2025-12-24 05:55:38 +00:00
19 changed files with 216 additions and 184 deletions
--- a/clusters/cl01tl/manifests/rook-ceph/HTTPRoute-ceph-objectstore.yaml
+++ b/clusters/cl01tl/manifests/rook-ceph/HTTPRoute-ceph-objectstore.yaml
@@ -0,0 +1,21 @@
+kind: HTTPRoute
+apiVersion: gateway.networking.k8s.io/v1
+metadata:
+  name: ceph-objectstore
+  namespace: rook-ceph
+spec:
+  hostnames:
+    - "objects.alexlebens.net"
+  parentRefs:
+    - group: gateway.networking.k8s.io
+      kind: Gateway
+      name: traefik-gateway
+      namespace: traefik
+  rules:
+    - backendRefs:
+        - name: rook-ceph-rgw-ceph-objectstore
+          port: 80
+      matches:
+        - path:
+            type: PathPrefix
+            value: /
--- a/clusters/cl01tl/manifests/rook-ceph/HTTPRoute-http-route-rook-ceph-rgw.yaml
+++ b/clusters/cl01tl/manifests/rook-ceph/HTTPRoute-http-route-rook-ceph-rgw.yaml
@@ -1,28 +0,0 @@
-apiVersion: gateway.networking.k8s.io/v1
-kind: HTTPRoute
-metadata:
-  name: http-route-rook-ceph-rgw
-  namespace: rook-ceph
-  labels:
-    app.kubernetes.io/name: http-route-rook-ceph-rgw
-    app.kubernetes.io/instance: rook-ceph
-    app.kubernetes.io/part-of: rook-ceph
-spec:
-  parentRefs:
-    - group: gateway.networking.k8s.io
-      kind: Gateway
-      name: traefik-gateway
-      namespace: traefik
-  hostnames:
-    - objects.alexlebens.net
-  rules:
-    - matches:
-        - path:
-            type: PathPrefix
-            value: /
-      backendRefs:
-        - group: ''
-          kind: Service
-          name: rook-ceph-rgw-ceph-objectstore
-          port: 80
-          weight: 100
--- a/clusters/cl01tl/manifests/rook-ceph/HTTPRoute-http-route-rook-ceph.yaml
+++ b/clusters/cl01tl/manifests/rook-ceph/HTTPRoute-http-route-rook-ceph.yaml
@@ -1,28 +0,0 @@
-apiVersion: gateway.networking.k8s.io/v1
-kind: HTTPRoute
-metadata:
-  name: http-route-rook-ceph
-  namespace: rook-ceph
-  labels:
-    app.kubernetes.io/name: http-route-rook-ceph
-    app.kubernetes.io/instance: rook-ceph
-    app.kubernetes.io/part-of: rook-ceph
-spec:
-  parentRefs:
-    - group: gateway.networking.k8s.io
-      kind: Gateway
-      name: traefik-gateway
-      namespace: traefik
-  hostnames:
-    - ceph.alexlebens.net
-  rules:
-    - matches:
-        - path:
-            type: PathPrefix
-            value: /
-      backendRefs:
-        - group: ''
-          kind: Service
-          name: rook-ceph-mgr-dashboard
-          port: 7000
-          weight: 100
--- a/clusters/cl01tl/manifests/rook-ceph/HTTPRoute-rook-ceph-dashboard.yaml
+++ b/clusters/cl01tl/manifests/rook-ceph/HTTPRoute-rook-ceph-dashboard.yaml
@@ -0,0 +1,21 @@
+kind: HTTPRoute
+apiVersion: gateway.networking.k8s.io/v1
+metadata:
+  name: rook-ceph-dashboard
+  namespace: rook-ceph
+spec:
+  hostnames:
+    - "ceph.alexlebens.net"
+  parentRefs:
+    - group: gateway.networking.k8s.io
+      kind: Gateway
+      name: traefik-gateway
+      namespace: traefik
+  rules:
+    - backendRefs:
+        - name: rook-ceph-mgr-dashboard
+          port: 7000
+      matches:
+        - path:
+            type: PathPrefix
+            value: /
--- a/clusters/cl01tl/manifests/roundcube/Cluster-roundcube-postgresql-18-cluster.yaml
+++ b/clusters/cl01tl/manifests/roundcube/Cluster-roundcube-postgresql-18-cluster.yaml
@@ -4,11 +4,11 @@ metadata:
  name: roundcube-postgresql-18-cluster
  namespace: roundcube
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: roundcube-postgresql-18
    app.kubernetes.io/instance: roundcube
    app.kubernetes.io/part-of: roundcube
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
 spec:
  instances: 3
--- a/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-backup-garage-local-secret.yaml
+++ b/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-backup-garage-local-secret.yaml
@@ -0,0 +1,39 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: roundcube-postgresql-18-backup-garage-local-secret
+  namespace: roundcube
+  labels:
+    helm.sh/chart: postgres-18-cluster-7.4.3
+    app.kubernetes.io/name: roundcube-postgresql-18
+    app.kubernetes.io/instance: roundcube
+    app.kubernetes.io/part-of: roundcube
+    app.kubernetes.io/version: "7.4.3"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: roundcube-postgresql-18-backup-garage-local-secret
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: ACCESS_REGION
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_REGION
+    - secretKey: ACCESS_KEY_ID
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_KEY_ID
+    - secretKey: ACCESS_SECRET_KEY
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_SECRET_KEY
--- a/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-cluster-backup-secret.yaml
+++ b/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-cluster-backup-secret.yaml
@@ -1,28 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: roundcube-postgresql-18-cluster-backup-secret
-  namespace: roundcube
-  labels:
-    app.kubernetes.io/name: roundcube-postgresql-18-cluster-backup-secret
-    app.kubernetes.io/instance: roundcube
-    app.kubernetes.io/part-of: roundcube
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: ACCESS_KEY_ID
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/postgres-backups
-        metadataPolicy: None
-        property: access
-    - secretKey: ACCESS_SECRET_KEY
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/postgres-backups
-        metadataPolicy: None
-        property: secret
--- a/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-cluster-backup-secret-garage.yaml
+++ b/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-cluster-backup-secret-garage.yaml
@@ -1,17 +1,28 @@
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
 metadata:
-  name: roundcube-postgresql-18-cluster-backup-secret-garage
+  name: roundcube-postgresql-18-recovery-secret
  namespace: roundcube
  labels:
-    app.kubernetes.io/name: roundcube-postgresql-18-cluster-backup-secret-garage
+    helm.sh/chart: postgres-18-cluster-7.4.3
+    app.kubernetes.io/name: roundcube-postgresql-18
    app.kubernetes.io/instance: roundcube
    app.kubernetes.io/part-of: roundcube
+    app.kubernetes.io/version: "7.4.3"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: roundcube-postgresql-18-recovery-secret
 spec:
  secretStoreRef:
    kind: ClusterSecretStore
    name: vault
  data:
+    - secretKey: ACCESS_REGION
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_REGION
    - secretKey: ACCESS_KEY_ID
      remoteRef:
        conversionStrategy: Default
@@ -26,10 +37,3 @@ spec:
        key: /garage/home-infra/postgres-backups
        metadataPolicy: None
        property: ACCESS_SECRET_KEY
-    - secretKey: ACCESS_REGION
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /garage/home-infra/postgres-backups
-        metadataPolicy: None
-        property: ACCESS_REGION
--- a/clusters/cl01tl/manifests/roundcube/HTTPRoute-http-route-mail.yaml
+++ b/clusters/cl01tl/manifests/roundcube/HTTPRoute-http-route-mail.yaml
@@ -1,12 +1,13 @@
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
-  name: http-route-mail
-  namespace: roundcube
+  name: roundcube
  labels:
-    app.kubernetes.io/name: http-route-mail
    app.kubernetes.io/instance: roundcube
-    app.kubernetes.io/part-of: roundcube
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: roundcube
+    helm.sh/chart: roundcube-4.5.0
+  namespace: roundcube
 spec:
  parentRefs:
    - group: gateway.networking.k8s.io
@@ -14,15 +15,16 @@ spec:
      name: traefik-gateway
      namespace: traefik
  hostnames:
-    - mail.alexlebens.net
+    - "mail.alexlebens.net"
  rules:
-    - matches:
+    - backendRefs:
+        - group: ""
+          kind: Service
+          name: roundcube
+          namespace: roundcube
+          port: 80
+          weight: 100
+      matches:
        - path:
            type: PathPrefix
            value: /
-      backendRefs:
-        - group: ''
-          kind: Service
-          name: roundcube
-          port: 80
-          weight: 100
--- a/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-backup-garage-local.yaml
+++ b/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-backup-garage-local.yaml
@@ -1,27 +1,28 @@
 apiVersion: barmancloud.cnpg.io/v1
 kind: ObjectStore
 metadata:
-  name: "roundcube-postgresql-18-garage-local-backup"
+  name: roundcube-postgresql-18-backup-garage-local
  namespace: roundcube
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: roundcube-postgresql-18
    app.kubernetes.io/instance: roundcube
    app.kubernetes.io/part-of: roundcube
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: roundcube-postgresql-18-backup-garage-local
 spec:
-  retentionPolicy: 3d
+  retentionPolicy: 7d
  configuration:
    destinationPath: s3://postgres-backups/cl01tl/roundcube/roundcube-postgresql-18-cluster
    endpointURL: http://garage-main.garage:3900
    s3Credentials:
      accessKeyId:
-        name: roundcube-postgresql-18-cluster-backup-secret-garage
+        name: roundcube-postgresql-18-backup-garage-local-secret
        key: ACCESS_KEY_ID
      secretAccessKey:
-        name: roundcube-postgresql-18-cluster-backup-secret-garage
+        name: roundcube-postgresql-18-backup-garage-local-secret
        key: ACCESS_SECRET_KEY
      region:
-        name: roundcube-postgresql-18-cluster-backup-secret-garage
+        name: roundcube-postgresql-18-backup-garage-local-secret
        key: ACCESS_REGION
--- a/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-recovery.yaml
+++ b/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-recovery.yaml
@@ -4,12 +4,13 @@ metadata:
  name: "roundcube-postgresql-18-recovery"
  namespace: roundcube
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: roundcube-postgresql-18
    app.kubernetes.io/instance: roundcube
    app.kubernetes.io/part-of: roundcube
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: "roundcube-postgresql-18-recovery"
 spec:
  configuration:
    destinationPath: s3://postgres-backups/cl01tl/roundcube/roundcube-postgresql-18-cluster
@@ -22,8 +23,11 @@ spec:
      jobs: 1
    s3Credentials:
      accessKeyId:
-        name: roundcube-postgresql-18-cluster-backup-secret-garage
+        name: roundcube-postgresql-18-recovery-secret
        key: ACCESS_KEY_ID
      secretAccessKey:
-        name: roundcube-postgresql-18-cluster-backup-secret-garage
+        name: roundcube-postgresql-18-recovery-secret
        key: ACCESS_SECRET_KEY
+      region:
+        name: roundcube-postgresql-18-recovery-secret
+        key: ACCESS_REGION
--- a/clusters/cl01tl/manifests/roundcube/PrometheusRule-roundcube-postgresql-18-alert-rules.yaml
+++ b/clusters/cl01tl/manifests/roundcube/PrometheusRule-roundcube-postgresql-18-alert-rules.yaml
@@ -4,11 +4,11 @@ metadata:
  name: roundcube-postgresql-18-alert-rules
  namespace: roundcube
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: roundcube-postgresql-18
    app.kubernetes.io/instance: roundcube
    app.kubernetes.io/part-of: roundcube
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
 spec:
  groups:
--- a/clusters/cl01tl/manifests/roundcube/ScheduledBackup-roundcube-postgresql-18-scheduled-backup-live-backup.yaml
+++ b/clusters/cl01tl/manifests/roundcube/ScheduledBackup-roundcube-postgresql-18-scheduled-backup-live-backup.yaml
@@ -1,15 +1,16 @@
 apiVersion: postgresql.cnpg.io/v1
 kind: ScheduledBackup
 metadata:
-  name: "roundcube-postgresql-18-live-backup-scheduled-backup"
+  name: "roundcube-postgresql-18-scheduled-backup-live-backup"
  namespace: roundcube
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: roundcube-postgresql-18
    app.kubernetes.io/instance: roundcube
    app.kubernetes.io/part-of: roundcube
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: "roundcube-postgresql-18-scheduled-backup-live-backup"
 spec:
  immediate: true
  suspend: false
@@ -21,4 +22,4 @@ spec:
  pluginConfiguration:
    name: barman-cloud.cloudnative-pg.io
    parameters:
-      barmanObjectName: "roundcube-postgresql-18-garage-local-backup"
+      barmanObjectName: "roundcube-postgresql-18-backup-garage-local"
--- a/clusters/cl01tl/manifests/s3-exporter/ServiceMonitor-s3-exporter-ceph-directus.yaml
+++ b/clusters/cl01tl/manifests/s3-exporter/ServiceMonitor-s3-exporter-ceph-directus.yaml
@@ -2,19 +2,23 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
  name: s3-exporter-ceph-directus
-  namespace: s3-exporter
  labels:
-    app.kubernetes.io/name: s3-exporter-ceph-directus
    app.kubernetes.io/instance: s3-exporter
-    app.kubernetes.io/part-of: s3-exporter
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: s3-exporter
+    helm.sh/chart: s3-exporter-4.5.0
+  namespace: s3-exporter
 spec:
+  jobLabel: "s3-exporter-ceph-directus"
+  namespaceSelector:
+    matchNames:
+      - s3-exporter
  selector:
    matchLabels:
-      app.kubernetes.io/name: s3-exporter
-      app.kubernetes.io/instance: s3-exporter
-      app.kubernetes.io/service: s3-exporter-ceph-directus
+      app.kubernetes.io/instance: s3-exporter-ceph-directus
+      app.kubernetes.io/name: s3-exporter-ceph-directus
  endpoints:
-    - port: metrics
-      interval: 5m
-      scrapeTimeout: 120s
+    - interval: 5m
      path: /metrics
+      port: metrics
+      scrapeTimeout: 120s
--- a/clusters/cl01tl/manifests/s3-exporter/ServiceMonitor-s3-exporter-digital-ocean.yaml
+++ b/clusters/cl01tl/manifests/s3-exporter/ServiceMonitor-s3-exporter-digital-ocean.yaml
@@ -2,19 +2,23 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
  name: s3-exporter-digital-ocean
-  namespace: s3-exporter
  labels:
-    app.kubernetes.io/name: s3-exporter-digital-ocean
    app.kubernetes.io/instance: s3-exporter
-    app.kubernetes.io/part-of: s3-exporter
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: s3-exporter
+    helm.sh/chart: s3-exporter-4.5.0
+  namespace: s3-exporter
 spec:
+  jobLabel: "s3-exporter-digital-ocean"
+  namespaceSelector:
+    matchNames:
+      - s3-exporter
  selector:
    matchLabels:
-      app.kubernetes.io/name: s3-exporter
-      app.kubernetes.io/instance: s3-exporter
-      app.kubernetes.io/service: s3-exporter-digital-ocean
+      app.kubernetes.io/instance: s3-exporter-digital-ocean
+      app.kubernetes.io/name: s3-exporter-digital-ocean
  endpoints:
-    - port: metrics
-      interval: 5m
-      scrapeTimeout: 120s
+    - interval: 5m
      path: /metrics
+      port: metrics
+      scrapeTimeout: 120s
--- a/clusters/cl01tl/manifests/s3-exporter/ServiceMonitor-s3-exporter-garage-local.yaml
+++ b/clusters/cl01tl/manifests/s3-exporter/ServiceMonitor-s3-exporter-garage-local.yaml
@@ -2,19 +2,23 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
  name: s3-exporter-garage-local
-  namespace: s3-exporter
  labels:
-    app.kubernetes.io/name: s3-exporter-garage-local
    app.kubernetes.io/instance: s3-exporter
-    app.kubernetes.io/part-of: s3-exporter
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: s3-exporter
+    helm.sh/chart: s3-exporter-4.5.0
+  namespace: s3-exporter
 spec:
+  jobLabel: "s3-exporter-garage-local"
+  namespaceSelector:
+    matchNames:
+      - s3-exporter
  selector:
    matchLabels:
-      app.kubernetes.io/name: s3-exporter
-      app.kubernetes.io/instance: s3-exporter
-      app.kubernetes.io/service: s3-exporter-garage-local
+      app.kubernetes.io/instance: s3-exporter-garage-local
+      app.kubernetes.io/name: s3-exporter-garage-local
  endpoints:
-    - port: metrics
-      interval: 5m
-      scrapeTimeout: 120s
+    - interval: 5m
      path: /metrics
+      port: metrics
+      scrapeTimeout: 120s
--- a/clusters/cl01tl/manifests/s3-exporter/ServiceMonitor-s3-exporter-garage-remote.yaml
+++ b/clusters/cl01tl/manifests/s3-exporter/ServiceMonitor-s3-exporter-garage-remote.yaml
@@ -2,19 +2,23 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
  name: s3-exporter-garage-remote
-  namespace: s3-exporter
  labels:
-    app.kubernetes.io/name: s3-exporter-garage-remote
    app.kubernetes.io/instance: s3-exporter
-    app.kubernetes.io/part-of: s3-exporter
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: s3-exporter
+    helm.sh/chart: s3-exporter-4.5.0
+  namespace: s3-exporter
 spec:
+  jobLabel: "s3-exporter-garage-remote"
+  namespaceSelector:
+    matchNames:
+      - s3-exporter
  selector:
    matchLabels:
-      app.kubernetes.io/name: s3-exporter
-      app.kubernetes.io/instance: s3-exporter
-      app.kubernetes.io/service: s3-exporter-garage-remote
+      app.kubernetes.io/instance: s3-exporter-garage-remote
+      app.kubernetes.io/name: s3-exporter-garage-remote
  endpoints:
-    - port: metrics
-      interval: 5m
-      scrapeTimeout: 5m
+    - interval: 5m
      path: /metrics
+      port: metrics
+      scrapeTimeout: 120s
--- a/clusters/cl01tl/manifests/searxng/HTTPRoute-http-route-searxng.yaml
+++ b/clusters/cl01tl/manifests/searxng/HTTPRoute-http-route-searxng.yaml
@@ -1,12 +1,13 @@
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
-  name: http-route-searxng
-  namespace: searxng
+  name: searxng
  labels:
-    app.kubernetes.io/name: http-route-searxng
    app.kubernetes.io/instance: searxng
-    app.kubernetes.io/part-of: searxng
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: searxng
+    helm.sh/chart: searxng-4.5.0
+  namespace: searxng
 spec:
  parentRefs:
    - group: gateway.networking.k8s.io
@@ -14,15 +15,16 @@ spec:
      name: traefik-gateway
      namespace: traefik
  hostnames:
-    - searxng.alexlebens.net
+    - "searxng.alexlebens.net"
  rules:
-    - matches:
+    - backendRefs:
+        - group: ""
+          kind: Service
+          name: searxng-browser
+          namespace: searxng
+          port: 80
+          weight: 100
+      matches:
        - path:
            type: PathPrefix
            value: /
-      backendRefs:
-        - group: ''
-          kind: Service
-          name: searxng-browser
-          port: 80
-          weight: 100
--- a/clusters/cl01tl/manifests/searxng/ServiceMonitor-searxng-browser.yaml
+++ b/clusters/cl01tl/manifests/searxng/ServiceMonitor-searxng-browser.yaml
@@ -1,26 +1,31 @@
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
-  name: searxng-browser
-  namespace: searxng
+  name: searxng
  labels:
-    app.kubernetes.io/name: searxng-browser
    app.kubernetes.io/instance: searxng
-    app.kubernetes.io/part-of: searxng
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: searxng
+    helm.sh/chart: searxng-4.5.0
+  namespace: searxng
 spec:
+  jobLabel: "searxng"
+  namespaceSelector:
+    matchNames:
+      - searxng
  selector:
    matchLabels:
+      app.kubernetes.io/instance: searxng-browser
      app.kubernetes.io/name: searxng-browser
-      app.kubernetes.io/instance: searxng
  endpoints:
-    - port: mail
-      interval: 30s
-      scrapeTimeout: 15s
-      path: /metrics
-      basicAuth:
+    - basicAuth:
        password:
-          name: searxng-browser-metrics-auth
          key: metrics-password
-        username:
          name: searxng-browser-metrics-auth
+        username:
          key: metrics-username
+          name: searxng-browser-metrics-auth
+      interval: 30s
+      path: /metrics
+      port: mail
+      scrapeTimeout: 15s