnly: false
|
||||
qbit-manage-config:
|
||||
enabled: true
|
||||
type: configMap
|
||||
@@ -318,14 +277,37 @@ qbittorrent:
|
||||
readOnly: true
|
||||
mountPropagation: None
|
||||
subPath: config.yml
|
||||
qbit-manage-config-var:
|
||||
type: emptyDir
|
||||
config-data:
|
||||
forceRename: qbittorrent-config-data
|
||||
storageClass: ceph-filesystem
|
||||
accessMode: ReadWriteMany
|
||||
size: 1Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
main:
|
||||
qbittorrent:
|
||||
- path: /config/qBittorrent
|
||||
readOnly: false
|
||||
qbit-manage:
|
||||
qbit-manage:
|
||||
- path: /app/var
|
||||
- path: /qbittorrent/qBittorrent
|
||||
readOnly: false
|
||||
qbit-manage-config-data:
|
||||
forceRename: qbittorrent-qbit-manage-config-data
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 1Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
qbit-manage:
|
||||
init-copy-config:
|
||||
- path: /app/config
|
||||
readOnly: false
|
||||
qbit-manage:
|
||||
- path: /app/config
|
||||
readOnly: false
|
||||
qui-config-data:
|
||||
forceRename: qbittorrent-qui-config-data
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 1Gi
|
||||
@@ -335,6 +317,13 @@ qbittorrent:
|
||||
qui:
|
||||
- path: /config
|
||||
readOnly: false
|
||||
qbit-manage-config-var:
|
||||
type: emptyDir
|
||||
advancedMounts:
|
||||
qbit-manage:
|
||||
qbit-manage:
|
||||
- path: /app/var
|
||||
readOnly: false
|
||||
storage:
|
||||
type: persistentVolumeClaim
|
||||
existingClaim: qbittorrent-nfs-storage
|
||||
@@ -347,3 +336,29 @@ qbittorrent:
|
||||
qbit-manage:
|
||||
- path: /mnt/store
|
||||
readOnly: false
|
||||
volsync-target-config:
|
||||
pvcTarget: qbittorrent-config-data
|
||||
moverSecurityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
local:
|
||||
restic:
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-filesystem
|
||||
volumeSnapshotClassName: ceph-filesystem-snapshot
|
||||
remote:
|
||||
restic:
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-filesystem
|
||||
volumeSnapshotClassName: ceph-filesystem-snapshot
|
||||
external:
|
||||
restic:
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-filesystem
|
||||
volumeSnapshotClassName: ceph-filesystem-snapshot
|
||||
volsync-target-qbit-manage-config:
|
||||
pvcTarget: qbittorrent-qbit-manage-config-data
|
||||
volsync-target-qui-config:
|
||||
pvcTarget: qbittorrent-qui-config-data
|
||||
|
||||
@@ -5,5 +5,8 @@ dependencies:
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
digest: sha256:b61b9bd12d2576cc2ce7686283c34a4ca572e1a6004edaa4333f6298a81cfa6c
|
||||
generated: "2025-12-17T16:11:55.289060592Z"
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:9d66ccb57066b202b4bdb12ff82fe58ce6f223b8cf52f41dbe71b63e2a06e1da
|
||||
generated: "2025-12-17T13:19:56.898192-06:00"
|
||||
|
||||
@@ -29,5 +29,9 @@ dependencies:
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.3
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr-4k.png
|
||||
appVersion: 6.0.4
|
||||
|
||||
@@ -1,62 +1,5 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: radarr-4k-config-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: radarr-4k-config-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/radarr5-4k/radarr5-4k-config"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: radarr-4k-postgresql-18-cluster-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
@@ -1,30 +0,0 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: radarr-4k-config-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: radarr-4k-config-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: radarr-4k-config
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: radarr-4k-config-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
moverSecurityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
@@ -144,3 +144,10 @@ postgres-18-cluster:
|
||||
# immediate: true
|
||||
# schedule: "0 0 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
volsync-target-config:
|
||||
pvcTarget: radarr-4k-config
|
||||
moverSecurityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
@@ -5,5 +5,8 @@ dependencies:
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.1.3
|
||||
digest: sha256:faf85a053ac36925b51a326d638fcbea233a76e718a40fce46354889c1bd7afa
|
||||
generated: "2025-12-17T16:12:05.3064082Z"
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.5.0
|
||||
digest: sha256:1a14ec1d5d6a61c3428e4578c391e38ecc87f8995c572e53982e950e35a4705f
|
||||
generated: "2025-12-17T13:19:58.852583-06:00"
|
||||
|
||||
@@ -29,5 +29,9 @@ dependencies:
|
||||
alias: postgres-18-cluster
|
||||
version: 7.1.3
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
version: 0.5.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr-anime.png
|
||||
appVersion: 6.0.4
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user