From 4fd2022d008ab09498d931248807390610d2186c Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Mon, 23 Mar 2026 02:40:35 +0000 Subject: [PATCH] chore: Update manifests after change --- .../Deployment-audiobookshelf.yaml | 16 ++++------- ...lSecret-audiobookshelf-apprise-config.yaml | 3 --- .../HTTPRoute-audiobookshelf.yaml | 2 +- ...tentVolumeClaim-audiobookshelf-config.yaml | 2 -- ...ntVolumeClaim-audiobookshelf-metadata.yaml | 2 -- .../Deployment-authentik-server.yaml | 15 ++++++----- .../Deployment-authentik-worker.yaml | 7 +++-- .../ExternalSecret-authentik-key-secret.yaml | 3 --- .../authentik/HTTPRoute-authentik-server.yaml | 2 +- .../Service-authentik-worker-metrics.yaml | 24 +++++++++++++++++ .../ServiceMonitor-authentik-worker.yaml | 27 +++++++++++++++++++ 11 files changed, 72 insertions(+), 31 deletions(-) create mode 100644 clusters/cl01tl/manifests/authentik/Service-authentik-worker-metrics.yaml create mode 100644 clusters/cl01tl/manifests/authentik/ServiceMonitor-authentik-worker.yaml diff --git a/clusters/cl01tl/manifests/audiobookshelf/Deployment-audiobookshelf.yaml b/clusters/cl01tl/manifests/audiobookshelf/Deployment-audiobookshelf.yaml index abd122018..11806e3fe 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/Deployment-audiobookshelf.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/Deployment-audiobookshelf.yaml @@ -36,7 +36,7 @@ spec: containers: - env: - name: TZ - value: US/Central + value: America/Chicago - name: PGID value: "1000" - name: PUID @@ -52,23 +52,17 @@ spec: secretKeyRef: key: ntfy-url name: audiobookshelf-apprise-config - image: caronc/apprise:v1.3.2 - imagePullPolicy: IfNotPresent + image: ghcr.io/caronc/apprise:v1.3.2@sha256:1aafc2118b6eae5d70d17831d9a8a52adee7104fd6f2bb018e6421664699c903 name: apprise-api - resources: - requests: - cpu: 10m - memory: 128Mi - env: - name: TZ - value: US/Central - image: ghcr.io/advplyr/audiobookshelf:2.33.1 - imagePullPolicy: IfNotPresent + value: America/Chicago + image: ghcr.io/advplyr/audiobookshelf:2.33.1@sha256:a4a5841bba093d81e5f4ad1eaedb4da3fda6dbb2528c552349da50ad1f7ae708 name: main resources: requests: cpu: 10m - memory: 128Mi + memory: 200Mi volumeMounts: - mountPath: /mnt/store/Audiobooks name: audiobooks diff --git a/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-apprise-config.yaml b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-apprise-config.yaml index 7d29da47c..cbfae4d70 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-apprise-config.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-apprise-config.yaml @@ -14,8 +14,5 @@ spec: data: - secretKey: ntfy-url remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cl01tl/audiobookshelf/apprise - metadataPolicy: None property: ntfy-url diff --git a/clusters/cl01tl/manifests/audiobookshelf/HTTPRoute-audiobookshelf.yaml b/clusters/cl01tl/manifests/audiobookshelf/HTTPRoute-audiobookshelf.yaml index fd9cb0f5c..88256e269 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/HTTPRoute-audiobookshelf.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/HTTPRoute-audiobookshelf.yaml @@ -23,7 +23,7 @@ spec: name: audiobookshelf namespace: audiobookshelf port: 80 - weight: 100 + weight: 1 matches: - path: type: PathPrefix diff --git a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-config.yaml b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-config.yaml index 41072887f..d6ae81973 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-config.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-config.yaml @@ -7,8 +7,6 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: audiobookshelf helm.sh/chart: audiobookshelf-4.6.2 - annotations: - helm.sh/resource-policy: keep namespace: audiobookshelf spec: accessModes: diff --git a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-metadata.yaml b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-metadata.yaml index 36343aa84..2df99e694 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-metadata.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-metadata.yaml @@ -7,8 +7,6 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: audiobookshelf helm.sh/chart: audiobookshelf-4.6.2 - annotations: - helm.sh/resource-policy: keep namespace: audiobookshelf spec: accessModes: diff --git a/clusters/cl01tl/manifests/authentik/Deployment-authentik-server.yaml b/clusters/cl01tl/manifests/authentik/Deployment-authentik-server.yaml index 6a0918e7d..768b2cbfa 100644 --- a/clusters/cl01tl/manifests/authentik/Deployment-authentik-server.yaml +++ b/clusters/cl01tl/manifests/authentik/Deployment-authentik-server.yaml @@ -12,7 +12,7 @@ metadata: app.kubernetes.io/part-of: "authentik" app.kubernetes.io/version: "2026.2.1" spec: - replicas: 1 + replicas: 2 revisionHistoryLimit: 3 selector: matchLabels: @@ -89,19 +89,19 @@ spec: httpGet: path: '/-/health/live/' port: http - initialDelaySeconds: 5 + initialDelaySeconds: 15 periodSeconds: 10 successThreshold: 1 - timeoutSeconds: 3 + timeoutSeconds: 5 readinessProbe: failureThreshold: 3 httpGet: path: '/-/health/ready/' port: http - initialDelaySeconds: 5 + initialDelaySeconds: 15 periodSeconds: 10 successThreshold: 1 - timeoutSeconds: 3 + timeoutSeconds: 5 startupProbe: failureThreshold: 60 httpGet: @@ -111,7 +111,10 @@ spec: periodSeconds: 10 successThreshold: 1 timeoutSeconds: 3 - resources: {} + resources: + requests: + cpu: 100m + memory: 700Mi affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: diff --git a/clusters/cl01tl/manifests/authentik/Deployment-authentik-worker.yaml b/clusters/cl01tl/manifests/authentik/Deployment-authentik-worker.yaml index 6961c4ba1..8bad4b793 100644 --- a/clusters/cl01tl/manifests/authentik/Deployment-authentik-worker.yaml +++ b/clusters/cl01tl/manifests/authentik/Deployment-authentik-worker.yaml @@ -12,7 +12,7 @@ metadata: app.kubernetes.io/part-of: "authentik" app.kubernetes.io/version: "2026.2.1" spec: - replicas: 1 + replicas: 2 revisionHistoryLimit: 3 selector: matchLabels: @@ -110,7 +110,10 @@ spec: periodSeconds: 10 successThreshold: 1 timeoutSeconds: 3 - resources: {} + resources: + requests: + cpu: 100m + memory: 512Mi affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: diff --git a/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key-secret.yaml b/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key-secret.yaml index c0f569df6..b870262c2 100644 --- a/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key-secret.yaml +++ b/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key-secret.yaml @@ -14,8 +14,5 @@ spec: data: - secretKey: key remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cl01tl/authentik/key - metadataPolicy: None property: key diff --git a/clusters/cl01tl/manifests/authentik/HTTPRoute-authentik-server.yaml b/clusters/cl01tl/manifests/authentik/HTTPRoute-authentik-server.yaml index ade3a2a68..0c17cffaf 100644 --- a/clusters/cl01tl/manifests/authentik/HTTPRoute-authentik-server.yaml +++ b/clusters/cl01tl/manifests/authentik/HTTPRoute-authentik-server.yaml @@ -29,4 +29,4 @@ spec: matches: - path: type: PathPrefix - value: / + value: '/' diff --git a/clusters/cl01tl/manifests/authentik/Service-authentik-worker-metrics.yaml b/clusters/cl01tl/manifests/authentik/Service-authentik-worker-metrics.yaml new file mode 100644 index 000000000..46c1bcd9a --- /dev/null +++ b/clusters/cl01tl/manifests/authentik/Service-authentik-worker-metrics.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: authentik-worker-metrics + namespace: "authentik" + labels: + helm.sh/chart: "authentik-2026.2.1" + app.kubernetes.io/name: "authentik" + app.kubernetes.io/instance: "authentik" + app.kubernetes.io/component: "worker-metrics" + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/part-of: "authentik" + app.kubernetes.io/version: "2026.2.1" +spec: + type: ClusterIP + ports: + - name: metrics + protocol: TCP + port: 9300 + targetPort: metrics + selector: + app.kubernetes.io/name: "authentik" + app.kubernetes.io/instance: "authentik" + app.kubernetes.io/component: "worker" diff --git a/clusters/cl01tl/manifests/authentik/ServiceMonitor-authentik-worker.yaml b/clusters/cl01tl/manifests/authentik/ServiceMonitor-authentik-worker.yaml new file mode 100644 index 000000000..6c8643bef --- /dev/null +++ b/clusters/cl01tl/manifests/authentik/ServiceMonitor-authentik-worker.yaml @@ -0,0 +1,27 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: authentik-worker + namespace: "authentik" + labels: + helm.sh/chart: "authentik-2026.2.1" + app.kubernetes.io/name: "authentik" + app.kubernetes.io/instance: "authentik" + app.kubernetes.io/component: "worker-metrics" + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/part-of: "authentik" + app.kubernetes.io/version: "2026.2.1" +spec: + endpoints: + - port: metrics + interval: 30s + scrapeTimeout: 3s + path: /metrics + namespaceSelector: + matchNames: + - authentik + selector: + matchLabels: + app.kubernetes.io/name: "authentik" + app.kubernetes.io/instance: "authentik" + app.kubernetes.io/component: "worker-metrics" -- 2.49.1