alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Activity

Compare commits

base: alexlebens:renovate/unified-immich-appimmich-server
Branches Tags
alexlebens:main alexlebens:renovate/unified-immich-appimmich-server alexlebens:renovate/unified-immich-appimmich alexlebens:renovate/unified-prometheus-operatorprometheus-operator alexlebens:renovate/unified-autobrrqui alexlebens:renovate/kube-prometheus-stack-82.x alexlebens:manifests alexlebens:renovate/cilium-1.x alexlebens:renovate/unified-dock.mau.devmautrixwhatsapp
..
compare: alexlebens:816bda85169490e3731cac9d3e7b6ae2dfc36dba
Branches Tags
alexlebens:renovate/unified-immich-appimmich-server alexlebens:renovate/unified-immich-appimmich alexlebens:renovate/unified-prometheus-operatorprometheus-operator alexlebens:renovate/unified-autobrrqui alexlebens:renovate/kube-prometheus-stack-82.x alexlebens:manifests alexlebens:renovate/cilium-1.x alexlebens:renovate/unified-dock.mau.devmautrixwhatsapp alexlebens:main

1 Commits
renovate/u ... 816bda8516

Author SHA1 Message Date
Renovate Bot
816bda8516 chore(deps): update dependency tailscale/tailscale to v1.96.2
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 41s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 1m6s
Details
render-manifests / render-manifests (pull_request) Successful in 31s
Details
2026-03-18 17:05:13 +00:00
32 changed files with 174 additions and 43 deletions
Expand all files Collapse all files

8
clusters/cl01tl/helm/argo-workflows/Chart.lock
View File

@@ -1,12 +1,12 @@
dependencies:
- name: argo-workflows
repository: https://argoproj.github.io/argo-helm
version: 1.0.3
version: 1.0.2
- name: argo-events
repository: https://argoproj.github.io/argo-helm
version: 2.4.21
version: 2.4.20
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0
digest: sha256:4c857612f12f288dcbf6903df58ac708dcbc051e5f17e94ecd0cadc41b9c32bd
generated: "2026-03-19T04:33:30.206516151Z"
digest: sha256:8d1c2dd011a360d930ed5ff186462f163407077d36ae633898ec5d6ba30a4e8d
generated: "2026-03-15T20:04:18.080966008Z"

4
clusters/cl01tl/helm/argo-workflows/Chart.yaml
View File

@@ -18,10 +18,10 @@ maintainers:
- name: alexlebens
dependencies:
- name: argo-workflows
version: 1.0.3
version: 1.0.2
repository: https://argoproj.github.io/argo-helm
- name: argo-events
version: 2.4.21
version: 2.4.20
repository: https://argoproj.github.io/argo-helm
- name: postgres-cluster
alias: postgres-18-cluster

2
clusters/cl01tl/helm/argo-workflows/values.yaml
View File

@@ -8,7 +8,7 @@ argo-workflows:
upgradeJob:
image:
repository: registry.k8s.io/kubectl
tag: v1.35.3
tag: v1.35.2
controller:
metricsConfig:
enabled: true

6
clusters/cl01tl/helm/argocd/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies:
- name: argo-cd
repository: https://argoproj.github.io/argo-helm
version: 9.4.14
digest: sha256:0d80c03a05176d53cc8ec94da32ef2cb5fccafc76b1648c0e4e1288515ba0824
generated: "2026-03-19T04:27:11.289046913Z"
version: 9.4.12
digest: sha256:2bea48f3d44a453b8cdc83c7a18f9e417116d300dfad9672bab4ac97cefa891d
generated: "2026-03-18T11:03:53.835514883Z"

2
clusters/cl01tl/helm/argocd/Chart.yaml
View File

@@ -15,7 +15,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: argo-cd
version: 9.4.14
version: 9.4.12
repository: https://argoproj.github.io/argo-helm
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
# renovate: datasource=github-releases depName=argoproj/argo-cd

6
clusters/cl01tl/helm/generic-device-plugin/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies:
- name: generic-device-plugin
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
version: 0.20.23
digest: sha256:1565d6e94921e2543bf4c302ddebb7504fbfd9113c976e4d297de18e9a0c06c6
generated: "2026-03-19T01:04:01.714112981Z"
version: 0.20.22
digest: sha256:14e5aa3f02ce6a1271dadc3f76997c739fc9434e669b05655c079d0b873c56ca
generated: "2026-03-15T20:35:40.676997293Z"

2
clusters/cl01tl/helm/generic-device-plugin/Chart.yaml
View File

@@ -15,6 +15,6 @@ maintainers:
dependencies:
- name: generic-device-plugin
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
version: 0.20.23
version: 0.20.22
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
appVersion: 1.0.0

6
clusters/cl01tl/helm/harbor/Chart.lock
View File

@@ -1,12 +1,12 @@
dependencies:
- name: harbor
repository: https://helm.goharbor.io
version: 1.18.3
version: 1.18.2
- name: postgres-cluster
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
version: 7.10.0
- name: valkey
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0
digest: sha256:e7a5cee56dddb4abc07ff18677cb6ddf55571b38da2eeb7e654e8ad8f7709bfa
generated: "2026-03-19T04:16:54.362332682Z"
digest: sha256:14c2b7d09631dbb573e9c9d4613ebe52e330146662da0da15f74c31ec519ed15
generated: "2026-03-15T20:06:13.615175051Z"

2
clusters/cl01tl/helm/harbor/Chart.yaml
View File

@@ -17,7 +17,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: harbor
version: 1.18.3
version: 1.18.2
repository: https://helm.goharbor.io
- name: postgres-cluster
alias: postgres-18-cluster

2
clusters/cl01tl/helm/home-assistant/values.yaml
View File

@@ -9,7 +9,7 @@ home-assistant:
main:
image:
repository: ghcr.io/home-assistant/home-assistant
tag: 2026.3.2
tag: 2026.3.1
pullPolicy: IfNotPresent
env:
- name: TZ

2
clusters/cl01tl/helm/immich/values.yaml
View File

@@ -9,7 +9,7 @@ immich:
main:
image:
repository: ghcr.io/immich-app/immich-server
tag: v2.6.1
tag: v2.5.6
pullPolicy: IfNotPresent
env:
- name: TZ

6
clusters/cl01tl/helm/kube-prometheus-stack/Chart.lock
View File

@@ -1,12 +1,12 @@
dependencies:
- name: kube-prometheus-stack
repository: oci://ghcr.io/prometheus-community/charts
version: 82.11.0
version: 82.10.4
- name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2
- name: valkey
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0
digest: sha256:e32045eeb180e3658ea4141faa2a4ecf381181993e20ca9bb1e48bcf0b861d1c
generated: "2026-03-18T21:02:35.011295676Z"
digest: sha256:d6bbbfdd1a781b5eb82c2dc8571836a43d23bf8526eac1bcd40f38030be642db
generated: "2026-03-15T20:38:11.961621853Z"

2
clusters/cl01tl/helm/kube-prometheus-stack/Chart.yaml
View File

@@ -20,7 +20,7 @@ maintainers:
- name: alexlebens
dependencies:
- name: kube-prometheus-stack
version: 82.11.0
version: 82.10.4
repository: oci://ghcr.io/prometheus-community/charts
- name: app-template
alias: ntfy-alertmanager

2
clusters/cl01tl/helm/libation/Chart.yaml
View File

@@ -24,4 +24,4 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/libation.png
# renovate: datasource=github-releases depName=rmcrackan/Libation
appVersion: 13.3.2
appVersion: 13.3.0

2
clusters/cl01tl/helm/libation/values.yaml
View File

@@ -16,7 +16,7 @@ libation:
main:
image:
repository: rmcrackan/libation
tag: 13.3.2
tag: 13.3.0
pullPolicy: IfNotPresent
env:
- name: SLEEP_TIME

2
clusters/cl01tl/helm/medialyze/Chart.yaml
View File

@@ -19,4 +19,4 @@ dependencies:
version: 4.6.2
icon: https://raw.githubusercontent.com/frederikemmer/MediaLyze/d8f69c0628bac7c047b90f91a66341648029c273/frontend/public/favicon.svg
# renovate: datasource=github-releases depName=frederikemmer/MediaLyze
appVersion: 0.2.2
appVersion: 0.2.1

2
clusters/cl01tl/helm/medialyze/values.yaml
View File

@@ -9,7 +9,7 @@ medialyze:
main:
image:
repository: ghcr.io/frederikemmer/medialyze
tag: 0.2.2
tag: 0.2.1
pullPolicy: IfNotPresent
env:
- name: HOST_PORT

2
clusters/cl01tl/helm/music-grabber/values.yaml
View File

@@ -9,7 +9,7 @@ music-grabber:
main:
image:
repository: g33kphr33k/musicgrabber
tag: 2.4.6
tag: 2.4.5
pullPolicy: IfNotPresent
env:
- name: MUSIC_DIR

2
clusters/cl01tl/helm/ollama/Chart.yaml
View File

@@ -31,4 +31,4 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/ollama.png
# renovate: datasource=github-releases depName=ollama/ollama
appVersion: 0.18.2
appVersion: 0.18.1

6
clusters/cl01tl/helm/ollama/values.yaml
View File

@@ -22,7 +22,7 @@ ollama:
main:
image:
repository: ollama/ollama
tag: 0.18.2
tag: 0.18.1
pullPolicy: IfNotPresent
env:
- name: OLLAMA_KEEP_ALIVE
@@ -58,7 +58,7 @@ ollama:
main:
image:
repository: ollama/ollama
tag: 0.18.2
tag: 0.18.1
pullPolicy: IfNotPresent
env:
- name: OLLAMA_KEEP_ALIVE
@@ -94,7 +94,7 @@ ollama:
main:
image:
repository: ollama/ollama
tag: 0.18.2
tag: 0.18.1
pullPolicy: IfNotPresent
env:
- name: OLLAMA_KEEP_ALIVE

2
clusters/cl01tl/helm/outline/Chart.yaml
View File

@@ -39,4 +39,4 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/outline.png
# renovate: datasource=github-releases depName=outline/outline
appVersion: 1.6.1
appVersion: 1.6.0

2
clusters/cl01tl/helm/outline/values.yaml
View File

@@ -12,7 +12,7 @@ outline:
main:
image:
repository: outlinewiki/outline
tag: 1.6.1
tag: 1.6.0
pullPolicy: IfNotPresent
env:
- name: NODE_ENV

2
clusters/cl01tl/helm/roundcube/Chart.yaml
View File

@@ -29,4 +29,4 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/roundcube.png
# renovate: datasource=github-releases depName=roundcube/roundcubemail
appVersion: 1.6.14
appVersion: 1.6.13

2
clusters/cl01tl/helm/rybbit/values.yaml
View File

@@ -71,7 +71,7 @@ rybbit:
key: mapbox-token
probes:
liveness:
enabled: false
enabled: true
custom: true
spec:
exec:

2
clusters/cl01tl/helm/site-profile/values.yaml
View File

@@ -11,7 +11,7 @@ site-profile:
main:
image:
repository: harbor.alexlebens.net/images/site-profile
tag: 3.15.0
tag: 3.14.0
pullPolicy: IfNotPresent
resources:
requests:

4
clusters/cl01tl/helm/tdarr/values.yaml
View File

@@ -9,7 +9,7 @@ tdarr:
main:
image:
repository: ghcr.io/haveagitgat/tdarr
tag: 2.64.02
tag: 2.63.01
pullPolicy: IfNotPresent
env:
- name: TZ
@@ -48,7 +48,7 @@ tdarr:
main:
image:
repository: ghcr.io/haveagitgat/tdarr_node
tag: 2.64.02
tag: 2.63.01
pullPolicy: IfNotPresent
env:
- name: TZ

6
clusters/cl01tl/helm/trivy/Chart.lock Normal file
View File

@@ -0,0 +1,6 @@
dependencies:
- name: trivy-operator
repository: https://aquasecurity.github.io/helm-charts/
version: 0.32.1
digest: sha256:7e25850fc3115f52e6c65151c76668929eee6713228e935862d9f156397c2ede
generated: "2026-03-15T17:21:41.373519-05:00"

23
clusters/cl01tl/helm/trivy/Chart.yaml Normal file
View File

@@ -0,0 +1,23 @@
apiVersion: v2
name: trivy
version: 1.0.0
description: Trivy
keywords:
- trivy
- vulnerability
- monitoring
- kubernetes
home: https://wiki.alexlebens.dev/s/
sources:
- https://github.com/aquasecurity/trivy
- https://github.com/aquasecurity/trivy-operator
- https://github.com/aquasecurity/trivy-operator/tree/main/deploy/helm
maintainers:
- name: alexlebens
dependencies:
- name: trivy-operator
version: 0.32.1
repository: https://aquasecurity.github.io/helm-charts/
icon: https://raw.githubusercontent.com/aquasecurity/trivy/main/docs/imgs/logo.png
# renovate: github=aquasecurity/trivy
appVersion: 0.32.1

11
clusters/cl01tl/helm/trivy/templates/namespace.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v1
kind: Namespace
metadata:
name: trivy
labels:
app.kubernetes.io/name: trivy
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/warn: privileged

91
clusters/cl01tl/helm/trivy/values.yaml Normal file
View File

@@ -0,0 +1,91 @@
trivy-operator:
targetWorkloads: "pod,replicaset,replicationcontroller,statefulset,daemonset,cronjob,job"
operator:
replicas: 1
scanJobsConcurrentLimit: 1
vulnerabilityScannerEnabled: true
sbomGenerationEnabled: false
clusterSbomCacheEnabled: false
configAuditScannerEnabled: true
rbacAssessmentScannerEnabled: true
infraAssessmentScannerEnabled: false
clusterComplianceEnabled: false
vulnerabilityScannerScanOnlyCurrentRevisions: true
accessGlobalSecretsAndServiceAccount: true
metricsFindingsEnabled: true
exposedSecretScannerEnabled: true
serviceMonitor:
enabled: true
trivy:
createConfig: true
image:
registry: mirror.gcr.io
repository: aquasec/trivy
tag: 0.69.3
storageClassEnabled: true
storageClassName: ceph-block
storageSize: "10Gi"
registry:
mirror:
"registry-1.docker.io": proxy-registry-1.docker.io
"quay.io": proxy-quay.io
"registry.k8s.io": proxy-registry.k8s
"gcr.io": proxy-gcr.io
"ghcr.io": proxy-ghcr.io
"hub.docker": proxy-hub.docker
severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
slow: true
resources:
requests:
cpu: 100m
memory: 128M
supportedConfigAuditKinds: "Workload,Service,Role,ClusterRole,NetworkPolicy,Ingress,LimitRange,ResourceQuota"
server:
resources:
requests:
cpu: 200m
memory: 512Mi
replicas: 1
nodeCollector:
tolerations:
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
volumeMounts:
- name: var-lib-etcd
mountPath: /var/lib/etcd
readOnly: true
- name: var-lib-kubelet
mountPath: /var/lib/kubelet
readOnly: true
- name: var-lib-kube-scheduler
mountPath: /var/lib/kube-scheduler
readOnly: true
- name: var-lib-kube-controller-manager
mountPath: /var/lib/kube-controller-manager
readOnly: true
- name: etc-kubernetes
mountPath: /etc/kubernetes
readOnly: true
- name: etc-cni-netd
mountPath: /etc/cni/net.d/
readOnly: true
volumes:
- name: var-lib-etcd
hostPath:
path: /var/lib/etcd
- name: var-lib-kubelet
hostPath:
path: /var/lib/kubelet
- name: var-lib-kube-scheduler
hostPath:
path: /var/lib/kube-scheduler
- name: var-lib-kube-controller-manager
hostPath:
path: /var/lib/kube-controller-manager
- name: etc-kubernetes
hostPath:
path: /etc/kubernetes
- name: etc-cni-netd
hostPath:
path: /etc/cni/net.d/

2
clusters/cl01tl/helm/whodb/Chart.yaml
View File

@@ -20,4 +20,4 @@ dependencies:
version: 4.6.2
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/whodb.png
# renovate: datasource=github-releases depName=clidey/whodb
appVersion: 0.100.0
appVersion: 0.99.0

2
clusters/cl01tl/helm/whodb/values.yaml
View File

@@ -8,7 +8,7 @@ whodb:
main:
image:
repository: clidey/whodb
tag: 0.100.0
tag: 0.99.0
pullPolicy: IfNotPresent
env:
- name: WHODB_OLLAMA_HOST