From d66f9b8f0d924ece483d19d4f2fd18e33ecbbe07 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Sun, 22 Mar 2026 16:30:39 -0500 Subject: [PATCH 1/4] feat: refactor actual --- clusters/cl01tl/helm/actual/Chart.yaml | 3 ++- clusters/cl01tl/helm/actual/values.yaml | 17 +++++------------ 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/clusters/cl01tl/helm/actual/Chart.yaml b/clusters/cl01tl/helm/actual/Chart.yaml index c6273b455..fc8d2fe58 100644 --- a/clusters/cl01tl/helm/actual/Chart.yaml +++ b/clusters/cl01tl/helm/actual/Chart.yaml @@ -5,11 +5,12 @@ description: Actual keywords: - actual - budget -home: https://wiki.alexlebens.dev/s/86192f45-94b7-45de-872c-6ef3fec7df5e +home: https://docs.alexlebens.dev/applications/actual/ sources: - https://github.com/actualbudget/actual - https://github.com/actualbudget/actual/pkgs/container/actual - https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template + - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target maintainers: - name: alexlebens dependencies: diff --git a/clusters/cl01tl/helm/actual/values.yaml b/clusters/cl01tl/helm/actual/values.yaml index 6cd281605..90f1b1b14 100644 --- a/clusters/cl01tl/helm/actual/values.yaml +++ b/clusters/cl01tl/helm/actual/values.yaml @@ -4,20 +4,18 @@ actual: type: deployment replicas: 1 strategy: Recreate - revisionHistoryLimit: 3 containers: main: image: repository: ghcr.io/actualbudget/actual tag: 26.3.0 - pullPolicy: IfNotPresent env: - - name: TZ - value: US/Central + - name: ACTUAL_PORT + value: 5006 resources: requests: - cpu: 10m - memory: 128Mi + cpu: 25m + memory: 64Mi probes: liveness: enabled: true @@ -54,11 +52,7 @@ actual: - actual.alexlebens.net rules: - backendRefs: - - group: '' - kind: Service - name: actual - port: 80 - weight: 100 + - port: 80 matches: - path: type: PathPrefix @@ -69,7 +63,6 @@ actual: storageClass: ceph-block accessMode: ReadWriteOnce size: 2Gi - retain: true advancedMounts: main: main: -- 2.49.1 From 685b1f09cdc32f57ef538c8fef535c3ffd390644 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Sun, 22 Mar 2026 16:44:21 -0500 Subject: [PATCH 2/4] feat: add service name --- clusters/cl01tl/helm/actual/values.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/clusters/cl01tl/helm/actual/values.yaml b/clusters/cl01tl/helm/actual/values.yaml index 90f1b1b14..cd114add5 100644 --- a/clusters/cl01tl/helm/actual/values.yaml +++ b/clusters/cl01tl/helm/actual/values.yaml @@ -52,7 +52,8 @@ actual: - actual.alexlebens.net rules: - backendRefs: - - port: 80 + - name: actual + port: 80 matches: - path: type: PathPrefix -- 2.49.1 From aecd2804eb9c871cdcfef812bb8da7e95e66a8b4 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Sun, 22 Mar 2026 16:46:59 -0500 Subject: [PATCH 3/4] feat: add sha to image tag --- clusters/cl01tl/helm/actual/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clusters/cl01tl/helm/actual/values.yaml b/clusters/cl01tl/helm/actual/values.yaml index cd114add5..1ade7d7d0 100644 --- a/clusters/cl01tl/helm/actual/values.yaml +++ b/clusters/cl01tl/helm/actual/values.yaml @@ -8,7 +8,7 @@ actual: main: image: repository: ghcr.io/actualbudget/actual - tag: 26.3.0 + tag: 26.3.0@sha256:eb8bc26f53025e07e464594c12d77c52c4b95840c8dadd9b95c4f0c4660f8ad2 env: - name: ACTUAL_PORT value: 5006 -- 2.49.1 From b1f38a5362d0ec3733096367e83ad16ebf8fc0ae Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Sun, 22 Mar 2026 18:34:23 -0500 Subject: [PATCH 4/4] feat: refactor argo-workflows --- .../cl01tl/helm/argo-workflows/Chart.yaml | 5 +- .../templates/external-secret.yaml | 6 -- .../argo-workflows/templates/http-route.yaml | 28 -------- .../cl01tl/helm/argo-workflows/values.yaml | 66 +++++++------------ 4 files changed, 26 insertions(+), 79 deletions(-) delete mode 100644 clusters/cl01tl/helm/argo-workflows/templates/http-route.yaml diff --git a/clusters/cl01tl/helm/argo-workflows/Chart.yaml b/clusters/cl01tl/helm/argo-workflows/Chart.yaml index 10c59b31a..aced1f047 100644 --- a/clusters/cl01tl/helm/argo-workflows/Chart.yaml +++ b/clusters/cl01tl/helm/argo-workflows/Chart.yaml @@ -7,12 +7,13 @@ keywords: - argo-events - workflows - events -home: https://wiki.alexlebens.dev/s/a268508f-d81d-4b4b-8bd5-9058edaea635 +home: https://docs.alexlebens.dev/applications/argo-workflows/ sources: - https://github.com/argoproj/argo-workflows - https://github.com/argoproj/argo-events - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/argoproj/argo-helm/tree/main/charts + - https://github.com/argoproj/argo-helm/tree/main/charts/argo-workflows + - https://github.com/argoproj/argo-helm/tree/main/charts/argo-events - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster maintainers: - name: alexlebens diff --git a/clusters/cl01tl/helm/argo-workflows/templates/external-secret.yaml b/clusters/cl01tl/helm/argo-workflows/templates/external-secret.yaml index a28701b32..4df0b3be5 100644 --- a/clusters/cl01tl/helm/argo-workflows/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/argo-workflows/templates/external-secret.yaml @@ -14,15 +14,9 @@ spec: data: - secretKey: secret remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /authentik/oidc/argo-workflows - metadataPolicy: None property: secret - secretKey: client remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /authentik/oidc/argo-workflows - metadataPolicy: None property: client diff --git a/clusters/cl01tl/helm/argo-workflows/templates/http-route.yaml b/clusters/cl01tl/helm/argo-workflows/templates/http-route.yaml deleted file mode 100644 index d1bfaa142..000000000 --- a/clusters/cl01tl/helm/argo-workflows/templates/http-route.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: argo-workflows - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: argo-workflows - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - argo-workflows.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: argo-workflows-server - port: 2746 - weight: 100 diff --git a/clusters/cl01tl/helm/argo-workflows/values.yaml b/clusters/cl01tl/helm/argo-workflows/values.yaml index 2dbade056..7ebeeb0b9 100644 --- a/clusters/cl01tl/helm/argo-workflows/values.yaml +++ b/clusters/cl01tl/helm/argo-workflows/values.yaml @@ -2,8 +2,6 @@ argo-workflows: crds: install: true keep: true - # -- Use full CRDs with complete OpenAPI schemas. When false, uses minified CRDs with x-kubernetes-preserve-unknown-fields. - # Full CRDs are very large and are installed via a pre-install/pre-upgrade hook Job that uses server-side apply. full: true upgradeJob: image: @@ -13,11 +11,6 @@ argo-workflows: metricsConfig: enabled: true persistence: - connectionPool: - maxIdleConns: 100 - maxOpenConns: 0 - nodeStatusOffLoad: true - archive: true postgresql: host: argo-workflows-postgresql-18-cluster-rw port: 5432 @@ -32,24 +25,34 @@ argo-workflows: ssl: false sslMode: disable workflowWorkers: 2 - workflowTTLWorkers: 1 - podCleanupWorkers: 1 - cronWorkflowWorkers: 1 + workflowTTLWorkers: 2 + podCleanupWorkers: 2 + cronWorkflowWorkers: 2 resources: requests: cpu: 10m - memory: 128Mi + memory: 32Mi serviceMonitor: enabled: true - name: workflow-controller workflowNamespaces: - - argocd - argo-workflows server: authModes: - sso - ingress: - enabled: false + httproute: + enabled: true + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - argo-workflows.alexlebens.net + rules: + - matches: + - path: + type: PathPrefix + value: / sso: enabled: true issuer: https://authentik.alexlebens.net/application/o/argo-workflows/ @@ -66,15 +69,15 @@ argo-workflows: - openid - email - profile - useStaticCredentials: true - artifactRepository: - archiveLogs: false argo-events: + crds: + install: true + keep: true controller: resources: requests: cpu: 10m - memory: 128Mi + memory: 32Mi metrics: enabled: true serviceMonitor: @@ -84,7 +87,7 @@ argo-events: resources: requests: cpu: 10m - memory: 128Mi + memory: 32Mi postgres-18-cluster: mode: recovery recovery: @@ -98,32 +101,9 @@ postgres-18-cluster: destinationBucket: postgres-backups externalSecretCredentialPath: /garage/home-infra/postgres-backups isWALArchiver: true - # - name: garage-remote - # index: 1 - # destinationBucket: postgres-backups - # externalSecretCredentialPath: /garage/home-infra/postgres-backups - # retentionPolicy: "90d" - # data: - # compression: bzip2 - # - name: external - # index: 1 - # endpointURL: https://nyc3.digitaloceanspaces.com - # destinationBucket: postgres-backups-ce540ddf106d186bbddca68a - # externalSecretCredentialPath: /garage/home-infra/postgres-backups - # isWALArchiver: false scheduledBackups: - name: live-backup suspend: false immediate: true schedule: "0 0 14 * * *" backupName: garage-local - # - name: weekly-backup - # suspend: true - # immediate: true - # schedule: "0 0 4 * * SAT" - # backupName: garage-remote - # - name: daily-backup - # suspend: true - # immediate: true - # schedule: "0 0 0 * * *" - # backupName: external -- 2.49.1