chore(release): 0.30.0 [skip ci]

# [0.30.0](http://gitea-http.gitea:3000/alexlebens/site-documentation/compare/0.29.0...0.30.0) (2026-05-12)

### Features

* add 3d printer docs ([fac3a99](fac3a999d6))

.gitea/workflows/release-image.yaml

@@ -12,25 +12,25 @@ jobs:
     runs-on: ubuntu-js
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           ref: release
 
       - name: Set up Node
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v6.4.0
         with:
-          node-version: 24.14.1
+          node-version: 24.15.0
 
       - name: Set up Bun
-        uses: oven-sh/setup-bun@v2
+        uses: oven-sh/setup-bun@v2.2.0
         with:
-          bun-version: 1.3.12
+          bun-version: 1.3.13
 
       - name: Install Dependencies
         run: bun install --frozen-lockfile
 
       - name: Cache Astro Build Cache
-        uses: actions/cache@v5
+        uses: actions/cache@v5.0.5
         with:
           path: |
             .astro
@@ -64,12 +64,12 @@ jobs:
     runs-on: ubuntu-js
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           ref: release
 
       - name: Set up Python
-        uses: actions/setup-python@v6
+        uses: actions/setup-python@v6.2.0
         with:
           python-version: '3.12.13'
 
@@ -106,20 +106,20 @@ jobs:
       new-release-git-tag: ${{ steps.semantic.outputs.new-release-git-tag }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           fetch-depth: 0
           token: ${{ secrets.BOT_TOKEN }}
 
       - name: Set up Node
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v6.4.0
         with:
-          node-version: 24.14.1
+          node-version: 24.15.0
 
       - name: Set up Bun
-        uses: oven-sh/setup-bun@v2
+        uses: oven-sh/setup-bun@v2.2.0
         with:
-          bun-version: 1.3.12
+          bun-version: 1.3.13
 
       - name: Install Dependencies
         run: bun install --frozen-lockfile
@@ -139,19 +139,19 @@ jobs:
     if: ${{ needs.semantic-release.outputs.new-release-published == 'true' }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           ref: release
 
       - name: Login to Harbor Registry
-        uses: docker/login-action@v4
+        uses: docker/login-action@v4.1.0
         with:
           registry: ${{ vars.REGISTRY_HOST }}
           username: ${{ vars.REGISTRY_USER }}
           password: ${{ secrets.REGISTRY_SECRET }}
 
       - name: Login to Docker
-        uses: docker/login-action@v4
+        uses: docker/login-action@v4.1.0
         with:
           registry: ${{ vars.DH_REGISTRY }}
           username: ${{ secrets.DH_USERNAME }}
@@ -164,7 +164,7 @@ jobs:
 
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@v4
+        uses: docker/setup-buildx-action@v4.0.0
         with:
           driver: kubernetes
           driver-opts: |
@@ -179,7 +179,7 @@ jobs:
 
       - name: Extract Metadata
         id: meta
-        uses: docker/metadata-action@v6
+        uses: docker/metadata-action@v6.0.0
         with:
           images: |
             ${{ vars.REGISTRY_HOST }}/images/site-documentation
@@ -192,7 +192,7 @@ jobs:
             type=semver,pattern={{major}},value=${{ needs.semantic-release.outputs.new-release-version }}
 
       - name: Build and Push Image
-        uses: docker/build-push-action@v7
+        uses: docker/build-push-action@v7.1.0
         with:
           context: .
           push: true
@@ -243,19 +243,19 @@ jobs:
       needs.semantic-release.outputs.new-release-published == 'true'
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           ref: release
 
       - name: Login to Gitea Registry
-        uses: docker/login-action@v4
+        uses: docker/login-action@v4.1.0
         with:
           registry: ${{ vars.REPOSITORY_HOST }}
           username: ${{ gitea.actor }}
           password: ${{ secrets.REPOSITORY_TOKEN }}
 
       - name: Login to Docker
-        uses: docker/login-action@v4
+        uses: docker/login-action@v4.1.0
         with:
           registry: ${{ vars.DH_REGISTRY }}
           username: ${{ secrets.DH_USERNAME }}
@@ -268,7 +268,7 @@ jobs:
 
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@v4
+        uses: docker/setup-buildx-action@v4.0.0
         with:
           driver: kubernetes
           driver-opts: |
@@ -283,7 +283,7 @@ jobs:
 
       - name: Extract Metadata
         id: meta
-        uses: docker/metadata-action@v6
+        uses: docker/metadata-action@v6.0.0
         with:
           images: |
             ${{ vars.REPOSITORY_HOST }}/${{ gitea.repository }}
@@ -296,7 +296,7 @@ jobs:
             type=semver,pattern={{major}},value=${{ needs.semantic-release.outputs.new-release-version }}
 
       - name: Build and Push Image
-        uses: docker/build-push-action@v7
+        uses: docker/build-push-action@v7.1.0
         with:
           context: .
           push: true

.gitea/workflows/renovate.yaml

@@ -12,7 +12,7 @@ jobs:
     container: ghcr.io/renovatebot/renovate:43
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
 
       - name: Renovate
         run: renovate

.gitea/workflows/test-build.yaml

@@ -17,23 +17,23 @@ jobs:
     runs-on: ubuntu-js
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
 
       - name: Set up Node
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v6.4.0
         with:
-          node-version: 24.14.1
+          node-version: 24.15.0
 
       - name: Set up Bun
-        uses: oven-sh/setup-bun@v2
+        uses: oven-sh/setup-bun@v2.2.0
         with:
-          bun-version: 1.3.12
+          bun-version: 1.3.13
 
       - name: Install Dependencies
         run: bun install --frozen-lockfile
 
       - name: Cache Astro Build Cache
-        uses: actions/cache@v5
+        uses: actions/cache@v5.0.5
         with:
           path: |
             .astro
@@ -67,10 +67,10 @@ jobs:
     runs-on: ubuntu-js
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
 
       - name: Set up Python
-        uses: actions/setup-python@v6
+        uses: actions/setup-python@v6.2.0
         with:
           python-version: '3.12.13'
 

CHANGELOG.md

@@ -1,3 +1,86 @@
+# [0.30.0](http://gitea-http.gitea:3000/alexlebens/site-documentation/compare/0.29.0...0.30.0) (2026-05-12)
+
+
+### Features
+
+* add 3d printer docs ([fac3a99](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/fac3a999d64e499e92b0123f2a9b03074f4d4008))
+
+# [0.29.0](http://gitea-http.gitea:3000/alexlebens/site-documentation/compare/0.28.0...0.29.0) (2026-05-08)
+
+
+### Bug Fixes
+
+* **deps:** update dependency @astrojs/starlight to v0.38.5 ([0b8f720](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/0b8f720d6afc765759a3f5bfef1ec1a575247e4f))
+* **deps:** update dependency astro to v6.1.10 ([5c36a1f](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/5c36a1f31d8098828fe790dcb307ef6f391a53a0))
+* **deps:** update dependency astro to v6.2.2 ([9b57393](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/9b57393281b55441ef6786ed597519e0f6280e93))
+
+
+### Features
+
+* allow processing svg ([c7b49df](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/c7b49df433d25f343e336fdf5f972f479a2cd07e))
+* rebase ([1b34c03](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/1b34c03861824b350d144d7dabbe1d10111b86e1))
+* rebase ([a2bae2b](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/a2bae2bb1b2cb39005ded7c24a15705c0aea6695))
+
+# [0.28.0](http://gitea-http.gitea:3000/alexlebens/site-documentation/compare/0.27.1...0.28.0) (2026-04-27)
+
+
+### Bug Fixes
+
+* add escape ([990eb62](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/990eb62c75c2c0460a18410b8c2abff920fdffe2))
+
+
+### Features
+
+* move guides ([33e8873](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/33e887348ba9976e2dfb54f68d7031da060e3281))
+
+## [0.27.1](http://gitea-http.gitea:3000/alexlebens/site-documentation/compare/0.27.0...0.27.1) (2026-04-26)
+
+
+### Bug Fixes
+
+* **deps:** update astro monorepo ([6769f18](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/6769f18bd11000d3c4b71f0951f8a4cc147f8352))
+* **deps:** update dependency @astrojs/starlight to v0.38.4 ([a9d8640](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/a9d8640e5ed4f525bc46a49a971755a42befb8f6))
+* **deps:** update tailwindcss monorepo to v4.2.3 ([7ba7627](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/7ba762733b818ce9c758ad16a2c633d2e8093e02))
+* **deps:** update tailwindcss monorepo to v4.2.4 ([9173b81](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/9173b81db4fe9032726ef4d666c1f06f2b366a10))
+
+# [0.27.0](http://gitea-http.gitea:3000/alexlebens/site-documentation/compare/0.26.0...0.27.0) (2026-04-19)
+
+
+### Bug Fixes
+
+* **deps:** update dependency astro to v6.1.8 ([4b01ed5](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/4b01ed56546d645756d8b8967e3ed37d50d3ad22))
+
+
+### Features
+
+* add doc for secret store ([58d1631](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/58d16315fb8862f8b04d43414d5c9b848c73aaba))
+* rename to openbao ([07dd129](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/07dd12971da61180827813be6bb4ed532e94f118))
+
+# [0.26.0](http://gitea-http.gitea:3000/alexlebens/site-documentation/compare/0.25.0...0.26.0) (2026-04-16)
+
+
+### Bug Fixes
+
+* **deps:** update astro monorepo ([4a60e31](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/4a60e315f87a7a0fb2ed1d0aa0540a15c222baf1))
+* **deps:** update dependency sanitize-html to v2.17.3 ([27c6b11](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/27c6b11ea896736de5d137d2f0204b913ce081d1))
+
+
+### Features
+
+* add openbao ([b44da87](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/b44da87ac85e1e8a3efd054328b167ae78ba25fc))
+
+# [0.25.0](http://gitea-http.gitea:3000/alexlebens/site-documentation/compare/0.24.0...0.25.0) (2026-04-14)
+
+
+### Bug Fixes
+
+* **deps:** update dependency astro to v6.1.6 ([c37cbc5](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/c37cbc5fc086abcc1c16e775e38af4572679e47d))
+
+
+### Features
+
+* add sparkyfitness ([7bd88fe](http://gitea-http.gitea:3000/alexlebens/site-documentation/commit/7bd88fe69fe6079f35305e7d8424187756429c0a))
+
 # [0.24.0](http://gitea-http.gitea:3000/alexlebens/site-documentation/compare/0.23.0...0.24.0) (2026-04-12)
 
 

astro.config.mjs

@@ -16,6 +16,10 @@ const getSiteURL = () => {
 export default defineConfig({
   site: getSiteURL(),
 
+  image: {
+    dangerouslyProcessSVG: true
+  },
+
   prefetch: true,
 
   integrations: [
@@ -50,17 +54,17 @@ export default defineConfig({
       ],
       sidebar: [
         {
-          label: "Reference",
+          label: 'Reference',
-          autogenerate: { directory: "reference" },
+          items: [{ autogenerate: { "directory": "reference" } }]
         },
         {
-          label: "Guides",
+          label: 'Guides',
-          autogenerate: { directory: "guides" },
+          items: [{ autogenerate: { "directory": "guides" } }]
         },
         {
-          label: "Applications",
+          label: 'Applications',
           collapsed: true,
-          autogenerate: { directory: "applications" },
+          items: [{ autogenerate: { "directory": "applications" } }]
         },                
       ],
     })

package.json

@@ -1,7 +1,7 @@
 {
   "name": "site-documentation",
   "type": "module",
-  "version": "0.24.0",
+  "version": "0.30.0",
   "scripts": {
     "dev": "astro dev",
     "build": "astro build",
@@ -12,17 +12,17 @@
     "astro": "astro"
   },
   "dependencies": {
-    "@astrojs/mdx": "5.0.3",
+    "@astrojs/mdx": "5.0.4",
-    "@astrojs/node": "10.0.4",
+    "@astrojs/node": "10.1.0",
     "@astrojs/sitemap": "3.7.2",
-    "@astrojs/starlight": "0.38.3",
+    "@astrojs/starlight": "0.39.2",
-    "@tailwindcss/postcss": "4.2.2",
+    "@tailwindcss/postcss": "4.3.0",
-    "@tailwindcss/vite": "4.2.2",
+    "@tailwindcss/vite": "4.3.0",
-    "astro": "6.1.5",
+    "astro": "6.3.1",
-    "sanitize-html": "2.17.2",
+    "sanitize-html": "2.17.3",
     "sharp": "0.34.5",
     "starlight-theme-rapide": "0.5.2",
-    "tailwindcss": "4.2.2"
+    "tailwindcss": "4.3.0"
   },
   "devDependencies": {
     "@saithodev/semantic-release-gitea": "2.1.0",
@@ -30,19 +30,19 @@
     "@semantic-release/commit-analyzer": "13.0.1",
     "@semantic-release/git": "10.0.1",
     "@semantic-release/npm": "13.1.5",
-    "@semantic-release/release-notes-generator": "14.1.0",
+    "@semantic-release/release-notes-generator": "14.1.1",
     "@tailwindcss/forms": "0.5.11",
     "@tailwindcss/typography": "0.5.19",
-    "@typescript-eslint/parser": "8.58.1",
+    "@typescript-eslint/parser": "8.59.3",
-    "eslint": "10.2.0",
+    "eslint": "10.3.0",
     "eslint-config-prettier": "10.1.8",
     "eslint-plugin-astro": "1.7.0",
-    "prettier": "3.8.2",
+    "prettier": "3.8.3",
     "prettier-plugin-astro": "0.14.1",
-    "prettier-plugin-tailwindcss": "0.7.2",
+    "prettier-plugin-tailwindcss": "0.8.0",
     "semantic-release": "25.0.3",
     "semantic-release-export-data": "1.2.0",
-    "typescript": "6.0.2",
+    "typescript": "6.0.3",
-    "typescript-eslint": "8.58.1"
+    "typescript-eslint": "8.59.3"
   }
 }

src/content/docs/applications/democratic-csi-synology-iscsi.mdx

@@ -21,3 +21,21 @@ Storage provider for iSCSI block devices from the NAS.
 # Notes
 
 Used for applications that need to store a lot of data, but not over the NFS connection. Examples include metrics and logging storage.
+
+# Issues
+
+## Resizing the Prometheus disk
+
+There is an issue resizing iSCSI disks. The following Github issue has instructions on how to manually resize if a permissions error is thrown.
+
+https://github.com/democratic-csi/democratic-csi/issues/491#issuecomment-3778463893
+
+- Exec into the iSCSI node pod for the node where the volume is being attached.
+- Find the path where the volume is mounted, this should be in the error, and the disk name
+- umount \<path>
+- resize2fs /dev/\<disk name>
+- Receive the error that the filesystem isn't clean, press y to optimize
+- fsck -f /dev/\<disk name>
+- Ensure the above comes back clean
+- resize2fs /dev/sdb
+- Restart pod that is mounting the disk

src/content/docs/applications/openbao.mdx

@@ -0,0 +1,31 @@
+---
+title: OpenBao
+description: OpenBao is a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.
+hero:
+  tagline: OpenBao is a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.
+  image:
+    file: https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/openbao.webp
+  actions:
+    - text: Source
+      link: https://github.com/openbao/openbao
+      icon: right-arrow
+    - text: Deployment Chart
+      link: https://gitea.alexlebens.dev/alexlebens/infrastructure/src/branch/main/clusters/cl01tl/helm/openbao
+      icon: right-arrow
+---
+
+import { Aside } from '@astrojs/starlight/components';
+
+<Aside type="tip">Has an internal [Grafana Dashboard](https://grafana.alexlebens.net/goto/bfit8f62ducjkd?orgId=1).</Aside>
+
+# Purpose
+
+Secrets manager.
+
+# Notes
+
+Retrieved by [External Secrets](https://docs.alexlebens.dev/applications/external-secrets/) for making them availible in cluster.
+
+Can store other secrets, but primarily used for cluster secrets.
+
+And by 'secrets' this means passwords, keys, etc, that are confidential and non public.

src/content/docs/applications/secrets-store-csi-driver.mdx

@@ -0,0 +1,23 @@
+---
+title: Secrets Store CSI driver
+description: Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
+hero:
+  tagline: Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
+  image:
+    file: https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/kubernetes.webp
+  actions:
+    - text: Source
+      link: https://github.com/kubernetes-sigs/secrets-store-csi-driver
+      icon: right-arrow
+    - text: Deployment Chart
+      link: https://gitea.alexlebens.dev/alexlebens/infrastructure/src/branch/main/clusters/cl01tl/helm/secrets-store-csi-driver
+      icon: right-arrow
+---
+
+# Purpose
+
+Provides a way to mount secrets from an external provider into a pod.
+
+# Notes
+
+Used with [OpenBao](https://docs.alexlebens.dev/applications/openbao/) to usually mount file secrets, such as json or yaml files.

src/content/docs/applications/sparkyfitness.mdx

@@ -0,0 +1,23 @@
+---
+title: Stack
+description: SparkyFitness - Built for Families. Powered by AI. Track food, fitness, water, and health — together. 
+hero:
+  tagline: SparkyFitness - Built for Families. Powered by AI. Track food, fitness, water, and health — together. 
+  image:
+    file: https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/sparkyfitness.webp
+  actions:
+    - text: Source
+      link: https://github.com/CodeWithCJ/SparkyFitness
+      icon: right-arrow
+    - text: Deployment Chart
+      link: https://gitea.alexlebens.dev/alexlebens/infrastructure/src/branch/main/clusters/cl01tl/helm/sparkyfitness
+      icon: right-arrow
+---
+
+# Purpose
+
+Fitness and health tracker.
+
+# Notes
+
+Android app with Google Fit integration.

src/content/docs/guides/3D Printer/mainsail.mdx

@@ -0,0 +1,18 @@
+---
+title: Mainsail
+description: Web interface for the 3D Printer
+hero:
+  tagline: Web interface for the 3D Printer
+  image:
+    file: https://raw.githubusercontent.com/mainsail-crew/mainsail/6130a0aa1776a138feaab691b9e4b1334b676b79/public/img/logo.svg
+---
+
+import { Aside } from '@astrojs/starlight/components';
+
+<Aside type="tip">Quickly connect to its web page [here](http://printer.lebens-home.net/).</Aside>
+
+# Overview
+
+[Mainsail](https://docs.mainsail.xyz/) is the popular web interface for managing and controlling 3D printers with [Klipper](https://www.klipper3d.org/).
+
+[Source](https://github.com/mainsail-crew/mainsail)

src/content/docs/guides/3D Printer/orcaslicer.mdx

@@ -0,0 +1,62 @@
+---
+title: Setting up Orcaslicer
+description: Desktop software to connect to the 3D printer
+hero:
+  tagline: Desktop software to connect to the 3D printer
+  image:
+    file: https://cdn.shopify.com/s/files/1/0893/0603/8637/files/K1-_02-2.png?v=1762200477
+---
+
+import { Aside } from '@astrojs/starlight/components';
+import { Steps } from '@astrojs/starlight/components';
+
+<Aside type="tip">Quickly connect to its web page [here](http://printer.lebens-home.net).</Aside>
+
+# Download and Install OrcaSlicer
+
+<Steps>
+1. Go to the [Releases](https://github.com/OrcaSlicer/OrcaSlicer/releases) and find the 'Latest' Official Release. Some are tagged as 'Pre-release' such as nightlys or release candidates, ignore those.
+    
+2. At the bottom of a Release is the Assets section. Download the package for your OS such as the exe for Windows or the dmg for Mac.
+
+4. Install the package.
+</Steps>
+
+## Build Plates
+
+These will give you a model of the build plates the 3D printer will print upon for accurate sizing and representation.
+
+Download them [with this link here](https://github.com/Guilouz/Creality-Helper-Script-Wiki/raw/main/downloads/OrcaSlicer/Creality_K1.zip) then extract the zip.
+
+## Create Printer
+
+<Steps>
+1. Go to the 'Prepare' tab on the navigation menu.
+
+2. At the left should be a menu for various options, find 'Printer' at the very top
+
+3. Click on the drop-down and select `--Create Printer --`
+    - Printer Vendor is `Creality`
+    - Printer model is `Creality K1C`, this may be near the bottom of the list
+    - Nozzle diameter is `0.4 mm`
+    - Printable Space is `X 200 mm` and `Y 220 mm`
+    - Hot Bed STL should upload the build plate .stl file
+    - Hot Bed SVG should upload the build plate .png file
+    - Max Print Height is `200mm`
+
+4. Click OK and will go to 'Import Preset'
+    - For 'Printer Preset' select `Creality` and `Creality K1C @ 0.4 Nozzle`
+    - For 'Preset' click `Create Based on Current Printer`
+    - Under the 'Filament Preset Template' section check boxes for filaments types being used, likely just 'PLA'
+    - Under the 'Process Preset Template' section check `0.20mm Standard @Creality K1C`
+</Steps>
+
+## Connect to Printer
+
+Once the Printer has been created slightly above and to the right should be an icon that looks like a wifi icon, click this.
+
+- Host Type is `Octo/Klipper`
+- Printer Agent is `OrcaSlicer`
+- Hostname is `http://printer.lebens-home.net`
+
+To confirm the connection go to the 'Device' tab at the top navigation menu.

src/content/docs/guides/3D Printer/overview.mdx

@@ -0,0 +1,51 @@
+---
+title: 3D Printer Overview
+description: Specifications and basic information about the 3D printer
+hero:
+  tagline: Specifications and basic information about the 3D printer
+  image:
+    file: https://cdn.shopify.com/s/files/1/0893/0603/8637/files/K1-_02-2.png?v=1762200477
+---
+
+import { Aside } from '@astrojs/starlight/components';
+
+<Aside type="tip">Quickly connect to its web page [here](http://printer.lebens-home.net/).</Aside>
+
+# Overview
+
+The 3D printer is a [Creality K1C](https://www.creality.com/products/k1c-carbon-3d-printer) which has several features that make it somewhat more user-friendly, such as auto leveling. Notably this model does not include automatic multi filament switching that newer versions have. It does use open source software and [Mainsail](https://docs.mainsail.xyz/) is installed as its web interface.
+
+In order to print objects you first need a model, usually a stl file, then the model needs to be 'sliced' into instructions for the printer, then print. These guides document the process for this 3D printer.
+
+## Specifications
+
+| Atttribute| Size|
+|---|----|
+|  Filament Diameter |  1.75mm |
+|  Nozzle Diameter |  0.4mm |
+|  Layer Height |  0.1-0.35mm |
+|  Printing Accuracy |  100±0.1mm |
+|  Build Volume |  220\*220\*250mm |
+
+## Supported filament types
+
+ - ABS
+ - PLA
+ - PLA-CF
+ - PETG
+ - PET
+ - PET-CF
+ - TPU
+ - PA
+ - ASA
+ - PC
+
+## Slicing file formats
+
+- STL
+- OBJ
+- 3MF
+
+## Printable file formats
+
+- G-Code

src/content/docs/guides/3D Printer/print-model.mdx

@@ -0,0 +1,39 @@
+---
+title: Upload Model
+description: Load model into OrcaSlicer
+hero:
+  tagline: Load model into OrcaSlicer
+  image:
+    file: https://cdn.shopify.com/s/files/1/0893/0603/8637/files/K1-_02-2.png?v=1762200477
+---
+
+import { Aside } from '@astrojs/starlight/components';
+import { Steps } from '@astrojs/starlight/components';
+
+<Aside type="tip">Quickly connect to its web page [here](http://printer.lebens-home.net).</Aside>
+
+# Download a Model
+
+There are various places to download models to print, such as [Thingverse](https://www.thingiverse.com/), [Printables](https://www.printables.com/), or [Makerworld](https://makerworld.com/en).
+
+A default test model is [Benchy](https://www.thingiverse.com/thing:763622).
+
+The most common file type to use are STL, but the printer can also use OBJ or 3MF
+
+# Load and Print Model
+
+<Steps>
+1. In OrcaSlicer go to the 'Prepare' tab on the navigation menu. The sidebar isn't needed at this point, you may collapse it with a button at its top right, or by pressing `Shift-Tab`
+
+2. The printer view should now fill the screen. At the top, below the navigation menu is a tool menu. The farthest left icon is a cube, click this to add a model.
+
+3. This opens a menu to select a file to upload.
+
+4. Once the model is in the 3D view various options are available to arrange or make adjustments to.
+
+5. Next is to convert this 3D representation into instructions for the printer, this process is called slicing. At the top right are two buttons, click 'Slice plate'. Depending on the complexity this may take time.
+
+6. Also depending on the complexity you may need to add support or change the infill. These are options in the sidebar. After any adjustments made the model should be sliced again.
+
+7. Once ready and the representation in the printer view matches what is desired, click print to begin the process.
+</Steps>

src/content/docs/guides/OpenBao/bao-ssh-ca.mdx

@@ -1,17 +1,17 @@
 ---
-title: Vault SSH Certificate Authority
+title: OpenBao SSH Certificate Authority
-description: Steps followed to enable using Vault as a CA for ssh login
+description: Steps followed to enable using OpenBao as a CA for ssh login
 hero:
   tagline: Steps followed for the v1.12.0 upgrade process
   image:
-    file: https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/hashicorp-vault.webp
+    file: https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/openbao.webp
 ---
 
 # Setup
 
-[Reference Vault Documentation](https://developer.hashicorp.com/vault/docs/secrets/ssh/signed-ssh-certificates#host-key-signing)
+[Reference OpenBao Documentation](https://openbao.org/docs/secrets/ssh/signed-ssh-certificates/)
 
-I have set the documenation to use my own defaults and configuration. This also assumes a running and active Vault instance.
+I have set the documenation to use my own defaults and configuration. This also assumes a running and active OpenBao instance.
 
 ## Enable the SSH CA
 
@@ -19,7 +19,7 @@ I followed the defaults mostly in the docs, reference the above link for details
 
 Start with enabling the mount.
 ```bash
-vault secrets enable -path=ssh-client-signer ssh
+bao secrets enable -path=ssh-client-signer ssh
 ```
 
 Generate a key. This will be used only for signing and not for client authentication. Keep it in a secure location, rename the path the key will be written to.
@@ -29,14 +29,14 @@ ssh-keygen -t rsa -C "alexanderlebens@gmail.com"
 
 Add the above signing key.
 ```bash
-vault write ssh-client-signer/config/ca private_key="..." public_key="..."
+bao write ssh-client-signer/config/ca private_key="..." public_key="..."
 ```
 
 ## Create Client Role and Key
 
-Once the above is complete, create a role to use to sign your own client cert. I used my common username and configurations. This can also be done in the Vault UI.
+Once the above is complete, create a role to use to sign your own client cert. I used my common username and configurations. This can also be done in the OpenBao UI.
 ```bash
-vault write ssh-client-signer/roles/alexlebens -<<"EOH"
+bao write ssh-client-signer/roles/alexlebens -<<"EOH"
 {
   "algorithm_signer": "rsa-sha2-256",
   "allow_user_certificates": true,
@@ -61,7 +61,7 @@ ssh-keygen -t rsa -C "alexanderlebens@gmail.com"
 
 ## Configure SSH to use the Key and Cert
 
-SSH will defailt to using the cert when using the matching name "id_rsa_host-cert.pub" as shown in the renewal certificate section. Use the principal as signed by Vault as the User and set the IdentityFile to the Key as generated above.
+SSH will defailt to using the cert when using the matching name "id_rsa_host-cert.pub" as shown in the renewal certificate section. Use the principal as signed by OpenBao as the User and set the IdentityFile to the Key as generated above.
 ```
 Host ps08rp
     Hostname 10.232.1.51
@@ -75,7 +75,7 @@ Host ps08rp
 
 Download the public cert from the endpoint.
 ```bash
-curl -o /etc/ssh/trusted-user-ca-keys.pem https://vault.alexlebens.net/v1/ssh-client-signer/public_key
+curl -o /etc/ssh/trusted-user-ca-keys.pem https://bao.alexlebens.net/v1/ssh-client-signer/public_key
 ```
 
 Then add that file to the sshd config.
@@ -89,16 +89,16 @@ This step is currently manual as I have few hosts that I need ssh for. The most
 
 ## Renew Client Certificate
 
-Sign the client cert, on your machine, with the Vault CA.
+Sign the client cert, on your machine, with the OpenBao CA.
 ```bash
-vault write -field=signed_key ssh-client-signer/sign/alexlebens public_key=@$HOME/.ssh/id_rsa_host.pub > ~/.ssh/id_rsa_host-cert.pub
+bao write -field=signed_key ssh-client-signer/sign/alexlebens public_key=@$HOME/.ssh/id_rsa_host.pub > ~/.ssh/id_rsa_host-cert.pub
 ```
 
-I added the following to my .zshrc to make this easier. So now I just run "vault-renew" before I need to ssh.
+I added the following to my .zshrc to make this easier. So now I just run "bao-renew" before I need to ssh.
 ```
-# Vault
+# OpenBao
-export VAULT_ADDR="https://vault.alexlebens.net"
+export BAO_ADDR="https://bao.alexlebens.net"
-alias vault-renew='vault write -field=signed_key ssh-client-signer/sign/alexlebens public_key=@$HOME/.ssh/id_rsa_host.pub > ~/.ssh/id_rsa_host-cert.pub'
+alias bao-renew='bao write -field=signed_key ssh-client-signer/sign/alexlebens public_key=@$HOME/.ssh/id_rsa_host.pub > ~/.ssh/id_rsa_host-cert.pub'
 ```
 
 ### View Cert Details

src/content/docs/guides/OpenBao/secret-store-csi.mdx

@@ -0,0 +1,76 @@
+---
+title: Using Secret Store CSI with OpenBao
+description: Mounting secrets inside pods using Secret Store CSI driver and OpenBao
+hero:
+  tagline: Steps followed to mount the secrets
+  image:
+    file: https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/openbao.webp
+---
+
+This guide assumes both Secrets Store CSI and OpenBao are installed and working. Also, the Kubernetes auth method is enabled. I wrote a post [here](https://www.alexlebens.dev/blog/openbao-migration/) that detailed my steps to set these up.
+
+NOTE: A catch I found is that the mount directory should be empty. There are issues when mounting a specific file into a directory that is already populated. For common uses, such as config files, use an env variable to change that path.
+
+The following will be needed per namespace, with the SecretProviderClass per secret to mount.
+
+## Secret Provider Class
+
+This template is used to create the volume and retrieve the secret from OpenBao. Some notes:
+- The provider is 'openbao' and the address should point to the internal service.
+- The roleName referenced here is created in the next step.
+- secretPath should include the secret store and data if its a v2 kv engine.
+```yaml
+apiVersion: secrets-store.csi.x-k8s.io/v1
+kind: SecretProviderClass
+metadata:
+  name: web-config-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: web-config-secret
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  provider: openbao
+  parameters:
+    baoAddress: "http://openbao-internal.openbao:8200"
+    roleName: web
+    objects: |
+      - objectName: config.yaml
+        secretPath: secret/data/web/config
+        secretKey: config.yaml
+```
+
+## Role
+
+In the namespace where this secret is getting mounted there should be a ServiceAccount that will be use the role to retrieve the secret. This should also be the one used by the pod. It only needs read access to the secret path and I have created a policy called 'reader' for this.
+
+Each ServiceAccount will need a role created.
+```bash
+bao write auth/kubernetes/role/web \
+    bound_service_account_names=web \
+    bound_service_account_namespaces=web \
+    policies=reader \
+    ttl=20m
+```
+
+## Mount
+
+When using the [app-template](https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template) common chart the following is how to mount the secret. This needs to use the custom type to define the spec. secretProviderClass references the above template. Use the advancedMounts to specify the path for the file.
+```yaml
+persistence:
+  web-config:
+    type: custom
+    volumeSpec:
+      csi:
+        driver: secrets-store.csi.k8s.io
+        readOnly: true
+        volumeAttributes:
+          secretProviderClass: web-config-secret
+    advancedMounts:
+      main:
+        main:
+          - path: /config/config.yaml
+            readOnly: true
+            mountPropagation: None
+            subPath: config.yaml
+```