From 66d6bf07fb03cb8e36176c4cef241fee8e3519aa Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Sun, 5 Apr 2026 19:46:50 -0500 Subject: [PATCH] feat: refactor apps --- .../helm/kube-prometheus-stack/Chart.lock | 7 +++- .../helm/kube-prometheus-stack/Chart.yaml | 4 ++ clusters/cl01tl/helm/postiz/Chart.lock | 8 ++-- clusters/cl01tl/helm/postiz/Chart.yaml | 10 ++--- .../postiz/templates/external-secret.yaml | 21 ---------- .../helm/postiz/templates/http-route.yaml | 28 ------------- clusters/cl01tl/helm/postiz/values.yaml | 39 +++---------------- 7 files changed, 23 insertions(+), 94 deletions(-) delete mode 100644 clusters/cl01tl/helm/postiz/templates/http-route.yaml diff --git a/clusters/cl01tl/helm/kube-prometheus-stack/Chart.lock b/clusters/cl01tl/helm/kube-prometheus-stack/Chart.lock index 4c0fb3115..fdb7c318a 100644 --- a/clusters/cl01tl/helm/kube-prometheus-stack/Chart.lock +++ b/clusters/cl01tl/helm/kube-prometheus-stack/Chart.lock @@ -2,11 +2,14 @@ dependencies: - name: kube-prometheus-stack repository: oci://ghcr.io/prometheus-community/charts version: 82.18.0 +- name: prometheus-operator-crds + repository: oci://ghcr.io/prometheus-community/charts + version: 28.0.1 - name: app-template repository: https://bjw-s-labs.github.io/helm-charts/ version: 4.6.2 - name: valkey repository: oci://harbor.alexlebens.net/helm-charts version: 0.5.0 -digest: sha256:bd480d8e4de9a528a73ec1bbadff5afb4d1f37ba6a85d98ec82a607283148f3d -generated: "2026-04-04T21:48:51.739477322Z" +digest: sha256:e4632c1c2f0b9d0b37edc7ecf1a008cdf3683737133f2d0b119eab9f968ebf88 +generated: "2026-04-05T19:45:07.805154-05:00" diff --git a/clusters/cl01tl/helm/kube-prometheus-stack/Chart.yaml b/clusters/cl01tl/helm/kube-prometheus-stack/Chart.yaml index 191b2cdfa..5b1bd4e0a 100644 --- a/clusters/cl01tl/helm/kube-prometheus-stack/Chart.yaml +++ b/clusters/cl01tl/helm/kube-prometheus-stack/Chart.yaml @@ -12,6 +12,7 @@ sources: - https://git.xenrox.net/~xenrox/ntfy-alertmanager/ - https://hub.docker.com/r/xenrox/ntfy-alertmanager - https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack + - https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-operator-crds - https://github.com/bjw-s/helm-charts/blob/main/charts/other/app-template - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/valkey maintainers: @@ -20,6 +21,9 @@ dependencies: - name: kube-prometheus-stack version: 82.18.0 repository: oci://ghcr.io/prometheus-community/charts + - name: prometheus-operator-crds + version: 28.0.1 + repository: oci://ghcr.io/prometheus-community/charts - name: app-template alias: ntfy-alertmanager repository: https://bjw-s-labs.github.io/helm-charts/ diff --git a/clusters/cl01tl/helm/postiz/Chart.lock b/clusters/cl01tl/helm/postiz/Chart.lock index b74e98cd3..a1e1b5a00 100644 --- a/clusters/cl01tl/helm/postiz/Chart.lock +++ b/clusters/cl01tl/helm/postiz/Chart.lock @@ -7,15 +7,15 @@ dependencies: version: 2.4.0 - name: postgres-cluster repository: oci://harbor.alexlebens.net/helm-charts - version: 7.10.0 + version: 7.11.2 - name: valkey repository: oci://harbor.alexlebens.net/helm-charts - version: 0.4.0 + version: 0.5.0 - name: volsync-target repository: oci://harbor.alexlebens.net/helm-charts version: 0.8.0 - name: volsync-target repository: oci://harbor.alexlebens.net/helm-charts version: 0.8.0 -digest: sha256:de3fb540df1cf7385a19316741854d01e002740c0bf346f3da0ff3a809b1fc3d -generated: "2026-03-15T20:08:06.855136249Z" +digest: sha256:1c7f2f341be8892e4b8e016c34676dee45f35caf75908a0eabe845b5683948c4 +generated: "2026-04-05T19:40:33.153012-05:00" diff --git a/clusters/cl01tl/helm/postiz/Chart.yaml b/clusters/cl01tl/helm/postiz/Chart.yaml index f6d6338a3..2f96f9abd 100644 --- a/clusters/cl01tl/helm/postiz/Chart.yaml +++ b/clusters/cl01tl/helm/postiz/Chart.yaml @@ -5,15 +5,15 @@ description: Postiz keywords: - postiz - social-media -home: https://wiki.alexlebens.dev/s/f483a06b-860b-423c-8d51-a1ce82e0fd43 +home: https://docs.alexlebens.dev/applications/plex/ sources: - https://github.com/gitroomhq/postiz-app - - https://github.com/cloudflare/cloudflared - - https://github.com/cloudnative-pg/cloudnative-pg - https://github.com/gitroomhq/postiz-app/pkgs/container/postiz-app - https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster + - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/valkey + - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target maintainers: - name: alexlebens dependencies: @@ -26,11 +26,11 @@ dependencies: version: 2.4.0 - name: postgres-cluster alias: postgres-18-cluster - version: 7.10.0 + version: 7.11.2 repository: oci://harbor.alexlebens.net/helm-charts - name: valkey alias: valkey - version: 0.4.0 + version: 0.5.0 repository: oci://harbor.alexlebens.net/helm-charts - name: volsync-target alias: volsync-target-config diff --git a/clusters/cl01tl/helm/postiz/templates/external-secret.yaml b/clusters/cl01tl/helm/postiz/templates/external-secret.yaml index 31c8ce8d6..51bb8c61b 100644 --- a/clusters/cl01tl/helm/postiz/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/postiz/templates/external-secret.yaml @@ -14,10 +14,7 @@ spec: data: - secretKey: JWT_SECRET remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cl01tl/postiz/config - metadataPolicy: None property: JWT_SECRET --- @@ -37,31 +34,19 @@ spec: data: - secretKey: REDIS_URL remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cl01tl/postiz/valkey - metadataPolicy: None property: url - secretKey: user remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cl01tl/postiz/valkey - metadataPolicy: None property: user - secretKey: password remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cl01tl/postiz/valkey - metadataPolicy: None property: password - secretKey: default remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cl01tl/postiz/valkey - metadataPolicy: None property: password --- @@ -81,15 +66,9 @@ spec: data: - secretKey: client remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /authentik/oidc/postiz - metadataPolicy: None property: client - secretKey: secret remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /authentik/oidc/postiz - metadataPolicy: None property: secret diff --git a/clusters/cl01tl/helm/postiz/templates/http-route.yaml b/clusters/cl01tl/helm/postiz/templates/http-route.yaml deleted file mode 100644 index 382c76ca5..000000000 --- a/clusters/cl01tl/helm/postiz/templates/http-route.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: http-route-postiz - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: http-route-postiz - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - postiz.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: postiz - port: 80 - weight: 100 diff --git a/clusters/cl01tl/helm/postiz/values.yaml b/clusters/cl01tl/helm/postiz/values.yaml index 0385c8b60..b91292d72 100644 --- a/clusters/cl01tl/helm/postiz/values.yaml +++ b/clusters/cl01tl/helm/postiz/values.yaml @@ -4,13 +4,11 @@ postiz: type: deployment replicas: 1 strategy: Recreate - revisionHistoryLimit: 3 containers: main: image: repository: ghcr.io/gitroomhq/postiz-app - tag: v2.21.4 - pullPolicy: IfNotPresent + tag: v2.21.4@sha256:a339e9ee256537526d0eda19e5919e01fa7649a40596ebec5d9e1389850836bc env: - name: MAIN_URL value: https://postiz.alexlebens.dev @@ -72,7 +70,7 @@ postiz: resources: requests: cpu: 10m - memory: 128Mi + memory: 1Gi service: main: controller: main @@ -80,7 +78,6 @@ postiz: http: port: 80 targetPort: 5000 - protocol: HTTP route: main: kind: HTTPRoute @@ -93,11 +90,8 @@ postiz: - postiz.alexlebens.net rules: - backendRefs: - - group: '' - kind: Service - name: postiz + - name: postiz port: 80 - weight: 100 matches: - path: type: PathPrefix @@ -108,7 +102,6 @@ postiz: storageClass: ceph-block accessMode: ReadWriteOnce size: 2Gi - retain: true advancedMounts: main: main: @@ -119,7 +112,6 @@ postiz: storageClass: ceph-block accessMode: ReadWriteOnce size: 10Gi - retain: true advancedMounts: main: main: @@ -138,35 +130,12 @@ postgres-18-cluster: destinationBucket: postgres-backups externalSecretCredentialPath: /garage/home-infra/postgres-backups isWALArchiver: true - # - name: garage-remote - # index: 1 - # destinationBucket: postgres-backups - # externalSecretCredentialPath: /garage/home-infra/postgres-backups - # retentionPolicy: "90d" - # data: - # compression: bzip2 - # - name: external - # index: 1 - # endpointURL: https://nyc3.digitaloceanspaces.com - # destinationBucket: postgres-backups-ce540ddf106d186bbddca68a - # externalSecretCredentialPath: /garage/home-infra/postgres-backups - # isWALArchiver: false scheduledBackups: - name: live-backup suspend: false immediate: true schedule: "0 20 15 * * *" backupName: garage-local - # - name: weekly-backup - # suspend: true - # immediate: true - # schedule: "0 0 4 * * SAT" - # backupName: garage-remote - # - name: daily-backup - # suspend: true - # immediate: true - # schedule: "0 0 0 * * *" - # backupName: external valkey: valkey: auth: @@ -175,6 +144,8 @@ valkey: aclUsers: default: permissions: "~* &* +@all" + # No option to configure metrics when auth is enabled + # https://github.com/valkey-io/valkey-helm/issues/135 metrics: enabled: false volsync-target-config: -- 2.49.1