Compare commits
1 Commits
tmp/rclone
...
5a50e33fc4
| Author | SHA1 | Date | |
|---|---|---|---|
5a50e33fc4
|
@@ -169,10 +169,9 @@ jobs:
|
|||||||
|
|
||||||
echo ">> Running linting on changed charts ..."
|
echo ">> Running linting on changed charts ..."
|
||||||
|
|
||||||
lint_chart() {
|
for DIR in ${CHANGED_CHARTS}; do
|
||||||
local DIR="$1"
|
CHART_PATH="clusters/${CLUSTER}/helm/${DIR}"
|
||||||
local CHART_PATH="clusters/${CLUSTER}/helm/${DIR}"
|
CHART_NAME=$(basename "${CHART_PATH}")
|
||||||
local CHART_NAME=$(basename "${CHART_PATH}")
|
|
||||||
|
|
||||||
if [ -f "${CHART_PATH}/Chart.yaml" ]; then
|
if [ -f "${CHART_PATH}/Chart.yaml" ]; then
|
||||||
echo ""
|
echo ""
|
||||||
@@ -183,8 +182,15 @@ jobs:
|
|||||||
echo ">> Linting helm chart ${CHART_NAME} ..."
|
echo ">> Linting helm chart ${CHART_NAME} ..."
|
||||||
|
|
||||||
if ! helm lint "${CHART_PATH}" --namespace "default"; then
|
if ! helm lint "${CHART_PATH}" --namespace "default"; then
|
||||||
echo "${DIR}" > ".failed_chart_${CHART_NAME}"
|
EXIT_CODE=1
|
||||||
return 1
|
|
||||||
|
if [ -z "${FAILED_CHARTS}" ]; then
|
||||||
|
FAILED_CHARTS="${DIR}"
|
||||||
|
|
||||||
|
else
|
||||||
|
FAILED_CHARTS="${FAILED_CHARTS}, ${DIR}"
|
||||||
|
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
else
|
else
|
||||||
@@ -192,20 +198,8 @@ jobs:
|
|||||||
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..."
|
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..."
|
||||||
|
|
||||||
fi
|
fi
|
||||||
}
|
|
||||||
|
|
||||||
export -f lint_chart
|
done
|
||||||
export CLUSTER
|
|
||||||
|
|
||||||
for DIR in ${CHANGED_CHARTS}; do
|
|
||||||
echo "${DIR}"
|
|
||||||
done | xargs -P 4 -I {} bash -c 'OUT=$(lint_chart "$@" 2>&1); printf "%s\n" "$OUT"' _ {}
|
|
||||||
|
|
||||||
if ls .failed_chart_* 1> /dev/null 2>&1; then
|
|
||||||
EXIT_CODE=1
|
|
||||||
FAILED_CHARTS=$(cat .failed_chart_* | paste -sd ',' - | sed 's/,/, /g')
|
|
||||||
rm -f .failed_chart_*
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo "----"
|
echo "----"
|
||||||
@@ -335,9 +329,8 @@ jobs:
|
|||||||
EXIT_CODE=0
|
EXIT_CODE=0
|
||||||
FAILED_CHARTS=""
|
FAILED_CHARTS=""
|
||||||
|
|
||||||
validate_chart() {
|
for DIR in ${CHANGED_CHARTS}; do
|
||||||
local DIR="$1"
|
CHART_PATH="clusters/${CLUSTER}/helm/${DIR}"
|
||||||
local CHART_PATH="clusters/${CLUSTER}/helm/${DIR}"
|
|
||||||
echo ""
|
echo ""
|
||||||
echo ">> Validating: ${DIR}"
|
echo ">> Validating: ${DIR}"
|
||||||
|
|
||||||
@@ -350,23 +343,18 @@ jobs:
|
|||||||
-strict \
|
-strict \
|
||||||
-summary; then
|
-summary; then
|
||||||
|
|
||||||
echo "${DIR}" > ".failed_chart_${DIR}"
|
EXIT_CODE=1
|
||||||
return 1
|
|
||||||
|
if [ -z "${FAILED_CHARTS}" ]; then
|
||||||
|
FAILED_CHARTS="${DIR}"
|
||||||
|
|
||||||
|
else
|
||||||
|
FAILED_CHARTS="${FAILED_CHARTS}, ${DIR}"
|
||||||
|
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
}
|
|
||||||
|
|
||||||
export -f validate_chart
|
done
|
||||||
export CLUSTER SCHEMA_LOCATIONS
|
|
||||||
|
|
||||||
for DIR in ${CHANGED_CHARTS}; do
|
|
||||||
echo "${DIR}"
|
|
||||||
done | xargs -P 4 -I {} bash -c 'OUT=$(validate_chart "$@" 2>&1); printf "%s\n" "$OUT"' _ {}
|
|
||||||
|
|
||||||
if ls .failed_chart_* 1> /dev/null 2>&1; then
|
|
||||||
EXIT_CODE=1
|
|
||||||
FAILED_CHARTS=$(cat .failed_chart_* | paste -sd ',' - | sed 's/,/, /g')
|
|
||||||
rm -f .failed_chart_*
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo "----"
|
echo "----"
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ on:
|
|||||||
jobs:
|
jobs:
|
||||||
renovate:
|
renovate:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container: ghcr.io/renovatebot/renovate:43.141.5@sha256:8fb9e3cfdadc0994fb87f57be624d1c1940c41c1c53c074465caff85a2b6d3a4
|
container: ghcr.io/renovatebot/renovate:43.139.6@sha256:2ed9f867ea7a7d2448847ce704f78af09e9b881c63f843a1aa0f590691737c42
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
|
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
|
||||||
|
|||||||
@@ -18,10 +18,10 @@ dependencies:
|
|||||||
alias: actual
|
alias: actual
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: volsync-target
|
# - name: volsync-target
|
||||||
alias: volsync-target-data
|
# alias: volsync-target-data
|
||||||
version: 1.0.0
|
# version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
# repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
||||||
# renovate: datasource=github-releases depName=actualbudget/actual
|
# renovate: datasource=github-releases depName=actualbudget/actual
|
||||||
appVersion: 26.4.0
|
appVersion: 26.4.0
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -1,6 +1,6 @@
|
|||||||
dependencies:
|
dependencies:
|
||||||
- name: argo-cd
|
- name: argo-cd
|
||||||
repository: https://argoproj.github.io/argo-helm
|
repository: https://argoproj.github.io/argo-helm
|
||||||
version: 9.5.4
|
version: 9.5.2
|
||||||
digest: sha256:3d21f3de99812af73615ef0e75f835d41d49b81a840107194b44e06057d7311f
|
digest: sha256:5d9e6405ee944bf94df6af247164ebb9b8899144853b9a7eafabe8606affe84e
|
||||||
generated: "2026-04-24T18:07:49.106452954Z"
|
generated: "2026-04-19T19:53:40.43789-05:00"
|
||||||
|
|||||||
@@ -13,8 +13,8 @@ maintainers:
|
|||||||
- name: alexlebens
|
- name: alexlebens
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: argo-cd
|
- name: argo-cd
|
||||||
version: 9.5.4
|
version: 9.5.2
|
||||||
repository: https://argoproj.github.io/argo-helm
|
repository: https://argoproj.github.io/argo-helm
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
|
||||||
# renovate: datasource=github-releases depName=argoproj/argo-cd
|
# renovate: datasource=github-releases depName=argoproj/argo-cd
|
||||||
appVersion: v3.3.8
|
appVersion: v3.3.7
|
||||||
|
|||||||
@@ -103,7 +103,7 @@ argo-cd:
|
|||||||
enabled: true
|
enabled: true
|
||||||
image:
|
image:
|
||||||
repository: haproxy
|
repository: haproxy
|
||||||
tag: 3.3.6-alpine@sha256:4f97a2cb7f02fd08402259e74a65ef12fcfa3dff1ef78fddecb5228a17b7f4ad
|
tag: 3.3.6-alpine@sha256:744be2dca649a44d490a4c565d36968d19482dd387f1bdd44c168f4322bc6b1e
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 5m
|
cpu: 5m
|
||||||
|
|||||||
@@ -24,11 +24,11 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-config
|
alias: volsync-target-config
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-metadata
|
alias: volsync-target-metadata
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
|
||||||
# renovate: datasource=github-releases depName=advplyr/audiobookshelf
|
# renovate: datasource=github-releases depName=advplyr/audiobookshelf
|
||||||
|
|||||||
@@ -15,13 +15,9 @@ spec:
|
|||||||
mergePolicy: Merge
|
mergePolicy: Merge
|
||||||
engineVersion: v2
|
engineVersion: v2
|
||||||
data:
|
data:
|
||||||
ntfy-url: "{{ `{{ .endpoint }}` }}/{{ `{{ .topic }}` }}"
|
ntfy-url: "{{ `{{ .endpoint }}` }}/audiobookshelf"
|
||||||
data:
|
data:
|
||||||
- secretKey: endpoint
|
- secretKey: endpoint
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/ntfy/users/cl01tl
|
key: /cl01tl/ntfy/users/cl01tl
|
||||||
property: internal-endpoint-credential
|
property: internal-endpoint-credential
|
||||||
- secretKey: topic
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/ntfy/topics
|
|
||||||
property: audiobookshelf
|
|
||||||
|
|||||||
@@ -4,12 +4,12 @@ dependencies:
|
|||||||
version: 2026.2.2
|
version: 2026.2.2
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 2.6.0
|
version: 2.5.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
- name: valkey
|
- name: valkey
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 0.6.1
|
version: 0.6.1
|
||||||
digest: sha256:d1dbca83e5b63a58a9bf9f2903d1b45bbadca3e8599541367bc61ef2ce938cdb
|
digest: sha256:22fe4d9ec592aa74cbff5596e8d900f607bd68ea14c7df70a94b4ef76727614d
|
||||||
generated: "2026-04-24T21:50:21.398658595Z"
|
generated: "2026-04-13T20:32:12.748342469Z"
|
||||||
|
|||||||
@@ -22,10 +22,10 @@ dependencies:
|
|||||||
repository: https://charts.goauthentik.io/
|
repository: https://charts.goauthentik.io/
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 2.6.0
|
version: 2.5.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-18-cluster
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: valkey
|
- name: valkey
|
||||||
alias: valkey
|
alias: valkey
|
||||||
|
|||||||
@@ -5,8 +5,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ .Release.Name }}-tailscale
|
app.kubernetes.io/name: {{ .Release.Name }}-tailscale
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
|
||||||
tailscale.com/proxy-class: no-metrics
|
tailscale.com/proxy-class: no-metrics
|
||||||
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
annotations:
|
annotations:
|
||||||
tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true"
|
tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true"
|
||||||
spec:
|
spec:
|
||||||
@@ -25,4 +25,4 @@ spec:
|
|||||||
service:
|
service:
|
||||||
name: authentik-server
|
name: authentik-server
|
||||||
port:
|
port:
|
||||||
name: http
|
number: 80
|
||||||
|
|||||||
@@ -4,9 +4,9 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
digest: sha256:4c3010c4ef30f7baaad7564d1fda9bdfe18184fab0e3f47a8a1f4c74e340e557
|
digest: sha256:f203538010828e77336f3cf39451a1072c90aeb8ece7c173a3476c49883b46d1
|
||||||
generated: "2026-04-24T22:50:23.056323614Z"
|
generated: "2026-03-06T01:05:24.935421139Z"
|
||||||
|
|||||||
@@ -20,11 +20,11 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-config
|
alias: volsync-target-config
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-data
|
alias: volsync-target-data
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/backrest.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/backrest.png
|
||||||
# renovate: datasource=github-releases depName=garethgeorge/backrest
|
# renovate: datasource=github-releases depName=garethgeorge/backrest
|
||||||
|
|||||||
@@ -4,6 +4,6 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
digest: sha256:ee94a588fa517303597c8a6159befdbac00b651afc5c1d7c779b3cb28d3ba8c6
|
digest: sha256:ce88e4cd451613c9dbc25d285700970789ff678452ef277f3c8465dbf6157f1f
|
||||||
generated: "2026-04-24T22:50:33.529825344Z"
|
generated: "2026-03-06T01:05:44.405374459Z"
|
||||||
|
|||||||
@@ -24,7 +24,7 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-config
|
alias: volsync-target-config
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png
|
||||||
# renovate: datasource=github-releases depName=linuxserver/docker-bazarr
|
# renovate: datasource=github-releases depName=linuxserver/docker-bazarr
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -20,6 +20,8 @@ spec:
|
|||||||
type: PathPrefix
|
type: PathPrefix
|
||||||
value: /
|
value: /
|
||||||
backendRefs:
|
backendRefs:
|
||||||
- kind: Service
|
- group: ''
|
||||||
|
kind: Service
|
||||||
name: hubble-ui
|
name: hubble-ui
|
||||||
port: 80
|
port: 80
|
||||||
|
weight: 100
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -17,4 +17,4 @@ dependencies:
|
|||||||
repository: https://coredns.github.io/helm
|
repository: https://coredns.github.io/helm
|
||||||
icon: https://raw.githubusercontent.com/coredns/coredns.io/refs/heads/master/static/images/favicon.png
|
icon: https://raw.githubusercontent.com/coredns/coredns.io/refs/heads/master/static/images/favicon.png
|
||||||
# renovate: datasource=github-releases depName=coredns/coredns
|
# renovate: datasource=github-releases depName=coredns/coredns
|
||||||
appVersion: v1.14.3
|
appVersion: v1.14.2
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -4,18 +4,18 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
- name: valkey
|
- name: valkey
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 0.6.1
|
version: 0.6.1
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
digest: sha256:675bca89787669fd5b23eb2d4b49a44acee2556044982bb634f678a39cec7db4
|
digest: sha256:6ece439d5549b7d7ccd75053846bb9b2e8f9798a2e2163eac6f62bf5cf222587
|
||||||
generated: "2026-04-24T22:50:43.987901153Z"
|
generated: "2026-04-13T20:32:54.380897459Z"
|
||||||
|
|||||||
@@ -22,7 +22,7 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-18-cluster
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: valkey
|
- name: valkey
|
||||||
alias: valkey
|
alias: valkey
|
||||||
@@ -30,15 +30,15 @@ dependencies:
|
|||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-storage
|
alias: volsync-target-storage
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-public
|
alias: volsync-target-public
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-watched
|
alias: volsync-target-watched
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/dawarich.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/dawarich.png
|
||||||
# renovate: datasource=github-releases depName=Freika/dawarich
|
# renovate: datasource=github-releases depName=Freika/dawarich
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -1,15 +1,16 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: synology-iscsi-config
|
name: synology-iscsi-config-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: synology-iscsi-config
|
app.kubernetes.io/name: synology-iscsi-config-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: driver-config-file.yaml
|
- secretKey: driver-config-file.yaml
|
||||||
remoteRef:
|
remoteRef:
|
||||||
|
|||||||
@@ -1,10 +1,11 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Namespace
|
kind: Namespace
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ .Release.Namespace }}
|
name: democratic-csi-synology-iscsi
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ .Release.Namespace }}
|
app.kubernetes.io/name: democratic-csi-synology-iscsi
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
pod-security.kubernetes.io/audit: privileged
|
pod-security.kubernetes.io/audit: privileged
|
||||||
pod-security.kubernetes.io/enforce: privileged
|
pod-security.kubernetes.io/enforce: privileged
|
||||||
pod-security.kubernetes.io/warn: privileged
|
pod-security.kubernetes.io/warn: privileged
|
||||||
|
|||||||
@@ -3,7 +3,7 @@ democratic-csi:
|
|||||||
image:
|
image:
|
||||||
registry: ghcr.io/democratic-csi/democratic-csi
|
registry: ghcr.io/democratic-csi/democratic-csi
|
||||||
tag: v1.9.5@@sha256:fc3b7d7ed3a616714139525075312758e23a5d425ffb539ad12c9bd20fb6001f
|
tag: v1.9.5@@sha256:fc3b7d7ed3a616714139525075312758e23a5d425ffb539ad12c9bd20fb6001f
|
||||||
existingConfigSecret: synology-iscsi-config
|
existingConfigSecret: synology-iscsi-config-secret
|
||||||
config:
|
config:
|
||||||
driver: synology-iscsi
|
driver: synology-iscsi
|
||||||
resources:
|
resources:
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -4,12 +4,9 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
- name: valkey
|
- name: valkey
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 0.6.1
|
version: 0.6.1
|
||||||
- name: rclone-bucket
|
digest: sha256:78f5065d1125792c88e4d24f5ac1ee3d6310b4997f552020c44d0615335ea329
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
generated: "2026-04-13T20:33:13.909018545Z"
|
||||||
version: 0.2.0
|
|
||||||
digest: sha256:b95c228173eb2e4914c37d5c8b3753ad644a90dc9f7f4357dbc1cbf15004961b
|
|
||||||
generated: "2026-04-25T20:59:03.456994-05:00"
|
|
||||||
|
|||||||
@@ -5,14 +5,13 @@ description: Directus
|
|||||||
keywords:
|
keywords:
|
||||||
- directus
|
- directus
|
||||||
- content-management-system
|
- content-management-system
|
||||||
home: https://docs.alexlebens.dev/applications/directus/
|
home: https://docs.alexlebens.dev/applications/descheduler/
|
||||||
sources:
|
sources:
|
||||||
- https://github.com/directus/directus
|
- https://github.com/directus/directus
|
||||||
- https://github.com/directus/directus/pkgs/container/directus
|
- https://github.com/directus/directus/pkgs/container/directus
|
||||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/valkey
|
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/valkey
|
||||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/rclone-bucket
|
|
||||||
maintainers:
|
maintainers:
|
||||||
- name: alexlebens
|
- name: alexlebens
|
||||||
dependencies:
|
dependencies:
|
||||||
@@ -22,16 +21,12 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-18-cluster
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: valkey
|
- name: valkey
|
||||||
alias: valkey
|
alias: valkey
|
||||||
version: 0.6.1
|
version: 0.6.1
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: rclone-bucket
|
|
||||||
alias: rclone-directus-assets-remote
|
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
|
||||||
version: 0.2.0
|
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png
|
||||||
# renovate: datasource=github-releases depName=directus/directus
|
# renovate: datasource=github-releases depName=directus/directus
|
||||||
appVersion: 11.17.3
|
appVersion: 11.17.3
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -5,20 +5,13 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: directus-config
|
app.kubernetes.io/name: directus-config
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: key
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/directus/key
|
|
||||||
property: key
|
|
||||||
- secretKey: secret
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/directus/key
|
|
||||||
property: secret
|
|
||||||
- secretKey: admin-email
|
- secretKey: admin-email
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/directus/config
|
key: /cl01tl/directus/config
|
||||||
@@ -27,6 +20,38 @@ spec:
|
|||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/directus/config
|
key: /cl01tl/directus/config
|
||||||
property: admin-password
|
property: admin-password
|
||||||
|
- secretKey: secret
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/directus/config
|
||||||
|
property: secret
|
||||||
|
- secretKey: key
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/directus/config
|
||||||
|
property: key
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: directus-oidc-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: directus-oidc-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: OIDC_CLIENT_ID
|
||||||
|
remoteRef:
|
||||||
|
key: /authentik/oidc/directus
|
||||||
|
property: client
|
||||||
|
- secretKey: OIDC_CLIENT_SECRET
|
||||||
|
remoteRef:
|
||||||
|
key: /authentik/oidc/directus
|
||||||
|
property: secret
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
@@ -36,67 +61,18 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: directus-metric-token
|
app.kubernetes.io/name: directus-metric-token
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: metric-token
|
- secretKey: metric-token
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/directus/metrics
|
key: /cl01tl/directus/metrics
|
||||||
property: metric-token
|
property: metric-token
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: directus-valkey-config
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: directus-valkey-config
|
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: openbao
|
|
||||||
data:
|
|
||||||
- secretKey: user
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/directus/valkey
|
|
||||||
property: user
|
|
||||||
- secretKey: password
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/directus/valkey
|
|
||||||
property: password
|
|
||||||
- secretKey: default
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/directus/valkey
|
|
||||||
property: password
|
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: directus-oidc-authentik
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: directus-oidc-authentik
|
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: openbao
|
|
||||||
data:
|
|
||||||
- secretKey: OIDC_CLIENT_ID
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/authentik/oidc/directus
|
|
||||||
property: client
|
|
||||||
- secretKey: OIDC_CLIENT_SECRET
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/authentik/oidc/directus
|
|
||||||
property: secret
|
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
@@ -105,11 +81,12 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: directus-bucket-garage
|
app.kubernetes.io/name: directus-bucket-garage
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: ACCESS_KEY_ID
|
- secretKey: ACCESS_KEY_ID
|
||||||
remoteRef:
|
remoteRef:
|
||||||
@@ -123,3 +100,31 @@ spec:
|
|||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/home-infra/directus-assets
|
key: /garage/home-infra/directus-assets
|
||||||
property: ACCESS_REGION
|
property: ACCESS_REGION
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: directus-valkey-config
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: directus-valkey-config
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: default
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/directus/valkey
|
||||||
|
property: password
|
||||||
|
- secretKey: user
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/directus/valkey
|
||||||
|
property: user
|
||||||
|
- secretKey: password
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/directus/valkey
|
||||||
|
property: password
|
||||||
|
|||||||
@@ -113,12 +113,12 @@ directus:
|
|||||||
- name: AUTH_AUTHENTIK_CLIENT_ID
|
- name: AUTH_AUTHENTIK_CLIENT_ID
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: directus-oidc-authentik
|
name: directus-oidc-secret
|
||||||
key: OIDC_CLIENT_ID
|
key: OIDC_CLIENT_ID
|
||||||
- name: AUTH_AUTHENTIK_CLIENT_SECRET
|
- name: AUTH_AUTHENTIK_CLIENT_SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: directus-oidc-authentik
|
name: directus-oidc-secret
|
||||||
key: OIDC_CLIENT_SECRET
|
key: OIDC_CLIENT_SECRET
|
||||||
- name: AUTH_AUTHENTIK_SCOPE
|
- name: AUTH_AUTHENTIK_SCOPE
|
||||||
value: openid profile email
|
value: openid profile email
|
||||||
@@ -214,24 +214,3 @@ valkey:
|
|||||||
# https://github.com/valkey-io/valkey-helm/issues/135
|
# https://github.com/valkey-io/valkey-helm/issues/135
|
||||||
metrics:
|
metrics:
|
||||||
enabled: false
|
enabled: false
|
||||||
rclone-directus-assets-remote:
|
|
||||||
cronJob:
|
|
||||||
suspend: false
|
|
||||||
schedule: 0 0 * * *
|
|
||||||
rclone:
|
|
||||||
source:
|
|
||||||
bucketName: directus-assets
|
|
||||||
destination:
|
|
||||||
bucketName: directus-assets
|
|
||||||
secret:
|
|
||||||
externalSecret:
|
|
||||||
source:
|
|
||||||
credentials:
|
|
||||||
path: /garage/home-infra/directus-assets
|
|
||||||
config:
|
|
||||||
path: /garage/config
|
|
||||||
destination:
|
|
||||||
credentials:
|
|
||||||
path: /garage/home-infra/directus-assets
|
|
||||||
config:
|
|
||||||
path: /garage/config
|
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -4,6 +4,6 @@ dependencies:
|
|||||||
version: 1.4.34
|
version: 1.4.34
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 2.6.0
|
version: 2.5.0
|
||||||
digest: sha256:e988be9f997351a8f658bf5151ec4fb04ae7d877389c9bf01b7331e1a58005ef
|
digest: sha256:8640b8a250bdcd9e7561e3d28538ccf4644a7159a035ee0a5fdbcf71dc5b2bbe
|
||||||
generated: "2026-04-24T21:06:15.882448748Z"
|
generated: "2026-04-10T01:17:19.932208699Z"
|
||||||
|
|||||||
@@ -19,7 +19,7 @@ dependencies:
|
|||||||
repository: https://ananace.gitlab.io/charts
|
repository: https://ananace.gitlab.io/charts
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 2.6.0
|
version: 2.5.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
||||||
# renovate: datasource=github-releases depName=element-hq/element-web
|
# renovate: datasource=github-releases depName=element-hq/element-web
|
||||||
appVersion: v1.12.15
|
appVersion: v1.12.15
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -5,7 +5,7 @@ description: Excalidraw
|
|||||||
keywords:
|
keywords:
|
||||||
- excalidraw
|
- excalidraw
|
||||||
- drawing
|
- drawing
|
||||||
home: https://docs.alexlebens.dev/applications/excalidraw/
|
home: https://docs.alexlebens.dev/applications/eraser/
|
||||||
sources:
|
sources:
|
||||||
- https://github.com/excalidraw/excalidraw
|
- https://github.com/excalidraw/excalidraw
|
||||||
- https://hub.docker.com/r/excalidraw/excalidraw
|
- https://hub.docker.com/r/excalidraw/excalidraw
|
||||||
@@ -19,4 +19,4 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/excalidraw.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/excalidraw.png
|
||||||
# renovate: datasource=github-releases depName=excalidraw/excalidraw
|
# renovate: datasource=github-releases depName=excalidraw/excalidraw
|
||||||
appVersion: v0.18.1
|
appVersion: v0.18.0
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -5,7 +5,7 @@ description: External DNS
|
|||||||
keywords:
|
keywords:
|
||||||
- external-dns
|
- external-dns
|
||||||
- dns
|
- dns
|
||||||
home: https://docs.alexlebens.dev/applications/external-dns/
|
home: https://docs.alexlebens.dev/applications/eraser/
|
||||||
sources:
|
sources:
|
||||||
- https://github.com/kubernetes-sigs/external-dns
|
- https://github.com/kubernetes-sigs/external-dns
|
||||||
- https://explore.ggcr.dev/?repo=registry.k8s.io%2Fexternal-dns%2Fexternal-dns
|
- https://explore.ggcr.dev/?repo=registry.k8s.io%2Fexternal-dns%2Fexternal-dns
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -5,7 +5,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: external-device-names
|
app.kubernetes.io/name: external-device-names
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
endpoints:
|
endpoints:
|
||||||
# Unifi UDM
|
# Unifi UDM
|
||||||
@@ -47,7 +48,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: iot-device-names
|
app.kubernetes.io/name: iot-device-names
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
endpoints:
|
endpoints:
|
||||||
# Airgradient
|
# Airgradient
|
||||||
@@ -80,18 +82,6 @@ spec:
|
|||||||
recordType: A
|
recordType: A
|
||||||
targets:
|
targets:
|
||||||
- 10.230.0.100
|
- 10.230.0.100
|
||||||
# HD Homerun
|
|
||||||
- dnsName: dv01hr.alexlebens.net
|
|
||||||
recordTTL: 180
|
|
||||||
recordType: A
|
|
||||||
targets:
|
|
||||||
- 10.232.1.72
|
|
||||||
# Pi KVM
|
|
||||||
- dnsName: dv02kv.alexlebens.net
|
|
||||||
recordTTL: 180
|
|
||||||
recordType: A
|
|
||||||
targets:
|
|
||||||
- 10.232.1.71
|
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: externaldns.k8s.io/v1alpha1
|
apiVersion: externaldns.k8s.io/v1alpha1
|
||||||
@@ -101,7 +91,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: server-host-names
|
app.kubernetes.io/name: server-host-names
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
endpoints:
|
endpoints:
|
||||||
# Unifi Gateway
|
# Unifi Gateway
|
||||||
@@ -134,18 +125,6 @@ spec:
|
|||||||
recordType: A
|
recordType: A
|
||||||
targets:
|
targets:
|
||||||
- 10.232.1.52
|
- 10.232.1.52
|
||||||
# Desktop
|
|
||||||
- dnsName: pd05wd.alexlebens.net
|
|
||||||
recordTTL: 180
|
|
||||||
recordType: A
|
|
||||||
targets:
|
|
||||||
- 10.230.0.115
|
|
||||||
# Laptop
|
|
||||||
- dnsName: pl02mc.alexlebens.net
|
|
||||||
recordTTL: 180
|
|
||||||
recordType: A
|
|
||||||
targets:
|
|
||||||
- 10.230.0.105
|
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: externaldns.k8s.io/v1alpha1
|
apiVersion: externaldns.k8s.io/v1alpha1
|
||||||
@@ -155,7 +134,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: cluster-service-names
|
app.kubernetes.io/name: cluster-service-names
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
endpoints:
|
endpoints:
|
||||||
# Treafik Proxy
|
# Treafik Proxy
|
||||||
|
|||||||
@@ -5,13 +5,14 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: external-dns-unifi-secret
|
app.kubernetes.io/name: external-dns-unifi-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: api-key
|
- secretKey: api-key
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /unifi/users/cl01tl
|
key: /unifi/auth/cl01tl
|
||||||
property: api-key
|
property: api-key
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
dependencies:
|
dependencies:
|
||||||
- name: external-secrets
|
- name: external-secrets
|
||||||
repository: https://charts.external-secrets.io
|
repository: https://charts.external-secrets.io
|
||||||
version: 2.4.0
|
version: 2.3.0
|
||||||
digest: sha256:a31b4ba5b5ec296036576c8d7d26f8b42061eec7142817f9ca0c256a457a2ea1
|
digest: sha256:fedb79c937be24d4bb72f665122b468b445de95f3f02de419903e3136186e42f
|
||||||
generated: "2026-04-24T19:03:31.856576444Z"
|
generated: "2026-04-10T15:10:52.488487421Z"
|
||||||
|
|||||||
@@ -14,8 +14,8 @@ sources:
|
|||||||
dependencies:
|
dependencies:
|
||||||
- name: external-secrets
|
- name: external-secrets
|
||||||
alias: external-secrets
|
alias: external-secrets
|
||||||
version: 2.4.0
|
version: 2.3.0
|
||||||
repository: https://charts.external-secrets.io
|
repository: https://charts.external-secrets.io
|
||||||
icon: https://raw.githubusercontent.com/external-secrets/external-secrets/refs/heads/main/assets/eso-logo-large.png
|
icon: https://raw.githubusercontent.com/external-secrets/external-secrets/refs/heads/main/assets/eso-logo-large.png
|
||||||
# renovate: datasource=github-releases depName=external-secrets/external-secrets
|
# renovate: datasource=github-releases depName=external-secrets/external-secrets
|
||||||
appVersion: v2.4.0
|
appVersion: v2.3.0
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -5,12 +5,13 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: external-secrets
|
app.kubernetes.io/name: external-secrets
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
name: system:auth-delegator
|
name: system:auth-delegator
|
||||||
subjects:
|
subjects:
|
||||||
- kind: ServiceAccount
|
- kind: ServiceAccount
|
||||||
name: {{ .Release.Name }}
|
name: external-secrets
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
|
|||||||
@@ -1,11 +1,33 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
|
metadata:
|
||||||
|
name: vault
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: vault
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
provider:
|
||||||
|
vault:
|
||||||
|
server: http://vault-internal.vault:8200
|
||||||
|
path: secret
|
||||||
|
auth:
|
||||||
|
tokenSecretRef:
|
||||||
|
namespace: vault
|
||||||
|
name: vault-token
|
||||||
|
key: token
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ClusterSecretStore
|
||||||
metadata:
|
metadata:
|
||||||
name: openbao
|
name: openbao
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: openbao
|
app.kubernetes.io/name: openbao
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
provider:
|
provider:
|
||||||
vault:
|
vault:
|
||||||
@@ -17,7 +39,7 @@ spec:
|
|||||||
mountPath: kubernetes
|
mountPath: kubernetes
|
||||||
role: external-secrets
|
role: external-secrets
|
||||||
serviceAccountRef:
|
serviceAccountRef:
|
||||||
name: {{ .Release.Name }}
|
name: external-secrets
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Name }}
|
||||||
audiences:
|
audiences:
|
||||||
- openbao
|
- openbao
|
||||||
|
|||||||
@@ -2,7 +2,7 @@ external-secrets:
|
|||||||
replicaCount: 3
|
replicaCount: 3
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/external-secrets/external-secrets
|
repository: ghcr.io/external-secrets/external-secrets
|
||||||
tag: v2.4.0@sha256:d2b74514f63f5b55360d08351f1fe5af3b1db794a81fa10389abe2ff2999c566
|
tag: v2.3.0@sha256:c425f51f422506c380550ad32fbf155412c7be84dd1c4b196130dcf04497be80
|
||||||
installCRDs: true
|
installCRDs: true
|
||||||
crds:
|
crds:
|
||||||
createClusterExternalSecret: true
|
createClusterExternalSecret: true
|
||||||
@@ -29,7 +29,7 @@ external-secrets:
|
|||||||
webhook:
|
webhook:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/external-secrets/external-secrets
|
repository: ghcr.io/external-secrets/external-secrets
|
||||||
tag: v2.4.0@sha256:d2b74514f63f5b55360d08351f1fe5af3b1db794a81fa10389abe2ff2999c566
|
tag: v2.3.0@sha256:c425f51f422506c380550ad32fbf155412c7be84dd1c4b196130dcf04497be80
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 1m
|
cpu: 1m
|
||||||
@@ -37,7 +37,7 @@ external-secrets:
|
|||||||
certController:
|
certController:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/external-secrets/external-secrets
|
repository: ghcr.io/external-secrets/external-secrets
|
||||||
tag: v2.4.0@sha256:d2b74514f63f5b55360d08351f1fe5af3b1db794a81fa10389abe2ff2999c566
|
tag: v2.3.0@sha256:c425f51f422506c380550ad32fbf155412c7be84dd1c4b196130dcf04497be80
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 1m
|
cpu: 1m
|
||||||
|
|||||||
@@ -4,9 +4,9 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 2.6.0
|
version: 2.5.0
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
digest: sha256:c42d896ab065b1278e0ae9f297e15ba2165fec99148003bf67f56aa641cf406a
|
digest: sha256:06e321d19ffe0df94b3cd6bcc306804729710f74ca2f9962652628377836c33e
|
||||||
generated: "2026-04-24T22:50:55.336683873Z"
|
generated: "2026-04-11T15:26:16.743784-05:00"
|
||||||
|
|||||||
@@ -21,10 +21,10 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 2.6.0
|
version: 2.5.0
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-db
|
alias: volsync-target-db
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://raw.githubusercontent.com/foldergram/foldergram/refs/heads/main/client/public/icon-512.png
|
icon: https://raw.githubusercontent.com/foldergram/foldergram/refs/heads/main/client/public/icon-512.png
|
||||||
# renovate: datasource=github-releases depName=foldergram/foldergram
|
# renovate: datasource=github-releases depName=foldergram/foldergram
|
||||||
|
|||||||
@@ -1,21 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
NFS names
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.storageMiaNfsName" -}}
|
|
||||||
foldergram-pictures-collection-mia-nfs-storage
|
|
||||||
{{- end -}}
|
|
||||||
@@ -1,13 +1,14 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "custom.storageMiaNfsName" . }}
|
name: foldergram-pictures-collections-nfs-storage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ include "custom.storageMiaNfsName" . }}
|
app.kubernetes.io/name: foldergram-pictures-collections-nfs-storage
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: {{ include "custom.storageMiaNfsName" . }}
|
volumeName: foldergram-pictures-collections-nfs-storage
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
|
|||||||
@@ -1,11 +1,12 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "custom.storageMiaNfsName" . }}
|
name: foldergram-pictures-collections-nfs-storage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ include "custom.storageMiaNfsName" . }}
|
app.kubernetes.io/name: foldergram-pictures-collections-nfs-storage
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
@@ -14,7 +15,7 @@ spec:
|
|||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
nfs:
|
nfs:
|
||||||
path: '/volume2/Storage/Pictures/Collections/Minneapolis Institute of Art'
|
path: /volume2/Storage/Pictures/Collections
|
||||||
server: synologybond.alexlebens.net
|
server: synologybond.alexlebens.net
|
||||||
mountOptions:
|
mountOptions:
|
||||||
- vers=4
|
- vers=4
|
||||||
|
|||||||
@@ -17,7 +17,7 @@ foldergram:
|
|||||||
- name: IMAGE_DETAIL_SOURCE
|
- name: IMAGE_DETAIL_SOURCE
|
||||||
value: original
|
value: original
|
||||||
- name: DERIVATIVE_MODE
|
- name: DERIVATIVE_MODE
|
||||||
value: lazy
|
value: eager
|
||||||
- name: DATA_ROOT
|
- name: DATA_ROOT
|
||||||
value: ./data
|
value: ./data
|
||||||
- name: GALLERY_ROOT
|
- name: GALLERY_ROOT
|
||||||
@@ -70,18 +70,18 @@ foldergram:
|
|||||||
forceRename: foldergram-data
|
forceRename: foldergram-data
|
||||||
storageClass: synology-iscsi-delete
|
storageClass: synology-iscsi-delete
|
||||||
accessMode: ReadWriteOnce
|
accessMode: ReadWriteOnce
|
||||||
size: 500Gi
|
size: 250Gi
|
||||||
advancedMounts:
|
advancedMounts:
|
||||||
main:
|
main:
|
||||||
main:
|
main:
|
||||||
- path: /app/data
|
- path: /app/data
|
||||||
readOnly: false
|
readOnly: false
|
||||||
pictures-mia:
|
pictures:
|
||||||
existingClaim: foldergram-pictures-collection-mia-nfs-storage
|
existingClaim: foldergram-pictures-collections-nfs-storage
|
||||||
advancedMounts:
|
advancedMounts:
|
||||||
main:
|
main:
|
||||||
main:
|
main:
|
||||||
- path: '/gallery/Minneapolis Institute of Art'
|
- path: /gallery
|
||||||
readOnly: true
|
readOnly: true
|
||||||
volsync-target-db:
|
volsync-target-db:
|
||||||
pvcTarget: foldergram-db
|
pvcTarget: foldergram-db
|
||||||
|
|||||||
@@ -4,12 +4,12 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 2.6.0
|
version: 2.5.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
digest: sha256:ad75160abdeec46eb8cbcfa25ce69cc99c0ec5e73142560df3ef5b1490a2a3f3
|
digest: sha256:2a13aac2d207555bf33ee01db493d210e860e660433cd6f5b9b67fadf91f8f74
|
||||||
generated: "2026-04-24T22:51:06.194383563Z"
|
generated: "2026-04-10T01:17:32.585138713Z"
|
||||||
|
|||||||
@@ -22,14 +22,14 @@ dependencies:
|
|||||||
version: 4.6.2
|
version: 4.6.2
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 2.6.0
|
version: 2.5.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-18-cluster
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-data
|
alias: volsync-target-data
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png
|
||||||
# renovate: datasource=github-releases depName=FreshRSS/FreshRSS
|
# renovate: datasource=github-releases depName=FreshRSS/FreshRSS
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -1,52 +1,54 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: freshrss-install-config
|
name: freshrss-install-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: freshrss-install-config
|
app.kubernetes.io/name: freshrss-install-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: ADMIN_EMAIL
|
- secretKey: ADMIN_EMAIL
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/freshrss/config
|
key: /cl01tl/freshrss/config
|
||||||
property: admin-email
|
property: ADMIN_EMAIL
|
||||||
- secretKey: ADMIN_PASSWORD
|
- secretKey: ADMIN_PASSWORD
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/freshrss/config
|
key: /cl01tl/freshrss/config
|
||||||
property: admin-password
|
property: ADMIN_PASSWORD
|
||||||
- secretKey: ADMIN_API_PASSWORD
|
- secretKey: ADMIN_API_PASSWORD
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/freshrss/config
|
key: /cl01tl/freshrss/config
|
||||||
property: admin-api-password
|
property: ADMIN_API_PASSWORD
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: freshrss-oidc-authentik
|
name: freshrss-oidc-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: freshrss-oidc-authentik
|
app.kubernetes.io/name: freshrss-oidc-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: OIDC_CLIENT_ID
|
- secretKey: OIDC_CLIENT_ID
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/authentik/oidc/freshrss
|
key: /authentik/oidc/freshrss
|
||||||
property: client
|
property: client
|
||||||
- secretKey: OIDC_CLIENT_SECRET
|
- secretKey: OIDC_CLIENT_SECRET
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/authentik/oidc/freshrss
|
key: /authentik/oidc/freshrss
|
||||||
property: secret
|
property: secret
|
||||||
- secretKey: OIDC_CLIENT_CRYPTO_KEY
|
- secretKey: OIDC_CLIENT_CRYPTO_KEY
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/freshrss/key
|
key: /authentik/oidc/freshrss
|
||||||
property: oidc-client-crypto-key
|
property: crypto-key
|
||||||
|
|||||||
@@ -73,9 +73,9 @@ freshrss:
|
|||||||
value: preferred_username
|
value: preferred_username
|
||||||
envFrom:
|
envFrom:
|
||||||
- secretRef:
|
- secretRef:
|
||||||
name: freshrss-oidc-authentik
|
name: freshrss-oidc-secret
|
||||||
- secretRef:
|
- secretRef:
|
||||||
name: freshrss-install-config
|
name: freshrss-install-secret
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 1m
|
cpu: 1m
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -1,25 +1,26 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: garage-token
|
name: garage-token-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: garage-token
|
app.kubernetes.io/name: garage-token-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: GARAGE_RPC_SECRET
|
- secretKey: GARAGE_RPC_SECRET
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/garage/config
|
key: /cl01tl/garage/token
|
||||||
property: rpc-secret
|
property: rpc
|
||||||
- secretKey: GARAGE_ADMIN_TOKEN
|
- secretKey: GARAGE_ADMIN_TOKEN
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/garage/config
|
key: /cl01tl/garage/token
|
||||||
property: admin-token
|
property: admin
|
||||||
- secretKey: GARAGE_METRICS_TOKEN
|
- secretKey: GARAGE_METRICS_TOKEN
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/garage/config
|
key: /cl01tl/garage/token
|
||||||
property: metrics-token
|
property: metric
|
||||||
|
|||||||
@@ -6,7 +6,8 @@ metadata:
|
|||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: garage-main
|
app.kubernetes.io/name: garage-main
|
||||||
app.kubernetes.io/service: garage-main
|
app.kubernetes.io/service: garage-main
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- name: admin
|
- name: admin
|
||||||
@@ -26,6 +27,6 @@ spec:
|
|||||||
protocol: TCP
|
protocol: TCP
|
||||||
targetPort: 3902
|
targetPort: 3902
|
||||||
selector:
|
selector:
|
||||||
app.kubernetes.io/name: garage
|
|
||||||
app.kubernetes.io/instance: garage
|
app.kubernetes.io/instance: garage
|
||||||
|
app.kubernetes.io/name: garage
|
||||||
garage-type: server
|
garage-type: server
|
||||||
|
|||||||
@@ -24,7 +24,7 @@ garage:
|
|||||||
tag: v2.3.0@sha256:866bd13ed2038ba7e7190e840482bc27234c4afaf77be8cfa439ae088c1e4690
|
tag: v2.3.0@sha256:866bd13ed2038ba7e7190e840482bc27234c4afaf77be8cfa439ae088c1e4690
|
||||||
envFrom:
|
envFrom:
|
||||||
- secretRef:
|
- secretRef:
|
||||||
name: garage-token
|
name: garage-token-secret
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 10m
|
cpu: 10m
|
||||||
@@ -53,7 +53,7 @@ garage:
|
|||||||
tag: v2.3.0@sha256:866bd13ed2038ba7e7190e840482bc27234c4afaf77be8cfa439ae088c1e4690
|
tag: v2.3.0@sha256:866bd13ed2038ba7e7190e840482bc27234c4afaf77be8cfa439ae088c1e4690
|
||||||
envFrom:
|
envFrom:
|
||||||
- secretRef:
|
- secretRef:
|
||||||
name: garage-token
|
name: garage-token-secret
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 10m
|
cpu: 10m
|
||||||
@@ -82,7 +82,7 @@ garage:
|
|||||||
tag: v2.3.0@sha256:866bd13ed2038ba7e7190e840482bc27234c4afaf77be8cfa439ae088c1e4690
|
tag: v2.3.0@sha256:866bd13ed2038ba7e7190e840482bc27234c4afaf77be8cfa439ae088c1e4690
|
||||||
envFrom:
|
envFrom:
|
||||||
- secretRef:
|
- secretRef:
|
||||||
name: garage-token
|
name: garage-token-secret
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 10m
|
cpu: 10m
|
||||||
@@ -104,7 +104,7 @@ garage:
|
|||||||
- name: API_ADMIN_KEY
|
- name: API_ADMIN_KEY
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: garage-token
|
name: garage-token-secret
|
||||||
key: GARAGE_ADMIN_TOKEN
|
key: GARAGE_ADMIN_TOKEN
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@@ -273,7 +273,7 @@ garage:
|
|||||||
scrapeTimeout: 2m
|
scrapeTimeout: 2m
|
||||||
path: /metrics
|
path: /metrics
|
||||||
bearerTokenSecret:
|
bearerTokenSecret:
|
||||||
name: garage-token
|
name: garage-token-secret
|
||||||
key: GARAGE_METRICS_TOKEN
|
key: GARAGE_METRICS_TOKEN
|
||||||
route:
|
route:
|
||||||
webui:
|
webui:
|
||||||
|
|||||||
@@ -4,9 +4,9 @@ dependencies:
|
|||||||
version: 1.5.0
|
version: 1.5.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
digest: sha256:a1e4ca6f575989ad15501f31842b7b0a505cc7b2fc21d61587b8ae9ad7d39ffc
|
digest: sha256:b2a7ef962a91dff4313f66c1d04356f1b2aeefc752d672a9a27ea227db4b8c7d
|
||||||
generated: "2026-04-24T22:51:17.210954901Z"
|
generated: "2026-04-04T21:02:09.187828-05:00"
|
||||||
|
|||||||
@@ -20,11 +20,11 @@ dependencies:
|
|||||||
version: 1.5.0
|
version: 1.5.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-18-cluster
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-data
|
alias: volsync-target-data
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/gatus.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/gatus.png
|
||||||
# renovate: datasource=github-releases depName=TwiN/gatus
|
# renovate: datasource=github-releases depName=TwiN/gatus
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -1,40 +1,42 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: gatus-config
|
name: gatus-config-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gatus-config-secret
|
app.kubernetes.io/name: gatus-config-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: NTFY_TOKEN
|
- secretKey: NTFY_TOKEN
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/ntfy/users/cl01tl
|
key: /ntfy/user/cl01tl
|
||||||
property: token
|
property: token
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: gatus-oidc-authentik
|
name: gatus-oidc-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gatus-oidc-authentik
|
app.kubernetes.io/name: gatus-oidc-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: OIDC_CLIENT_ID
|
- secretKey: OIDC_CLIENT_ID
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/authentik/oidc/gatus
|
key: /authentik/oidc/gatus
|
||||||
property: client
|
property: client
|
||||||
- secretKey: OIDC_CLIENT_SECRET
|
- secretKey: OIDC_CLIENT_SECRET
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/authentik/oidc/gatus
|
key: /authentik/oidc/gatus
|
||||||
property: secret
|
property: secret
|
||||||
|
|||||||
@@ -20,17 +20,17 @@ gatus:
|
|||||||
NTFY_TOKEN:
|
NTFY_TOKEN:
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gatus-config
|
name: gatus-config-secret
|
||||||
key: NTFY_TOKEN
|
key: NTFY_TOKEN
|
||||||
OIDC_CLIENT_ID:
|
OIDC_CLIENT_ID:
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gatus-oidc-authentik
|
name: gatus-oidc-secret
|
||||||
key: OIDC_CLIENT_ID
|
key: OIDC_CLIENT_ID
|
||||||
OIDC_CLIENT_SECRET:
|
OIDC_CLIENT_SECRET:
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gatus-oidc-authentik
|
name: gatus-oidc-secret
|
||||||
key: OIDC_CLIENT_SECRET
|
key: OIDC_CLIENT_SECRET
|
||||||
POSTGRES_USER:
|
POSTGRES_USER:
|
||||||
valueFrom:
|
valueFrom:
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -1,10 +1,11 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Namespace
|
kind: Namespace
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ .Release.Namespace }}
|
name: generic-device-plugin
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ .Release.Namespace }}
|
app.kubernetes.io/name: generic-device-plugin
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
pod-security.kubernetes.io/audit: privileged
|
pod-security.kubernetes.io/audit: privileged
|
||||||
pod-security.kubernetes.io/enforce: privileged
|
pod-security.kubernetes.io/enforce: privileged
|
||||||
pod-security.kubernetes.io/warn: privileged
|
pod-security.kubernetes.io/warn: privileged
|
||||||
|
|||||||
@@ -10,10 +10,10 @@ dependencies:
|
|||||||
version: 0.32.0
|
version: 0.32.0
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 2.6.0
|
version: 2.5.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
- name: valkey
|
- name: valkey
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 0.6.1
|
version: 0.6.1
|
||||||
@@ -22,6 +22,6 @@ dependencies:
|
|||||||
version: 0.6.1
|
version: 0.6.1
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
digest: sha256:a90e8908ef9f5349f444e53474692af302999b0ddcfa6d68f24ede9ef55d97e5
|
digest: sha256:2144d55ea34ba25bd81c1e479ee5cd27097fafb5676b96e63aa0e32ad2868925
|
||||||
generated: "2026-04-24T22:51:28.783181948Z"
|
generated: "2026-04-16T20:09:26.031592859Z"
|
||||||
|
|||||||
@@ -37,10 +37,10 @@ dependencies:
|
|||||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 2.6.0
|
version: 2.5.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-18-cluster
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: valkey
|
- name: valkey
|
||||||
alias: valkey-gitea
|
alias: valkey-gitea
|
||||||
@@ -52,7 +52,7 @@ dependencies:
|
|||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-storage
|
alias: volsync-target-storage
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/gitea.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/gitea.png
|
||||||
# renovate: datasource=github-releases depName=go-gitea/gitea
|
# renovate: datasource=github-releases depName=go-gitea/gitea
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -5,7 +5,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gitea-custom-templates
|
app.kubernetes.io/name: gitea-custom-templates
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
data:
|
data:
|
||||||
header.tmpl: |
|
header.tmpl: |
|
||||||
<script defer src="https://rybbit.alexlebens.dev/api/script.js" data-site-id="b515c34a6dcc"></script>
|
<script defer src="https://rybbit.alexlebens.dev/api/script.js" data-site-id="b515c34a6dcc"></script>
|
||||||
|
|||||||
@@ -1,15 +1,64 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: gitea-admin-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: gitea-admin-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: username
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/gitea/auth/admin
|
||||||
|
property: username
|
||||||
|
- secretKey: password
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/gitea/auth/admin
|
||||||
|
property: password
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: gitea-oidc-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: gitea-oidc-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: secret
|
||||||
|
remoteRef:
|
||||||
|
key: /authentik/oidc/gitea
|
||||||
|
property: secret
|
||||||
|
- secretKey: key
|
||||||
|
remoteRef:
|
||||||
|
key: /authentik/oidc/gitea
|
||||||
|
property: client
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: gitea-runner-secret
|
name: gitea-runner-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gitea-runner-secret
|
app.kubernetes.io/name: gitea-runner-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: token
|
- secretKey: token
|
||||||
remoteRef:
|
remoteRef:
|
||||||
@@ -20,15 +69,80 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: gitea-meilisearch-key
|
name: gitea-renovate-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gitea-meilisearch-key
|
app.kubernetes.io/name: gitea-renovate-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: RENOVATE_ENDPOINT
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/gitea/renovate
|
||||||
|
property: RENOVATE_ENDPOINT
|
||||||
|
- secretKey: RENOVATE_GIT_AUTHOR
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/gitea/renovate
|
||||||
|
property: RENOVATE_GIT_AUTHOR
|
||||||
|
- secretKey: RENOVATE_TOKEN
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/gitea/renovate
|
||||||
|
property: RENOVATE_TOKEN
|
||||||
|
- secretKey: RENOVATE_GIT_PRIVATE_KEY
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/gitea/renovate
|
||||||
|
property: id_rsa
|
||||||
|
- secretKey: RENOVATE_GITHUB_COM_TOKEN
|
||||||
|
remoteRef:
|
||||||
|
key: /github/gitea-cl01tl
|
||||||
|
property: token
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: gitea-renovate-ssh-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: gitea-renovate-ssh-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: config
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/gitea/renovate
|
||||||
|
property: ssh_config
|
||||||
|
- secretKey: id_rsa
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/gitea/renovate
|
||||||
|
property: id_rsa
|
||||||
|
- secretKey: id_rsa.pub
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/gitea/renovate
|
||||||
|
property: id_rsa.pub
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: gitea-meilisearch-master-key-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: gitea-meilisearch-master-key-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
target:
|
target:
|
||||||
template:
|
template:
|
||||||
mergePolicy: Merge
|
mergePolicy: Merge
|
||||||
@@ -39,27 +153,4 @@ spec:
|
|||||||
- secretKey: MEILI_MASTER_KEY
|
- secretKey: MEILI_MASTER_KEY
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/gitea/meilisearch
|
key: /cl01tl/gitea/meilisearch
|
||||||
property: master-key
|
property: MEILI_MASTER_KEY
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: gitea-oidc-authentik
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: gitea-oidc-authentik
|
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: openbao
|
|
||||||
data:
|
|
||||||
- secretKey: secret
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/authentik/oidc/gitea
|
|
||||||
property: secret
|
|
||||||
- secretKey: key
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/authentik/oidc/gitea
|
|
||||||
property: client
|
|
||||||
|
|||||||
@@ -5,7 +5,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gitea
|
app.kubernetes.io/name: gitea
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
parentRefs:
|
parentRefs:
|
||||||
- group: gateway.networking.k8s.io
|
- group: gateway.networking.k8s.io
|
||||||
@@ -20,6 +21,8 @@ spec:
|
|||||||
type: PathPrefix
|
type: PathPrefix
|
||||||
value: /
|
value: /
|
||||||
backendRefs:
|
backendRefs:
|
||||||
- kind: Service
|
- group: ''
|
||||||
|
kind: Service
|
||||||
name: gitea-http
|
name: gitea-http
|
||||||
port: 3000
|
port: 3000
|
||||||
|
weight: 100
|
||||||
|
|||||||
@@ -1,11 +1,12 @@
|
|||||||
apiVersion: networking.k8s.io/v1
|
apiVersion: networking.k8s.io/v1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ .Release.Name }}-tailscale
|
name: gitea-tailscale
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ .Release.Name }}-tailscale
|
app.kubernetes.io/name: gitea-tailscale
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
tailscale.com/proxy-class: no-metrics
|
tailscale.com/proxy-class: no-metrics
|
||||||
annotations:
|
annotations:
|
||||||
tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true"
|
tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true"
|
||||||
@@ -20,7 +21,7 @@ spec:
|
|||||||
http:
|
http:
|
||||||
paths:
|
paths:
|
||||||
- path: /
|
- path: /
|
||||||
pathType: Prefix
|
pathType: ImplementationSpecific
|
||||||
backend:
|
backend:
|
||||||
service:
|
service:
|
||||||
name: gitea-http
|
name: gitea-http
|
||||||
|
|||||||
@@ -1,10 +1,11 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Namespace
|
kind: Namespace
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ .Release.Namespace }}
|
name: gitea
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ .Release.Namespace }}
|
app.kubernetes.io/name: gitea
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
pod-security.kubernetes.io/audit: privileged
|
pod-security.kubernetes.io/audit: privileged
|
||||||
pod-security.kubernetes.io/enforce: privileged
|
pod-security.kubernetes.io/enforce: privileged
|
||||||
pod-security.kubernetes.io/warn: privileged
|
pod-security.kubernetes.io/warn: privileged
|
||||||
|
|||||||
@@ -5,7 +5,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gitea-themes-storage
|
app.kubernetes.io/name: gitea-themes-storage
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
volumeMode: Filesystem
|
volumeMode: Filesystem
|
||||||
storageClassName: ceph-filesystem
|
storageClassName: ceph-filesystem
|
||||||
|
|||||||
@@ -5,7 +5,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gitea
|
app.kubernetes.io/name: gitea
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
|
|||||||
@@ -5,7 +5,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: gitea-ssh
|
app.kubernetes.io/name: gitea-ssh
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
parentRefs:
|
parentRefs:
|
||||||
- group: gateway.networking.k8s.io
|
- group: gateway.networking.k8s.io
|
||||||
@@ -15,6 +16,8 @@ spec:
|
|||||||
sectionName: ssh
|
sectionName: ssh
|
||||||
rules:
|
rules:
|
||||||
- backendRefs:
|
- backendRefs:
|
||||||
- kind: Service
|
- group: ''
|
||||||
|
kind: Service
|
||||||
name: gitea-ssh
|
name: gitea-ssh
|
||||||
port: 22
|
port: 22
|
||||||
|
weight: 100
|
||||||
|
|||||||
@@ -59,7 +59,7 @@ gitea:
|
|||||||
oauth:
|
oauth:
|
||||||
- name: Authentik
|
- name: Authentik
|
||||||
provider: openidConnect
|
provider: openidConnect
|
||||||
existingSecret: gitea-oidc-authentik
|
existingSecret: gitea-oidc-secret
|
||||||
autoDiscoverUrl: https://auth.alexlebens.dev/application/o/gitea/.well-known/openid-configuration
|
autoDiscoverUrl: https://auth.alexlebens.dev/application/o/gitea/.well-known/openid-configuration
|
||||||
iconUrl: https://goauthentik.io/img/icon.png
|
iconUrl: https://goauthentik.io/img/icon.png
|
||||||
scopes: "email profile"
|
scopes: "email profile"
|
||||||
@@ -137,7 +137,7 @@ gitea:
|
|||||||
- name: GITEA__INDEXER__ISSUE_INDEXER_CONN_STR
|
- name: GITEA__INDEXER__ISSUE_INDEXER_CONN_STR
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gitea-meilisearch-key
|
name: gitea-meilisearch-master-key-secret
|
||||||
key: ISSUE_INDEXER_CONN_STR
|
key: ISSUE_INDEXER_CONN_STR
|
||||||
valkey-cluster:
|
valkey-cluster:
|
||||||
enabled: false
|
enabled: false
|
||||||
@@ -213,7 +213,7 @@ gitea-actions:
|
|||||||
registry: docker.io
|
registry: docker.io
|
||||||
repository: docker
|
repository: docker
|
||||||
# renovate: datasource=docker depName=docker
|
# renovate: datasource=docker depName=docker
|
||||||
tag: 29.4.1-dind@sha256:c77e5d7912f9b137cc67051fdc2991d8f5ae22c55ddf532bb836dcb693a04940
|
tag: 29.4.0-dind@sha256:f80c26212befc1c1988b529495532c6b9180d9b1dab1611f4a1efbe9da8ec821
|
||||||
extraVolumeMounts:
|
extraVolumeMounts:
|
||||||
- name: docker-vol
|
- name: docker-vol
|
||||||
mountPath: /var/lib/docker
|
mountPath: /var/lib/docker
|
||||||
@@ -235,7 +235,7 @@ meilisearch:
|
|||||||
MEILI_ENV: production
|
MEILI_ENV: production
|
||||||
MEILI_EXPERIMENTAL_DUMPLESS_UPGRADE: true
|
MEILI_EXPERIMENTAL_DUMPLESS_UPGRADE: true
|
||||||
auth:
|
auth:
|
||||||
existingMasterKeySecret: gitea-meilisearch-key
|
existingMasterKeySecret: gitea-meilisearch-master-key-secret
|
||||||
persistence:
|
persistence:
|
||||||
enabled: true
|
enabled: true
|
||||||
storageClass: ceph-block
|
storageClass: ceph-block
|
||||||
|
|||||||
@@ -4,12 +4,12 @@ dependencies:
|
|||||||
version: 5.22.2
|
version: 5.22.2
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
- name: valkey
|
- name: valkey
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 0.6.1
|
version: 0.6.1
|
||||||
- name: valkey
|
- name: valkey
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 0.6.1
|
version: 0.6.1
|
||||||
digest: sha256:fffa0806096edeb2b6a6ceead50427544ef3880a3d135afb4a9c7570d05b2042
|
digest: sha256:6c086da896f573fdb1b81abab43b90181f2af7bf57a62333c4426f3f30496ffa
|
||||||
generated: "2026-04-24T21:52:27.743114014Z"
|
generated: "2026-04-13T20:33:58.123069628Z"
|
||||||
|
|||||||
@@ -20,7 +20,7 @@ dependencies:
|
|||||||
repository: https://grafana.github.io/helm-charts
|
repository: https://grafana.github.io/helm-charts
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-18-cluster
|
alias: postgres-18-cluster
|
||||||
version: 7.12.1
|
version: 7.11.2
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
- name: valkey
|
- name: valkey
|
||||||
alias: valkey-unified-alerting
|
alias: valkey-unified-alerting
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -1,44 +1,98 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: grafana-config
|
name: grafana-auth-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-config
|
app.kubernetes.io/name: grafana-auth-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: admin-user
|
- secretKey: admin-user
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/grafana/config
|
key: /cl01tl/grafana/auth
|
||||||
property: admin-user
|
property: admin-user
|
||||||
- secretKey: admin-password
|
- secretKey: admin-password
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/grafana/config
|
key: /cl01tl/grafana/auth
|
||||||
property: admin-password
|
property: admin-password
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: grafana-oidc-authentik
|
name: grafana-oauth-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-oidc-authentik
|
app.kubernetes.io/name: grafana-oauth-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: AUTH_CLIENT_ID
|
- secretKey: AUTH_CLIENT_ID
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/authentik/oidc/grafana
|
key: /authentik/oidc/grafana
|
||||||
property: client
|
property: client
|
||||||
- secretKey: AUTH_CLIENT_SECRET
|
- secretKey: AUTH_CLIENT_SECRET
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/authentik/oidc/grafana
|
key: /authentik/oidc/grafana
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: grafana-operator-postgresql-18-cluster-backup-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: grafana-operator-postgresql-18-cluster-backup-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: ACCESS_KEY_ID
|
||||||
|
remoteRef:
|
||||||
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
|
property: access
|
||||||
|
- secretKey: ACCESS_SECRET_KEY
|
||||||
|
remoteRef:
|
||||||
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
|
property: secret
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: grafana-operator-postgresql-18-cluster-backup-secret-garage
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: grafana-operator-postgresql-18-cluster-backup-secret-garage
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: ACCESS_KEY_ID
|
||||||
|
remoteRef:
|
||||||
|
key: /garage/home-infra/postgres-backups
|
||||||
|
property: ACCESS_KEY_ID
|
||||||
|
- secretKey: ACCESS_SECRET_KEY
|
||||||
|
remoteRef:
|
||||||
|
key: /garage/home-infra/postgres-backups
|
||||||
|
property: ACCESS_SECRET_KEY
|
||||||
|
- secretKey: ACCESS_REGION
|
||||||
|
remoteRef:
|
||||||
|
key: /garage/home-infra/postgres-backups
|
||||||
|
property: ACCESS_REGION
|
||||||
|
|||||||
@@ -5,7 +5,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-ceph
|
app.kubernetes.io/name: grafana-dashboard-ceph
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -23,7 +24,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-coredns
|
app.kubernetes.io/name: grafana-dashboard-coredns
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -41,7 +43,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-etcd
|
app.kubernetes.io/name: grafana-dashboard-etcd
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -59,7 +62,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-garage
|
app.kubernetes.io/name: grafana-dashboard-garage
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -77,7 +81,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-loki
|
app.kubernetes.io/name: grafana-dashboard-loki
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -95,7 +100,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-node-full
|
app.kubernetes.io/name: grafana-dashboard-node-full
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -113,7 +119,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-node-short
|
app.kubernetes.io/name: grafana-dashboard-node-short
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -131,7 +138,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-pods
|
app.kubernetes.io/name: grafana-dashboard-pods
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -149,7 +157,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-argocd
|
app.kubernetes.io/name: grafana-dashboard-argocd
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -167,7 +176,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-blocky
|
app.kubernetes.io/name: grafana-dashboard-blocky
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -185,7 +195,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-cert-manager
|
app.kubernetes.io/name: grafana-dashboard-cert-manager
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -203,7 +214,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-cloudnative-pg
|
app.kubernetes.io/name: grafana-dashboard-cloudnative-pg
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -221,7 +233,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-descheduler
|
app.kubernetes.io/name: grafana-dashboard-descheduler
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -239,7 +252,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-external-dns
|
app.kubernetes.io/name: grafana-dashboard-external-dns
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -257,7 +271,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-external-secrets
|
app.kubernetes.io/name: grafana-dashboard-external-secrets
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -275,7 +290,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-gatus
|
app.kubernetes.io/name: grafana-dashboard-gatus
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -293,7 +309,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-operator
|
app.kubernetes.io/name: grafana-dashboard-operator
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -311,7 +328,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-harbor
|
app.kubernetes.io/name: grafana-dashboard-harbor
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -329,7 +347,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-speedtest-exporter
|
app.kubernetes.io/name: grafana-dashboard-speedtest-exporter
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -347,7 +366,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-spegel
|
app.kubernetes.io/name: grafana-dashboard-spegel
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -365,7 +385,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-traefik
|
app.kubernetes.io/name: grafana-dashboard-traefik
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -383,7 +404,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-tdarr
|
app.kubernetes.io/name: grafana-dashboard-tdarr
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -401,7 +423,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-unpoller
|
app.kubernetes.io/name: grafana-dashboard-unpoller
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -419,7 +442,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-version-checker-internal
|
app.kubernetes.io/name: grafana-dashboard-version-checker-internal
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -437,7 +461,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-version-checker
|
app.kubernetes.io/name: grafana-dashboard-version-checker
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -455,7 +480,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-volsync
|
app.kubernetes.io/name: grafana-dashboard-volsync
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -473,7 +499,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-s3
|
app.kubernetes.io/name: grafana-dashboard-s3
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -491,7 +518,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-authentik
|
app.kubernetes.io/name: grafana-dashboard-authentik
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -509,7 +537,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-gitea
|
app.kubernetes.io/name: grafana-dashboard-gitea
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -527,7 +556,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-ntfy
|
app.kubernetes.io/name: grafana-dashboard-ntfy
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -545,7 +575,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-openbao
|
app.kubernetes.io/name: grafana-dashboard-openbao
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -563,7 +594,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-qbittorrent
|
app.kubernetes.io/name: grafana-dashboard-qbittorrent
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -581,7 +613,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-vault
|
app.kubernetes.io/name: grafana-dashboard-vault
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -599,7 +632,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-unpackerr
|
app.kubernetes.io/name: grafana-dashboard-unpackerr
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -617,7 +651,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-airgradient
|
app.kubernetes.io/name: grafana-dashboard-airgradient
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -635,7 +670,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-server-power-consumption
|
app.kubernetes.io/name: grafana-dashboard-server-power-consumption
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -653,7 +689,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-immich
|
app.kubernetes.io/name: grafana-dashboard-immich
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -671,7 +708,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-jellyfin
|
app.kubernetes.io/name: grafana-dashboard-jellyfin
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -689,7 +727,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-navidrome
|
app.kubernetes.io/name: grafana-dashboard-navidrome
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -707,7 +746,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-radarr
|
app.kubernetes.io/name: grafana-dashboard-radarr
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -725,7 +765,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-servarr
|
app.kubernetes.io/name: grafana-dashboard-servarr
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -743,7 +784,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-dashboard-sonarr
|
app.kubernetes.io/name: grafana-dashboard-sonarr
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
|
|||||||
@@ -5,7 +5,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-datasource-prometheus
|
app.kubernetes.io/name: grafana-datasource-prometheus
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
datasource:
|
datasource:
|
||||||
name: Prometheus
|
name: Prometheus
|
||||||
@@ -32,7 +33,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-datasource-loki
|
app.kubernetes.io/name: grafana-datasource-loki
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
datasource:
|
datasource:
|
||||||
name: Loki
|
name: Loki
|
||||||
|
|||||||
@@ -5,7 +5,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-folder-application
|
app.kubernetes.io/name: grafana-folder-application
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -39,7 +40,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-folder-iot
|
app.kubernetes.io/name: grafana-folder-iot
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -73,7 +75,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-folder-platform
|
app.kubernetes.io/name: grafana-folder-platform
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -107,7 +110,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-folder-service
|
app.kubernetes.io/name: grafana-folder-service
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@@ -141,7 +145,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-folder-system
|
app.kubernetes.io/name: grafana-folder-system
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
instanceSelector:
|
instanceSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
|
|||||||
@@ -5,7 +5,8 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grafana-main
|
app.kubernetes.io/name: grafana-main
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
app: grafana-main
|
app: grafana-main
|
||||||
spec:
|
spec:
|
||||||
config:
|
config:
|
||||||
@@ -65,22 +66,22 @@ spec:
|
|||||||
- name: AUTH_CLIENT_ID
|
- name: AUTH_CLIENT_ID
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: grafana-oidc-authentik
|
name: grafana-oauth-secret
|
||||||
key: AUTH_CLIENT_ID
|
key: AUTH_CLIENT_ID
|
||||||
- name: AUTH_CLIENT_SECRET
|
- name: AUTH_CLIENT_SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: grafana-oidc-authentik
|
name: grafana-oauth-secret
|
||||||
key: AUTH_CLIENT_SECRET
|
key: AUTH_CLIENT_SECRET
|
||||||
- name: ADMIN_USER
|
- name: ADMIN_USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: grafana-config
|
name: grafana-auth-secret
|
||||||
key: admin-user
|
key: admin-user
|
||||||
- name: ADMIN_PASSWORD
|
- name: ADMIN_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: grafana-config
|
name: grafana-auth-secret
|
||||||
key: admin-password
|
key: admin-password
|
||||||
- name: DB_HOST
|
- name: DB_HOST
|
||||||
valueFrom:
|
valueFrom:
|
||||||
|
|||||||
@@ -7,6 +7,6 @@ dependencies:
|
|||||||
version: 26.3.0
|
version: 26.3.0
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
digest: sha256:d09beb99121c26ff41807ad0e04c8603e4b4a898b4da9dabae111b6a117533bd
|
digest: sha256:6ee403da03c1bcc0289a9abdef0508344072d51173da996eda69b8305d5feefa
|
||||||
generated: "2026-04-24T22:51:44.025287784Z"
|
generated: "2026-03-23T20:35:19.743257-05:00"
|
||||||
|
|||||||
@@ -24,8 +24,8 @@ dependencies:
|
|||||||
repository: https://helm.mariadb.com/mariadb-operator
|
repository: https://helm.mariadb.com/mariadb-operator
|
||||||
- name: volsync-target
|
- name: volsync-target
|
||||||
alias: volsync-target-config
|
alias: volsync-target-config
|
||||||
version: 1.0.0
|
version: 0.8.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/grimmory.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/grimmory.png
|
||||||
# renovate: datasource=github-releases depName=grimmory-tools/grimmory
|
# renovate: datasource=github-releases depName=grimmory-tools/grimmory
|
||||||
appVersion: v3.0.1
|
appVersion: v2.3.0
|
||||||
|
|||||||
@@ -1,24 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.labels" -}}
|
|
||||||
{{ include "custom.selectorLabels" $ }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Selector labels
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.selectorLabels" -}}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
NFS names
|
|
||||||
*/}}
|
|
||||||
{{- define "custom.booksNfsName" -}}
|
|
||||||
grimmory-books-nfs-storage
|
|
||||||
{{- end -}}
|
|
||||||
{{- define "custom.booksImportNfsName" -}}
|
|
||||||
grimmory-books-import-nfs-storage
|
|
||||||
{{- end -}}
|
|
||||||
@@ -5,17 +5,38 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grimmory-database-secret
|
app.kubernetes.io/name: grimmory-database-secret
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: password
|
- secretKey: password
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/grimmory/database
|
key: /cl01tl/grimmory/database
|
||||||
property: password
|
property: password
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: grimmory-data-replication-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: grimmory-data-replication-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: psk.txt
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/grimmory/replication
|
||||||
|
property: psk.txt
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
@@ -24,20 +45,21 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grimmory-mariadb-cluster-backup-secret-external
|
app.kubernetes.io/name: grimmory-mariadb-cluster-backup-secret-external
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: access
|
- secretKey: access
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /digital-ocean/home-infra/mariadb-backups
|
key: /digital-ocean/home-infra/mariadb-backups
|
||||||
property: AWS_ACCESS_KEY_ID
|
property: access
|
||||||
- secretKey: secret
|
- secretKey: secret
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /digital-ocean/home-infra/mariadb-backups
|
key: /digital-ocean/home-infra/mariadb-backups
|
||||||
property: AWS_SECRET_ACCESS_KEY
|
property: secret
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
@@ -47,17 +69,18 @@ metadata:
|
|||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: grimmory-mariadb-cluster-backup-secret-garage
|
app.kubernetes.io/name: grimmory-mariadb-cluster-backup-secret-garage
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: openbao
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: access
|
- secretKey: access
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/home-infra/mariadb-backups
|
key: /garage/home-infra/mariadb-backups
|
||||||
property: ACCESS_KEY_ID
|
property: access
|
||||||
- secretKey: secret
|
- secretKey: secret
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/home-infra/mariadb-backups
|
key: /garage/home-infra/mariadb-backups
|
||||||
property: ACCESS_SECRET_KEY
|
property: secret
|
||||||
|
|||||||
@@ -1,7 +1,13 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Namespace
|
kind: Namespace
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ .Release.Namespace }}
|
name: grimmory
|
||||||
|
annotations:
|
||||||
|
volsync.backube/privileged-movers: "true"
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ .Release.Namespace }}
|
app.kubernetes.io/name: grimmory
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
pod-security.kubernetes.io/audit: privileged
|
||||||
|
pod-security.kubernetes.io/enforce: privileged
|
||||||
|
pod-security.kubernetes.io/warn: privileged
|
||||||
|
|||||||
@@ -1,13 +1,14 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "custom.booksNfsName" . }}
|
name: grimmory-books-nfs-storage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ include "custom.booksNfsName" . }}
|
app.kubernetes.io/name: grimmory-books-nfs-storage
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: {{ include "custom.booksNfsName" . }}
|
volumeName: grimmory-books-nfs-storage
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
@@ -19,13 +20,14 @@ spec:
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "custom.booksImportNfsName" . }}
|
name: grimmory-books-import-nfs-storage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ include "custom.booksImportNfsName" . }}
|
app.kubernetes.io/name: grimmory-books-import-nfs-storage
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: {{ include "custom.booksImportNfsName" . }}
|
volumeName: grimmory-books-import-nfs-storage
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
|
|||||||
@@ -1,11 +1,12 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "custom.booksNfsName" . }}
|
name: grimmory-books-nfs-storage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ include "custom.booksNfsName" . }}
|
app.kubernetes.io/name: grimmory-books-nfs-storage
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
@@ -25,11 +26,12 @@ spec:
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "custom.booksImportNfsName" . }}
|
name: grimmory-books-import-nfs-storage
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ include "custom.booksImportNfsName" . }}
|
app.kubernetes.io/name: grimmory-books-import-nfs-storage
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
@@ -38,7 +40,7 @@ spec:
|
|||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
nfs:
|
nfs:
|
||||||
path: '/volume2/Storage/Books Import'
|
path: /volume2/Storage/Books Import
|
||||||
server: synologybond.alexlebens.net
|
server: synologybond.alexlebens.net
|
||||||
mountOptions:
|
mountOptions:
|
||||||
- vers=4
|
- vers=4
|
||||||
|
|||||||
@@ -12,7 +12,7 @@ grimmory:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/grimmory-tools/grimmory
|
repository: ghcr.io/grimmory-tools/grimmory
|
||||||
tag: v3.0.1@sha256:e8dbba61c298b75025b2027dfc37d6e20b844bd4be5b13dd9973367c01642d05
|
tag: v2.3.0@sha256:9014247f591074529894f81115ca40f899db697e89f72c2fe91ec530e3f19597
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
value: America/Chicago
|
value: America/Chicago
|
||||||
|
|||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user