catalin/fukuops
1
0
Fork 1
Code Issues Pull requests 2 Releases Packages 1 Activity

Compare commits

base: catalin:0d52cb7475f99374718ee77293b0edba9b684d0c
Branches Tags
catalin:main
catalin:renovate/renovate-46.x
catalin:renovate/plutonhq-pluton-0.x
catalin:feat/pluton-fixes
catalin:feat/pluton
catalin:feat/woodpecker-ci
catalin:feat/oxicloud-chart
catalin:feat/mc
catalin:feat/miniflux-helm
catalin:feat/tailscale
catalin:feat/ganymede
catalin:feat/tandoor
catalin:feat/valheim
...
compare: catalin:1ce70d911f4d7d9a9eb46e179a0681934b91e272
Branches Tags
catalin:renovate/renovate-46.x
catalin:renovate/plutonhq-pluton-0.x
catalin:feat/pluton-fixes
catalin:main
catalin:feat/pluton
catalin:feat/woodpecker-ci
catalin:feat/oxicloud-chart
catalin:feat/mc
catalin:feat/miniflux-helm
catalin:feat/tailscale
catalin:feat/ganymede
catalin:feat/tandoor
catalin:feat/valheim

5 commits
0d52cb7475 ... 1ce70d911f

Author SHA1 Message Date
cătălin
1ce70d911f
 		feat: add ganymede
Some checks failed
checks / pre-commit (push) Has been cancelled
Details
checks / k8s (push) Has been cancelled
Details
checks / tflint (push) Has been cancelled
Details
2026-01-28 10:17:18 +01:00
Renovate Bot
b61b882081 chore(deps): update terraform authentik to v2025.12.0
Some checks failed
checks / pre-commit (push) Has been cancelled
Details
checks / k8s (push) Has been cancelled
Details
checks / tflint (push) Has been cancelled
Details
OpenTofu deployments / authentik (push) Has been cancelled
Details
OpenTofu deployments / adguard (push) Has been cancelled
Details
2026-01-28 09:16:07 +00:00
Renovate Bot
79c399ad0c chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.12.3
Some checks are pending
checks / pre-commit (push) Waiting to run
Details
checks / k8s (push) Waiting to run
Details
checks / tflint (push) Waiting to run
Details
OpenTofu deployments / authentik (push) Waiting to run
Details
OpenTofu deployments / adguard (push) Waiting to run
Details
2026-01-28 09:15:40 +00:00
Renovate Bot
1b1dc44b5b chore(deps): update vaultwarden/server docker tag to v1.35.2
Some checks are pending
checks / pre-commit (push) Waiting to run
Details
checks / k8s (push) Waiting to run
Details
checks / tflint (push) Waiting to run
Details
OpenTofu deployments / authentik (push) Waiting to run
Details
OpenTofu deployments / adguard (push) Waiting to run
Details
2026-01-28 09:15:17 +00:00
Renovate Bot
0706f4e637 chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v16
Some checks failed
OpenTofu deployments / authentik (push) Waiting to run
Details
OpenTofu deployments / adguard (push) Waiting to run
Details
checks / pre-commit (push) Has been cancelled
Details
checks / k8s (push) Has been cancelled
Details
checks / tflint (push) Has been cancelled
Details
2026-01-28 03:33:44 +00:00
13 changed files with 177 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

48
docker/ganymede/docker-compose.yml Normal file
View file

@ -0,0 +1,48 @@
---
services:
ganymede:
container_name: ganymede
image: ghcr.io/zibbp/ganymede:4.11.3
restart: unless-stopped
environment:
DEBUG: ${GANYMEDE_DEBUG:-false}
TZ: ${GANYMEDE_TZ:-Europe/Madrid}
VIDEOS_DIR: ${GANYMEDE_VIDEOS_DIR:-/data/videos}
TEMP_DIR: ${GANYMEDE_TEMP_DIR:-/data/temp}
LOGS_DIR: ${GANYMEDE_LOGS_DIR:-/data/logs}
CONFIG_DIR: ${GANYMEDE_CONFIG_DIR:-/data/config}
DB_HOST: ${GANYMEDE_DB_HOST:-192.168.1.3}
DB_PORT: ${GANYMEDE_DB_PORT:-5432}
DB_USER: ${GANYMEDE_DB_USER:-ganymede}
DB_PASS: ${GANYMEDE_DB_PASS}
DB_NAME: ${GANYMEDE_DB_NAME:-ganymede}
DB_SSL: ${GANYMEDE_DB_SSL:-disable}
TWITCH_CLIENT_ID: ${GANYMEDE_TWITCH_CLIENT_ID}
TWITCH_CLIENT_SECRET: ${GANYMEDE_TWITCH_CLIENT_SECRET}
MAX_CHAT_DOWNLOAD_EXECUTIONS: ${GANYMEDE_MAX_CHAT_DOWNLOAD_EXECUTIONS:-3}
MAX_CHAT_RENDER_EXECUTIONS: ${GANYMEDE_MAX_CHAT_RENDER_EXECUTIONS:-2}
MAX_VIDEO_DOWNLOAD_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_DOWNLOAD_EXECUTIONS:-2}
MAX_VIDEO_CONVERT_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_CONVERT_EXECUTIONS:-3}
MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS:-2}
OAUTH_ENABLED: ${GANYMEDE_OAUTH_ENABLED:-true}
OAUTH_PROVIDER_URL: ${GANYMEDE_OAUTH_PROVIDER_URL:-https://auth.fukurokuju.dev/application/o/ganymede/}
OAUTH_CLIENT_ID: ${GANYMEDE_OAUTH_CLIENT_ID}
OAUTH_CLIENT_SECRET: ${GANYMEDE_OAUTH_CLIENT_SECRET}
OAUTH_REDIRECT_URL: ${GANYMEDE_OAUTH_REDIRECT_URL:-https://vods.roboces.dev/api/v1/auth/oauth/callback}
SHOW_SSO_LOGIN_BUTTON: ${GANYMEDE_SHOW_SSO_LOGIN_BUTTON:-true}
FORCE_SSO_AUTH: ${GANYMEDE_FORCE_SSO_AUTH:-true}
REQUIRE_LOGIN: ${GANYMEDE_REQUIRE_LOGIN:-true}
volumes:
- ${GANYMEDE_VIDEOS:-/mnt/vods/ganymede/videos}:/data/videos
- ${GANYMEDE_TEMP:-/mnt/vods/ganymede/temp}:/data/temp
- ${GANYMEDE_CACHE:-/mnt/vods/ganymede/cache}:/data/.cache
- ${GANYMEDE_LOGS:-/mnt/vods/ganymede/logs}:/data/logs
- ${GANYMEDE_CONFIG:-/mnt/vods/ganymede/config}:/data/config
ports:
- "4800:4000"
healthcheck:
test: curl --fail http://localhost:4000/health || exit 1
interval: 60s
retries: 5
start_period: 60s
timeout: 10s

27
docker/ganymede/sample.env Normal file
View file

@ -0,0 +1,27 @@
GANYMEDE_DEBUG=false
GANYMEDE_TZ=Europe/Madrid
GANYMEDE_VIDEOS_DIR=/data/videos
GANYMEDE_TEMP_DIR=/data/temp
GANYMEDE_LOGS_DIR=/data/logs
GANYMEDE_CONFIG_DIR=/data/config
GANYMEDE_DB_HOST=192.168.1.3
GANYMEDE_DB_PORT=5432
GANYMEDE_DB_USER=ganymede
GANYMEDE_DB_PASS=
GANYMEDE_DB_NAME=ganymede
GANYMEDE_DB_SSL=disable
GANYMEDE_TWITCH_CLIENT_ID=
GANYMEDE_TWITCH_CLIENT_SECRET=
GANYMEDE_MAX_CHAT_DOWNLOAD_EXECUTIONS=3
GANYMEDE_MAX_CHAT_RENDER_EXECUTIONS=2
GANYMEDE_MAX_VIDEO_DOWNLOAD_EXECUTIONS=2
GANYMEDE_MAX_VIDEO_CONVERT_EXECUTIONS=3
GANYMEDE_MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS=2
GANYMEDE_OAUTH_ENABLED=true
GANYMEDE_OAUTH_PROVIDER_URL=https://auth.fukurokuju.dev/application/o/ganymede/
GANYMEDE_OAUTH_CLIENT_ID=
GANYMEDE_OAUTH_CLIENT_SECRET=
GANYMEDE_OAUTH_REDIRECT_URL=https://vods.roboces.dev/api/v1/auth/oauth/callback
GANYMEDE_SHOW_SSO_LOGIN_BUTTON=true
GANYMEDE_FORCE_SSO_AUTH=false
GANYMEDE_REQUIRE_LOGIN=false

2
docker/rustical/docker-compose.yml
View file

@ -1,7 +1,7 @@
---
services:
rustical:
image: ghcr.io/lennart-k/rustical:0.12.1
image: ghcr.io/lennart-k/rustical:0.12.3
ports:
- '4000:4000'
volumes:

2
docker/vaultwarden/docker-compose.yml
View file

@ -1,7 +1,7 @@
---
services:
vaultwarden:
image: vaultwarden/server:1.34.3-alpine
image: vaultwarden/server:1.35.2-alpine
restart: unless-stopped
environment:
DATABASE_URL: ${DATABASE_URL}

2
k8s/argo-apps/forgejo.yaml
View file

@ -14,7 +14,7 @@ spec:
sources:
- chart: forgejo
repoURL: code.forgejo.org/forgejo-helm
targetRevision: 15.1.0
targetRevision: 16.0.1
helm:
valuesObject:
replicaCount: 2

47
tofu/authentik/.terraform.lock.hcl generated
View file

@ -2,23 +2,36 @@
# Manual edits may be lost in future updates.
provider "registry.opentofu.org/goauthentik/authentik" {
version = "2025.10.1"
constraints = "2025.10.1"
version = "2025.12.0"
constraints = "2025.12.0"
hashes = [
"h1:X0bV1LqI7nu4np+xiGP8yLVfyl6rh/XNXz7QQ7Hsr6g=",
"zh:02ac2478c8901043a0455b8b6b8185e9814786bd802a9aa6d4126d4f56d4735d",
"zh:24d680732a9ea72a86c1e7bf4aa13ab9cc0c60ee4bd4cae8af43670eff88edd9",
"zh:4f415f177671eeea2234eb835479bbb710e811e60864cec6a00ee0e03a412fa3",
"zh:55498caa20504dd52a1870823e15dec6c78948eac2e6ec98e6ec122b5407630b",
"zh:570f9ca7f909bda94b97feab7898ef392e01ae6178d8a9d36aac984d8a433ec1",
"zh:92ac78b97e2d5310ed82233980f941ebecf69ae1f9d03f3e719d8687aa6f4cc7",
"zh:95f852a4e7d22daac86901ebc6b327d5987832b707ad3fd3aeff6c36dd088717",
"zh:98c8659f468a58a9d224b2fca9d5909d39bcabf9e2593e9b4a574dbffb6e2dca",
"zh:a7d1428ec803ae794ebb05d772fa44020827a6b762a5b2da11869fc618ea59cd",
"zh:b1ef054b09fed4282c625a38a4aa6d1276c58e541f4cffcc716aa7d2b773f30a",
"zh:b95e3edeb0da3ee0c0392afa18957cf7d41b2f71ed08a50f4bf38010aaf77d30",
"zh:c3ce9f57889e6bb33f34ee4cc4463a77652b811351bbb25e6fc5ba9dc0c61e14",
"zh:f6d2fe811ad5c242ced99a6b51b2d7f60f060d4bc6837fe1026c2abb7cb6f9a4",
"zh:f78b8e20e7d9f53e1622051c706369a7c6d0f1e37c16df67a214697cd5d0a4fb",
"h1:1WOionGZogRGfcwgsBshgGDDMFWqioq62s/FmpTonI8=",
"h1:7EkbL1fO5vkX5IvlGhKIjWcEPIc7U3zS/x0+rMC+NKE=",
"h1:N65bk3gPCHEJE8c68LCjQ2NMwDKDJlt0+ofnmeNM4FI=",
"h1:S2NDeRAxbfKPGvBqM7WES5znedi0V2AWc5wxkczYDd8=",
"h1:ZmqC2orWU2UItPZJZfsSnBBX7Ds0OEk8EarBtWjuFsc=",
"h1:aofPDDDWm9c87uip8IwKlhGDePNNr6Sy0Q+m9NgOols=",
"h1:f3+jlDlxpgKdCbcB7ac4lVn5pdSMM1e2Qh0AB0RDNsA=",
"h1:jt+Gtla0Z7zN4gCltMg//aDfCoSIdCyFF4ept4Qwc6E=",
"h1:msEjekUeIUKY6lipADjuQpaU1HPrp0MU19R9LpZv5UM=",
"h1:t61WX+9iOOCLlZ8tt/vZP7X8M/Q7F5k6QUyduYtpVf8=",
"h1:tI7fyxvSatX28mp0woFsBbhrnzgeZTZAaitzKThlyAo=",
"h1:wzjwM6RA9Jth4iCN5J9dzxnfjO56ZFl1T5rAQhuU1og=",
"h1:xZZSwrSXnUCPmP9U3EY9fKPmBru58wZozovF2+i//oY=",
"h1:z/+UpU0PH5hae3WEqJO7Lreo0wYO77UuJrimJyV3Mcg=",
"zh:0ce23bd10c1782a3ae9321a572093df2c283df9003fc1cf33f6e63df18a81b7a",
"zh:0de1db5b3363603e6bd25c9c420e24e872bcfe8d43a7015b710a0292ffa7a649",
"zh:1d719e62eb5195a6461cdf2e175960093cdb77b190a7b15eb3fd0e1fc38409e1",
"zh:3adba178a720c90f296183479872a82719f5497b24e90224c044bcc9e29092b7",
"zh:54e5895e61a39b955be26977c273d9581beccf0e22ec58932708472cab40b03b",
"zh:59b8df5b3be8bf9e8a8dcc7b5edf96b0ca505f93fc0db022cc33513172dbc2c8",
"zh:6d86630e353b874ad43d09e3d3541ba4f824c578122a21c7895a452a0534ca05",
"zh:b6c7466446ce685971dee0c7b2dcb16917e3d23805a51d7a2091e475908c8d87",
"zh:ca306de78ea0f99f698548d51b094501e8299340ccc9c6549d1b62fc1fe29456",
"zh:cc6bd38417c0a6c0d7a1c8533007c113155d82d085ea705d955dadf62b2f9f66",
"zh:da657c9db5647620fca377fdc934db6a0f6d05d4cc0dd91a47404850805fd6da",
"zh:dc0b1effedb7a35d1756be915ff8b48d0f422b7a9da75e7f14a2d3efa2d4806f",
"zh:eef8d1715e9cfcb6cbe05dc071390ee91276d12f6fd870bac116af47518f6176",
"zh:f4c0cd2168f59d4fbf4b1fada95a9c973224bbf81975e948f741ad18ef665690",
]
}

25
tofu/authentik/main.tf
View file

@ -8,7 +8,7 @@ terraform {
required_providers {
authentik = {
source = "goauthentik/authentik"
version = "2025.10.1"
version = "2025.12.0"
}
}
}
@ -22,6 +22,11 @@ resource "authentik_group" "ci" {
users = [data.authentik_user.catalin.id]
}
resource "authentik_group" "vods" {
name = "vods"
users = [data.authentik_user.catalin.id]
}
resource "authentik_group" "admins" {
name = "authentik Admins"
is_superuser = true
@ -204,6 +209,8 @@ module "rustical" {
source = "../modules/authentik-oidc"
app_name = "rustical"
app_slug = "rustical"
app_url = "https://cal.roboces.dev"
app_icon = "https://cal.roboces.dev/favicon.ico"
client_id = var.rustical_client_id
client_secret = var.rustical_client_secret
redirect_uris = [{ matching_mode = "strict", url = "https://cal.roboces.dev/frontend/login/oidc/callback" }]
@ -216,6 +223,8 @@ module "jellyfin" {
app_slug = "jellyfin"
base_dn = "DC=ldap,DC=fukurokuju,DC=dev"
name = "jellyfin"
app_url = "https://jelly.roboces.dev"
app_icon = "https://jelly.roboces.dev/favicon.ico"
app_access_group_id = authentik_group.arrs.id
}
@ -224,7 +233,21 @@ module "tandoor" {
app_name = "Tandoor"
app_slug = "tandoor"
app_access_group_id = ""
app_url = "https://recipes.roboces.dev"
redirect_uris = [{ matching_mode = "strict", url = "https://recipes.roboces.dev/accounts/oidc/authentik/login/callback/" }]
app_icon = "https://recipes.roboces.dev/favicon.icon"
client_id = var.tandoor_client_id
client_secret = var.tandoor_client_secret
}
module "ganymede" {
source = "../modules/authentik-oidc"
app_name = "Ganymede"
app_slug = "ganymede"
redirect_uris = [{ matching_mode = "strict", url = "https://vods.roboces.dev/api/v1/auth/oauth/callback" }]
client_id = var.ganymede_client_id
client_secret = var.ganymede_client_secret
app_url = "https://vods.roboces.dev"
app_icon = "https://vods.roboces.dev/favicon.ico"
app_access_group_id = authentik_group.vods.id
}

2
tofu/authentik/sample.env
View file

@ -14,3 +14,5 @@ TF_VAR_rustical_client_id=
TF_VAR_rustical_client_secret=
TF_VAR_tandoor_client_id=
TF_VAR_tandoor_client_secret=
TF_VAR_ganymede_client_id=
TF_VAR_ganymede_client_secret=

10
tofu/authentik/vars.tf
View file

@ -68,3 +68,13 @@ variable "tandoor_client_secret" {
description = "Tandoor client secret"
type = string
}
variable "ganymede_client_id" {
description = "Ganymede client ID"
type = string
}
variable "ganymede_client_secret" {
description = "Ganymede client secret"
type = string
}

47
tofu/modules/authentik-ldap/.terraform.lock.hcl generated
View file

@ -2,23 +2,36 @@
# Manual edits may be lost in future updates.
provider "registry.opentofu.org/goauthentik/authentik" {
version = "2025.10.1"
constraints = "2025.10.1"
version = "2025.12.0"
constraints = "2025.12.0"
hashes = [
"h1:X0bV1LqI7nu4np+xiGP8yLVfyl6rh/XNXz7QQ7Hsr6g=",
"zh:02ac2478c8901043a0455b8b6b8185e9814786bd802a9aa6d4126d4f56d4735d",
"zh:24d680732a9ea72a86c1e7bf4aa13ab9cc0c60ee4bd4cae8af43670eff88edd9",
"zh:4f415f177671eeea2234eb835479bbb710e811e60864cec6a00ee0e03a412fa3",
"zh:55498caa20504dd52a1870823e15dec6c78948eac2e6ec98e6ec122b5407630b",
"zh:570f9ca7f909bda94b97feab7898ef392e01ae6178d8a9d36aac984d8a433ec1",
"zh:92ac78b97e2d5310ed82233980f941ebecf69ae1f9d03f3e719d8687aa6f4cc7",
"zh:95f852a4e7d22daac86901ebc6b327d5987832b707ad3fd3aeff6c36dd088717",
"zh:98c8659f468a58a9d224b2fca9d5909d39bcabf9e2593e9b4a574dbffb6e2dca",
"zh:a7d1428ec803ae794ebb05d772fa44020827a6b762a5b2da11869fc618ea59cd",
"zh:b1ef054b09fed4282c625a38a4aa6d1276c58e541f4cffcc716aa7d2b773f30a",
"zh:b95e3edeb0da3ee0c0392afa18957cf7d41b2f71ed08a50f4bf38010aaf77d30",
"zh:c3ce9f57889e6bb33f34ee4cc4463a77652b811351bbb25e6fc5ba9dc0c61e14",
"zh:f6d2fe811ad5c242ced99a6b51b2d7f60f060d4bc6837fe1026c2abb7cb6f9a4",
"zh:f78b8e20e7d9f53e1622051c706369a7c6d0f1e37c16df67a214697cd5d0a4fb",
"h1:1WOionGZogRGfcwgsBshgGDDMFWqioq62s/FmpTonI8=",
"h1:7EkbL1fO5vkX5IvlGhKIjWcEPIc7U3zS/x0+rMC+NKE=",
"h1:N65bk3gPCHEJE8c68LCjQ2NMwDKDJlt0+ofnmeNM4FI=",
"h1:S2NDeRAxbfKPGvBqM7WES5znedi0V2AWc5wxkczYDd8=",
"h1:ZmqC2orWU2UItPZJZfsSnBBX7Ds0OEk8EarBtWjuFsc=",
"h1:aofPDDDWm9c87uip8IwKlhGDePNNr6Sy0Q+m9NgOols=",
"h1:f3+jlDlxpgKdCbcB7ac4lVn5pdSMM1e2Qh0AB0RDNsA=",
"h1:jt+Gtla0Z7zN4gCltMg//aDfCoSIdCyFF4ept4Qwc6E=",
"h1:msEjekUeIUKY6lipADjuQpaU1HPrp0MU19R9LpZv5UM=",
"h1:t61WX+9iOOCLlZ8tt/vZP7X8M/Q7F5k6QUyduYtpVf8=",
"h1:tI7fyxvSatX28mp0woFsBbhrnzgeZTZAaitzKThlyAo=",
"h1:wzjwM6RA9Jth4iCN5J9dzxnfjO56ZFl1T5rAQhuU1og=",
"h1:xZZSwrSXnUCPmP9U3EY9fKPmBru58wZozovF2+i//oY=",
"h1:z/+UpU0PH5hae3WEqJO7Lreo0wYO77UuJrimJyV3Mcg=",
"zh:0ce23bd10c1782a3ae9321a572093df2c283df9003fc1cf33f6e63df18a81b7a",
"zh:0de1db5b3363603e6bd25c9c420e24e872bcfe8d43a7015b710a0292ffa7a649",
"zh:1d719e62eb5195a6461cdf2e175960093cdb77b190a7b15eb3fd0e1fc38409e1",
"zh:3adba178a720c90f296183479872a82719f5497b24e90224c044bcc9e29092b7",
"zh:54e5895e61a39b955be26977c273d9581beccf0e22ec58932708472cab40b03b",
"zh:59b8df5b3be8bf9e8a8dcc7b5edf96b0ca505f93fc0db022cc33513172dbc2c8",
"zh:6d86630e353b874ad43d09e3d3541ba4f824c578122a21c7895a452a0534ca05",
"zh:b6c7466446ce685971dee0c7b2dcb16917e3d23805a51d7a2091e475908c8d87",
"zh:ca306de78ea0f99f698548d51b094501e8299340ccc9c6549d1b62fc1fe29456",
"zh:cc6bd38417c0a6c0d7a1c8533007c113155d82d085ea705d955dadf62b2f9f66",
"zh:da657c9db5647620fca377fdc934db6a0f6d05d4cc0dd91a47404850805fd6da",
"zh:dc0b1effedb7a35d1756be915ff8b48d0f422b7a9da75e7f14a2d3efa2d4806f",
"zh:eef8d1715e9cfcb6cbe05dc071390ee91276d12f6fd870bac116af47518f6176",
"zh:f4c0cd2168f59d4fbf4b1fada95a9c973224bbf81975e948f741ad18ef665690",
]
}

2
tofu/modules/authentik-ldap/main.tf
View file

@ -3,7 +3,7 @@ terraform {
required_providers {
authentik = {
source = "goauthentik/authentik"
version = "2025.10.1"
version = "2025.12.0"
}
}
}

2
tofu/modules/authentik-oidc/main.tf
View file

@ -3,7 +3,7 @@ terraform {
required_providers {
authentik = {
source = "goauthentik/authentik"
version = "2025.10.1"
version = "2025.12.0"
}
}
}

2
tofu/modules/authentik-proxy/main.tf
View file

@ -3,7 +3,7 @@ terraform {
required_providers {
authentik = {
source = "goauthentik/authentik"
version = "2025.10.1"
version = "2025.12.0"
}
}
}