From 7eb21320918d8749ac08e631ea126f6a345f3f75 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 2 Apr 2025 09:45:57 +0200 Subject: [PATCH 001/377] chore(deps): update miniflux/miniflux docker tag to v2.2.7 --- k8s/services/miniflux/deployment.yaml | 6 +++--- k8s/services/miniflux/service.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/k8s/services/miniflux/deployment.yaml b/k8s/services/miniflux/deployment.yaml index 3debad8..f26ebb4 100644 --- a/k8s/services/miniflux/deployment.yaml +++ b/k8s/services/miniflux/deployment.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: miniflux app.kubernetes.io/managed-by: argo - app.kubernetes.io/version: 2.2.6 + app.kubernetes.io/version: 2.2.7 annotations: kube-score/ignore: pod-networkpolicy,deployment-has-host-podantiaffinity spec: @@ -24,11 +24,11 @@ spec: metadata: labels: app.kubernetes.io/name: miniflux - app.kubernetes.io/version: 2.2.6 + app.kubernetes.io/version: 2.2.7 spec: containers: - name: miniflux - image: miniflux/miniflux:2.2.6 + image: miniflux/miniflux:2.2.7 imagePullPolicy: Always securityContext: allowPrivilegeEscalation: false diff --git a/k8s/services/miniflux/service.yaml b/k8s/services/miniflux/service.yaml index eea0415..e7fa2c5 100644 --- a/k8s/services/miniflux/service.yaml +++ b/k8s/services/miniflux/service.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: miniflux app.kubernetes.io/managed-by: argo - app.kubernetes.io/version: 2.2.6 + app.kubernetes.io/version: 2.2.7 spec: selector: app.kubernetes.io/name: miniflux From 578a5fb40a773de659130fcd374704cfb2b74e47 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 2 Apr 2025 13:32:20 +0000 Subject: [PATCH 002/377] chore(deps): update terraform adguard to v1.5.1 --- tofu/adguard/.terraform.lock.hcl | 60 ++++++++++++++++---------------- tofu/adguard/main.tf | 2 +- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/tofu/adguard/.terraform.lock.hcl b/tofu/adguard/.terraform.lock.hcl index 381fece..e7c306d 100644 --- a/tofu/adguard/.terraform.lock.hcl +++ b/tofu/adguard/.terraform.lock.hcl @@ -2,37 +2,37 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/gmichels/adguard" { - version = "1.5.0" - constraints = "1.5.0" + version = "1.5.1" + constraints = "1.5.1" hashes = [ - "h1:/BVJ705U4hzg8Lu7hFUOnm14VytiO24e7QvdW3bHInU=", - "h1:40Dl473FGcpXk1aDYJougGTQ4AlboqEbfwaqiaa/ZLM=", - "h1:6qSrrEeUYOVzlTRkKhwl3sGelERctLuXzcjffpEOR+g=", - "h1:8iqz0KeoKUs8rxbhL9S1hTDy2VnxtwGPA9ajKgLMtDA=", - "h1:AGaTqfUuLJsQojCkmxD5V0AVey7c2SEHnwgTyEtEli0=", - "h1:SfoIqvHbDjqKvn9wSepgIVwP8RR33lf7SBsPkqkgk9g=", - "h1:W7X6kxIaiQmMdmkhSOYq6/5gMfprIpySJ5hYNUgGlcw=", - "h1:dah3y4X64n2haPXDe03PPkbKYicURuTcDUYMu9aUCdY=", - "h1:ejPkb1vpc6Jiwug4WN2txsHpvnPG51EGiY8Seqjcmvs=", - "h1:iGwfAXS0LP8R49slcvaKpt7IwxV2+Oddm+uyYZcZlh8=", - "h1:lKtynh009YI+ZLJlMrJA+srtzSyWsrs8VyCbfj00c1k=", - "h1:omLzSDJ3RWoIEgalXRJjkPcnKJleh1cyA0fyISDs/zg=", - "h1:uo5+dEslEZ9XIwkrodAxd848DU6ZuEB8QknmpwaTaFk=", - "h1:xYNygsWX+fj6kg7RumOCRhJMNoicHOO2RaQxUvw+fyI=", - "zh:06600d0057dd7d9b542e1a7a1efed37ea1a5307ff5656b3eaf5c46dcf59190e4", - "zh:06fd9637553ad98eb7aeb6fdaa574c913158a43d899cc39a2a117262b2f32f7e", - "zh:13bf310887046201020d54882dcf228d9dff006bc4c3d36e93be0702e4fb9bac", - "zh:3511a5d639a7289675060d3ed0fcacf488e84f0d995ea25f5bab4992c4b20621", - "zh:3aa44e593b0cd2631d1458727d1a8a588f9f16a2f62f5eb4c25a9e8482bb76d8", - "zh:48af428acd9f9b935712490c138f9d36dd8529cf0222d1ede27423a143e1d1ec", - "zh:53c45604674367d3dbb4880d28dd8def2b264fc58b680425d68955807d394558", - "zh:73b749688898ec69a7ff0379a0ad7b78ef184aef23128c8fff0fbfa5f0dcc9a6", - "zh:8008b5afbe1619290aa595f675f5d8c0aec7cd46eb2ae179384982b99f2879f5", - "zh:85e63cb5d4eabfc327c798b43695499bd84ec8351da8fc11ed9e2b8d4b537e7a", - "zh:94c5bf2393aef3ab1898b20ba9d9c329db92f5b2941e0924130fe66e1f7225e6", - "zh:b1d55eb32b58c766b4698a390dccc8affd695ffa08893785096f911e4c34b95e", - "zh:c52b09e3ef5ec10d98db389f4bcd7fa5f4ae35bdf96901e4a2e48a3c2e24aa9b", - "zh:d5bc59b6ee2c34309671e3ea4293ef7b0642dbb32a89a509aa1bc77faf945f7c", + "h1:6p1NQn2zu3THuBMKazX/wBCDRR0N/OG32YuLC6yKvdY=", + "h1:9w/eRI42Lg8PDPvHAxPLBX0GFLzjEUZl8YekSYwEyY8=", + "h1:A3P23yGJkVjUx3aPB+gEzc9y0s8YYYsNLfgpzebFMis=", + "h1:DibQ6zPM/39mrPE/F6OBFdG2/FA6/aWil+3643EAaLI=", + "h1:Ihg/A/egviNoUnOjblxG8jy+FYv8o4RuP0PrG8MUTvE=", + "h1:Irg1nn0s7wtaJIJKylJg4F7WTqWDZNWFC1QXR5Grbi8=", + "h1:NwbE7NAdIfpTCtLF/b+vUS0Es9Hu35M8I9FI36BQCUc=", + "h1:XO1arHSDd2Pb83OKI5Qi98IbIDJfBFL5+SyDrstqEks=", + "h1:etYF6O8pHXGAf1HBefaLyFKwKMmgVDuy3VyMgAyDL+Q=", + "h1:fKmdzgWHclXaWvjZtAeq8/E64bCi8ydGX8D6ckZGNdY=", + "h1:qpPnjHD3d7hkHUVTXApMYj1M0DuTks48cee03AsnH80=", + "h1:wcQ1W3nsFax8ZXPQdg44poHCeVvwSWqsIFbMvlFGaAA=", + "h1:x2hGbFn0F7fwRkS7WztzgIBbmOi0M4Ps7Saqsgl9Bxs=", + "h1:yGKYRCWeAEOlBpZNQOs6b/JpR/YWv/rL0nvEvGI6EdE=", + "zh:23ff590e4679e9a8c35b15c7443d8ce2f386e2086f7534be793c6c4f393d2733", + "zh:4b120bde5371d9368d361bd5e51f598a945de7b640df1d41de58e2d1e466e0f0", + "zh:4c299238e70ae53e44c411df61c1e995157d537058526f3248dd59cbb8385241", + "zh:4ddb42634a3cbd690427b0a6774d688b857ed3c23f67a0c0c5d0757e2161efce", + "zh:50c63cee24cae6d11290fa53a70b176cd45d8110dcc578bc5dee3dcc4c8e34aa", + "zh:675c70b51d07ec6fe1e332e69d37c33b6af7a2aa0c0e59580d4a7368f73ee8d1", + "zh:733eb9f292708e3ef1890aab1842f128fce5ea9bf07feff6b42b4c440a594ff5", + "zh:74362ec53aab82a9cf12eaa8ee36a21e74d442dff4e88575ee9acbdd35e146ee", + "zh:8ae684c9eee589958acf17c1434a90c40e3ec7bc7423cbd3206485218f88a2b7", + "zh:a30191bc0a80e3b7738f5bd6bbe67ce4828c07c17064f8ef204e271f0d3f3b1d", + "zh:a7c3e7e6cecf62f65714170a7bf1f750ad54ad71d919d51b83aece5dde5401ff", + "zh:b37f51bec004f92151a0c171e2836663709bc63dd0a07ce9464d8545ee02ff70", + "zh:c20a8155245340094d5388ac44ab7089cf8165c7ebcad5fd61f1ce296c0bfad3", + "zh:ca5fc9848496db2ba15d9cae6ffd045046494cbb0b7150afa085672cd1afbd6f", "zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32", ] } diff --git a/tofu/adguard/main.tf b/tofu/adguard/main.tf index f71e916..9f58cd2 100644 --- a/tofu/adguard/main.tf +++ b/tofu/adguard/main.tf @@ -9,7 +9,7 @@ terraform { required_providers { adguard = { source = "gmichels/adguard" - version = "1.5.0" + version = "1.5.1" } } } From 6c777b09f02a82fce8516e4ed23e00fb5ef8e14c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 5 Apr 2025 01:22:01 +0000 Subject: [PATCH 003/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v21.5.0 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index b7c03ee..ddfb6a2 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 21.4.9 + targetRevision: 21.5.0 helm: valuesObject: service: From 829e3d43f35f0d9502b9d2e6e1a7b518560056ac Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 9 Apr 2025 01:34:25 +0000 Subject: [PATCH 004/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.15.0 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index c115112..7b644c5 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.14.7 + image: ghcr.io/paperless-ngx/paperless-ngx:2.15.0 restart: unless-stopped ports: - 8002:8000 From 2ce14d4711a261c199558d62923303afdc648022 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 9 Apr 2025 01:35:16 +0000 Subject: [PATCH 005/377] chore(deps): update helm release renovate to 39.236.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index f127c0c..b273646 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 39.227.* + targetRevision: 39.236.* helm: valuesObject: renovate: From 2ad0fe993ffe9ba88aca23cfeeb4a8be6881ab52 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 10 Apr 2025 01:23:24 +0000 Subject: [PATCH 006/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.15.1 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 7b644c5..bc1983f 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.15.0 + image: ghcr.io/paperless-ngx/paperless-ngx:2.15.1 restart: unless-stopped ports: - 8002:8000 From 4a0e861d3524aa0fa2c20c2e7e83d3cdc2e017b0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 10 Apr 2025 01:24:00 +0000 Subject: [PATCH 007/377] chore(deps): update helm release renovate to 39.238.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index b273646..0261511 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 39.236.* + targetRevision: 39.238.* helm: valuesObject: renovate: From 98310472ff0c275b855deef4feaf8364a22af906 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 11 Apr 2025 01:18:31 +0000 Subject: [PATCH 008/377] chore(deps): update netbirdio/netbird docker tag to v0.40.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 2461186..44f3783 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.39.2 + image: netbirdio/netbird:0.40.1 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From 4a285de5c9961ad9753d497fdf5606608aaf386a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 11 Apr 2025 01:18:52 +0000 Subject: [PATCH 009/377] chore(deps): update netbirdio/relay docker tag to v0.40.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 44f3783..c43e309 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.39.2 + image: netbirdio/relay:0.40.1 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From 164c9d2dd9cfac6250b3f348ee05e289a17b8415 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 11 Apr 2025 01:18:23 +0000 Subject: [PATCH 010/377] chore(deps): update netbirdio/management docker tag to v0.40.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index c43e309..0a16333 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.39.2 + image: netbirdio/management:0.40.1 restart: unless-stopped depends_on: - dashboard From 0c185689d23b374bd10eb0ad1541b53076168430 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 14 Apr 2025 01:27:06 +0000 Subject: [PATCH 011/377] chore(deps): update netbirdio/relay docker tag to v0.41.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 0a16333..5c48407 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.40.1 + image: netbirdio/relay:0.41.0 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From c6079d67aa5bb6d18967e988347124698d340b22 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 14 Apr 2025 01:26:31 +0000 Subject: [PATCH 012/377] chore(deps): update netbirdio/netbird docker tag to v0.41.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 5c48407..50de5a2 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.40.1 + image: netbirdio/netbird:0.41.0 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From 37c5e819fc4ead110cfb5b5dad2d2f8e0fdf5d65 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 14 Apr 2025 01:27:34 +0000 Subject: [PATCH 013/377] chore(deps): update netbirdio/signal docker tag to v0.41.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 50de5a2..e847f62 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.39.2 + image: netbirdio/signal:0.41.0 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From e6aa0f10e3b1397441f420068db1756c7af73d9a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 13 Apr 2025 01:22:41 +0000 Subject: [PATCH 014/377] chore(deps): update helm release renovate to 39.240.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 0261511..8165fbe 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 39.238.* + targetRevision: 39.240.* helm: valuesObject: renovate: From 1033baf9d2da6f26a6cfe2d480ed2f7409551bbb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 15 Apr 2025 01:28:37 +0000 Subject: [PATCH 015/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.15.2 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index bc1983f..1d20cee 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.15.1 + image: ghcr.io/paperless-ngx/paperless-ngx:2.15.2 restart: unless-stopped ports: - 8002:8000 From f5c3dbc72e6b1f0affffd339e7776e5cf9330475 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 15 Apr 2025 01:29:17 +0000 Subject: [PATCH 016/377] chore(deps): update helm release renovate to 39.242.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 8165fbe..2a46ccf 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 39.240.* + targetRevision: 39.242.* helm: valuesObject: renovate: From 795737f746d55ec9d8330f0bfd147673ea2716ec Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 17 Apr 2025 01:27:18 +0000 Subject: [PATCH 017/377] chore(deps): update helm release renovate to 39.248.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 2a46ccf..cd71ff4 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 39.242.* + targetRevision: 39.248.* helm: valuesObject: renovate: From 4bffe764ff55d799e0e28d578d005ce13f774f5f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 17 Apr 2025 01:26:36 +0000 Subject: [PATCH 018/377] chore(deps): update netbirdio/relay docker tag to v0.41.3 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index e847f62..0dde8cc 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.41.0 + image: netbirdio/relay:0.41.3 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From d5d789c17ccc4d371b73e3c0a770d032a00aff8d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 17 Apr 2025 01:27:01 +0000 Subject: [PATCH 019/377] chore(deps): update netbirdio/signal docker tag to v0.41.3 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 0dde8cc..344edbf 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.41.0 + image: netbirdio/signal:0.41.3 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From b9c219d95d56e4728580bb8d556cb5e5903811a2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 17 Apr 2025 01:26:16 +0000 Subject: [PATCH 020/377] chore(deps): update netbirdio/netbird docker tag to v0.41.3 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 344edbf..e729547 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.41.0 + image: netbirdio/netbird:0.41.3 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From 9bdcb1262bfa3e0fddb72257e7138ad55a331f79 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 20 Apr 2025 01:34:00 +0000 Subject: [PATCH 021/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.15.3 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 1d20cee..4904c90 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.15.2 + image: ghcr.io/paperless-ngx/paperless-ngx:2.15.3 restart: unless-stopped ports: - 8002:8000 From 63239f2805666b357b42bcd39e44085cca80044e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 19 Apr 2025 01:32:58 +0000 Subject: [PATCH 022/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v12 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index d46743a..3347561 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 11.0.5 + targetRevision: 12.0.0 helm: valuesObject: replicaCount: 2 From df416555f5183bce815015072ff588abe17ca0c8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 19 Apr 2025 01:31:54 +0000 Subject: [PATCH 023/377] chore(deps): update helm release renovate to 39.251.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index cd71ff4..05aec1c 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 39.248.* + targetRevision: 39.251.* helm: valuesObject: renovate: From b8147ba8147280b03a1ba875b7de6f4259601bcd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 17 Apr 2025 01:27:48 +0000 Subject: [PATCH 024/377] chore(deps): update netbirdio/management docker tag to v0.41.3 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index e729547..41fe7ce 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.40.1 + image: netbirdio/management:0.41.3 restart: unless-stopped depends_on: - dashboard From 86efe9432bf7d425f023d66ebd9bccc786e122f5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 18 Apr 2025 01:33:05 +0000 Subject: [PATCH 025/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v21.6.0 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index ddfb6a2..916a9e3 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 21.5.0 + targetRevision: 21.6.0 helm: valuesObject: service: From 6f7570b8effb226953b1eaa1323f5c401d258ccc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 21 Apr 2025 01:40:09 +0000 Subject: [PATCH 026/377] chore(deps): update helm release renovate to 39.252.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 05aec1c..4786149 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 39.251.* + targetRevision: 39.252.* helm: valuesObject: renovate: From 1c151265ba2b45fe84367f377e6ba3b32087ec4d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 22 Apr 2025 01:34:42 +0000 Subject: [PATCH 027/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v21.6.1 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index 916a9e3..5130ade 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 21.6.0 + targetRevision: 21.6.1 helm: valuesObject: service: From 4fc1b2f47b98173397c7033c71ece8e98da24aa7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 22 Apr 2025 01:35:28 +0000 Subject: [PATCH 028/377] chore(deps): update helm release renovate to 39.253.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 4786149..d6d93c7 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 39.252.* + targetRevision: 39.253.* helm: valuesObject: renovate: From ebfe62b073c968945d36bd1c8d8baaab606ce092 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 23 Apr 2025 01:36:24 +0000 Subject: [PATCH 029/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v21.6.2 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index 5130ade..61dc9ac 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 21.6.1 + targetRevision: 21.6.2 helm: valuesObject: service: From 558dc71daecdb2c34f49506b384508501e94204d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 24 Apr 2025 01:35:59 +0000 Subject: [PATCH 030/377] chore(deps): update netbirdio/management docker tag to v0.42.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 41fe7ce..740cad4 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.41.3 + image: netbirdio/management:0.42.0 restart: unless-stopped depends_on: - dashboard From 3a2608b5f97e8da4886a7a2e1a535e7b8ef0ddce Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 25 Apr 2025 01:48:17 +0000 Subject: [PATCH 031/377] chore(deps): update netbirdio/netbird docker tag to v0.42.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 740cad4..19a941f 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.41.3 + image: netbirdio/netbird:0.42.0 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From ebb9ac36b89d609909483103a6ac3490537725d2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 24 Apr 2025 01:34:57 +0000 Subject: [PATCH 032/377] chore(deps): update helm release renovate to 39.257.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index d6d93c7..f4a715a 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 39.253.* + targetRevision: 39.257.* helm: valuesObject: renovate: From 06ee5e171b7205eda0949bd50d1b0e3214e9d502 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 28 Apr 2025 01:41:31 +0000 Subject: [PATCH 033/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v12.2.0 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 3347561..7bfdf2d 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 12.0.0 + targetRevision: 12.2.0 helm: valuesObject: replicaCount: 2 From 063a28e937c886361fe11853c365bbbc614012eb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 28 Apr 2025 01:42:55 +0000 Subject: [PATCH 034/377] chore(deps): update netbirdio/signal docker tag to v0.43.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 19a941f..8d114de 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.41.3 + image: netbirdio/signal:0.43.0 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From 02758ece18b53d8e70ce35920de53f333bdc47b0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 29 Apr 2025 01:29:58 +0000 Subject: [PATCH 035/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v12.3.0 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 7bfdf2d..1ccd179 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 12.2.0 + targetRevision: 12.3.0 helm: valuesObject: replicaCount: 2 From 7f0c82da4579a9db57e3436e6815e27047fabb3b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 29 Apr 2025 01:26:51 +0000 Subject: [PATCH 036/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v21.6.3 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index 61dc9ac..5a1a3eb 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 21.6.2 + targetRevision: 21.6.3 helm: valuesObject: service: From 9b2012b4e7cb14c22fee47ee287377ec50db9487 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 27 Apr 2025 01:35:05 +0000 Subject: [PATCH 037/377] chore(deps): update netbirdio/relay docker tag to v0.43.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 8d114de..ce01429 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.41.3 + image: netbirdio/relay:0.43.0 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From d2613605cb6360f95e1fe13e71f826a6d9c972b0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 26 Apr 2025 01:47:22 +0000 Subject: [PATCH 038/377] chore(deps): update netbirdio/management docker tag to v0.43.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index ce01429..e2ce825 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.42.0 + image: netbirdio/management:0.43.0 restart: unless-stopped depends_on: - dashboard From 066a3c31cb54eb23cff183900bfc3ceb59290705 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 26 Apr 2025 01:47:33 +0000 Subject: [PATCH 039/377] chore(deps): update netbirdio/netbird docker tag to v0.43.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index e2ce825..7ad4416 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.42.0 + image: netbirdio/netbird:0.43.0 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From b45b8cc7611ea604f7e55957035a5f590cbfab23 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 30 Apr 2025 01:46:58 +0000 Subject: [PATCH 040/377] chore(deps): update terraform adguard to v1.6.0 --- tofu/adguard/.terraform.lock.hcl | 60 ++++++++++++++++---------------- tofu/adguard/main.tf | 2 +- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/tofu/adguard/.terraform.lock.hcl b/tofu/adguard/.terraform.lock.hcl index e7c306d..99b1353 100644 --- a/tofu/adguard/.terraform.lock.hcl +++ b/tofu/adguard/.terraform.lock.hcl @@ -2,37 +2,37 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/gmichels/adguard" { - version = "1.5.1" - constraints = "1.5.1" + version = "1.6.0" + constraints = "1.6.0" hashes = [ - "h1:6p1NQn2zu3THuBMKazX/wBCDRR0N/OG32YuLC6yKvdY=", - "h1:9w/eRI42Lg8PDPvHAxPLBX0GFLzjEUZl8YekSYwEyY8=", - "h1:A3P23yGJkVjUx3aPB+gEzc9y0s8YYYsNLfgpzebFMis=", - "h1:DibQ6zPM/39mrPE/F6OBFdG2/FA6/aWil+3643EAaLI=", - "h1:Ihg/A/egviNoUnOjblxG8jy+FYv8o4RuP0PrG8MUTvE=", - "h1:Irg1nn0s7wtaJIJKylJg4F7WTqWDZNWFC1QXR5Grbi8=", - "h1:NwbE7NAdIfpTCtLF/b+vUS0Es9Hu35M8I9FI36BQCUc=", - "h1:XO1arHSDd2Pb83OKI5Qi98IbIDJfBFL5+SyDrstqEks=", - "h1:etYF6O8pHXGAf1HBefaLyFKwKMmgVDuy3VyMgAyDL+Q=", - "h1:fKmdzgWHclXaWvjZtAeq8/E64bCi8ydGX8D6ckZGNdY=", - "h1:qpPnjHD3d7hkHUVTXApMYj1M0DuTks48cee03AsnH80=", - "h1:wcQ1W3nsFax8ZXPQdg44poHCeVvwSWqsIFbMvlFGaAA=", - "h1:x2hGbFn0F7fwRkS7WztzgIBbmOi0M4Ps7Saqsgl9Bxs=", - "h1:yGKYRCWeAEOlBpZNQOs6b/JpR/YWv/rL0nvEvGI6EdE=", - "zh:23ff590e4679e9a8c35b15c7443d8ce2f386e2086f7534be793c6c4f393d2733", - "zh:4b120bde5371d9368d361bd5e51f598a945de7b640df1d41de58e2d1e466e0f0", - "zh:4c299238e70ae53e44c411df61c1e995157d537058526f3248dd59cbb8385241", - "zh:4ddb42634a3cbd690427b0a6774d688b857ed3c23f67a0c0c5d0757e2161efce", - "zh:50c63cee24cae6d11290fa53a70b176cd45d8110dcc578bc5dee3dcc4c8e34aa", - "zh:675c70b51d07ec6fe1e332e69d37c33b6af7a2aa0c0e59580d4a7368f73ee8d1", - "zh:733eb9f292708e3ef1890aab1842f128fce5ea9bf07feff6b42b4c440a594ff5", - "zh:74362ec53aab82a9cf12eaa8ee36a21e74d442dff4e88575ee9acbdd35e146ee", - "zh:8ae684c9eee589958acf17c1434a90c40e3ec7bc7423cbd3206485218f88a2b7", - "zh:a30191bc0a80e3b7738f5bd6bbe67ce4828c07c17064f8ef204e271f0d3f3b1d", - "zh:a7c3e7e6cecf62f65714170a7bf1f750ad54ad71d919d51b83aece5dde5401ff", - "zh:b37f51bec004f92151a0c171e2836663709bc63dd0a07ce9464d8545ee02ff70", - "zh:c20a8155245340094d5388ac44ab7089cf8165c7ebcad5fd61f1ce296c0bfad3", - "zh:ca5fc9848496db2ba15d9cae6ffd045046494cbb0b7150afa085672cd1afbd6f", + "h1:+kFd4Ecn43zA5BVvDvI9PNswjbmukDANDx64d1mwP+w=", + "h1:/UrnZ79iT3hnA587QPMkPVzl5oBufsjOXDD93o3xOo0=", + "h1:1/nWuWd4blVGozUsWbwMbWIfxxXwkWBtfzKJ/LoqNaY=", + "h1:42mNOgdsWMs4g3F1qd16V+K8mEQkq8bhjmOhJFl7kCA=", + "h1:7LL915SyWkwRZqmgjOCFRbkpCxkY0Q+DuHaZpfZeg5w=", + "h1:8Qpfa+4CukATrDU9tTvYS66M7pJGM+GZyjGeZJ3eqFs=", + "h1:9T3I/RxwLBivTIVY9TqFBW/+P5pPMTaWkVmnUno7agE=", + "h1:G6SIrU6zJT22v0qjzyTg7YT07KRiwccw9BW7j/jCVF4=", + "h1:PvcCnV72bB1OvHsv7c+v7v2NomZALGKsfpQOa7S7Usk=", + "h1:RPv6+URquK+wgcJhVVwwEsiRy1u4QkRnCq2gD3J2oGI=", + "h1:TQhZg7Sm2rF/cbMoi8HxxGOeygY6CG2JWRu/sfckK3o=", + "h1:g0SdwkaT68ZcFgce9yxSD5XU4h+o85quPrJddn5igLo=", + "h1:jjCSHM0kRWNXhnbNOPxLOiGUrx5X/BjkKK43IyWoH08=", + "h1:tJzMzK6la58qNuS7SBz/pxaN1b5xmopXAQfhRFffVsA=", + "zh:33bcfff27be266529d19ee880c29c40dc760036676acbf1af51a1b65e28fbd56", + "zh:33d54bd0ce43c821070a31c1c881668f2c1972b9426f4739fb98b4c894b71694", + "zh:4129d0d87cc4f738b00a061ee43737bc5db38e19f95bce7b0d6b650701749be3", + "zh:41e4d0ce1f9ba72617a7da5d2aba524f19cb55c42ec948278a50069c9ee3fc60", + "zh:47cea556f209afba60a3abd86fb10fdd6d6c98cd00d1869cbbcc07a86d0ee99c", + "zh:744ca65ffd9066dbba172e5876c468e250c6f1bfce19c4b2f05b566ec2800be8", + "zh:8dddbfe66313e72ead13059af6ff3e81dd9d34254587ea3a714841bc42f5f979", + "zh:9a3c43c473396097adb0263ee6bc5ea38a0ce95ce37e6513bb694addd3c146e2", + "zh:a2f49a93fb7bbc4fa555e5382618f38e6c501c6a1db0eb678c1e79d466a3934d", + "zh:b00191439ccab5d4060267a55e0e39b9c1e13ece13a62053c7340c920faf5514", + "zh:b9b1fd6f9fff9710259d814b636ce324e9ab6fd725947386b4abc532ba625efe", + "zh:ca7387c01df51f9c4a1aff7e1f25320d9d1a3779671b1b32b0a5bbe4a5ffcf39", + "zh:ce2470e5ceb8014d25c8be347e7ec5065b300e707391a6c05bf282ee5ddc805f", + "zh:f51250e09bd3a9b15428ff7bd52cd7b86655bc4bd11e3c32e9725d05c8c56551", "zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32", ] } diff --git a/tofu/adguard/main.tf b/tofu/adguard/main.tf index 9f58cd2..4a288c3 100644 --- a/tofu/adguard/main.tf +++ b/tofu/adguard/main.tf @@ -9,7 +9,7 @@ terraform { required_providers { adguard = { source = "gmichels/adguard" - version = "1.5.1" + version = "1.6.0" } } } From ef1743e174c249f108ace33a9af5a7a9b00df679 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 30 Apr 2025 01:45:56 +0000 Subject: [PATCH 041/377] chore(deps): update netbirdio/dashboard docker tag to v2.11.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 7ad4416..886a5cc 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -1,7 +1,7 @@ --- services: dashboard: - image: netbirdio/dashboard:v2.10.0 + image: netbirdio/dashboard:v2.11.0 restart: unless-stopped ports: - 8005:80 From c04bcb557a892330b12ccabc99c585de9ebb3b86 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 2 May 2025 03:04:03 +0000 Subject: [PATCH 042/377] chore(deps): update terraform authentik to v2025.4.0 --- k8s/argo-apps/authentik.yaml | 2 +- tofu/authentik/.terraform.lock.hcl | 60 ++++++++++++++-------------- tofu/authentik/main.tf | 2 +- tofu/modules/authentik-oidc/main.tf | 2 +- tofu/modules/authentik-proxy/main.tf | 2 +- 5 files changed, 34 insertions(+), 34 deletions(-) diff --git a/k8s/argo-apps/authentik.yaml b/k8s/argo-apps/authentik.yaml index 23193d7..b0cd8ca 100644 --- a/k8s/argo-apps/authentik.yaml +++ b/k8s/argo-apps/authentik.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: authentik repoURL: https://charts.goauthentik.io/ - targetRevision: 2025.2.* + targetRevision: 2025.4.* helm: valuesObject: authentik: diff --git a/tofu/authentik/.terraform.lock.hcl b/tofu/authentik/.terraform.lock.hcl index eb6bbe8..3e0bf29 100644 --- a/tofu/authentik/.terraform.lock.hcl +++ b/tofu/authentik/.terraform.lock.hcl @@ -2,36 +2,36 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.2.0" - constraints = "2025.2.0" + version = "2025.4.0" + constraints = "2025.4.0" hashes = [ - "h1:3IWXiPFWWjLsyCf/paNU7wKpCxa7pAn4GScitbwtofk=", - "h1:3udT/dgoe8Z8YX6+407rQCmzkNsvQ8357KSqMN7klew=", - "h1:64BKLYoDRkgQww158lnyehe24XINrUoHN6h/iPqG0EA=", - "h1:A5tm4fnHaVnsn2MvTeH7q+mrs/Ml/FqrD67XiH81jCc=", - "h1:O7itcQKL+kjkZ79PuZj23lTIe9fwpjl2fyiWNsI6voA=", - "h1:SgBIbLZKf3G+rGCytdo9tnQ2LfYtTeljxl4QirsnVjo=", - "h1:bL786Y8Y5eWhwHfAn6B7SoYioYz4Pl4eep4LQOOklM8=", - "h1:hQyI+F+TaPRqc/XeanBmkn+gYfeG/tqFv43wRJ20r9M=", - "h1:jR2DnHv7UTgvb1MsQF1tKOMGgUkeCFKyi6YY6sUjOOg=", - "h1:q5hy+FtU9m57Q5s1woKat+m/4PJbz6vcSGkPTnohDXs=", - "h1:qFKhGTmYxrl1LEpJyx4iTxd0y3Rk/zfI3U4ybVJylK8=", - "h1:rnWB4NGF0BBD4CE40I5jLrqQoyXtfx2JArEfSZx6OpE=", - "h1:x9vdBK1E7jJU7buJM8D7GIoEEzY+wNZzGCTHI3tU/3E=", - "h1:ycPf4zuR4L0pcYi3osQhJeUaB7a8/oQLQvH+UcmJIj4=", - "zh:0bb96e37ac26c1718572c3bb1a4d30fb3c9dc94639e8d9f10db83394a636e829", - "zh:207822ee1ee4c76ef64a2adc5dbaa2ea253f7fbb0cde0561c92af04fe1ddbeba", - "zh:3e3d33149912946b5026070df615da87505c3dd4eaa0e414c8cd4dbd701ee182", - "zh:430419376b2b4104518fab5e2689b360612de7283b0a31dde35f9fd62d0c5e17", - "zh:51a081059dc8b71fee79807b76449df5735749ff5e05f7ea0d572f4cb0e088f9", - "zh:594ab6d4bad1bbdc47b1f5ca2126192d41c71ae7c9f4f5cc00ad50981e5b7cfe", - "zh:5d526d9af9fdb34b7218fc2c2672f0673ce553605f3233de8f98d1080625d9f9", - "zh:6ce248cf8663f1968139e7b4d02c4477388be73fac7f3223c8fe19971a112d4c", - "zh:9d0e9dd50c81c2b12de59a539d26896b54b74eb0b3ee17d0314eb47d527b3596", - "zh:a522f8ef643743c6613fcf66bde31a40e3b2121d2e09c7c48b806920524ffd13", - "zh:aecfcfac59ce3a9de8b707b5ed6f3485169ccfabda15f2a61ef8b17f39e92e83", - "zh:d3af22ed49db703207b7697d385f65d4379e0748a50af97283cd7fde0487d736", - "zh:d5d853844d84349aa454b4d1a7d68800e747e1fc3c12fe522088747c06fcba52", - "zh:f7e11091d75e26e4033eb0bf96ffe7b1444e07b81a8cb1aae1ab022b2dc6d164", + "h1:2zDfT1wb2SNbIoanYeQ0nV32eOcqTmxLN1fv7fIbnKQ=", + "h1:4BxCi06ZJqqRSpNiWl5McGaA+yNczztd+3CUxD3hbMU=", + "h1:6xc2FC8qXvnvmGzpK1l9x5tGUWPN8HaleedOUljX1yk=", + "h1:JKgZKJQoEfcHVdoa7NUQnQE0hnkMkHgNEqqdBi5naKM=", + "h1:Ojd/LgZzMWC3FRvBGtsKUPexGtrzjZYeBvhAdD2cltE=", + "h1:Q9o9fE25MpMLMbDUl68FtHxVuMgQo9pmVl5Sul5TZsg=", + "h1:StYkYo1PiHTYDc/rUwe4cb/jte0FgDnTtKSmCmPao60=", + "h1:USGgPsAW034M23g3ful7wlfAvHyjUkWXVbIvpRbFfdY=", + "h1:Wqe1ItPtK3K5KNLGkVTqHzRoTT0CMuMmax9UHcN4/iM=", + "h1:XKa968LU1m7ZyxArJ/8xbAwpJGZ5rNxaTszuNFGSE+I=", + "h1:oKgtMc0xVa6nL8tb0gh3aHES3H3SmTX5bjplDrp5iYk=", + "h1:rXqKBLLdbeOHq28cttYLc9rsw+5lLB6x/eDu+KM+9Xk=", + "h1:sGvwwNrQ3T3N0Qd+5W1LT8pDmgQH4ZgXnNkfmfRcLq4=", + "h1:zNQKfDwe+B30MYF8UjXiLiebD9A7fmoHg4m6lQM1ceo=", + "zh:0236341fc44717e1dc3398971e82bf0f9d23a861afd4e023daa0a4d7ea7b8059", + "zh:07bc3fcd89e778f3894c543f84269e6188baaf3ccc8cdb37a82afd12882ae7bc", + "zh:2a09b37449c1101750de128cb9bba373cab802916a58d87083b9acb544907ba8", + "zh:2a12e1ebe9aacb77338949f864f62174ee4b34f6791d5a946b87f0ec612172ed", + "zh:3006ea3a5bf3d8ebe167647ca6da4aef730e8d7f3c98ae53a83a1cc6e0a7e2e0", + "zh:3150f1b2092efd76c1f2b00abc63b5406354820116b6894fd69d882cf0d8818c", + "zh:3471e3e490f7b97eee287ef8dad0acdd95faf5e85636c6ee7d0a44a6a5481a47", + "zh:4829468325f0b5201ecd0e20e442aea73aeb017a9453b2d9e4252e4f02a52fb7", + "zh:5fcd6ca5873b2c75dae1e7ee013b6c0d032f0f5328075c6d4ddea96f9eace55f", + "zh:60bac7eea813b38b999fa5ff197b36b60f589b8eb9cc9e59da692988bf2510ec", + "zh:62fa20db676669f95c3a4b1aac51d96b941e504e7432d99aa3307972d21f926a", + "zh:7564fbdd9ad2a45c82536aae5b5a4cbd30591512eaa79844e102a47364b950b9", + "zh:bf8ce98248b2d822e0b080301faeb5eea7bb5aa7ecef670a2385645af703ea5b", + "zh:ca8d77ad6c175730aeea8df87dc78a1ee87f0bc810b667d78e39d06b6c32da4e", ] } diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 5758993..143bbae 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.2.0" + version = "2025.4.0" } } } diff --git a/tofu/modules/authentik-oidc/main.tf b/tofu/modules/authentik-oidc/main.tf index 8ad7403..5c1c6ff 100644 --- a/tofu/modules/authentik-oidc/main.tf +++ b/tofu/modules/authentik-oidc/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.2.0" + version = "2025.4.0" } } } diff --git a/tofu/modules/authentik-proxy/main.tf b/tofu/modules/authentik-proxy/main.tf index f9a8873..fb352a2 100644 --- a/tofu/modules/authentik-proxy/main.tf +++ b/tofu/modules/authentik-proxy/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.2.0" + version = "2025.4.0" } } } From dfa7631cf88e37622f6531cf8885e5bffb285c43 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 2 May 2025 03:00:50 +0000 Subject: [PATCH 043/377] chore(deps): update netbirdio/signal docker tag to v0.43.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 886a5cc..6996782 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.43.0 + image: netbirdio/signal:0.43.1 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From b802cc829424a9f72a410e4dd4ca6d9a36ad3e9e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Fri, 2 May 2025 17:40:17 +0200 Subject: [PATCH 044/377] feat: add kubetail --- k8s/argo-apps/kubetail.yaml | 38 +++++++++++++++++++++++++++++ k8s/services/argo/project-fuku.yaml | 1 + 2 files changed, 39 insertions(+) create mode 100644 k8s/argo-apps/kubetail.yaml diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml new file mode 100644 index 0000000..88b97b9 --- /dev/null +++ b/k8s/argo-apps/kubetail.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kubetail + namespace: argocd +spec: + destination: + name: '' + namespace: apps-fuku + server: https://kubernetes.default.svc + sources: + - chart: kubetail + repoURL: https://kubetail-org.github.io/helm-charts/ + targetRevision: 0.10.1 + helm: + valuesObject: + kubetail: + dashboard: + ingress: + enabled: true + className: traefik + tls: [] + rules: + - host: logs.fuku + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: kubetail-dashboard + port: + number: 8080 + + project: fuku + syncPolicy: + automated: {} diff --git a/k8s/services/argo/project-fuku.yaml b/k8s/services/argo/project-fuku.yaml index fdfea74..0ad7233 100644 --- a/k8s/services/argo/project-fuku.yaml +++ b/k8s/services/argo/project-fuku.yaml @@ -27,3 +27,4 @@ spec: - https://docs.renovatebot.com/helm-charts - registry-1.docker.io/bitnamicharts - https://meilisearch.github.io/meilisearch-kubernetes + - https://kubetail-org.github.io/helm-charts/ From f21844995ef73c9811fbc5bf5a1fc20da5e8829a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Fri, 2 May 2025 17:43:22 +0200 Subject: [PATCH 045/377] chore(deps): update miniflux/miniflux docker tag to v2.2.8 --- k8s/services/miniflux/deployment.yaml | 6 +++--- k8s/services/miniflux/service.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/k8s/services/miniflux/deployment.yaml b/k8s/services/miniflux/deployment.yaml index f26ebb4..a2057b1 100644 --- a/k8s/services/miniflux/deployment.yaml +++ b/k8s/services/miniflux/deployment.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: miniflux app.kubernetes.io/managed-by: argo - app.kubernetes.io/version: 2.2.7 + app.kubernetes.io/version: 2.2.8 annotations: kube-score/ignore: pod-networkpolicy,deployment-has-host-podantiaffinity spec: @@ -24,11 +24,11 @@ spec: metadata: labels: app.kubernetes.io/name: miniflux - app.kubernetes.io/version: 2.2.7 + app.kubernetes.io/version: 2.2.8 spec: containers: - name: miniflux - image: miniflux/miniflux:2.2.7 + image: miniflux/miniflux:2.2.8 imagePullPolicy: Always securityContext: allowPrivilegeEscalation: false diff --git a/k8s/services/miniflux/service.yaml b/k8s/services/miniflux/service.yaml index e7fa2c5..d18d2b7 100644 --- a/k8s/services/miniflux/service.yaml +++ b/k8s/services/miniflux/service.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: miniflux app.kubernetes.io/managed-by: argo - app.kubernetes.io/version: 2.2.7 + app.kubernetes.io/version: 2.2.8 spec: selector: app.kubernetes.io/name: miniflux From 9829433ba5469a6a1d2c4891f196780719705583 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 3 May 2025 01:17:39 +0000 Subject: [PATCH 046/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v12.3.1 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 1ccd179..7593d6b 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 12.3.0 + targetRevision: 12.3.1 helm: valuesObject: replicaCount: 2 From e65b388373cd4698e11fc153e3a6f370c2cac944 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 4 May 2025 02:31:41 +0000 Subject: [PATCH 047/377] chore(deps): update helm release renovate to v40 --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index f4a715a..ca837c2 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 39.257.* + targetRevision: 40.1.* helm: valuesObject: renovate: From 71ed94bedd59730625b5d3b2c7b2db2e19f7591f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 3 May 2025 01:19:04 +0000 Subject: [PATCH 048/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index 5a1a3eb..c7eda4c 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 21.6.3 + targetRevision: 22.0.1 helm: valuesObject: service: From 0502ffc90ab6f1919570962a976aac33508fb371 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 7 May 2025 01:37:53 +0000 Subject: [PATCH 049/377] chore(deps): update helm release kubetail to v0.11.0 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index 88b97b9..13d00dc 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.10.1 + targetRevision: 0.11.0 helm: valuesObject: kubetail: From 85ef15e1ba0e80f35e76b7e865640f51d943e6c6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 7 May 2025 01:38:24 +0000 Subject: [PATCH 050/377] chore(deps): update helm release renovate to 40.7.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index ca837c2..1131636 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.1.* + targetRevision: 40.7.* helm: valuesObject: renovate: From 0eafa811878dfe749a0931b0d1a450151cd4aec1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 8 May 2025 01:19:49 +0000 Subject: [PATCH 051/377] chore(deps): update helm release kubetail to v0.11.2 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index 13d00dc..119aa31 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.11.0 + targetRevision: 0.11.2 helm: valuesObject: kubetail: From 0701dfdf5ffe8e3c20e9f0eeaf595b2deb23fd19 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 8 May 2025 01:20:55 +0000 Subject: [PATCH 052/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22.0.3 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index c7eda4c..e5e6c23 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.0.1 + targetRevision: 22.0.3 helm: valuesObject: service: From 5a58418d1fb86442612ed2bc5a587c52bfcdafef Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 10 May 2025 01:39:41 +0000 Subject: [PATCH 053/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v12.4.0 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 7593d6b..5e4d218 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 12.3.1 + targetRevision: 12.4.0 helm: valuesObject: replicaCount: 2 From dd1789c0d22132bc1f8e5e17cb01b25d25553b95 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 11 May 2025 01:45:48 +0000 Subject: [PATCH 054/377] chore(deps): update helm release kubetail to v0.11.3 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index 119aa31..a1d96be 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.11.2 + targetRevision: 0.11.3 helm: valuesObject: kubetail: From e4bc96d7a58036903f88592d623e31293692d4cc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 13 May 2025 01:34:04 +0000 Subject: [PATCH 055/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v12.5.0 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 5e4d218..c740aac 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 12.4.0 + targetRevision: 12.5.0 helm: valuesObject: replicaCount: 2 From 152dda09184caef7a6dad856f55ac78e972e109f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 9 May 2025 01:48:31 +0000 Subject: [PATCH 056/377] chore(deps): update terraform adguard to v1.6.1 --- tofu/adguard/.terraform.lock.hcl | 60 ++++++++++++++++---------------- tofu/adguard/main.tf | 2 +- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/tofu/adguard/.terraform.lock.hcl b/tofu/adguard/.terraform.lock.hcl index 99b1353..d889169 100644 --- a/tofu/adguard/.terraform.lock.hcl +++ b/tofu/adguard/.terraform.lock.hcl @@ -2,37 +2,37 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/gmichels/adguard" { - version = "1.6.0" - constraints = "1.6.0" + version = "1.6.1" + constraints = "1.6.1" hashes = [ - "h1:+kFd4Ecn43zA5BVvDvI9PNswjbmukDANDx64d1mwP+w=", - "h1:/UrnZ79iT3hnA587QPMkPVzl5oBufsjOXDD93o3xOo0=", - "h1:1/nWuWd4blVGozUsWbwMbWIfxxXwkWBtfzKJ/LoqNaY=", - "h1:42mNOgdsWMs4g3F1qd16V+K8mEQkq8bhjmOhJFl7kCA=", - "h1:7LL915SyWkwRZqmgjOCFRbkpCxkY0Q+DuHaZpfZeg5w=", - "h1:8Qpfa+4CukATrDU9tTvYS66M7pJGM+GZyjGeZJ3eqFs=", - "h1:9T3I/RxwLBivTIVY9TqFBW/+P5pPMTaWkVmnUno7agE=", - "h1:G6SIrU6zJT22v0qjzyTg7YT07KRiwccw9BW7j/jCVF4=", - "h1:PvcCnV72bB1OvHsv7c+v7v2NomZALGKsfpQOa7S7Usk=", - "h1:RPv6+URquK+wgcJhVVwwEsiRy1u4QkRnCq2gD3J2oGI=", - "h1:TQhZg7Sm2rF/cbMoi8HxxGOeygY6CG2JWRu/sfckK3o=", - "h1:g0SdwkaT68ZcFgce9yxSD5XU4h+o85quPrJddn5igLo=", - "h1:jjCSHM0kRWNXhnbNOPxLOiGUrx5X/BjkKK43IyWoH08=", - "h1:tJzMzK6la58qNuS7SBz/pxaN1b5xmopXAQfhRFffVsA=", - "zh:33bcfff27be266529d19ee880c29c40dc760036676acbf1af51a1b65e28fbd56", - "zh:33d54bd0ce43c821070a31c1c881668f2c1972b9426f4739fb98b4c894b71694", - "zh:4129d0d87cc4f738b00a061ee43737bc5db38e19f95bce7b0d6b650701749be3", - "zh:41e4d0ce1f9ba72617a7da5d2aba524f19cb55c42ec948278a50069c9ee3fc60", - "zh:47cea556f209afba60a3abd86fb10fdd6d6c98cd00d1869cbbcc07a86d0ee99c", - "zh:744ca65ffd9066dbba172e5876c468e250c6f1bfce19c4b2f05b566ec2800be8", - "zh:8dddbfe66313e72ead13059af6ff3e81dd9d34254587ea3a714841bc42f5f979", - "zh:9a3c43c473396097adb0263ee6bc5ea38a0ce95ce37e6513bb694addd3c146e2", - "zh:a2f49a93fb7bbc4fa555e5382618f38e6c501c6a1db0eb678c1e79d466a3934d", - "zh:b00191439ccab5d4060267a55e0e39b9c1e13ece13a62053c7340c920faf5514", - "zh:b9b1fd6f9fff9710259d814b636ce324e9ab6fd725947386b4abc532ba625efe", - "zh:ca7387c01df51f9c4a1aff7e1f25320d9d1a3779671b1b32b0a5bbe4a5ffcf39", - "zh:ce2470e5ceb8014d25c8be347e7ec5065b300e707391a6c05bf282ee5ddc805f", - "zh:f51250e09bd3a9b15428ff7bd52cd7b86655bc4bd11e3c32e9725d05c8c56551", + "h1:0/3StBkyT8HyxsojPv0U4BN3HLW63DusbjuJvnAdvIA=", + "h1:1GFIhox0hy1RtULF0PARVvm19kmJ1fZ2uQDZfDG69eo=", + "h1:285rKKkfFBcA7Yf+eZSC3cUj1CzaKIdUs9044I8bdUE=", + "h1:AtNVWKcLL0qHkt2fQLuNAPN9Cl+HULKmbwFDNqlYSw8=", + "h1:MpJSITRC1JmDF1rXIYLVVZ55by/05Ai6UDrUOCeaRCA=", + "h1:NflB7JzRfgM7M1/ayok0wFThr5xEb1lqhjlt1BtTPWk=", + "h1:PZeSLF7VXX+wv+DIRbgnpkKkB4N6pyaSBQP+gaUzG3g=", + "h1:Z4V2AAMjgGkcEw47ekRPvKcXXBr8rdPhkm/wF5IRxao=", + "h1:cXeYdlzhnBl0pl64GQJ+CGXhnDkkGsnqqw9VQ8yRUfg=", + "h1:dnHplDyqJpAI4hiXDuYhWmV5USqIEvRsuxfznuhO6iA=", + "h1:fH/VSvs3S/hD30CBh9lY7IYWI4HX2Y2pqKd/asr/Vvw=", + "h1:mNrWGv0fkuZBsLzY3kFeAAOOpj7d53b6DRYXMY3zDIo=", + "h1:mwEBNV2379KmM/Z+Kp80FJk+rdy48NiTGKM+ZF2tE9Q=", + "h1:s3oZ5hrYeos3AW71C1r1THDGq0UtxZ7MJepxVAN0+J8=", + "zh:06880a4627596cb0ebdd0dabab2917aa174875b505f3431078815906c5ca677f", + "zh:17fa52f15e7d1b7849fcdac942fa8b9ac9b9f2f5bd3e824b1ad0282cc06a1da1", + "zh:19afa8fa0f3b7a52afe13bd951179f4abafdf09a346e9765260ab488c8b245ac", + "zh:340bc5124cda0a5d16b6a2bfaf6569125f64d24d8e4893f02abda3ba58aa677a", + "zh:3aa586e24acbc0b90bfbfb06bd4309408ff94449ee5348927b1ff38aaf5c448a", + "zh:41db1e3b7f821e8648176a76c73f2a2db48df784b720e41461ea4f323782c18b", + "zh:47569b70ac3e27f660b37debb576ffaad8fbe196a232b5b11a2ec57f4e71fabd", + "zh:66da676d9e80c29e2e3512455b835b4b83ccbd9833ed2ab2c77bbf5d44d99e07", + "zh:822700450359aed9589869757c805a583bda1cce3d1681ffbc815f9a1caffdbf", + "zh:9c70f3693f97ec09b6357279151ee8121730953d595ea1cebc54a55f2355c03d", + "zh:aac8a0de8e781d206ce847f6f9bb64472b47f144d62278ae9355d44c414d7b7b", + "zh:ac17e620785467d411a91b876f7400ff7cb728cdef8a7b47787501b29d3011d7", + "zh:e2972575b0fbe7d4d90cbce9523955d1d3fc09b177a62358b69ed7d4e33378fc", + "zh:ef6009209198887d8e06e31d9839512fda1089a76980fc2fda96d848a5fc87c8", "zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32", ] } diff --git a/tofu/adguard/main.tf b/tofu/adguard/main.tf index 4a288c3..bb32e30 100644 --- a/tofu/adguard/main.tf +++ b/tofu/adguard/main.tf @@ -9,7 +9,7 @@ terraform { required_providers { adguard = { source = "gmichels/adguard" - version = "1.6.0" + version = "1.6.1" } } } From 720777f7a4a2916a41c3962ceaf43197aa40287d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 24 May 2025 01:29:59 +0000 Subject: [PATCH 057/377] chore(deps): update helm release renovate to 40.26.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 1131636..e9b1be8 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.7.* + targetRevision: 40.26.* helm: valuesObject: renovate: From 1d5249fb5ad2cc7e01a46e3ce8c60b7a84a728e0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 23 May 2025 01:29:06 +0000 Subject: [PATCH 058/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22.0.4 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index e5e6c23..ba1aa83 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.0.3 + targetRevision: 22.0.4 helm: valuesObject: service: From 02248cbc75a9e2b1166cb460a27a12ac9a786997 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 6 May 2025 01:58:56 +0000 Subject: [PATCH 059/377] chore(deps): update netbirdio/dashboard docker tag to v2.12.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 6996782..d436d89 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -1,7 +1,7 @@ --- services: dashboard: - image: netbirdio/dashboard:v2.11.0 + image: netbirdio/dashboard:v2.12.0 restart: unless-stopped ports: - 8005:80 From e79d38e6643fd088d040861d167e950780bf0a5c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 23 May 2025 01:28:38 +0000 Subject: [PATCH 060/377] chore(deps): update helm release kubetail to v0.11.6 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index a1d96be..3b692cb 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.11.3 + targetRevision: 0.11.6 helm: valuesObject: kubetail: From 98a9793611956ea44301e598a1a72f6f0dc2283c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 22 May 2025 01:42:34 +0000 Subject: [PATCH 061/377] chore(deps): update netbirdio/signal docker tag to v0.45.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index d436d89..8ca356d 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.43.1 + image: netbirdio/signal:0.45.1 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From 9e1937d69c25a75ff9de1250a858e011b8bd8665 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 17 May 2025 01:37:54 +0000 Subject: [PATCH 062/377] chore(deps): update nextcloud docker tag to v31.0.5 --- docker/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/nextcloud/Dockerfile b/docker/nextcloud/Dockerfile index 3689205..6ef2923 100644 --- a/docker/nextcloud/Dockerfile +++ b/docker/nextcloud/Dockerfile @@ -1,4 +1,4 @@ -FROM nextcloud:31.0.2-apache +FROM nextcloud:31.0.5-apache RUN set -ex; \ \ From 3cff400cce78b9c06afa94d93c407e371624b890 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 22 May 2025 01:42:20 +0000 Subject: [PATCH 063/377] chore(deps): update netbirdio/relay docker tag to v0.45.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 8ca356d..16ceb1e 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.43.0 + image: netbirdio/relay:0.45.1 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From 5fd57d6ddec84d63444e493c916f118b8fe5e671 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 22 May 2025 01:42:05 +0000 Subject: [PATCH 064/377] chore(deps): update netbirdio/netbird docker tag to v0.45.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 16ceb1e..9e28d50 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.43.0 + image: netbirdio/netbird:0.45.1 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From 4341dad1a7a29eb2ccd593246b5c5b56ec73fa69 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 22 May 2025 01:41:48 +0000 Subject: [PATCH 065/377] chore(deps): update netbirdio/management docker tag to v0.45.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 9e28d50..fecd21e 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.43.0 + image: netbirdio/management:0.45.1 restart: unless-stopped depends_on: - dashboard From ff05cb38666ce405c012912849b7fbeb112337a9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 26 May 2025 01:38:44 +0000 Subject: [PATCH 066/377] chore(deps): update helm release meilisearch to 0.13.* --- k8s/argo-apps/meili.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index 62de3a0..e9a618d 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -18,7 +18,7 @@ spec: targetRevision: main - chart: meilisearch repoURL: https://meilisearch.github.io/meilisearch-kubernetes - targetRevision: 0.12.* + targetRevision: 0.13.* helm: valuesObject: environment: From 7ad27fa7d2d296c092a4a7acadbb1f3210749acd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 25 May 2025 01:55:06 +0000 Subject: [PATCH 067/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.16.2 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 4904c90..9fdb690 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.15.3 + image: ghcr.io/paperless-ngx/paperless-ngx:2.16.2 restart: unless-stopped ports: - 8002:8000 From 94c6e5ee25980133aeadfaa3d7c599d48ef735da Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 25 May 2025 01:54:18 +0000 Subject: [PATCH 068/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v12.5.1 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index c740aac..550a563 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 12.5.0 + targetRevision: 12.5.1 helm: valuesObject: replicaCount: 2 From e7ce6a9483f40f83e38c0dc04ed405e51a377a27 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 27 May 2025 01:40:47 +0000 Subject: [PATCH 069/377] chore(deps): update helm release renovate to 40.32.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index e9b1be8..f37b102 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.26.* + targetRevision: 40.32.* helm: valuesObject: renovate: From 5495f7b41a2cef578c3e8d76006d8725221941b6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 29 May 2025 01:50:28 +0000 Subject: [PATCH 070/377] chore(deps): update vaultwarden/server docker tag to v1.34.1 --- docker/vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/vaultwarden/docker-compose.yml b/docker/vaultwarden/docker-compose.yml index d6d2376..2c2b1cd 100644 --- a/docker/vaultwarden/docker-compose.yml +++ b/docker/vaultwarden/docker-compose.yml @@ -1,7 +1,7 @@ --- services: vaultwarden: - image: vaultwarden/server:1.33.2-alpine + image: vaultwarden/server:1.34.1-alpine restart: unless-stopped environment: DATABASE_URL: ${DATABASE_URL} From 8344cbc22c3df96cda300b09ab3dcff41cd6e19a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 28 May 2025 01:50:21 +0000 Subject: [PATCH 071/377] chore(deps): update terraform adguard to v1.6.2 --- tofu/adguard/.terraform.lock.hcl | 60 ++++++++++++++++---------------- tofu/adguard/main.tf | 2 +- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/tofu/adguard/.terraform.lock.hcl b/tofu/adguard/.terraform.lock.hcl index d889169..754c9d0 100644 --- a/tofu/adguard/.terraform.lock.hcl +++ b/tofu/adguard/.terraform.lock.hcl @@ -2,37 +2,37 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/gmichels/adguard" { - version = "1.6.1" - constraints = "1.6.1" + version = "1.6.2" + constraints = "1.6.2" hashes = [ - "h1:0/3StBkyT8HyxsojPv0U4BN3HLW63DusbjuJvnAdvIA=", - "h1:1GFIhox0hy1RtULF0PARVvm19kmJ1fZ2uQDZfDG69eo=", - "h1:285rKKkfFBcA7Yf+eZSC3cUj1CzaKIdUs9044I8bdUE=", - "h1:AtNVWKcLL0qHkt2fQLuNAPN9Cl+HULKmbwFDNqlYSw8=", - "h1:MpJSITRC1JmDF1rXIYLVVZ55by/05Ai6UDrUOCeaRCA=", - "h1:NflB7JzRfgM7M1/ayok0wFThr5xEb1lqhjlt1BtTPWk=", - "h1:PZeSLF7VXX+wv+DIRbgnpkKkB4N6pyaSBQP+gaUzG3g=", - "h1:Z4V2AAMjgGkcEw47ekRPvKcXXBr8rdPhkm/wF5IRxao=", - "h1:cXeYdlzhnBl0pl64GQJ+CGXhnDkkGsnqqw9VQ8yRUfg=", - "h1:dnHplDyqJpAI4hiXDuYhWmV5USqIEvRsuxfznuhO6iA=", - "h1:fH/VSvs3S/hD30CBh9lY7IYWI4HX2Y2pqKd/asr/Vvw=", - "h1:mNrWGv0fkuZBsLzY3kFeAAOOpj7d53b6DRYXMY3zDIo=", - "h1:mwEBNV2379KmM/Z+Kp80FJk+rdy48NiTGKM+ZF2tE9Q=", - "h1:s3oZ5hrYeos3AW71C1r1THDGq0UtxZ7MJepxVAN0+J8=", - "zh:06880a4627596cb0ebdd0dabab2917aa174875b505f3431078815906c5ca677f", - "zh:17fa52f15e7d1b7849fcdac942fa8b9ac9b9f2f5bd3e824b1ad0282cc06a1da1", - "zh:19afa8fa0f3b7a52afe13bd951179f4abafdf09a346e9765260ab488c8b245ac", - "zh:340bc5124cda0a5d16b6a2bfaf6569125f64d24d8e4893f02abda3ba58aa677a", - "zh:3aa586e24acbc0b90bfbfb06bd4309408ff94449ee5348927b1ff38aaf5c448a", - "zh:41db1e3b7f821e8648176a76c73f2a2db48df784b720e41461ea4f323782c18b", - "zh:47569b70ac3e27f660b37debb576ffaad8fbe196a232b5b11a2ec57f4e71fabd", - "zh:66da676d9e80c29e2e3512455b835b4b83ccbd9833ed2ab2c77bbf5d44d99e07", - "zh:822700450359aed9589869757c805a583bda1cce3d1681ffbc815f9a1caffdbf", - "zh:9c70f3693f97ec09b6357279151ee8121730953d595ea1cebc54a55f2355c03d", - "zh:aac8a0de8e781d206ce847f6f9bb64472b47f144d62278ae9355d44c414d7b7b", - "zh:ac17e620785467d411a91b876f7400ff7cb728cdef8a7b47787501b29d3011d7", - "zh:e2972575b0fbe7d4d90cbce9523955d1d3fc09b177a62358b69ed7d4e33378fc", - "zh:ef6009209198887d8e06e31d9839512fda1089a76980fc2fda96d848a5fc87c8", + "h1:4rfmv0e8MoRPw+CTZBxTlPZbOSvPnIIt8kwVIIRIqbc=", + "h1:FUOYxkRfDHxiAlTKpvfZpNpRdCkq7Gs9JcZjLWo+guM=", + "h1:FewdC+pt/Z8XC1M5M49D74MYnMzVjwVoAcnonmbxhwA=", + "h1:RAXQ/T7oF42hDSuXH7hH85uj8QmHRS+ArP5pO4ILslc=", + "h1:a5SEI5KSX0cENGjd+IrxMj4l0Cr5GWvTP8Ng3cJaLTg=", + "h1:gNdYW6qM5jJTA2M9BHzVtuCTSmY2Fi/r08A/duZR8Yg=", + "h1:gnBusJUhlOSxn2JG5V0N3aHWAcTtMLcSjRSMKm8+6S4=", + "h1:hwB3SSfBITtOIggACNkdTnA8hG2AzYaFgG3WJny3290=", + "h1:iGjswHan6q6vYBTxR+WFBCUwCN7jmg7mAvFnv4P3/m8=", + "h1:mBxI5srrplxBHZLuXfEVZzwph3mCl9SQv0e9nR2GhQ4=", + "h1:o3CYF1B/kMBktAn1cWJuqW84VqZkM5K3A1BPw6v5fnA=", + "h1:sX4l50R6dzuHdQJFBfGDY6lZc4bCGKjxkKRtoKmx/1g=", + "h1:shVeqrDxxOvnsD//ryu7IoxwPsGb+6FeLmum3szd/mU=", + "h1:wY3pI9C3lEZ9nZRIqky5cqfwLm+u7Wi/9HBVCo4o9/M=", + "zh:0337224a2b6418ba38cedf7f2cef9b154f51db4791b03d6b5745cb26f60614d2", + "zh:09addda402962c46cd236ae1703ba9632f377897e8d321678cf0e4428a5071f7", + "zh:1f7b511933d6ca8fbdcd5bb50bba910e88b73fee57ae2922e01f18470350929e", + "zh:2bd2a45c4cddd19b2a55d6d658184df25f002e0b7a929da48b5086922ae846d6", + "zh:30ed44fd468132273029302fc16de4e76a1f10b816862e2e5dfca545e5b67f70", + "zh:3f73e37f6410509f7811db77b53f6e332c24344ad800a1d56bcf6af2a706d998", + "zh:5215dbeb6edbe0e7fae238580bb649745824d3744cc0d3b407244383ddeefd96", + "zh:543a6b4d814607884791306ae661a1d3475af90785712fb6c94e2b616f75afba", + "zh:8402d7a2d501ff0c9fe2216bf80f6bc133f0277cc3f184d3d37f4628b778f18b", + "zh:894ac1fce4fd92c66684d64d41356d5d02ebcf3a68e4ae1150314732f9ac384f", + "zh:ad547c8c8413de6886cf563129b117a0aab79b9841e7486e58a639c74eeacc12", + "zh:b9d69a6f99256cbd741ddc881f8665eec6e51ee1a4b99918ae8e9bdcf73cf31d", + "zh:d254d2dae145dbe5435be32b821198d9d5dca81fb67e06499eb8a8bd78a34ba5", + "zh:df327c22ba4437fa5e879ae70ce8330363a4e6f320711e7bd2ac249db3a3a551", "zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32", ] } diff --git a/tofu/adguard/main.tf b/tofu/adguard/main.tf index bb32e30..fd4a29c 100644 --- a/tofu/adguard/main.tf +++ b/tofu/adguard/main.tf @@ -9,7 +9,7 @@ terraform { required_providers { adguard = { source = "gmichels/adguard" - version = "1.6.1" + version = "1.6.2" } } } From d997ea82ae9ec585f3742814d6b4fa447d6460ab Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 28 May 2025 01:49:11 +0000 Subject: [PATCH 072/377] chore(deps): update dependency https://git.roboces.dev/catalin/huesoporro.git to v0.3.5 --- k8s/argo-apps/huesporro.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/huesporro.yaml b/k8s/argo-apps/huesporro.yaml index 12510aa..3f41c35 100644 --- a/k8s/argo-apps/huesporro.yaml +++ b/k8s/argo-apps/huesporro.yaml @@ -12,7 +12,7 @@ spec: sources: - path: charts/huesoporro repoURL: https://git.roboces.dev/catalin/huesoporro.git - targetRevision: v0.3.3 + targetRevision: v0.3.5 helm: valuesObject: secret: From 9c8c4679f9039ae97d40d3d6e3b4e51a28c870ed Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 29 May 2025 01:49:43 +0000 Subject: [PATCH 073/377] chore(deps): update helm release renovate to 40.34.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index f37b102..ef57398 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.32.* + targetRevision: 40.34.* helm: valuesObject: renovate: From d84e66353b4bd700b92d7a4aaad051b389cbda33 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 30 May 2025 01:58:25 +0000 Subject: [PATCH 074/377] chore(deps): update helm release renovate to 40.35.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index ef57398..114472c 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.34.* + targetRevision: 40.35.* helm: valuesObject: renovate: From 23ca6eb433efc8202f350177202081270e64a6ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Fri, 6 Jun 2025 14:25:14 +0200 Subject: [PATCH 075/377] feat: remove ansible/ --- ansible/ansible.cfg | 3 - ansible/inventory | 26 ------- ansible/k3s/playbooks/base.yml | 9 --- ansible/k3s/playbooks/k3s.yml | 13 ---- ansible/k3s/roles/base/tasks/main.yml | 36 ---------- ansible/k3s/roles/base/tasks/mounts.yml | 19 ------ ansible/k3s/roles/base/tasks/packages.yml | 18 ----- ansible/k3s/roles/k3s/tasks/agent.yml | 17 ----- .../k3s/roles/k3s/tasks/copy-kubeconfig.yml | 19 ------ ansible/k3s/roles/k3s/tasks/download.yml | 5 -- ansible/k3s/roles/k3s/tasks/main.yml | 15 ---- ansible/k3s/roles/k3s/tasks/master.yml | 19 ------ .../roles/k3s/templates/agent.config.yaml.j2 | 2 - .../roles/k3s/templates/master.config.yaml.j2 | 12 ---- ansible/k3s/roles/k3s/vars/main.yml | 4 -- ansible/k3s/sample.env | 2 - ansible/nextcloud/role-promtail.yml | 27 -------- ansible/nextcloud/sample.env | 1 - ansible/requirements.yml | 3 - k8s/argo-apps/authentik.yaml | 2 +- scripts/ncm.sh | 35 ---------- tofu/adguard/main.tf | 68 ++++++------------- tofu/modules/proxmox-vm/.terraform.lock.hcl | 23 ------- tofu/modules/proxmox-vm/main.tf | 46 ------------- tofu/modules/proxmox-vm/variables.tf | 66 ------------------ tofu/proxmox/.terraform.lock.hcl | 45 ------------ tofu/proxmox/main.tf | 50 -------------- tofu/proxmox/sample.env | 4 -- tofu/proxmox/vars.tf | 0 29 files changed, 21 insertions(+), 568 deletions(-) delete mode 100644 ansible/ansible.cfg delete mode 100644 ansible/inventory delete mode 100644 ansible/k3s/playbooks/base.yml delete mode 100644 ansible/k3s/playbooks/k3s.yml delete mode 100644 ansible/k3s/roles/base/tasks/main.yml delete mode 100644 ansible/k3s/roles/base/tasks/mounts.yml delete mode 100644 ansible/k3s/roles/base/tasks/packages.yml delete mode 100644 ansible/k3s/roles/k3s/tasks/agent.yml delete mode 100644 ansible/k3s/roles/k3s/tasks/copy-kubeconfig.yml delete mode 100644 ansible/k3s/roles/k3s/tasks/download.yml delete mode 100644 ansible/k3s/roles/k3s/tasks/main.yml delete mode 100644 ansible/k3s/roles/k3s/tasks/master.yml delete mode 100644 ansible/k3s/roles/k3s/templates/agent.config.yaml.j2 delete mode 100644 ansible/k3s/roles/k3s/templates/master.config.yaml.j2 delete mode 100644 ansible/k3s/roles/k3s/vars/main.yml delete mode 100644 ansible/k3s/sample.env delete mode 100644 ansible/nextcloud/role-promtail.yml delete mode 100644 ansible/nextcloud/sample.env delete mode 100644 ansible/requirements.yml delete mode 100755 scripts/ncm.sh delete mode 100644 tofu/modules/proxmox-vm/.terraform.lock.hcl delete mode 100644 tofu/modules/proxmox-vm/main.tf delete mode 100644 tofu/modules/proxmox-vm/variables.tf delete mode 100644 tofu/proxmox/.terraform.lock.hcl delete mode 100644 tofu/proxmox/main.tf delete mode 100644 tofu/proxmox/sample.env delete mode 100644 tofu/proxmox/vars.tf diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg deleted file mode 100644 index dcb0621..0000000 --- a/ansible/ansible.cfg +++ /dev/null @@ -1,3 +0,0 @@ -[defaults] -inventory = inventory -host_key_checking = False diff --git a/ansible/inventory b/ansible/inventory deleted file mode 100644 index 00d7046..0000000 --- a/ansible/inventory +++ /dev/null @@ -1,26 +0,0 @@ -[nextclouds] -cloud.fuku - -[nextclouds:vars] -ansible_user=root - -[k3s_masters] -master1.ramiel.fuku -master2.ramiel.fuku -master3.ramiel.fuku - -[k3s_agents] -agent1.zeruel.fuku -sandalphon.fuku - -[k3s_masters:vars] -ansible_user=ci - -[k3s_agents:vars] -ansible_user=ci - -[giteas] -gitea.fuku - -[giteas:vars] -ansible_user=root diff --git a/ansible/k3s/playbooks/base.yml b/ansible/k3s/playbooks/base.yml deleted file mode 100644 index 6b91454..0000000 --- a/ansible/k3s/playbooks/base.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: Apply base configuration - hosts: - - k3s_agents - - k3s_masters - - roles: - - role: ../roles/base - become: true diff --git a/ansible/k3s/playbooks/k3s.yml b/ansible/k3s/playbooks/k3s.yml deleted file mode 100644 index 9c2c792..0000000 --- a/ansible/k3s/playbooks/k3s.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: Install k3s nodes - hosts: - - k3s_masters - - k3s_agents - - roles: - - role: ../roles/k3s - become: true - vars: - first_master_hostname: "{{ groups['k3s_masters'][0] }}" - is_first_master: "{{ inventory_hostname in groups['k3s_masters'][0] }}" - short_hostname: "{{ inventory_hostname.split('.')[0] }}" diff --git a/ansible/k3s/roles/base/tasks/main.yml b/ansible/k3s/roles/base/tasks/main.yml deleted file mode 100644 index 0df901b..0000000 --- a/ansible/k3s/roles/base/tasks/main.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -- name: Set same timezone on every Server - community.general.timezone: - name: '{{ system_timezone }}' - when: (system_timezone is defined) and (system_timezone != "Europe/Madrid") - -- name: Enable IPv4 forwarding - ansible.posix.sysctl: - name: net.ipv4.ip_forward - value: '1' - state: present - reload: true - -- name: Enable IPv6 forwarding - ansible.posix.sysctl: - name: net.ipv6.conf.all.forwarding - value: '1' - state: present - reload: true - -- name: Enable IPv6 router advertisements - ansible.posix.sysctl: - name: net.ipv6.conf.all.accept_ra - value: '2' - state: present - reload: true - -- import_tasks: packages.yml - name: Install base packages - tags: - - packages - -- import_tasks: mounts.yml - name: Mount NFS shares - tags: - - nfs diff --git a/ansible/k3s/roles/base/tasks/mounts.yml b/ansible/k3s/roles/base/tasks/mounts.yml deleted file mode 100644 index a3a3d20..0000000 --- a/ansible/k3s/roles/base/tasks/mounts.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Create mountpoint directory - file: - path: /nfs/nas1 - state: directory - owner: 10000 - group: 10000 - -- name: Mount nas1 share - mount: - fstype: nfs - src: zeruel.fuku:/mnt/pool1/nas1 - path: /nfs/nas1 - state: mounted - fstab: /etc/fstab - opts: _netdev,nofail,tcp,bg,retrans=2,timeo=150,rsize=32768,wsize=32768,noresvport - backup: true - become: true - become_user: root diff --git a/ansible/k3s/roles/base/tasks/packages.yml b/ansible/k3s/roles/base/tasks/packages.yml deleted file mode 100644 index 890dd2e..0000000 --- a/ansible/k3s/roles/base/tasks/packages.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- name: Install base packages - apt: - name: '{{ item }}' - state: present - update_cache: true - loop: - - qemu-guest-agent - - git - - tmux - - vim - - curl - - nfs-common - -- name: Update all packages - apt: - upgrade: dist - update_cache: true diff --git a/ansible/k3s/roles/k3s/tasks/agent.yml b/ansible/k3s/roles/k3s/tasks/agent.yml deleted file mode 100644 index 97cabc3..0000000 --- a/ansible/k3s/roles/k3s/tasks/agent.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Create rancher folder - file: - state: directory - path: /etc/rancher/k3s - owner: root - group: root - mode: 755 - -- name: Copy k3s config file - template: - src: agent.config.yaml.j2 - dest: /etc/rancher/k3s/config.yaml - mode: 600 - -- name: Install k3s agent - shell: bash /tmp/k3s.install.sh agent diff --git a/ansible/k3s/roles/k3s/tasks/copy-kubeconfig.yml b/ansible/k3s/roles/k3s/tasks/copy-kubeconfig.yml deleted file mode 100644 index bd08d3a..0000000 --- a/ansible/k3s/roles/k3s/tasks/copy-kubeconfig.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Create .kube directory - become: true - file: - path: /home/ci/.kube - state: directory - mode: '0755' - owner: ci - group: ci - -- name: Copy kubeconfig - copy: - remote_src: true - src: /etc/rancher/k3s/k3s.yaml - dest: /home/ci/.kube/config - mode: 0644 - owner: ci - group: ci - become: true diff --git a/ansible/k3s/roles/k3s/tasks/download.yml b/ansible/k3s/roles/k3s/tasks/download.yml deleted file mode 100644 index 7540e45..0000000 --- a/ansible/k3s/roles/k3s/tasks/download.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Download k3s script - get_url: - url: https://get.k3s.io - dest: /tmp/k3s.install.sh diff --git a/ansible/k3s/roles/k3s/tasks/main.yml b/ansible/k3s/roles/k3s/tasks/main.yml deleted file mode 100644 index b1a419d..0000000 --- a/ansible/k3s/roles/k3s/tasks/main.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- import_tasks: download.yml - name: Download install script - -- import_tasks: master.yml - name: Install master node - when: inventory_hostname in groups["k3s_masters"] - -- import_tasks: agent.yml - name: Install agent node - when: inventory_hostname in groups["k3s_agents"] - -- import_tasks: copy-kubeconfig.yml - name: Copy kubeconfig - when: inventory_hostname in groups["k3s_masters"] and is_first_master diff --git a/ansible/k3s/roles/k3s/tasks/master.yml b/ansible/k3s/roles/k3s/tasks/master.yml deleted file mode 100644 index 283ac59..0000000 --- a/ansible/k3s/roles/k3s/tasks/master.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Create rancher folder - file: - state: directory - path: /etc/rancher/k3s - owner: root - group: root - mode: 755 - -- name: Copy k3s config file - template: - src: master.config.yaml.j2 - dest: /etc/rancher/k3s/config.yaml - mode: 600 - vars: - etcd_snapshot_dir: /nfs/nas1/backups/{{ short_hostname }} - -- name: Install k3s master - command: bash /tmp/k3s.install.sh diff --git a/ansible/k3s/roles/k3s/templates/agent.config.yaml.j2 b/ansible/k3s/roles/k3s/templates/agent.config.yaml.j2 deleted file mode 100644 index 0600ebc..0000000 --- a/ansible/k3s/roles/k3s/templates/agent.config.yaml.j2 +++ /dev/null @@ -1,2 +0,0 @@ -token: {{ cluster_token }} -server: https://{{ tls_san }}:6443 diff --git a/ansible/k3s/roles/k3s/templates/master.config.yaml.j2 b/ansible/k3s/roles/k3s/templates/master.config.yaml.j2 deleted file mode 100644 index ee0bb40..0000000 --- a/ansible/k3s/roles/k3s/templates/master.config.yaml.j2 +++ /dev/null @@ -1,12 +0,0 @@ -tls-san: - - {{ inventory_hostname }} - - {{ tls_san }} -node-label: - - name={{ inventory_hostname }} -token: "{{ cluster_token }}" -etcd-snapshot-dir: {{ etcd_snapshot_dir }} -{% if is_first_master %} -cluster-init: "{{ is_first_master }}" -{% else %} -server: https://{{ first_master_hostname }}:6443 -{% endif %} diff --git a/ansible/k3s/roles/k3s/vars/main.yml b/ansible/k3s/roles/k3s/vars/main.yml deleted file mode 100644 index 243c79c..0000000 --- a/ansible/k3s/roles/k3s/vars/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -k3s_version: v1.27.4+k3s1 -tls_san: "{{ lookup('env', 'ANSIBLE_TLS_SAN') | mandatory }}" -cluster_token: "{{ lookup('env', 'ANSIBLE_CLUSTER_TOKEN') | mandatory }}" diff --git a/ansible/k3s/sample.env b/ansible/k3s/sample.env deleted file mode 100644 index 14409ea..0000000 --- a/ansible/k3s/sample.env +++ /dev/null @@ -1,2 +0,0 @@ -ANSIBLE_K3S_CLUSTER_TOKEN= -ANSIBLE_K3S_TLS_SAN= diff --git a/ansible/nextcloud/role-promtail.yml b/ansible/nextcloud/role-promtail.yml deleted file mode 100644 index 0ed120f..0000000 --- a/ansible/nextcloud/role-promtail.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -- name: Install promtail - hosts: - - nextclouds - - roles: - - role: patrickjahns.promtail - vars: - promtail_version: 2.9.4 - promtail_config_clients: - - url: https://loki.fuku/loki/api/v1/push - basic_auth: - username: cloud - password: "{{ lookup('env', 'NEXTCLOUD_PROMTAIL_PASSWORD') | mandatory }}" - tls_config: - insecure_skip_verify: true - promtail_config_scrape_configs: - - job_name: system - static_configs: - - targets: - - localhost - labels: - nextcloud: cloud.fukurokuju.dev - __path__: /mnt/share/data/cloud/data/{nextcloud,audit}.log - promtail_config_limits_config: - readline_rate_enabled: true - readline_rate_drop: true diff --git a/ansible/nextcloud/sample.env b/ansible/nextcloud/sample.env deleted file mode 100644 index 7ea2c1c..0000000 --- a/ansible/nextcloud/sample.env +++ /dev/null @@ -1 +0,0 @@ -NEXTCLOUD_PROMTAIL_PASSWORD=superdupersecure diff --git a/ansible/requirements.yml b/ansible/requirements.yml deleted file mode 100644 index ad07d38..0000000 --- a/ansible/requirements.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: patrickjahns.promtail - version: 1.31.0 diff --git a/k8s/argo-apps/authentik.yaml b/k8s/argo-apps/authentik.yaml index b0cd8ca..2d94b0a 100644 --- a/k8s/argo-apps/authentik.yaml +++ b/k8s/argo-apps/authentik.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: authentik repoURL: https://charts.goauthentik.io/ - targetRevision: 2025.4.* + targetRevision: 2025.6.* helm: valuesObject: authentik: diff --git a/scripts/ncm.sh b/scripts/ncm.sh deleted file mode 100755 index 4e7a165..0000000 --- a/scripts/ncm.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/usr/bin/env bash - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" - -cd "$SCRIPT_DIR/../docker/nextcloud" || exit - -docker_exec() { - docker compose exec nextcloud "$@" -} - -occ_exec() { - docker_exec sudo -E -u www-data php occ "$@" -} - -case "$1" in - upgrade) - occ_exec upgrade - ;; - htaccess) - occ_exec maintenance:update:htaccess - ;; - indices) - occ_exec db:add-missing-indices - ;; - occ) - occ_exec "$@" - ;; - exec) - docker_exec "$@" - ;; - *) - echo "Usage: $0 {upgrade|htaccess|indices|occ |exec }" - exit 1 - ;; -esac diff --git a/tofu/adguard/main.tf b/tofu/adguard/main.tf index fd4a29c..94a3638 100644 --- a/tofu/adguard/main.tf +++ b/tofu/adguard/main.tf @@ -35,64 +35,16 @@ resource "adguard_rewrite" "argo_3" { domain = "argo.fuku" answer = "192.168.1.33" } - - -resource "adguard_rewrite" "loki_1" { - domain = "loki.fuku" - answer = "192.168.1.31" -} - -resource "adguard_rewrite" "loki_2" { - domain = "loki.fuku" - answer = "192.168.1.32" -} - -resource "adguard_rewrite" "loki_3" { - domain = "loki.fuku" - answer = "192.168.1.33" -} - -resource "adguard_rewrite" "grafana_1" { - domain = "grafana.fuku" - answer = "192.168.1.31" -} - -resource "adguard_rewrite" "grafana_2" { - domain = "grafana.fuku" - answer = "192.168.1.32" -} - -resource "adguard_rewrite" "grafana_3" { - domain = "grafana.fuku" - answer = "192.168.1.33" -} - resource "adguard_rewrite" "feeds" { domain = "feeds.roboces.dev" answer = "192.168.1.12" } -resource "adguard_rewrite" "feeds_local_1" { - domain = "feeds.fuku" - answer = "192.168.1.31" -} - -resource "adguard_rewrite" "feeds_local_2" { - domain = "feeds.fuku" - answer = "192.168.1.32" -} - -resource "adguard_rewrite" "feeds_local_3" { - domain = "feeds.fuku" - answer = "192.168.1.33" -} - resource "adguard_rewrite" "authentik" { domain = "auth.fukurokuju.dev" answer = "192.168.1.12" } - resource "adguard_rewrite" "dd02" { domain = "dd02.fuku" answer = "192.168.1.19" @@ -117,3 +69,23 @@ resource "adguard_rewrite" "elastic_3" { domain = "elastic.fuku" answer = "192.168.1.33" } + +resource "adguard_rewrite" "agent1" { + domain = "agent1.fuku" + answer = "192.168.1.34" +} + +resource "adguard_rewrite" "master1" { + domain = "master1.ramiel.fuku" + answer = "192.168.1.31" +} + +resource "adguard_rewrite" "master2" { + domain = "master2.ramiel.fuku" + answer = "192.168.1.32" +} + +resource "adguard_rewrite" "master3" { + domain = "master3.ramiel.fuku" + answer = "192.168.1.33" +} diff --git a/tofu/modules/proxmox-vm/.terraform.lock.hcl b/tofu/modules/proxmox-vm/.terraform.lock.hcl deleted file mode 100644 index 1d0e804..0000000 --- a/tofu/modules/proxmox-vm/.terraform.lock.hcl +++ /dev/null @@ -1,23 +0,0 @@ -# This file is maintained automatically by "tofu init". -# Manual edits may be lost in future updates. - -provider "registry.opentofu.org/thegameprofi/proxmox" { - version = "2.10.0" - constraints = "2.10.0" - hashes = [ - "h1:0wJlZKYgmnyXJ4AGKfML5m0/bhRUXty3vn4mSEYhFDM=", - "h1:2fmj6FkuQ8CyWdxJ83s87GJhRHiQFnzlSYSlA2q7pXg=", - "h1:5FQbfjTDMO4FCMXAQ5S+2CdVHw1gJoOicQRLVTCfrDI=", - "h1:60DcgYwyBroh3oUsdsZU/Z03LfEIidq2lTYKbhZDibU=", - "h1:6hrWJT18l4jfWrzO8GweRA1bIdzY8dDUkzB7+GW0Zgs=", - "h1:8bQZLEyLJqYnLnZC0zopbPSJVYXwQIb+G3nQ9Tc9bMU=", - "h1:DArex0up+F+sN3arAKanOSVc70b9kyTeTkuy6Abkor8=", - "h1:WUh8KlPtUdI+O7FJz6/d3BC+77tSBYjlNCxKjIGX7Kg=", - "h1:atdwdBFAPjyz7ICxoeMBrUn7tllqjJyIIClO5Mv3dlw=", - "h1:mnIwCGDAZ9O/UiQEXGWKXUeA6H1Tt/AkII/MjHw1SMg=", - "h1:sW+6tq318P9g0P+BwqEM74AHsJ6CmN+s6NgAJJxZk/Y=", - "h1:tWdlbcPuby+thPgC07FCBbIzzQAOn3XSvRibuHcdK04=", - "h1:yHr19pmBvjRCSbyWmNd3Y4iI7mCjeDgzC622q5kSSKE=", - "h1:zbDNS+UBlhewZUPt0s5ntUeAGOSTLj2jjHweCDKw6qo=", - ] -} diff --git a/tofu/modules/proxmox-vm/main.tf b/tofu/modules/proxmox-vm/main.tf deleted file mode 100644 index d1e1cdf..0000000 --- a/tofu/modules/proxmox-vm/main.tf +++ /dev/null @@ -1,46 +0,0 @@ -terraform { - required_version = ">= 1.6" - required_providers { - proxmox = { - source = "thegameprofi/proxmox" - version = "2.10.0" - } - } -} - -resource "proxmox_vm_qemu" "vm" { - name = var.vm_name - target_node = var.node_name - vmid = var.vm_id - clone = var.cloud_init_template - os_type = "cloudinit" - qemu_os = "other" - ipconfig0 = var.ipconfig0 - cores = var.core_count - sockets = 1 - pool = "k3s" - memory = var.memory - ciuser = var.ci_username - agent = 0 - serial { - id = 0 - type = "socket" - } - disk { - size = "50G" - storage = var.disk_storage_name - type = "scsi" - } - network { - bridge = var.network_bridge_name - firewall = false - link_down = false - model = "virtio" - mtu = 0 - queues = 0 - rate = 0 - tag = -1 - } - sshkeys = var.ssh_keys - nameserver = "192.168.1.7 192.168.1.3" -} diff --git a/tofu/modules/proxmox-vm/variables.tf b/tofu/modules/proxmox-vm/variables.tf deleted file mode 100644 index 8b926c0..0000000 --- a/tofu/modules/proxmox-vm/variables.tf +++ /dev/null @@ -1,66 +0,0 @@ -variable "vm_name" { - description = "Name of the VM" - type = string -} - -variable "node_name" { - description = "Name of the Proxmox node" - type = string -} - -variable "vm_id" { - description = "ID of the new VM" - type = number -} - -variable "cloud_init_template" { - description = "Cloud-init enabled template to be cloned" - type = string - default = "ci-debian12" -} - -variable "ipconfig0" { - description = "Default inet configuration" - type = string -} - -variable "ci_username" { - description = "Cloud-init username" - type = string - default = "ci" -} - - -variable "memory" { - description = "Available RAM, in MB" - type = number - default = 512 -} - -variable "core_count" { - description = "Available cores per socket" - type = number - default = 2 - -} - -variable "network_bridge_name" { - description = "Network bridge name" - type = string - default = "vmbr0" -} - -variable "ssh_keys" { - description = "SSH public keys to be provisioned" - type = string - default = <= 1.6" - backend "s3" { - bucket = "fuku-terraform" - key = "vm-foundation/terraform" - region = "us-east-1" - } - required_providers { - proxmox = { - source = "thegameprofi/proxmox" - version = "2.10.0" - } - } -} - -provider "proxmox" { - pm_debug = true -} - -module "master1" { - source = "../modules/proxmox-vm" - vm_id = 3001 - vm_name = "master1.ramiel.fuku" - node_name = "ramiel" - ipconfig0 = "ip=192.168.1.31/24,gw=192.168.1.1" - memory = 5120 - disk_storage_name = "storage" - core_count = 2 -} - -module "master2" { - source = "../modules/proxmox-vm" - vm_id = 3002 - vm_name = "master2.ireul.fuku" - node_name = "ireul" - ipconfig0 = "ip=192.168.1.32/24,gw=192.168.1.1" - memory = 4096 - core_count = 2 -} - -module "master3" { - source = "../modules/proxmox-vm" - vm_id = 3003 - vm_name = "master3.ireul.fuku" - node_name = "ireul" - ipconfig0 = "ip=192.168.1.33/24,gw=192.168.1.1" - disk_storage_name = "local-lvm" - memory = 4096 - core_count = 2 -} diff --git a/tofu/proxmox/sample.env b/tofu/proxmox/sample.env deleted file mode 100644 index d50d1f9..0000000 --- a/tofu/proxmox/sample.env +++ /dev/null @@ -1,4 +0,0 @@ -PM_USER= -PM_PASS= -PM_API_URL= -TF_VAR_ci_password= diff --git a/tofu/proxmox/vars.tf b/tofu/proxmox/vars.tf deleted file mode 100644 index e69de29..0000000 From d3b675e996037b9bacc2c3139c61150c50d4fd4d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 6 Jun 2025 12:12:46 +0000 Subject: [PATCH 076/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22.0.6 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index ba1aa83..54d7639 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.0.4 + targetRevision: 22.0.6 helm: valuesObject: service: From 9593176a2e5b12c68ab680e3a7aebb53d4d8aa7b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Fri, 6 Jun 2025 15:12:47 +0200 Subject: [PATCH 077/377] feat: update huesoporro to v0.3.6 --- k8s/argo-apps/huesporro.yaml | 2 +- k8s/services/argo/ingress-route.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/k8s/argo-apps/huesporro.yaml b/k8s/argo-apps/huesporro.yaml index 3f41c35..0376ee9 100644 --- a/k8s/argo-apps/huesporro.yaml +++ b/k8s/argo-apps/huesporro.yaml @@ -12,7 +12,7 @@ spec: sources: - path: charts/huesoporro repoURL: https://git.roboces.dev/catalin/huesoporro.git - targetRevision: v0.3.5 + targetRevision: v0.3.6 helm: valuesObject: secret: diff --git a/k8s/services/argo/ingress-route.yaml b/k8s/services/argo/ingress-route.yaml index 960ae25..b11954d 100644 --- a/k8s/services/argo/ingress-route.yaml +++ b/k8s/services/argo/ingress-route.yaml @@ -1,5 +1,5 @@ --- -apiVersion: traefik.containo.us/v1alpha1 +apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: argocd-server From d2559575cc4c40e2ace4c84a1f856bd3b3ca726b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 3 Jun 2025 01:46:20 +0000 Subject: [PATCH 078/377] chore(deps): update coturn/coturn docker tag to v4.7 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index fecd21e..2d1763f 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -76,7 +76,7 @@ services: - NETBIRD_STORE_ENGINE_POSTGRES_DSN= coturn: - image: coturn/coturn:4.6 + image: coturn/coturn:4.7 restart: unless-stopped domainname: vpn.fukurokuju.dev volumes: From 213992933b2ff6dd992e0f8c41809630d015ddae Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 2 Jun 2025 03:33:11 +0000 Subject: [PATCH 079/377] chore(deps): update helm release renovate to 40.36.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 114472c..89e67ab 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.35.* + targetRevision: 40.36.* helm: valuesObject: renovate: From 972106f1956f5b527edcea6028ce38af7bf2825d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 6 Jun 2025 12:14:30 +0000 Subject: [PATCH 080/377] chore(deps): update netbirdio/signal docker tag to v0.46.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 2d1763f..860ca3a 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.45.1 + image: netbirdio/signal:0.46.0 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From 940bdcc056194a856c03ccdaac6f14e94c34ad42 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 6 Jun 2025 12:14:16 +0000 Subject: [PATCH 081/377] chore(deps): update netbirdio/relay docker tag to v0.46.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 860ca3a..9e3928e 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.45.1 + image: netbirdio/relay:0.46.0 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From 39ab81fe5c2908e89c57552dd9b093293f14156c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Fri, 6 Jun 2025 15:41:53 +0200 Subject: [PATCH 082/377] feat: update authentik's ServersTransport's apiVersion to traefik.io/v1alpha1 --- k8s/services/authentik/serverstransport.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/services/authentik/serverstransport.yaml b/k8s/services/authentik/serverstransport.yaml index 5f3dd1f..cbc4cba 100644 --- a/k8s/services/authentik/serverstransport.yaml +++ b/k8s/services/authentik/serverstransport.yaml @@ -1,5 +1,5 @@ --- -apiVersion: traefik.containo.us/v1alpha1 +apiVersion: traefik.io/v1alpha1 kind: ServersTransport metadata: name: skipverify-authentik From d6359803fdf97ee3fac6bd920f973ec2dccfe6fa Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 6 Jun 2025 12:14:01 +0000 Subject: [PATCH 083/377] chore(deps): update netbirdio/netbird docker tag to v0.46.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 9e3928e..46ad8af 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.45.1 + image: netbirdio/netbird:0.46.0 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From 1818b186d1321efe241b0ac6fe88b980d0ca24a5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 6 Jun 2025 12:13:51 +0000 Subject: [PATCH 084/377] chore(deps): update netbirdio/management docker tag to v0.46.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 46ad8af..79e225d 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.45.1 + image: netbirdio/management:0.46.0 restart: unless-stopped depends_on: - dashboard From c86bce18d5832c2e7d81b7cbe4db9b0c0b48ecd7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 3 Jun 2025 01:46:55 +0000 Subject: [PATCH 085/377] chore(deps): update helm release kubetail to v0.13.0 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index 3b692cb..da71d56 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.11.6 + targetRevision: 0.13.0 helm: valuesObject: kubetail: From d1b94ada73ea4b263dd56c202c5b01d3ce9901d0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 7 Jun 2025 01:48:43 +0000 Subject: [PATCH 086/377] chore(deps): update netbirdio/dashboard docker tag to v2.13.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 79e225d..945ae21 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -1,7 +1,7 @@ --- services: dashboard: - image: netbirdio/dashboard:v2.12.0 + image: netbirdio/dashboard:v2.13.1 restart: unless-stopped ports: - 8005:80 From 3678aa0b309c22fe4c7a48a3e23325c1b993955d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 7 Jun 2025 01:47:14 +0000 Subject: [PATCH 087/377] chore(deps): update helm release renovate to 40.44.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 89e67ab..e9461b3 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.36.* + targetRevision: 40.44.* helm: valuesObject: renovate: From 6ca465095e5a96c8eb3987f5b7ab271dd1b7e97a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 12 Jun 2025 02:00:22 +0000 Subject: [PATCH 088/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22.0.7 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index 54d7639..8663ce5 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.0.6 + targetRevision: 22.0.7 helm: valuesObject: service: From ee182592ee5ffe0d4332679211726bd8d5a0808d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 10 Jun 2025 01:37:10 +0000 Subject: [PATCH 089/377] chore(deps): update helm release meilisearch to 0.14.* --- k8s/argo-apps/meili.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index e9a618d..0e594c2 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -18,7 +18,7 @@ spec: targetRevision: main - chart: meilisearch repoURL: https://meilisearch.github.io/meilisearch-kubernetes - targetRevision: 0.13.* + targetRevision: 0.14.* helm: valuesObject: environment: From 3a84a0f682193fcc8c31188ca86e02c72eeef7bb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 11 Jun 2025 01:31:51 +0000 Subject: [PATCH 090/377] chore(deps): update helm release renovate to 40.49.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index e9461b3..89301bf 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.44.* + targetRevision: 40.49.* helm: valuesObject: renovate: From 34c6d3bf432ce1eb7e90cdf93f2eb3ab0dbd14f0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 13 Jun 2025 08:03:55 +0000 Subject: [PATCH 091/377] chore(deps): update helm release kubetail to v0.13.2 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index da71d56..1ee55cf 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.13.0 + targetRevision: 0.13.2 helm: valuesObject: kubetail: From 215c900270586419b2c288b733511f924dda9e26 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 14 Jun 2025 10:32:41 +0000 Subject: [PATCH 092/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22.0.8 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index 8663ce5..e3fdcf2 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.0.7 + targetRevision: 22.0.8 helm: valuesObject: service: From d998b1ffb181f4b7636be377678a9e14c1ab0702 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 18 Jun 2025 01:47:08 +0000 Subject: [PATCH 093/377] chore(deps): update helm release renovate to 40.60.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 89301bf..37422f9 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.49.* + targetRevision: 40.60.* helm: valuesObject: renovate: From 8198f80fea985930cf9063ddff3980881bcf72d7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 19 Jun 2025 01:59:12 +0000 Subject: [PATCH 094/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v12.5.2 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 550a563..8e12e98 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 12.5.1 + targetRevision: 12.5.2 helm: valuesObject: replicaCount: 2 From 257081ab81d15fcf63c02580f840276001b928b2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 19 Jun 2025 01:59:57 +0000 Subject: [PATCH 095/377] chore(deps): update helm release renovate to 40.61.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 37422f9..a34ec00 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.60.* + targetRevision: 40.61.* helm: valuesObject: renovate: From 7abe4da4b0979ebfba897408d94679cbf9b7615e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 20 Jun 2025 01:46:13 +0000 Subject: [PATCH 096/377] chore(deps): update helm release renovate to 40.62.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index a34ec00..3b2c6f7 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.61.* + targetRevision: 40.62.* helm: valuesObject: renovate: From 91c77b371434f6a824535536b4fe61b7b2097d49 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 21 Jun 2025 01:52:15 +0000 Subject: [PATCH 097/377] chore(deps): update terraform authentik to v2025.6.0 --- tofu/authentik/.terraform.lock.hcl | 60 ++++++++++++++-------------- tofu/authentik/main.tf | 2 +- tofu/modules/authentik-oidc/main.tf | 2 +- tofu/modules/authentik-proxy/main.tf | 2 +- 4 files changed, 33 insertions(+), 33 deletions(-) diff --git a/tofu/authentik/.terraform.lock.hcl b/tofu/authentik/.terraform.lock.hcl index 3e0bf29..797ae42 100644 --- a/tofu/authentik/.terraform.lock.hcl +++ b/tofu/authentik/.terraform.lock.hcl @@ -2,36 +2,36 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.4.0" - constraints = "2025.4.0" + version = "2025.6.0" + constraints = "2025.6.0" hashes = [ - "h1:2zDfT1wb2SNbIoanYeQ0nV32eOcqTmxLN1fv7fIbnKQ=", - "h1:4BxCi06ZJqqRSpNiWl5McGaA+yNczztd+3CUxD3hbMU=", - "h1:6xc2FC8qXvnvmGzpK1l9x5tGUWPN8HaleedOUljX1yk=", - "h1:JKgZKJQoEfcHVdoa7NUQnQE0hnkMkHgNEqqdBi5naKM=", - "h1:Ojd/LgZzMWC3FRvBGtsKUPexGtrzjZYeBvhAdD2cltE=", - "h1:Q9o9fE25MpMLMbDUl68FtHxVuMgQo9pmVl5Sul5TZsg=", - "h1:StYkYo1PiHTYDc/rUwe4cb/jte0FgDnTtKSmCmPao60=", - "h1:USGgPsAW034M23g3ful7wlfAvHyjUkWXVbIvpRbFfdY=", - "h1:Wqe1ItPtK3K5KNLGkVTqHzRoTT0CMuMmax9UHcN4/iM=", - "h1:XKa968LU1m7ZyxArJ/8xbAwpJGZ5rNxaTszuNFGSE+I=", - "h1:oKgtMc0xVa6nL8tb0gh3aHES3H3SmTX5bjplDrp5iYk=", - "h1:rXqKBLLdbeOHq28cttYLc9rsw+5lLB6x/eDu+KM+9Xk=", - "h1:sGvwwNrQ3T3N0Qd+5W1LT8pDmgQH4ZgXnNkfmfRcLq4=", - "h1:zNQKfDwe+B30MYF8UjXiLiebD9A7fmoHg4m6lQM1ceo=", - "zh:0236341fc44717e1dc3398971e82bf0f9d23a861afd4e023daa0a4d7ea7b8059", - "zh:07bc3fcd89e778f3894c543f84269e6188baaf3ccc8cdb37a82afd12882ae7bc", - "zh:2a09b37449c1101750de128cb9bba373cab802916a58d87083b9acb544907ba8", - "zh:2a12e1ebe9aacb77338949f864f62174ee4b34f6791d5a946b87f0ec612172ed", - "zh:3006ea3a5bf3d8ebe167647ca6da4aef730e8d7f3c98ae53a83a1cc6e0a7e2e0", - "zh:3150f1b2092efd76c1f2b00abc63b5406354820116b6894fd69d882cf0d8818c", - "zh:3471e3e490f7b97eee287ef8dad0acdd95faf5e85636c6ee7d0a44a6a5481a47", - "zh:4829468325f0b5201ecd0e20e442aea73aeb017a9453b2d9e4252e4f02a52fb7", - "zh:5fcd6ca5873b2c75dae1e7ee013b6c0d032f0f5328075c6d4ddea96f9eace55f", - "zh:60bac7eea813b38b999fa5ff197b36b60f589b8eb9cc9e59da692988bf2510ec", - "zh:62fa20db676669f95c3a4b1aac51d96b941e504e7432d99aa3307972d21f926a", - "zh:7564fbdd9ad2a45c82536aae5b5a4cbd30591512eaa79844e102a47364b950b9", - "zh:bf8ce98248b2d822e0b080301faeb5eea7bb5aa7ecef670a2385645af703ea5b", - "zh:ca8d77ad6c175730aeea8df87dc78a1ee87f0bc810b667d78e39d06b6c32da4e", + "h1:+u1o/H+WAIO5nP+RlQE3ay/+dHCykVoHBq6crfTl4pM=", + "h1:10kMBf77ecT3Xpw+7SG8Arnx0yv+By9o0o0CfGGONn0=", + "h1:3oSIhXwf9EMZZH0TPvD5T2kY6yYfEPROyfQWPNA00xw=", + "h1:FElCnBGnJQ6QZDzetJHlv6epvfmUcj/hDmNSVhnU3pE=", + "h1:K1/iRTwYc9JQbzvnhZ9jB9IFcDPk2rk6PSOZ+Y5aIOQ=", + "h1:eQ6jCmR3rssG5gaKNsc37MXydWNHymVRqpYmrntn2t8=", + "h1:gQyxqd10hfhryLD7QIA03ACS7PQppph62qBXGmZSe+E=", + "h1:gSI5UtIVuBepC1lgci7lv/l4PjiOaRySx3aRYMg6+84=", + "h1:hvkwiVQRya1zE4aXKG29GlwHTNABw/j/ebJIR6EAI24=", + "h1:i/aQKCN/ypAdHr4IcKlEhjC1hp19zh5nlVwOxEfYZvg=", + "h1:jGcZg4z76eUtuZLu8Qd9Ti7/TKg9YuTbTSAaT0nCW5M=", + "h1:uwV8O+jKz1zuosrGh1Lht063OS1heW5Fq1zWTOtr5Yw=", + "h1:zMv5nyNyA+NgQplmrYhpeqOkoAGzzTJP4/W1oJzZtFM=", + "h1:ziINchbQjLKlYXh/0T922Y876F3wgZrvDQmIcaIezTs=", + "zh:091960d2aed06773aa81858ae20c7ffc9943111b3c61ee2341263c3872dd7b89", + "zh:122fac709223acf460912d71877db6ac638f501bac30b3f5516c283a4605d034", + "zh:1d3cddb5e6336c70f701533c83c64c38a9b964e94987ad803b96961bd23a685e", + "zh:3059dd2b2ccdc3287f5fe074d2e41c2960ceb27684d24bc2dd997ab479c796d1", + "zh:37ac615f9fa2a26babbc4d6bc4a5c0c0dee8b40f6ce0f01f1d1b689f5175d62c", + "zh:419c35484d5f4f0ae2d6fa2f99bb5618257cdf3f906fd9877cb4998164e89498", + "zh:5108859f0def7e936e4db8dcb112a2c6c99929c6802663c06ed28793a53b3d45", + "zh:536be1858e2a6bab6a9258c6f2c13e5fc0e5522ffccf2e21857dddde300519c0", + "zh:706947e25935250c1dad74c935c6b100d8b253dc93c5ceedf374031230fdd222", + "zh:801ab4c79ad7a416d64d1665b155d4943fe2311e2e989edb1c41d1e9d102e061", + "zh:88fc9c431e133b47e23c45aa716b9ba1b5e8e509bd220632408c21a400872d8f", + "zh:8996b3b78459f46cb426469aab147b5ce76f99672fa8170023346db3fde3dcb5", + "zh:aaf20636d4d3f166a89f7f05731a89ff85ea8367580f51ceb398d8849e532e52", + "zh:c1d176e6a0383ae9e76f410b072c950d4f5bca341a42c7147662be5c25bb34ac", ] } diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 143bbae..4d08bc3 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.4.0" + version = "2025.6.0" } } } diff --git a/tofu/modules/authentik-oidc/main.tf b/tofu/modules/authentik-oidc/main.tf index 5c1c6ff..51e6f14 100644 --- a/tofu/modules/authentik-oidc/main.tf +++ b/tofu/modules/authentik-oidc/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.4.0" + version = "2025.6.0" } } } diff --git a/tofu/modules/authentik-proxy/main.tf b/tofu/modules/authentik-proxy/main.tf index fb352a2..772c272 100644 --- a/tofu/modules/authentik-proxy/main.tf +++ b/tofu/modules/authentik-proxy/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.4.0" + version = "2025.6.0" } } } From 2f63b3fc2727d09f6df380178e76046db944c259 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 20 Jun 2025 01:45:44 +0000 Subject: [PATCH 098/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.17.1 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 9fdb690..c99e40a 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.16.2 + image: ghcr.io/paperless-ngx/paperless-ngx:2.17.1 restart: unless-stopped ports: - 8002:8000 From 0811e4184650f56a8481afa301fbf0c083da10f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Mon, 23 Jun 2025 12:38:41 +0200 Subject: [PATCH 099/377] feat: add k3m3 adguard entry and remove master3 --- tofu/adguard/main.tf | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tofu/adguard/main.tf b/tofu/adguard/main.tf index 94a3638..e419eee 100644 --- a/tofu/adguard/main.tf +++ b/tofu/adguard/main.tf @@ -85,7 +85,8 @@ resource "adguard_rewrite" "master2" { answer = "192.168.1.32" } -resource "adguard_rewrite" "master3" { - domain = "master3.ramiel.fuku" - answer = "192.168.1.33" + +resource "adguard_rewrite" "k3m3" { + domain = "k3m3.fuku" + answer = "192.168.1.43" } From 0de255a3e4911e3ddac5df97fc471867718db37e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Jun 2025 08:02:14 +0000 Subject: [PATCH 100/377] chore(deps): update helm release renovate to v41 --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 3b2c6f7..a24e126 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 40.62.* + targetRevision: 41.6.* helm: valuesObject: renovate: From 92fb10b6f16b6e4530c13f20788952543319f707 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Tue, 24 Jun 2025 12:10:44 +0200 Subject: [PATCH 101/377] chore(deps): update miniflux/miniflux docker tag to v2.2.10 --- k8s/services/miniflux/deployment.yaml | 6 +++--- k8s/services/miniflux/service.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/k8s/services/miniflux/deployment.yaml b/k8s/services/miniflux/deployment.yaml index a2057b1..2a8b131 100644 --- a/k8s/services/miniflux/deployment.yaml +++ b/k8s/services/miniflux/deployment.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: miniflux app.kubernetes.io/managed-by: argo - app.kubernetes.io/version: 2.2.8 + app.kubernetes.io/version: 2.2.10 annotations: kube-score/ignore: pod-networkpolicy,deployment-has-host-podantiaffinity spec: @@ -24,11 +24,11 @@ spec: metadata: labels: app.kubernetes.io/name: miniflux - app.kubernetes.io/version: 2.2.8 + app.kubernetes.io/version: 2.2.10 spec: containers: - name: miniflux - image: miniflux/miniflux:2.2.8 + image: miniflux/miniflux:2.2.10 imagePullPolicy: Always securityContext: allowPrivilegeEscalation: false diff --git a/k8s/services/miniflux/service.yaml b/k8s/services/miniflux/service.yaml index d18d2b7..4062c5c 100644 --- a/k8s/services/miniflux/service.yaml +++ b/k8s/services/miniflux/service.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: miniflux app.kubernetes.io/managed-by: argo - app.kubernetes.io/version: 2.2.8 + app.kubernetes.io/version: 2.2.10 spec: selector: app.kubernetes.io/name: miniflux From 5aa6c75903da685fd972da3315cf4cbeb3c02065 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 21 Jun 2025 01:49:57 +0000 Subject: [PATCH 102/377] chore(deps): update netbirdio/dashboard docker tag to v2.14.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 945ae21..4175917 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -1,7 +1,7 @@ --- services: dashboard: - image: netbirdio/dashboard:v2.13.1 + image: netbirdio/dashboard:v2.14.0 restart: unless-stopped ports: - 8005:80 From 68dc5065834f0678f1631d95f79932db5dc8b666 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 21 Jun 2025 01:51:14 +0000 Subject: [PATCH 103/377] chore(deps): update netbirdio/signal docker tag to v0.48.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 4175917..22a4e9b 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.46.0 + image: netbirdio/signal:0.48.0 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From 126be1d8a424af6542ff248ad8d00f9c519f4b03 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 21 Jun 2025 01:50:18 +0000 Subject: [PATCH 104/377] chore(deps): update netbirdio/management docker tag to v0.48.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 22a4e9b..5817511 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.46.0 + image: netbirdio/management:0.48.0 restart: unless-stopped depends_on: - dashboard From 94346929fd8409333855beb21f22807abfd0d119 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 21 Jun 2025 01:50:52 +0000 Subject: [PATCH 105/377] chore(deps): update netbirdio/relay docker tag to v0.48.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 5817511..c2fd732 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.46.0 + image: netbirdio/relay:0.48.0 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From 70779145e05c0203e53dabf8c5cc9bd2878df6ee Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 21 Jun 2025 01:50:40 +0000 Subject: [PATCH 106/377] chore(deps): update netbirdio/netbird docker tag to v0.48.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index c2fd732..d381d0d 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.46.0 + image: netbirdio/netbird:0.48.0 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From 50de1629592b5816b67e394f4ad8a89825e68bdc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Jun 2025 08:35:57 +0000 Subject: [PATCH 107/377] chore(deps): update helm release renovate to 41.8.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index a24e126..959d7fc 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 41.6.* + targetRevision: 41.8.* helm: valuesObject: renovate: From 2237e4451c6763da879d96d52e88b472d79856a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Sat, 28 Jun 2025 20:31:44 +0200 Subject: [PATCH 108/377] feat: remove forgejo's own redis cluster in favor of valkey --- k8s/argo-apps/forgejo.yaml | 10 ++++++++-- k8s/services/forgejo/sealedsecrets.yaml | 17 +++++++++++++++++ k8s/services/valkey/sealedsecrets.yaml | 3 ++- 3 files changed, 27 insertions(+), 3 deletions(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 8e12e98..74550e5 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -4,6 +4,8 @@ kind: Application metadata: name: forgejo namespace: argocd + annotations: + argocd.argoproj.io/sync-options: Force=true,Replace=true spec: destination: name: '' @@ -88,8 +90,9 @@ spec: server: ROOT_URL: https://git.roboces.dev/ - additionalConfigSources: + - secret: + secretName: gitea-ini-redis - secret: secretName: secrets-forgejo-email - secret: @@ -100,7 +103,10 @@ spec: secretName: secrets-forgejo-internal postgresql-ha: enabled: false - + redis: + enabled: false + redis-cluster: + enabled: false - path: k8s/services/forgejo repoURL: https://git.roboces.dev/catalin/fukuops.git targetRevision: main diff --git a/k8s/services/forgejo/sealedsecrets.yaml b/k8s/services/forgejo/sealedsecrets.yaml index 79315f0..d7588ce 100644 --- a/k8s/services/forgejo/sealedsecrets.yaml +++ b/k8s/services/forgejo/sealedsecrets.yaml @@ -112,3 +112,20 @@ spec: creationTimestamp: null name: secrets-forgejo-internal namespace: apps-roboces +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: gitea-ini-redis + namespace: apps-roboces +spec: + encryptedData: + cache: AgCiWLure5C90pHVPpQknFhnFOLw5HtH4qL+nd/EFBxvDziVjM//lj8n4j7gmaTpYyO+ueWzlXZtsBGDDNPzlDR1t+MW7L9NiyWQWLnBLiA589oo5GKrIe/PRskxzfdMEsj4RMeVEQWhJJZo+d1WcX06aPRxK74KUA5OuTPTEmJe+sU99kKZulrdlkpHD3uO7rJ+6pUx1LI+Uvn4O+l+EXbZst9b25ffLsSLUaOsF7ajTjNpZv02qIXX1/Hw3ozqn8DdfuoMPWGL3w8DCwbBA+leH9ELk/zuDcw9NG6lZ81EY7HXdxZEolOcDfuzpW+NnJmcHFtPbc0SZK+t2JXAPXkCwNod3AMIWjN+1EFqKfgDYKCdg1BU8aZCcw64f3XFN8SPyA74Do2xO7FFZq2kHuV7lUmUlJpWPBxoh/olfqFS27NdbZt4TFS+gtIs7guj7h505inAHdpxTKj/X/3S90BqcmBv7i2KtMZjP8Sj8gogBxjlCTtKFCq4rBXaJ1yR5oKRiive+CPtpw1iduEheOrU3ityuoZ+p+jeNr/fVzknN3Brsu4ClPhMT4QGicc/NQEGi2rpMj7FwQDUKto15f/8bSV3FofRn4jdJjHwsg6en8NdlUmNejRoFFWXIjdp04garA0b0rTjDT3tVFsmzidWw5ZElC47VwEhj3deULHGUFNHPVixXIDqMEnaaBwJZaI/4DpU25JGhauRDdnmNam6FE2UDy1kCy+7gAdiAHx01dh6IGDfaYORtjsctOEkFrui7osI51HP8uHxtKoEayRP8bTFPrf8Kpfic4xW2CStbp60Q9oMMlkKqhfmOXOX40TMrw+ItCbOczxOkqxyAJ16QF+CsGGd/j7OZvzxxg== + queue: AgAQ+cXyQkTKNq21RhSZUx5wYetS3beVg24x82gq2jepFwo5KIXUcm3doKZEdmKJ5uF/vZH4l0e9OMJcqw/5UilF2pdnNaMGopXRq54FzqGwoZv+cjqSld6mjwQlsqHST4rtKpyBNCc7bWfbQI4CeqGXRwKvY5FLzhCdmMjwNa9+DwRw4qO0/fJHCtx/v3pvmHVReuFGNIm0iUHEekyaZs4MHE0Rhi7MIGGMpPHrhNF3MAaWtPJAsfwnE0VahCwTe21mabUMyrKogvvoaCQ0yxDtvk5zEiwmTwpkHaYHxAHcVhYOCgfVL+iTxF5JF0OXIXmsWPtr5E0LcAbN1mCyHEkcCYL4NMD4nhsZgrtOP3TZ91gzJXxMfWHWQETwkFdOTsfLtkg7oj1RgB24cWhYKGpA/Yn/pF3Y9Ni+39RLinhEquaKk5YcjuGlE+x6ysPUb6XrrPyB6jXB8SEPg7TMqS3pGcXHZ0OoFn9lCYjAls3R/iuGKYyb4Pyau/1QRPgFDxHDD2l0SOeW0I9QKhQslK8ZXAZiuTs5I4I7gcYvnFA72ZySETCBt/MT3+zS4/4pIvCokXgjvM7tU/nZfGu2EQf9Jw8Zo+u59WSmO69ZomIcy2smG1vV/Y7gV5yKuK81sBHma0ZF60eWNp1XpZna4+kvvHP2Pmybq19daWi5PvUGDAayIOSQCNXpeaGeKBg8lFd2QZ63R6n19JNNCtQJknRCKJoYRaKrsQFTItFbN094ieN9BLFUOH9zu6vjutC0RopQqHFIfckgUAyfkQYNGac00P++0RJAiNirmo0fQpegqXtMRJk7C63KavIUVa4BySTDImt+Cpwi840EWNRr5II= + template: + metadata: + creationTimestamp: null + name: gitea-ini-redis + namespace: apps-roboces + type: Opaque diff --git a/k8s/services/valkey/sealedsecrets.yaml b/k8s/services/valkey/sealedsecrets.yaml index 9a30914..79a3f1b 100644 --- a/k8s/services/valkey/sealedsecrets.yaml +++ b/k8s/services/valkey/sealedsecrets.yaml @@ -1,3 +1,4 @@ +# yamllint disable rule:line-length --- apiVersion: bitnami.com/v1alpha1 kind: SealedSecret @@ -7,7 +8,7 @@ metadata: namespace: apps-fuku spec: encryptedData: - REDIS_PASSWORD: AgCjt/Lbu+2WmEQv1TjvaRD/hMKPFYFYGxisNc4BMm3FqR5zZG4EBgLJSlFFk/YKnFEZl7tKaW1E0A0JxfIoIdivb6fbWOPUyLQy2oluDTR607o7Rk1tP8+nZ83gq3KdHgWQ02ocq4zEw6XATJxCsStGWQjCMAuEcXtHMEDpW87tiq/3CEV8u48Ao2Cf354omVKFzj17fMDe+Y7+Hs9QEChDCbt2LGTDNHOjYJd6jxEhhP8hzrj8IU1EahbmpI6uKlR4q3rBmngGlITi1UnUvVK98W89wLI8wgTRu6h4LOGtKKATUh0E1burLjgmTndrHp0+BkgjhdSeMRax4nwGZJ+xlTy2NYdE7xRCdz/9K5fKMBZKLDHYkaU+69QtkH3xTCSOONdim8A1HPix9jWBlGBMSMbt1SrS1TCHL+hsIH9njpsgS+9INzpvMD9zVspBSfj+05OrB6y6xe9alle87ILBsK4/y5G6prHUFguFeZJbTDuEzmWg5JY2yci4BB3TDP/zT7JWsP+MVfIqdFXKFDFMpM6a13PstC0JXumxot4zRydtAfhb5dZqlD+QA7I4V2RKTx3CVxTur4gGehz0aeLyAhScoiiqjG8+o1hQtX0JrGRt6oHSta9eASM+KaNWaU4sM5fDyh/zyVnzGEwNr/rWLVKUtD3+JpnpVbuRDe6ELIOBzFIl7M4VqWiyLHLWGfIWVZUXMX5ScC5T7Di1UA== # yamllint disable rule:line-length + REDIS_PASSWORD: AgCLFwqtfp3PeTgh59pOOF8eYBhX4FGQ6c/Fp/DCsOPRXCCBEpJNoMIZZZAtMQwliDLxmET1bSpF0gD5XwuqY/hQcMWyYP5xYVPPLg/v4d43ufemYCs34+NG9tvYhOpW4TZUBRvIAUXV7ZxxtShEQwn0NZUVcqwsJXAjH+dk9hXVAcGysrMMT+r3jUrUM/0XBu9gkzpc2mp1Ec2YuNy0D9CnV7kOCYgSW6NfiE83iMLirJdlLEUP/NfZ7STAS6E+/+/pqIjBpkVvTlvBNWakuOsGUmmBYSCcpH/CQhP+kuOOErZykcGv195qYkAROyP0mriKrvzrYG5KtYN6RvLO1BBI8Ae0P/k7le8PehP/3Y7dlcFNM+Hs2qWWGNrkEj0hGXu3G8AaKm5HqpBw5istXprA83Uw7vqKotjqUd+2NfO9yCQr/mkk2t5pVFe0BZbgylU7/qkmIeiuDPYVnnlbl0wKfwliSUhRBMwcaTcc6CEw44IRdslNCmNReC9vZRM3My6RifPRXPuHnyUVagegrfg/wey0b8lgRGvUixfsz58IxrYLxeoT2Ww8BbNrJC4sNvFIlieXbD/RElf+qbJVBhNza84YcpzvUeYNSu9U28Uxa3mJfXzosDt1k68MWbRmWAvRdqt16jV6/mLVs/s7vx1/X+6XwDnTzh5FuWQwifyxiyf+KuDvTmjJ+0PFE1FzMHAkWRJDXpEHQPQpGeyuc6le template: metadata: creationTimestamp: null From a61448ee7ae3a3c38052c2cea3c954a9dc4cdea2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jun 2025 02:09:25 +0000 Subject: [PATCH 109/377] chore(deps): update netbirdio/signal docker tag to v0.49.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index d381d0d..3876c18 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.48.0 + image: netbirdio/signal:0.49.0 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From 09d7acaceed3d241dd550b9c6e491d7e605c08e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Sun, 29 Jun 2025 13:11:31 +0200 Subject: [PATCH 110/377] feat: update forgejo's secrets --- k8s/services/forgejo/sealedsecrets.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/k8s/services/forgejo/sealedsecrets.yaml b/k8s/services/forgejo/sealedsecrets.yaml index d7588ce..4353b10 100644 --- a/k8s/services/forgejo/sealedsecrets.yaml +++ b/k8s/services/forgejo/sealedsecrets.yaml @@ -121,8 +121,9 @@ metadata: namespace: apps-roboces spec: encryptedData: - cache: AgCiWLure5C90pHVPpQknFhnFOLw5HtH4qL+nd/EFBxvDziVjM//lj8n4j7gmaTpYyO+ueWzlXZtsBGDDNPzlDR1t+MW7L9NiyWQWLnBLiA589oo5GKrIe/PRskxzfdMEsj4RMeVEQWhJJZo+d1WcX06aPRxK74KUA5OuTPTEmJe+sU99kKZulrdlkpHD3uO7rJ+6pUx1LI+Uvn4O+l+EXbZst9b25ffLsSLUaOsF7ajTjNpZv02qIXX1/Hw3ozqn8DdfuoMPWGL3w8DCwbBA+leH9ELk/zuDcw9NG6lZ81EY7HXdxZEolOcDfuzpW+NnJmcHFtPbc0SZK+t2JXAPXkCwNod3AMIWjN+1EFqKfgDYKCdg1BU8aZCcw64f3XFN8SPyA74Do2xO7FFZq2kHuV7lUmUlJpWPBxoh/olfqFS27NdbZt4TFS+gtIs7guj7h505inAHdpxTKj/X/3S90BqcmBv7i2KtMZjP8Sj8gogBxjlCTtKFCq4rBXaJ1yR5oKRiive+CPtpw1iduEheOrU3ityuoZ+p+jeNr/fVzknN3Brsu4ClPhMT4QGicc/NQEGi2rpMj7FwQDUKto15f/8bSV3FofRn4jdJjHwsg6en8NdlUmNejRoFFWXIjdp04garA0b0rTjDT3tVFsmzidWw5ZElC47VwEhj3deULHGUFNHPVixXIDqMEnaaBwJZaI/4DpU25JGhauRDdnmNam6FE2UDy1kCy+7gAdiAHx01dh6IGDfaYORtjsctOEkFrui7osI51HP8uHxtKoEayRP8bTFPrf8Kpfic4xW2CStbp60Q9oMMlkKqhfmOXOX40TMrw+ItCbOczxOkqxyAJ16QF+CsGGd/j7OZvzxxg== - queue: AgAQ+cXyQkTKNq21RhSZUx5wYetS3beVg24x82gq2jepFwo5KIXUcm3doKZEdmKJ5uF/vZH4l0e9OMJcqw/5UilF2pdnNaMGopXRq54FzqGwoZv+cjqSld6mjwQlsqHST4rtKpyBNCc7bWfbQI4CeqGXRwKvY5FLzhCdmMjwNa9+DwRw4qO0/fJHCtx/v3pvmHVReuFGNIm0iUHEekyaZs4MHE0Rhi7MIGGMpPHrhNF3MAaWtPJAsfwnE0VahCwTe21mabUMyrKogvvoaCQ0yxDtvk5zEiwmTwpkHaYHxAHcVhYOCgfVL+iTxF5JF0OXIXmsWPtr5E0LcAbN1mCyHEkcCYL4NMD4nhsZgrtOP3TZ91gzJXxMfWHWQETwkFdOTsfLtkg7oj1RgB24cWhYKGpA/Yn/pF3Y9Ni+39RLinhEquaKk5YcjuGlE+x6ysPUb6XrrPyB6jXB8SEPg7TMqS3pGcXHZ0OoFn9lCYjAls3R/iuGKYyb4Pyau/1QRPgFDxHDD2l0SOeW0I9QKhQslK8ZXAZiuTs5I4I7gcYvnFA72ZySETCBt/MT3+zS4/4pIvCokXgjvM7tU/nZfGu2EQf9Jw8Zo+u59WSmO69ZomIcy2smG1vV/Y7gV5yKuK81sBHma0ZF60eWNp1XpZna4+kvvHP2Pmybq19daWi5PvUGDAayIOSQCNXpeaGeKBg8lFd2QZ63R6n19JNNCtQJknRCKJoYRaKrsQFTItFbN094ieN9BLFUOH9zu6vjutC0RopQqHFIfckgUAyfkQYNGac00P++0RJAiNirmo0fQpegqXtMRJk7C63KavIUVa4BySTDImt+Cpwi840EWNRr5II= + cache: AgB9EAfMyxjZ1VAwT1KONjdq8mw3LUVrKYLuaNH9EVpVEd82GyAqIa4EZKHV6kTKUIyfK/GwEt+ncg+Xjd6IqTlpurtSj1qU29SWeMg293Q0ybecgZ5Dl7kIrzveHhtNNWScl2lPFq5BcY+fPlsRv3CcylzQIAgO6xwFjKPVBIboWMCePAFvzccme6WBwZHK+iuZxPrysRVQJ2wQJXrbEf4kKP11VBrACM74Zoo/Vd2TKlPB6SEypcOOeWTG3/cEsdiQmNyE/iqVUgMozeyoj954wXHKwB/iWUxvKCp5x4+/KUrvO5J6L93fXl6WCfLU03S04bOd6Ypv1tsKu+IOWhOA0vtAi0aHz30QqoLfSKUVqZz7tdJynoo+uqcI+4tLoqXdo9s9DMDZSAbb6Sce6uignxBcSq8EV+9CsCeyMm1Bq17P0/XlbOBSglwdyg/UdBqcsBwkTAhYm7LljwDI3QjJ3JCSJTJ12VkCBWqf++9gjjnq5AqOIo6nGcL4mJz6zQRLpsVqqMm5g20PLL5xmZM5cuoGZCJSaDeeu7PmBz6AqwCUdVNiYqt9PYQAqIN3LOF2fMtgDAccYZAMCJ7DBcLNQ5UwTiz+DAXw3PqzZ6Qk5ZjYymKVMFHiW7odTLwZ1cbTKKBjhXtIwFDPqv/e9BlnBhcXmsb6g2KCP9U4YAlFJaf1/Vs7KpNTAuCgTLv4wOEE0+5nomAr5EAGdjdEd0vU5Sc6fFUDC4OZgApTM1Ve3lAwYfq/XIzfygQGkCDHce/4NcaLzvraKDawyuB7X9KEs9fehZk2DEHf61oaYBB7aeEUHkVky2st5lxTkugIXH0ZOStfFMZjFNw32A4sXO0hTH3TJ1N7CqHvX38= + queue: AgA1DVkPmW5h0Yc0VRYUPvKi+6yFE0Xlaw0GhBtnwO6SHKI9yLOhohiG7zKAeaOG0HCGsmHMnJFdBd9CRxx75yazFL3ZaYJTlCh3de9zLqqmMOXnwSTVJgJ9kGEcs2m9MgFHh1I1UlWe2d4iCdNWzpbvPtTY/dGfvF4A0H0+okfpxcRhEs1WHE+kapm+JZzF/bmrNQy9kuO/EwXSfnDXd+dE9F33XdYhq9sy6Q2qjAgKmZodtY3EbFI8RcQKhIEuRHUw6iF9/IT+UEwnAKX5/V8UetHUSIeC900RU9oCDwPTyV2KVUYD5Rglw+EEyTMA4vv+WJpC/527Lo0H6YeJHKQdaY3GtgG6jvCyKmhw9XsW8mU1huNXtQ7TQxFCZQGlWTHkUx08lOU8Mlvtp/URrqQ3o3BvI2hl5vYIVFraS0ibGO9kd5IoXYD429Q4Z+CeRZS+eTCRlvKJvHKGJXAgT/4VOrhqbb6nnjOny5k1iAVpOVmOFYqhJwK6FIFQt6TpYUHZtwfFcl4euqyRgwdkqT1SzaruZeowm36IANklUAdZATQNQHMd53nNsO0Z/ALfb+aUjhizM5GATJR6fZwXAmcUK6FDbrIIgHJ0vJNnh7L5GgRlb++BPr1ZldR6HkRLQRMN9asZeTkjBdKVkQ1ZHgNTxrSEEgZ9yPgBH7hLabH/HSh1BBDb8HbKKkGjvm7Svp6drgGHWTe5GZYxGSf6ACRkOg7v4DrbTM5oKHvIGs8DO8+H8yWCbHasr+/VoPy+3J91sznBh+symEKZrxAMubgR9EDaD2ahzgV32N6QPc1YinfktqZHfTroYIg2mgN0XGxP/9f5Clx2JZlmVoJ/lA0= + session: AgCkq/AOndCSqvgKBXp+52iJtJQ4aRs1v2oW+OyKcvd2d2a1pR9YOcOH8zDrjeeYjnrrXwSMAqD1VdZDt9cesXq70t5Z072hUW9MEUJU/R8qJBMLv5nvdDfTiTVZ/5dk2vG01lIxY38dPb+yJA/R6UodMsYjkjHF6WAq/qmAG3sEsFk9nokTy6lR0BYJyI1IAqvXGxdiPX/s0aydk3bB0b8F4qC2MHZ5He8JR8QG1DZ8/FZlMrGXJ4De4cvQbB9ZqkdvvpB9xgudKjV6RYV2qEj+8sPYS2H71KySnckN/9twq1TbF+xPRgWpuwHgox2D5sfxouNQAZw1cazj5deNVJdWfI0zcYMx6ovAqofAEcwvX8FXgBpo42CphXX2WGEsJkLOw2AMEiI4d1B9ZqsGr5xevXzlyyH403VvwWCKcW7nAaBhANuvh+sn7t+8q12yEJ0H2dk1ybKlDmnbLj2kZuPxF4RIgn9wgARI/U6PF++82Q6IRSCH5VuziMf4d3r8ootYoc8fEeslQtkReue726mPHIR+jR8WhpdlKCwX/ffbL1IGPLGgPsQAxvyE4WbP95MNR76M9WANYXKwMPt+eGe+LLkruwe4LZLKoU5qhO4LTnrycK8XsxVAUou9gjmPtKR50AZ4H5zpARymdjvkXbo6PylBU1EO270g9NL+AlFrVAtyXGbkb/Y7dM09hC833vIdXlWth/I6X0OH+Y8SPftjwPIXdUVMx1+17tvWoUN8U9La9lueV3OSXDVXesjAukgelooKayZyzXkhZ0U9q0exG95jfx/nXQXV1M3JmPPZ6r2T0MCCUZo2iVHgBCYWw/Jr7JC/xiZASfQ4PthtZa2EHKC31pyjkW55JA== template: metadata: creationTimestamp: null From ceb86288168d9efa39417a6d2e781820583367fa Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jun 2025 02:08:12 +0000 Subject: [PATCH 111/377] chore(deps): update helm release renovate to 41.16.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 959d7fc..ffcd3aa 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 41.8.* + targetRevision: 41.16.* helm: valuesObject: renovate: From 4779a8a6e2dc5948e7a97d63d42aa89c4ea1338f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Jun 2025 08:33:18 +0000 Subject: [PATCH 112/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22.0.9 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index e3fdcf2..a5d8108 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.0.8 + targetRevision: 22.0.9 helm: valuesObject: service: From a154fe0ae70c3adc692f5fb0215129f6570e5b79 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Jun 2025 01:54:28 +0000 Subject: [PATCH 113/377] chore(deps): update netbirdio/relay docker tag to v0.49.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 3876c18..71d2dbb 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.48.0 + image: netbirdio/relay:0.49.0 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From 5316d90373115a1864d65a90da97bd142a1d67cb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Jun 2025 01:54:03 +0000 Subject: [PATCH 114/377] chore(deps): update netbirdio/netbird docker tag to v0.49.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 71d2dbb..ae3bc85 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.48.0 + image: netbirdio/netbird:0.49.0 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From eb23cb2a77eb5ae92b9f10ba929bc66b9fd6a3c8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 26 Jun 2025 08:54:05 +0000 Subject: [PATCH 115/377] chore(deps): update netbirdio/management docker tag to v0.49.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index ae3bc85..4caf8ef 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.48.0 + image: netbirdio/management:0.49.0 restart: unless-stopped depends_on: - dashboard From 576a6ae6868a2d3b0e6051deb58a63d331628248 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jun 2025 01:53:22 +0000 Subject: [PATCH 116/377] chore(deps): update helm release renovate to 41.17.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index ffcd3aa..711bdfd 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 41.16.* + targetRevision: 41.17.* helm: valuesObject: renovate: From 2e0d091282ed2b42fe1ac567f0be0dda8292b21a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 1 Jul 2025 01:51:08 +0000 Subject: [PATCH 117/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v12.5.3 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 74550e5..a961395 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 12.5.2 + targetRevision: 12.5.3 helm: valuesObject: replicaCount: 2 From 84be92c67245852046343b60bcb65e6c076ea295 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 1 Jul 2025 01:52:38 +0000 Subject: [PATCH 118/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22.0.10 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index a5d8108..e3311e0 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.0.9 + targetRevision: 22.0.10 helm: valuesObject: service: From 8955ca123f99e2fc97b63fe31219886cc64619b5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 1 Jul 2025 01:55:59 +0000 Subject: [PATCH 119/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v6.4.0 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index c14ea38..f6b7495 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:6.3.1 + image: code.forgejo.org/forgejo/runner:6.4.0 links: - docker-in-docker depends_on: From dd38f6959920d746b959ae1c856b04d580fc684a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 4 Jul 2025 01:52:45 +0000 Subject: [PATCH 120/377] chore(deps): update helm release renovate to 41.18.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 711bdfd..33af567 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 41.17.* + targetRevision: 41.18.* helm: valuesObject: renovate: From 8d0a9171ff177907ebf573ee3bcf76a58275d922 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 5 Jul 2025 01:53:10 +0000 Subject: [PATCH 121/377] chore(deps): update helm release renovate to 41.20.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 33af567..5cf928f 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 41.18.* + targetRevision: 41.20.* helm: valuesObject: renovate: From 842d392307911859e544067c35418f645a5aef96 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 5 Jul 2025 01:53:43 +0000 Subject: [PATCH 122/377] chore(deps): update netbirdio/management docker tag to v0.50.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 4caf8ef..c99bea1 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.49.0 + image: netbirdio/management:0.50.0 restart: unless-stopped depends_on: - dashboard From 3c843f87c0d24510b4eb3e840a2f6eaac72ef379 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 6 Jul 2025 02:00:02 +0000 Subject: [PATCH 123/377] chore(deps): update netbirdio/netbird docker tag to v0.50.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index c99bea1..bcf3eef 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.49.0 + image: netbirdio/netbird:0.50.0 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From 6c36c37a4ee27298a67752c0266d8c8e04fa337b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 6 Jul 2025 01:59:12 +0000 Subject: [PATCH 124/377] chore(deps): update helm release renovate to 41.21.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 5cf928f..a9d07d7 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 41.20.* + targetRevision: 41.21.* helm: valuesObject: renovate: From 2e7eb61be1379eba2d87919d877a82646feb61a4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 9 Jul 2025 02:01:28 +0000 Subject: [PATCH 125/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v7 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index f6b7495..1cce85f 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:6.4.0 + image: code.forgejo.org/forgejo/runner:7.0.0 links: - docker-in-docker depends_on: From a0a3f79185804c5f73b775624a9096bf579c0487 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 9 Jul 2025 01:59:45 +0000 Subject: [PATCH 126/377] chore(deps): update helm release renovate to 41.26.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index a9d07d7..49aab91 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 41.21.* + targetRevision: 41.26.* helm: valuesObject: renovate: From 72ca879fed1425c56ff3dfc17f87fc066515a0b0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 9 Jul 2025 02:00:46 +0000 Subject: [PATCH 127/377] chore(deps): update netbirdio/signal docker tag to v0.50.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index bcf3eef..af15c3c 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.49.0 + image: netbirdio/signal:0.50.1 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From 6570537ba37047c7a65edd8f496d357003c65455 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 8 Jul 2025 01:39:12 +0000 Subject: [PATCH 128/377] chore(deps): update netbirdio/relay docker tag to v0.50.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index af15c3c..1fbaa5c 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.49.0 + image: netbirdio/relay:0.50.1 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From be4bdc5796c0e0a2186ac8b10ae7770bfb71762d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 7 Jul 2025 01:29:12 +0000 Subject: [PATCH 129/377] chore(deps): update netbirdio/netbird docker tag to v0.50.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 1fbaa5c..7a75448 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.50.0 + image: netbirdio/netbird:0.50.1 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From a70503ecf6fba898c2919dff94991755ec9db7ec Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 7 Jul 2025 01:28:25 +0000 Subject: [PATCH 130/377] chore(deps): update netbirdio/management docker tag to v0.50.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 7a75448..4ff5521 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.50.0 + image: netbirdio/management:0.50.1 restart: unless-stopped depends_on: - dashboard From 3b64fa3c5472dbde5346d0c36b71cebbeccb956b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 10 Jul 2025 01:38:57 +0000 Subject: [PATCH 131/377] chore(deps): update helm release renovate to 41.28.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 49aab91..9a54680 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 41.26.* + targetRevision: 41.28.* helm: valuesObject: renovate: From c1b83745ed876d0a45f089db62655d696b650844 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 11 Jul 2025 01:39:11 +0000 Subject: [PATCH 132/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v12.5.4 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index a961395..ae124d8 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 12.5.3 + targetRevision: 12.5.4 helm: valuesObject: replicaCount: 2 From 395c232e2f9390ba412dc7d9f68af220c1ae6764 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Fri, 11 Jul 2025 09:54:48 +0200 Subject: [PATCH 133/377] chore(deps): update nextcloud docker tag to v31.0.6 --- docker/nextcloud/Dockerfile | 2 +- docker/nextcloud/docker-compose.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docker/nextcloud/Dockerfile b/docker/nextcloud/Dockerfile index 6ef2923..8d10898 100644 --- a/docker/nextcloud/Dockerfile +++ b/docker/nextcloud/Dockerfile @@ -1,4 +1,4 @@ -FROM nextcloud:31.0.5-apache +FROM nextcloud:31.0.6-apache RUN set -ex; \ \ diff --git a/docker/nextcloud/docker-compose.yml b/docker/nextcloud/docker-compose.yml index 119679b..8d054b6 100644 --- a/docker/nextcloud/docker-compose.yml +++ b/docker/nextcloud/docker-compose.yml @@ -14,7 +14,7 @@ services: - nextcloud nextcloud: - image: git.roboces.dev/catalin/fukuops:nextcloud-31.0.2 + image: git.roboces.dev/catalin/fukuops:nextcloud-31.0.6 volumes: - /mnt/nas1/legacy-storage/cloud/cloud/data:/var/www/html/data - /mnt/nas1/legacy-storage/cloud/cloud/config:/var/www/html/config @@ -29,7 +29,7 @@ services: NEXTCLOUD_INIT_HTACCESS: ${NEXTCLOUD_INIT_HTACCESS:-1} restart: unless-stopped ports: - - 8080:80 + - '8080:80' networks: - nextcloud From 5feff331e82f9789caf43c0078a4ce73c6f5be62 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 12 Jul 2025 01:44:54 +0000 Subject: [PATCH 134/377] chore(deps): update netbirdio/relay docker tag to v0.50.2 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 4ff5521..3180798 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.50.1 + image: netbirdio/relay:0.50.2 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From 53af9464de2959b7b8ff69d1deb9f4121b795294 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 12 Jul 2025 01:45:32 +0000 Subject: [PATCH 135/377] chore(deps): update netbirdio/signal docker tag to v0.50.2 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 3180798..de10b48 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.50.1 + image: netbirdio/signal:0.50.2 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From 73a697344938574dd9f5ca66a4bdcb6ce23b74b4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 11 Jul 2025 01:39:40 +0000 Subject: [PATCH 136/377] chore(deps): update netbirdio/management docker tag to v0.50.2 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index de10b48..0d46708 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.50.1 + image: netbirdio/management:0.50.2 restart: unless-stopped depends_on: - dashboard From 38b3167b67d87f54475014a5bf9a9f51101e7bc5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 13 Jul 2025 03:15:11 +0000 Subject: [PATCH 137/377] chore(deps): update netbirdio/management docker tag to v0.50.3 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 0d46708..704bdb5 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.50.2 + image: netbirdio/management:0.50.3 restart: unless-stopped depends_on: - dashboard From 805d57f4857cb4b48c0834691f89e2a0cbe43494 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 13 Jul 2025 03:16:36 +0000 Subject: [PATCH 138/377] chore(deps): update netbirdio/netbird docker tag to v0.50.3 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 704bdb5..21af0aa 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.50.1 + image: netbirdio/netbird:0.50.3 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From 111d47ae1063dfd31514d8b59f132a687d285067 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 14 Jul 2025 01:49:51 +0000 Subject: [PATCH 139/377] chore(deps): update helm release renovate to 41.32.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 9a54680..e67882e 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 41.28.* + targetRevision: 41.32.* helm: valuesObject: renovate: From a2471f543e859a25b270ca6e932820476985529c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 16 Jul 2025 02:20:19 +0000 Subject: [PATCH 140/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22.0.13 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index e3311e0..55ca698 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.0.10 + targetRevision: 22.0.13 helm: valuesObject: service: From 822ea769dc888a54f4e644746e8005aaf66d65ad Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 18 Jul 2025 16:17:40 +0000 Subject: [PATCH 141/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v13 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index ae124d8..2653509 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 12.5.4 + targetRevision: 13.0.0 helm: valuesObject: replicaCount: 2 From 814092997e8e2d76e5e60aa9c910015636e342f8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 17 Jul 2025 02:47:23 +0000 Subject: [PATCH 142/377] chore(deps): update netbirdio/management docker tag to v0.51.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 21af0aa..1dd2ae8 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.50.3 + image: netbirdio/management:0.51.1 restart: unless-stopped depends_on: - dashboard From c5b87c5af18452bb7333eb927711dd94efa97a33 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 18 Jul 2025 02:32:16 +0000 Subject: [PATCH 143/377] chore(deps): update netbirdio/netbird docker tag to v0.51.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 1dd2ae8..c829725 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.50.3 + image: netbirdio/netbird:0.51.1 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From 48711b0b9ff2a976178bb96eea5159029e765229 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 18 Jul 2025 02:31:23 +0000 Subject: [PATCH 144/377] chore(deps): update helm release renovate to 41.38.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index e67882e..8111585 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 41.32.* + targetRevision: 41.38.* helm: valuesObject: renovate: From 1b0ff89f017ab9b0ff16e94af84f2de4705ad2ad Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 16 Jul 2025 02:24:35 +0000 Subject: [PATCH 145/377] chore(deps): update netbirdio/signal docker tag to v0.51.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index c829725..c1920fb 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.50.2 + image: netbirdio/signal:0.51.1 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From ecc0564fd879bd35879c448840712cc953774ec0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 16 Jul 2025 02:23:01 +0000 Subject: [PATCH 146/377] chore(deps): update netbirdio/relay docker tag to v0.51.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index c1920fb..a46c561 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.50.2 + image: netbirdio/relay:0.51.1 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From 05b0974d9aa259915675367133b3ee56bb5bb070 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 27 Jul 2025 01:58:48 +0000 Subject: [PATCH 147/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v13.0.1 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 2653509..072c640 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 13.0.0 + targetRevision: 13.0.1 helm: valuesObject: replicaCount: 2 From e7b0f36cbc68d6bcf6bfbd24e5fc5e28005f87b4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 1 Aug 2025 03:11:02 +0000 Subject: [PATCH 148/377] chore(deps): update netbirdio/dashboard docker tag to v2.15.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index a46c561..74d1f32 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -1,7 +1,7 @@ --- services: dashboard: - image: netbirdio/dashboard:v2.14.0 + image: netbirdio/dashboard:v2.15.0 restart: unless-stopped ports: - 8005:80 From b6db2ddd9cdb2f90d2ae2ccd9bcbcdfca1fc11f5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 31 Jul 2025 03:04:23 +0000 Subject: [PATCH 149/377] chore(deps): update vaultwarden/server docker tag to v1.34.3 --- docker/vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/vaultwarden/docker-compose.yml b/docker/vaultwarden/docker-compose.yml index 2c2b1cd..4c2b3dc 100644 --- a/docker/vaultwarden/docker-compose.yml +++ b/docker/vaultwarden/docker-compose.yml @@ -1,7 +1,7 @@ --- services: vaultwarden: - image: vaultwarden/server:1.34.1-alpine + image: vaultwarden/server:1.34.3-alpine restart: unless-stopped environment: DATABASE_URL: ${DATABASE_URL} From 37e7551181ec6ad58c2a857460e18f18119a52b7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 7 Aug 2025 02:10:22 +0000 Subject: [PATCH 150/377] chore(deps): update netbirdio/signal docker tag to v0.53.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 74d1f32..018cd16 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.51.1 + image: netbirdio/signal:0.53.0 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From ec1b4c4069d97a8061403764221c535a48b50229 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 8 Aug 2025 02:54:56 +0000 Subject: [PATCH 151/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22.1.3 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index 55ca698..daad634 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.0.13 + targetRevision: 22.1.3 helm: valuesObject: service: From 16b66e065d51ee1d9234feacaf3c801654935f7a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 10 Aug 2025 13:29:53 +0000 Subject: [PATCH 152/377] chore(deps): update netbirdio/signal docker tag to v0.54.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 018cd16..f7fad27 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.53.0 + image: netbirdio/signal:0.54.0 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From 824e33ad0caf67c6e57ed5fa89ee19605fba1487 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 9 Aug 2025 03:25:11 +0000 Subject: [PATCH 153/377] chore(deps): update netbirdio/management docker tag to v0.54.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index f7fad27..fe36372 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.51.1 + image: netbirdio/management:0.54.0 restart: unless-stopped depends_on: - dashboard From 0103bf9ee01b03485ff7e9ee0848d15eda53b9d1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 11 Aug 2025 10:13:49 +0000 Subject: [PATCH 154/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v9 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index 1cce85f..8f8d6ca 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:7.0.0 + image: code.forgejo.org/forgejo/runner:9.0.3 links: - docker-in-docker depends_on: From 3f01153fe8315b9a6ae3c44e4ec4495668f235c1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 9 Aug 2025 03:20:16 +0000 Subject: [PATCH 155/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22.1.4 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index daad634..012b40e 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.1.3 + targetRevision: 22.1.4 helm: valuesObject: service: From 8c29b00774d8a5ee79d8e25ab6e1ac3fb2bfc08f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 11 Aug 2025 10:14:28 +0000 Subject: [PATCH 156/377] chore(deps): update helm release renovate to v43 --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 8111585..7e8b68a 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 41.38.* + targetRevision: 43.1.* helm: valuesObject: renovate: From 21bbd80d6f62f1a307886af88a8bc3742d2fcd38 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 9 Aug 2025 03:25:48 +0000 Subject: [PATCH 157/377] chore(deps): update netbirdio/netbird docker tag to v0.54.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index fe36372..c301532 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.51.1 + image: netbirdio/netbird:0.54.0 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From d996b53035052509523d4d7772b15ba5dd7f7815 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 9 Aug 2025 03:26:27 +0000 Subject: [PATCH 158/377] chore(deps): update netbirdio/relay docker tag to v0.54.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index c301532..316c614 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.51.1 + image: netbirdio/relay:0.54.0 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From 1e41f72c6463e0116d9934224affb798f20f2206 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 5 Aug 2025 02:46:38 +0000 Subject: [PATCH 159/377] chore(deps): update helm release meilisearch to 0.15.* --- k8s/argo-apps/meili.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index 0e594c2..579d937 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -18,7 +18,7 @@ spec: targetRevision: main - chart: meilisearch repoURL: https://meilisearch.github.io/meilisearch-kubernetes - targetRevision: 0.14.* + targetRevision: 0.15.* helm: valuesObject: environment: From cfe7317e90df6ec81274e4799ef7457bbffa03aa Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 9 Aug 2025 03:19:19 +0000 Subject: [PATCH 160/377] chore(deps): update helm release kubetail to v0.13.4 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index 1ee55cf..7e76e20 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.13.2 + targetRevision: 0.13.4 helm: valuesObject: kubetail: From 520d576761b96a042ca4470f6bd87eee440a81bf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 12 Aug 2025 02:29:38 +0000 Subject: [PATCH 161/377] chore(deps): update https://code.forgejo.org/actions/checkout action to v5 --- .forgejo/workflows/ci.yaml | 6 +++--- .forgejo/workflows/deploy-tofu.yaml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.forgejo/workflows/ci.yaml b/.forgejo/workflows/ci.yaml index 26a2120..a8f073a 100644 --- a/.forgejo/workflows/ci.yaml +++ b/.forgejo/workflows/ci.yaml @@ -7,7 +7,7 @@ jobs: pre-commit: runs-on: ubuntu-22.04 steps: - - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/checkout@v5 - uses: https://code.forgejo.org/actions/setup-python@v5 with: python-version: '3.10' @@ -19,7 +19,7 @@ jobs: k8s: runs-on: ubuntu-22.04 steps: - - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/checkout@v5 - name: Set up Kubeconform uses: bmuschko/setup-kubeconform@v1 @@ -30,7 +30,7 @@ jobs: tflint: runs-on: ubuntu-22.04 steps: - - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/checkout@v5 - uses: terraform-linters/setup-tflint@v4 name: Setup TFLint with: diff --git a/.forgejo/workflows/deploy-tofu.yaml b/.forgejo/workflows/deploy-tofu.yaml index 85808a7..96b6c38 100644 --- a/.forgejo/workflows/deploy-tofu.yaml +++ b/.forgejo/workflows/deploy-tofu.yaml @@ -10,7 +10,7 @@ jobs: authentik: runs-on: ubuntu-22.04 steps: - - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/checkout@v5 - uses: opentofu/setup-opentofu@v1 with: tofu_version: 1.8.1 @@ -40,7 +40,7 @@ jobs: adguard: runs-on: ubuntu-22.04 steps: - - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/checkout@v5 - uses: opentofu/setup-opentofu@v1 with: tofu_version: 1.7.0 From da0f2dbbabc15f5b65b724e35b63c71a46ffd38d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 17 Aug 2025 04:56:40 +0000 Subject: [PATCH 162/377] chore(deps): update helm release renovate to 43.15.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 7e8b68a..cc40bf0 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 43.1.* + targetRevision: 43.15.* helm: valuesObject: renovate: From 9e86e7d703fe52677fce59334132156825b10aa9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 22 Aug 2025 18:01:23 +0000 Subject: [PATCH 163/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v9.1.1 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index 8f8d6ca..be8a6b4 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:9.0.3 + image: code.forgejo.org/forgejo/runner:9.1.1 links: - docker-in-docker depends_on: From 5c7b0f451293cb5f7f960ac083437c08dc0f88b0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 16 Aug 2025 02:37:05 +0000 Subject: [PATCH 164/377] chore(deps): update mbround18/valheim docker tag to v3.2 --- k8s/charts/valheim-server/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/charts/valheim-server/values.yaml b/k8s/charts/valheim-server/values.yaml index 305b436..5c548fb 100644 --- a/k8s/charts/valheim-server/values.yaml +++ b/k8s/charts/valheim-server/values.yaml @@ -3,7 +3,7 @@ image: # -- Docker repository to use repository: mbround18/valheim # -- Docker tag to use - use "latest" for most current version - tag: "3.1" + tag: "3.2" # -- Image pull policy pullPolicy: Always From 71b0cffc6f8aec35e49f2a93d205c649d0193afd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 15 Aug 2025 02:10:28 +0000 Subject: [PATCH 165/377] chore(deps): update registry-1.docker.io/bitnamicharts/elasticsearch docker tag to v22.1.6 --- k8s/argo-apps/elastic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index 012b40e..b65a53b 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.1.4 + targetRevision: 22.1.6 helm: valuesObject: service: From 09fc0a625e02fc7760f8a2954b546965dfdb03b2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 26 Aug 2025 02:21:09 +0000 Subject: [PATCH 166/377] chore(deps): update helm release authentik to 2025.8.* --- k8s/argo-apps/authentik.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/authentik.yaml b/k8s/argo-apps/authentik.yaml index 2d94b0a..fb7dc63 100644 --- a/k8s/argo-apps/authentik.yaml +++ b/k8s/argo-apps/authentik.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: authentik repoURL: https://charts.goauthentik.io/ - targetRevision: 2025.6.* + targetRevision: 2025.8.* helm: valuesObject: authentik: From a87e77240303407af8422b2f59fcef0830f8aaed Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 26 Aug 2025 02:20:32 +0000 Subject: [PATCH 167/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.18.2 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index c99e40a..84b1175 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.17.1 + image: ghcr.io/paperless-ngx/paperless-ngx:2.18.2 restart: unless-stopped ports: - 8002:8000 From 163d4b0aa549a81d1803d07bec985ebc75e7deb2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 22 Aug 2025 18:03:39 +0000 Subject: [PATCH 168/377] chore(deps): update netbirdio/signal docker tag to v0.55.1 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 316c614..739118f 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.54.0 + image: netbirdio/signal:0.55.1 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From f169af79b8a16129442fca9f681c7b0fb91013d9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 28 Aug 2025 01:52:07 +0000 Subject: [PATCH 169/377] chore(deps): update helm release portainer to v2 --- k8s/argo-apps/portainer.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/portainer.yaml b/k8s/argo-apps/portainer.yaml index 1f356a3..69ad625 100644 --- a/k8s/argo-apps/portainer.yaml +++ b/k8s/argo-apps/portainer.yaml @@ -15,7 +15,7 @@ spec: sources: - repoURL: https://portainer.github.io/k8s/ chart: portainer - targetRevision: 1.0.* + targetRevision: 2.33.* helm: valuesObject: service: From 842e81a04c91cec34bddc77bf58fb04047ed3838 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 28 Aug 2025 01:51:36 +0000 Subject: [PATCH 170/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v14 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 072c640..c830c2c 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 13.0.1 + targetRevision: 14.0.0 helm: valuesObject: replicaCount: 2 From aa82b3bb83e8ae08438c0b61d721749aca947d5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Fri, 22 Aug 2025 17:58:19 +0200 Subject: [PATCH 171/377] feat: add psql --- k8s/argo-apps/authentik.yaml | 4 ++-- k8s/argo-apps/forgejo.yaml | 2 +- k8s/argo-apps/psql.yaml | 26 +++++++++++++++++++++++++ k8s/services/argo/project-fuku.yaml | 1 + k8s/services/forgejo/sealedsecrets.yaml | 6 +++++- 5 files changed, 35 insertions(+), 4 deletions(-) create mode 100644 k8s/argo-apps/psql.yaml diff --git a/k8s/argo-apps/authentik.yaml b/k8s/argo-apps/authentik.yaml index fb7dc63..c88c03f 100644 --- a/k8s/argo-apps/authentik.yaml +++ b/k8s/argo-apps/authentik.yaml @@ -26,8 +26,8 @@ spec: timeout: 30 from: auth@fukurokuju.dev postgresql: - host: 192.168.1.3 - port: 55432 + host: psql15-postgres.apps-fuku.svc.cluster.local + port: 5432 name: auth user: file:///authentik-creds/pg_username password: file:///authentik-creds/pg_password diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index c830c2c..b2d781f 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -106,7 +106,7 @@ spec: redis: enabled: false redis-cluster: - enabled: false + enabled: true - path: k8s/services/forgejo repoURL: https://git.roboces.dev/catalin/fukuops.git targetRevision: main diff --git a/k8s/argo-apps/psql.yaml b/k8s/argo-apps/psql.yaml new file mode 100644 index 0000000..96bf839 --- /dev/null +++ b/k8s/argo-apps/psql.yaml @@ -0,0 +1,26 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: psql15 + namespace: argocd +spec: + destination: + namespace: apps-fuku + server: 'https://kubernetes.default.svc' + sources: + - chart: postgres + targetRevision: 1.3.6 + repoURL: https://groundhog2k.github.io/helm-charts/ + helm: + valuesObject: + service: + type: LoadBalancer + storage: + accessModes: + - ReadWriteMany + className: truenas-nfs-csi + requestedSize: 150Gi + project: fuku + syncPolicy: + automated: {} diff --git a/k8s/services/argo/project-fuku.yaml b/k8s/services/argo/project-fuku.yaml index 0ad7233..1cb3714 100644 --- a/k8s/services/argo/project-fuku.yaml +++ b/k8s/services/argo/project-fuku.yaml @@ -28,3 +28,4 @@ spec: - registry-1.docker.io/bitnamicharts - https://meilisearch.github.io/meilisearch-kubernetes - https://kubetail-org.github.io/helm-charts/ + - https://groundhog2k.github.io/helm-charts/ diff --git a/k8s/services/forgejo/sealedsecrets.yaml b/k8s/services/forgejo/sealedsecrets.yaml index 4353b10..6c9aa28 100644 --- a/k8s/services/forgejo/sealedsecrets.yaml +++ b/k8s/services/forgejo/sealedsecrets.yaml @@ -66,6 +66,7 @@ spec: creationTimestamp: null name: secrets-forgejo-email namespace: apps-roboces + --- apiVersion: bitnami.com/v1alpha1 kind: SealedSecret @@ -75,12 +76,15 @@ metadata: namespace: apps-roboces spec: encryptedData: - database: AgCOuS5HiC1AHU3oUZn0ol2V4OsVK3+O3iUZDtgCx7I6mkU7gNEEtz3vH/fXckAL8r7TI0C1s9/A2fPUGKAgC8B+rzG2iXSqfEWB4qUxuWESDwhCvn9KHbd2ewkhDEh2ajfrWIn89iq2q3nz+n/XOIf4FRgan0mwTVwnVSgHkR9yxEbxE2bLZ/INW8/UsmKvhA+akFuHx24R1FxmInIulnqQ/b+Wrfp55Qwa5AtWm2IXhxb5UM1NL/6Mcp2+Dpq2mvDvk5VchJXmEXfyjOfN1+TW1qcHcadDaPBvdA1aE3StOqFbqlN7PxXT84nVsZi2P1m+evGuoaIfizX7wdq6jUkl4l2X2QbxcUbnwj9BAPshpNfgW0voXLdHuJ3n/mqY4UtduC1BQbkYE/ZPZro9NqV2EMsWnL1YHieUR5kNhq33djjgUKoa4Nx5y1m4IMFsotTy2yjUZK2YUoxxonkrXAyqHqW2qBM/PEBcuvum1KnkAkmNYdHs8eSLNk9BXTLmC0LQ5AahrrSKte2sNuv7Kc/ZA+gTyhgYJTcdDhE4U4YPTSLpgLHbXpUy5vnVPgQVonoVdZib8Gma3sTinpvKH8XrPr9/o3xmlGWeMvnCvJ8qoF4izeWqaDQBqWcDFp6AZr0JgrhRkqWgMFK11D5WNXbuwjznU7GmFA7lweElgcii9FvbCTR7Tt2vCxZYz8ABF2kMW+MLa7X3PSvfh+d2gyJt9/p/AIqmxL9vJ3b341OM3hvjUy5vo4ZUEDTSI6FSlzJryF6CbuwvUuWEyuzeThysA0Ziy7RnSSdcYKlLv95XhJSftUjHm8O8Kgu/4MxiQe/ggn91xkpdb8I+bH3F + database: AgBmTrm6Kdk+pgMO/p88PQVQLH/hZKiEUzaOBqxXyCPPMOpEq/uoT9kR4bcFegVmjeKaZeQC9q5VCgvqfOusAroL3Kf2OvOq0C81jESs9mp5w2vBPJ0z8kE5F7jJ3mLpu2bYmHUbx/Zxs031O6+ciLGKxAu7F1e20zs/GUDYxudAyrz15zYNwPcQgCbMRnjpDpM3Dir0FYZ3uiv/Vn5/Jvr3jHdPlRM1LPBnIsGsNdLwGcGusybk+7vlGu2+KcRYsmOi9EZph4MFwUVsT5If2h/8PSwLkRGvp5XcA6rIhzHnRv8x8N4AsNwuSSHCFUp54xK1fhw/RFsfBiPhuFhrAYbVIk+PLkM/X9p9yZkr/d6ZfAkqlgMpKx4CNzDJqqDA3MDJssUoszcK0wbtbowVz4uDvK19KZuwK8ByUusTSi41aPGjIEBOBflV52sb4F7u5ur7WEgjfPKqQYd/G0ZyPTUeC99bFpyFzvwLmCDX6jI+d1g6qBNe6BzBOahfuBY462yQc8LLD0cAg848lDKHXtOnxVfMFRjaE6BN143FNJcMcE2h95LPD8C4CzO/KGUpeyUxFY4d0b6CEDYpRlTH+ytV352lYrwYVfQ6kyK4VQ9Fy6TNkdgSxr56FxIQrvbsIPrapzlIyLPdFfKCpBrQaYPAXEFWISi9ojJIqiJgNVStpjCcoU5wRGDvCob6MtzFjDnseDzmmM+No2ON+e++tEuNcuKeC0ZYoBFH7izQpxBaT/NTx50ahqwrlovzS0yZ8bKYhMWJsOkLUzAsJPL2QGUhXUcWd0BIC2AashB8Zp6JW1bq7cDRFgFgemU8FFbl9BwxtBUdCuLN1m2AQYzywEJykg7LrV+dhbJOVd7iqQ== template: metadata: creationTimestamp: null name: secrets-forgejo-db namespace: apps-roboces + type: Opaque + + --- apiVersion: bitnami.com/v1alpha1 kind: SealedSecret From a00a63de77b740c39676b0c1687d64392361391c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Thu, 4 Sep 2025 21:19:16 +0200 Subject: [PATCH 172/377] feat: disable forgejo's own redis-cluster --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index b2d781f..c830c2c 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -106,7 +106,7 @@ spec: redis: enabled: false redis-cluster: - enabled: true + enabled: false - path: k8s/services/forgejo repoURL: https://git.roboces.dev/catalin/fukuops.git targetRevision: main From 73f48389d79a318c3439064a92094f41f3b648f9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 7 Sep 2025 02:02:50 +0000 Subject: [PATCH 173/377] chore(deps): update helm release kured to 5.10.* --- k8s/argo-apps/kured.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kured.yaml b/k8s/argo-apps/kured.yaml index f89360e..c2c8d84 100644 --- a/k8s/argo-apps/kured.yaml +++ b/k8s/argo-apps/kured.yaml @@ -13,7 +13,7 @@ spec: source: chart: kured repoURL: https://kubereboot.github.io/charts - targetRevision: 5.6.* + targetRevision: 5.10.* helm: valuesObject: configuration.rebootDays: From f5a268e00fad011ef2eaebe0ce8adee72a1579ea Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 16 Sep 2025 02:37:10 +0000 Subject: [PATCH 174/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v14.0.2 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index c830c2c..e871fdc 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 14.0.0 + targetRevision: 14.0.2 helm: valuesObject: replicaCount: 2 From 5eb03c0433f1a5182844d5e0db074f6d0208b7ec Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 30 Aug 2025 01:41:38 +0000 Subject: [PATCH 175/377] chore(deps): update helm release postgres to v1.5.7 --- k8s/argo-apps/psql.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/psql.yaml b/k8s/argo-apps/psql.yaml index 96bf839..5e95747 100644 --- a/k8s/argo-apps/psql.yaml +++ b/k8s/argo-apps/psql.yaml @@ -10,7 +10,7 @@ spec: server: 'https://kubernetes.default.svc' sources: - chart: postgres - targetRevision: 1.3.6 + targetRevision: 1.5.7 repoURL: https://groundhog2k.github.io/helm-charts/ helm: valuesObject: From 06ac539d2166c89c9db35e3a03600561c0c5c610 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Tue, 16 Sep 2025 16:07:36 +0200 Subject: [PATCH 176/377] misc: reverte 5eb03c0433 --- k8s/argo-apps/forgejo.yaml | 1 - k8s/argo-apps/psql.yaml | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index e871fdc..d6b16e0 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -89,7 +89,6 @@ spec: NO_REPLY_ADDRESS: git@fukurokuju.dev server: ROOT_URL: https://git.roboces.dev/ - additionalConfigSources: - secret: secretName: gitea-ini-redis diff --git a/k8s/argo-apps/psql.yaml b/k8s/argo-apps/psql.yaml index 5e95747..96bf839 100644 --- a/k8s/argo-apps/psql.yaml +++ b/k8s/argo-apps/psql.yaml @@ -10,7 +10,7 @@ spec: server: 'https://kubernetes.default.svc' sources: - chart: postgres - targetRevision: 1.5.7 + targetRevision: 1.3.6 repoURL: https://groundhog2k.github.io/helm-charts/ helm: valuesObject: From af8d8a4d2317df3703187ef2229333731ad1e2a8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 17 Sep 2025 01:53:28 +0000 Subject: [PATCH 177/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.18.4 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 84b1175..fec42d7 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.18.2 + image: ghcr.io/paperless-ngx/paperless-ngx:2.18.4 restart: unless-stopped ports: - 8002:8000 From 8a958739458b9ac576f7ebfb8ffc55d4fc22b455 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 17 Sep 2025 01:54:24 +0000 Subject: [PATCH 178/377] chore(deps): update helm release meilisearch to 0.17.* --- k8s/argo-apps/meili.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index 579d937..64b6f10 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -18,7 +18,7 @@ spec: targetRevision: main - chart: meilisearch repoURL: https://meilisearch.github.io/meilisearch-kubernetes - targetRevision: 0.15.* + targetRevision: 0.17.* helm: valuesObject: environment: From 03456118d09e55e95cacdbdbfa4e33007f6d4b67 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 18 Sep 2025 01:44:44 +0000 Subject: [PATCH 179/377] chore(deps): update helm release renovate to 43.49.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index cc40bf0..187929e 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 43.15.* + targetRevision: 43.49.* helm: valuesObject: renovate: From 46cec59dc735eca4fc4594bac3338ff94ae0b906 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 18 Sep 2025 01:45:36 +0000 Subject: [PATCH 180/377] chore(deps): update mbround18/valheim docker tag to v3.3 --- k8s/charts/valheim-server/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/charts/valheim-server/values.yaml b/k8s/charts/valheim-server/values.yaml index 5c548fb..bdc7966 100644 --- a/k8s/charts/valheim-server/values.yaml +++ b/k8s/charts/valheim-server/values.yaml @@ -3,7 +3,7 @@ image: # -- Docker repository to use repository: mbround18/valheim # -- Docker tag to use - use "latest" for most current version - tag: "3.2" + tag: "3.3" # -- Image pull policy pullPolicy: Always From 09a2fa0ea21096345ae8a89cae65359ed349a0bc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 22 Sep 2025 05:12:47 +0000 Subject: [PATCH 181/377] chore(deps): update helm release renovate to 43.53.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 187929e..e7dc5f1 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 43.49.* + targetRevision: 43.53.* helm: valuesObject: renovate: From 000502ba9d381da8e899744185962ef51042e1ae Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 29 Sep 2025 06:32:47 +0000 Subject: [PATCH 182/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v14.0.3 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index d6b16e0..8fec6da 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 14.0.2 + targetRevision: 14.0.3 helm: valuesObject: replicaCount: 2 From d73431b7dba4f2b61bfc9d0ecf044b4d94b05fe7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Oct 2025 02:14:20 +0000 Subject: [PATCH 183/377] chore(deps): update helm release renovate to 43.54.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index e7dc5f1..cee6aa1 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 43.53.* + targetRevision: 43.54.* helm: valuesObject: renovate: From 4e39563e5483703d3e8bf2b0ae462d13a1841780 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 29 Sep 2025 06:34:57 +0000 Subject: [PATCH 184/377] chore(deps): update helm release kubetail to v0.15.2 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index 7e76e20..e3d73cb 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.13.4 + targetRevision: 0.15.2 helm: valuesObject: kubetail: From 0f6a8cc6910777c61438078b05e1394582c08d5d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Oct 2025 02:09:28 +0000 Subject: [PATCH 185/377] chore(deps): update netbirdio/signal docker tag to v0.59.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 739118f..806d5a3 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.55.1 + image: netbirdio/signal:0.59.0 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From 43b868e6155fa17d825c7ed69671a4e08e1d8759 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Oct 2025 02:07:49 +0000 Subject: [PATCH 186/377] chore(deps): update netbirdio/dashboard docker tag to v2.19.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 806d5a3..4387055 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -1,7 +1,7 @@ --- services: dashboard: - image: netbirdio/dashboard:v2.15.0 + image: netbirdio/dashboard:v2.19.0 restart: unless-stopped ports: - 8005:80 From f25e734a223e7770139f731e2fc630f26a1851ba Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Oct 2025 02:09:06 +0000 Subject: [PATCH 187/377] chore(deps): update netbirdio/relay docker tag to v0.59.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 4387055..a7bc924 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.54.0 + image: netbirdio/relay:0.59.0 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From 337553736bf8aeb61c42fcf18262bf427219804a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Oct 2025 02:08:46 +0000 Subject: [PATCH 188/377] chore(deps): update netbirdio/netbird docker tag to v0.59.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index a7bc924..157cea1 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.54.0 + image: netbirdio/netbird:0.59.0 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From 5a97416d90536f2c320447843e625b065f2f693e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Oct 2025 02:08:20 +0000 Subject: [PATCH 189/377] chore(deps): update netbirdio/management docker tag to v0.59.0 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 157cea1..f3c095d 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.54.0 + image: netbirdio/management:0.59.0 restart: unless-stopped depends_on: - dashboard From f28b0fe95d2d71f6932f175bfafb50303e4954a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Thu, 2 Oct 2025 12:13:53 +0200 Subject: [PATCH 190/377] chore(deps): update miniflux/miniflux docker tag to v2.2.13 --- k8s/services/miniflux/deployment.yaml | 6 +++--- k8s/services/miniflux/service.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/k8s/services/miniflux/deployment.yaml b/k8s/services/miniflux/deployment.yaml index 2a8b131..f6be938 100644 --- a/k8s/services/miniflux/deployment.yaml +++ b/k8s/services/miniflux/deployment.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: miniflux app.kubernetes.io/managed-by: argo - app.kubernetes.io/version: 2.2.10 + app.kubernetes.io/version: 2.2.13 annotations: kube-score/ignore: pod-networkpolicy,deployment-has-host-podantiaffinity spec: @@ -24,11 +24,11 @@ spec: metadata: labels: app.kubernetes.io/name: miniflux - app.kubernetes.io/version: 2.2.10 + app.kubernetes.io/version: 2.2.13 spec: containers: - name: miniflux - image: miniflux/miniflux:2.2.10 + image: miniflux/miniflux:2.2.13 imagePullPolicy: Always securityContext: allowPrivilegeEscalation: false diff --git a/k8s/services/miniflux/service.yaml b/k8s/services/miniflux/service.yaml index 4062c5c..8e38cbc 100644 --- a/k8s/services/miniflux/service.yaml +++ b/k8s/services/miniflux/service.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: miniflux app.kubernetes.io/managed-by: argo - app.kubernetes.io/version: 2.2.10 + app.kubernetes.io/version: 2.2.13 spec: selector: app.kubernetes.io/name: miniflux From 14fb8f64096175f9549ccacfb034614d1e0ecb1f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Oct 2025 03:02:22 +0000 Subject: [PATCH 191/377] chore(deps): update netbirdio/management docker tag to v0.59.2 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index f3c095d..f24b4e3 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.59.0 + image: netbirdio/management:0.59.2 restart: unless-stopped depends_on: - dashboard From d10c3fad9f5b8d9a362ebc2d312a97bd5d402d49 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Oct 2025 02:41:59 +0000 Subject: [PATCH 192/377] chore(deps): update netbirdio/signal docker tag to v0.59.2 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index f24b4e3..85ec833 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.59.0 + image: netbirdio/signal:0.59.2 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From 6b36bef9028669e9cd0abd434657501d10671a61 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Oct 2025 02:41:21 +0000 Subject: [PATCH 193/377] chore(deps): update netbirdio/relay docker tag to v0.59.2 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 85ec833..090cbe0 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.59.0 + image: netbirdio/relay:0.59.2 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From d2c30cc93ac5661b0d56a3a245b7530cb73fb408 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Oct 2025 02:38:52 +0000 Subject: [PATCH 194/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v14.0.4 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 8fec6da..adede13 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 14.0.3 + targetRevision: 14.0.4 helm: valuesObject: replicaCount: 2 From 498ad643ff63faaadbb204ac957347adf93c4fab Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Oct 2025 02:38:56 +0000 Subject: [PATCH 195/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v11 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index be8a6b4..a885ae2 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:9.1.1 + image: code.forgejo.org/forgejo/runner:11.1.2 links: - docker-in-docker depends_on: From 12fdbba5d9785f6b99ceac4321dfaeebe287de0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Sun, 19 Oct 2025 01:36:57 +0200 Subject: [PATCH 196/377] feat: remove valkey --- k8s/argo-apps/valkey.yaml | 29 -------------------------- k8s/services/valkey/sealedsecrets.yaml | 16 -------------- 2 files changed, 45 deletions(-) delete mode 100644 k8s/argo-apps/valkey.yaml delete mode 100644 k8s/services/valkey/sealedsecrets.yaml diff --git a/k8s/argo-apps/valkey.yaml b/k8s/argo-apps/valkey.yaml deleted file mode 100644 index 0f0d389..0000000 --- a/k8s/argo-apps/valkey.yaml +++ /dev/null @@ -1,29 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: valkey - namespace: argocd -spec: - destination: - name: '' - namespace: apps-fuku - server: https://kubernetes.default.svc - project: fuku - syncPolicy: - automated: {} - sources: - - chart: valkey-cluster - repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 2.0.* - helm: - valuesObject: - existingSecret: secrets-valkey - existingSecretPasswordKey: REDIS_PASSWORD - service: - type: LoadBalancer - persistence: - storageClass: truenas-nfs-csi - accessModes: - - ReadWriteMany - size: 50Gi diff --git a/k8s/services/valkey/sealedsecrets.yaml b/k8s/services/valkey/sealedsecrets.yaml deleted file mode 100644 index 79a3f1b..0000000 --- a/k8s/services/valkey/sealedsecrets.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# yamllint disable rule:line-length ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: secrets-valkey - namespace: apps-fuku -spec: - encryptedData: - REDIS_PASSWORD: AgCLFwqtfp3PeTgh59pOOF8eYBhX4FGQ6c/Fp/DCsOPRXCCBEpJNoMIZZZAtMQwliDLxmET1bSpF0gD5XwuqY/hQcMWyYP5xYVPPLg/v4d43ufemYCs34+NG9tvYhOpW4TZUBRvIAUXV7ZxxtShEQwn0NZUVcqwsJXAjH+dk9hXVAcGysrMMT+r3jUrUM/0XBu9gkzpc2mp1Ec2YuNy0D9CnV7kOCYgSW6NfiE83iMLirJdlLEUP/NfZ7STAS6E+/+/pqIjBpkVvTlvBNWakuOsGUmmBYSCcpH/CQhP+kuOOErZykcGv195qYkAROyP0mriKrvzrYG5KtYN6RvLO1BBI8Ae0P/k7le8PehP/3Y7dlcFNM+Hs2qWWGNrkEj0hGXu3G8AaKm5HqpBw5istXprA83Uw7vqKotjqUd+2NfO9yCQr/mkk2t5pVFe0BZbgylU7/qkmIeiuDPYVnnlbl0wKfwliSUhRBMwcaTcc6CEw44IRdslNCmNReC9vZRM3My6RifPRXPuHnyUVagegrfg/wey0b8lgRGvUixfsz58IxrYLxeoT2Ww8BbNrJC4sNvFIlieXbD/RElf+qbJVBhNza84YcpzvUeYNSu9U28Uxa3mJfXzosDt1k68MWbRmWAvRdqt16jV6/mLVs/s7vx1/X+6XwDnTzh5FuWQwifyxiyf+KuDvTmjJ+0PFE1FzMHAkWRJDXpEHQPQpGeyuc6le - template: - metadata: - creationTimestamp: null - name: secrets-valkey - namespace: apps-fuku From 527b954c639c239b36065f2fd8cfb4f44d09c0c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Tue, 21 Oct 2025 23:03:24 +0200 Subject: [PATCH 197/377] feat: add redis --- k8s/argo-apps/redis.yaml | 32 ++++++ k8s/services/argo/project-fuku.yaml | 1 + k8s/services/forgejo/sealedsecrets.yaml | 140 ++++-------------------- k8s/services/redis/sealedsecrets.yaml | 16 +++ 4 files changed, 68 insertions(+), 121 deletions(-) create mode 100644 k8s/argo-apps/redis.yaml create mode 100644 k8s/services/redis/sealedsecrets.yaml diff --git a/k8s/argo-apps/redis.yaml b/k8s/argo-apps/redis.yaml new file mode 100644 index 0000000..698214d --- /dev/null +++ b/k8s/argo-apps/redis.yaml @@ -0,0 +1,32 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: redis + namespace: argocd +spec: + destination: + name: '' + namespace: apps-fuku + server: https://kubernetes.default.svc + sources: + - chart: redis + repoURL: registry-1.docker.io/cloudpirates + targetRevision: "0.9.*" + helm: + valuesObject: + auth: + existingSecret: secrets-redis + existingSecretPasswordKey: redis-password + persistence: + storageClass: truenas-nfs-csi + size: 10Gi + accessMode: ReadWriteMany + service: + type: LoadBalancer + - repoURL: https://git.roboces.dev/catalin/fukuops.git + path: k8s/services/redis + targetRevision: main + project: fuku + syncPolicy: + automated: {} diff --git a/k8s/services/argo/project-fuku.yaml b/k8s/services/argo/project-fuku.yaml index 1cb3714..e8941de 100644 --- a/k8s/services/argo/project-fuku.yaml +++ b/k8s/services/argo/project-fuku.yaml @@ -29,3 +29,4 @@ spec: - https://meilisearch.github.io/meilisearch-kubernetes - https://kubetail-org.github.io/helm-charts/ - https://groundhog2k.github.io/helm-charts/ + - registry-1.docker.io/cloudpirates diff --git a/k8s/services/forgejo/sealedsecrets.yaml b/k8s/services/forgejo/sealedsecrets.yaml index 6c9aa28..4281e2e 100644 --- a/k8s/services/forgejo/sealedsecrets.yaml +++ b/k8s/services/forgejo/sealedsecrets.yaml @@ -1,121 +1,3 @@ -# yamllint disable rule:line-length ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: secrets-forgejo-signing - namespace: apps-roboces -spec: - encryptedData: - privateKey: AgB+r00bfAxkhQM2mxWpDRusubkWgkTH0/fWe/pPS0WOmo4iUVPPndSRmomo5g4cB7Oq8DasAV/oBEjmDquDCMPk8mXa+oikjx0ewvaaZ7651Vk1LVyqDik680QGUn2zwzOtVrWJa9tvXzfe+ciwj6tJhUmJaI0kgR/yFkqu4/JrmNXMnYtmT9ahMbjNJeOyKm5uyF4p4RxMxReycAnHw+FMe6Tdn3Zdl5/kHtfJHaEDDUVJHV2c9rZUbGmsJK3q2Fz3tkXyjawBL5tnh62G9o9Cet6flIZDabnWtTaqSDdpEMhFOc3uHTgTe3U2tyTHG671IGDTjRJDr4gBStbzHqGu5Tydaz+EMgDBtJkP0PLn6CWawrxzg2myJND/g6vmO7RQjT6TnEpFd4pHsUH57cx+xRxz7K0ioA7Ad/kFctluy41TNrDOa0j8eEMNELOVEv4tEsfjgHGSgdJIG9pjK8zRSIlvBPxF7vf/XcRoSKfba5xwaNVNfSBkhB0oQK8ExHAf16Yg6+anIvnmR1bugnbGOPMMvQRswdw3pC2c7OVscDl8MNHSr9/Z+1iVv3PkTSFsPv8JBvuXlqMWSe7tMZnunscZ35T8nyDdiKJhMOK30K3vrspWy8V1xvyovqkONLuz8wWmNziTjc1/Z3Y3EL23NPTry1+luGMF6++ocpZ8ROy+n5ijSkNOVBt/Wsc3du17zUuKhT+oTN2Sn0nJGNVXcvuVHshsg5CH04+rO6b4SjtA1BGGKTzOOuSrdlhat7M8fiEpJ2/s2s/azF362nVE2EFY0w8OojAbIBcEQkQZtH6ZJ1mLIgCt86pstTVen48PmrjAE002NegL1RUU5ls8nOizdSszs2iYz4cfWNmYAzqU8wjqiKV06Dpx+xCdZ3HnQFGalDxQmItFz8EKGtuNnaCsRbzKG1k+EVMRtctFNyCnbxajeBAvIE/W7MkgrfkraGU98EGDGqs9AP6tfMoVIoHy3+zcVlGa3KIReSEUQaQlvP1WSe0+G8PKyzR3S8teakyk3WR9Dt3B54E2kFEGy6BwnEsede9MQhOf80A1zezIcdVKBINm5uD4gM84kmHDv9fA5E8K5eWQLQEP+6F2G27XGDvUIJuPmf1dzelGXpwHZhqP/xVbP0qfNVqzhoArTTmnU9COB+qgjoxJtZy9kTT9eHKHbKzgdDtRRt0UFUz29MZQFEKmD2bra4Ouxy6g7TXGNjIKVW8ZG2Mn576yw87VMARQuwA1klybXzSxYOOT7ffk15KPdt8tqhdlTjOiM145e0BQUAIwkuziyp7PSPuvGasZUtz3Zo48lz5HgXeBIxBnSy0jVYNSeIjWBrPpAzHZdTN0IBAQqQ854bnV/7tA0w7L5ZMwStpbWki8iQpln3omsq0hEmMJv8W8W9GLx2qXplyOjWDKbuwTVKtw0EaH0eYZG7/iVxk/9hzxIkvA7Gpyptifef18iRUSE6JORFPRMOTHn5vLFrBNvzQ1fnXzVIA018ZbprV1sLrHfVDcy9n4J0xCYDnAX43GhX/ewu1C8a3l13bpPJAU0RP9UZNRTGtVV3KiEdvF4pMRuDFfXdSv+it/q22qgl8oGekqvm4HlGXXkncLJKlF/sSlj5jV - template: - metadata: - creationTimestamp: null - name: secrets-forgejo-signing - namespace: apps-roboces ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: secrets-forgejo-admin - namespace: apps-roboces -spec: - encryptedData: - email: AgCYRBSTXcL7g7PozKI/AjqWJfY0YsDtBBJrCp/iEBGBt5jestwDukWXvddRWc1b/Mme0s42/lqukqx43UDtPJ/obWh3icWnsXJaViH5+JRp81MjKjXMNSy9dnpDOKfdA/BGn6fuUo+U6xM6GfsNLT2LPVdq61i4Vfs4BDMuleQAdGc+p8nUJpmde0KiUwGiSKQOsUQHyiPM3xYcdDOXmBaPC3d6pN1YarXpuV9BCRhJeBez+/C1QbHlBOf5vr9Xno1CUGlc12zrT372mmhUP9UNKJWolY7ZwnwZiUktBkXFixZ3pYD2mdqlcj81BNXLP3OuWrAjQiRwMgjcI83jwvrlC7DJKSkk9OYSVfSvWoQOLCVwtxXDSWqPPl6l0mhv5ie+b/DM8kvrtr0kxj4ngrOtmpE/l7QuCh54wEdVLk+O1qlS5tgKFnBnZTdL+muGAJpC/dS3bVskumMC21ew+tRCCXQlaMywjl4fZea/yz8TuNZACY5guC+oK/iOqKD3eeHQxO2zNPI/xTjvgdMh98jd6OkREUNuaDkoqXfDt83XLHAZTrLzGqdvnfSYtpeyREga3wOh+JYAvYH180QAB8Pm52VWBvIYyQCCEprcXQQWwnnram1Wzvn5YlGdd3Ezt3z++4brtuICyYuWMF51LuKzVYrsde9tbe7rLp+gzZwy4P/rFV1G0KW87Axm/NnyedhU2NspTQv2T/w+WQFm9+LTbHBg - password: AgAmczO/BhnHqi1TO73JKF0J/e9Nvxm3F6nxvoMD+yq+qIaEqHlKVYT+uKirokj1PfGCX/Jgeoa+VKpsDY86JlK+PTIzvcM0/VQAh4ty9ER+CHNY+c8ZMXyrXkRCu8qjQfKVNJ0/eGSUj1bXsxOpQlFsIdk8FFgq9rOaL89hL388zLj7DC1KR6pI7+1ETtQqdadMTKEHshDKz58cQZHUU0+6GbVoXwd7OEDJ6BMEPUyZagX9dtKJXyxN69tAC60T9vCJyfLkMV8IS93PZGcwJ63yOELV+hIdNwRLOBODuQjWftbdPGzZygv4fr6g3QOhgNsRp78BXYR/Y2lEEn/e3yXrhQJJnv8gnczb79ymUdHLHFBdykrnEDqUaSWZay9kEfk9XGTwealCMlSkMAPw+0kLfU0jjlsrazycsxZlbOmSe3O8hRPxhTAMFGzHVkqXo5UVLw3CrU9w4enVPnKXZ9Z7B/61ObCbj6QdCh8CQem2FwRORs2SdQAOjKfFp4TXMkIPOXyAFusPsomFpkix8aRXD5QIi2Ex2GyHsh4BonIvTwGd1oVgkCgF9QpC2FyVIiy8pSVGX0r7Gx7YI0LYeL0nF6jT3HxP0HBeDpSZkCcGQn3kNPvtiYrVi39aaU8OTSzwghfYQclWKwbCSuEr33yFPcAfgPbWwFIN2M73zn2iGEmirqUwfH76UdbWU2+beXwDKeKXcY4HiUUHqsQjKA== - passwordMode: AgCWjs796wR9evramu2S8ALTqbyn6vfdLFqnNkNUJGx7Cxvx+vo2j7J4/g8iEtUXzqAGSw5JYH/ifOPLZz9pWZwTO9vFu2Rr91KpJA14Eo5GNj/KJO1NafVMxRXDpXd/gENPrwonbrCj+s1YxQGQeY2STqINcpuCT+/sH3SsEL6Dei3KW39ZfHw+UcY68Vv3hKejd1F3HDMOgqwA9TOj4cRCt5Eq1VmNjhE6dpFBNFU+cwNDpsYgCMw/Ir8VkSAJcpllSW+W7vTRS1BYGQEoKRTaRbQD/2mpTh2W2hCFmUrUHsed4I63V0lfa2OpQjSDbCfKAtEwvrOiFm16L4A2dxX9FRAVpIS3L5hXwZTNFui+4gD5JuatZPcZjqvHKvk6gvZdi0D2B1Cl9+kT7A6h+kEN7Ru5tMFIUOyPtrdqSKf1V78C0HlvhK8tt5NYjIiV1gRGRVzUwfep8zolPE4jPsTsf4Edahqkq9z3JLlZ7sHLOVfTkoop4DTHAzTS8a0FTHnVMn5QIGiec2t6gAW3gOvufqcRA6/M1ZcdusBrt1p6DsLFhHTOCehrgW0+o4GByj3IAdGl+suAtAZcedXkUulifEgtGNuXZwF4euLYlsGallwcUa+6xeKClchJO7CYYEKG317xSdGN+y+PRqPnB4YtbDjIqsbFInGDEPY5b7rRbMhE38zYxPUopgqbv9QfGefyCRj26B8Z2uQ6Kw== - username: AgBiBO7O5wif0N98fTSxk2rBkuyJSmDyWIlNmPntcdTs7/VVSkC8TwKmxLKlfJgANd1fZ0SeEQN+Z3U97YTVMm9h6XBfFeOe+UUJVF2Vt6+duIG1mBLNURuMkdXmc3A3pUYnDL5/mczFXn+XkEjAOSdILk3DpvVWymUbYTIB4qaJqzK9LKKnR/igK0Yb0kxXbzmffhs54hsgwuTlZRlkR7DtVCdOmVQVBjA4OEiBQFMjJrVz68OD/Cs5l3IB43D7zKwIZWAvL1ePoVNm88XhaTNgSYL+ccy8I4WJIz/3lVckv2Y7IQSeVoAH2nVKCQqEBjbjxr09RVBk2E8qWYTqTUVADIsbq/5XPROmjZ4H0R2H0zBbNcY5K0oV+tSZjRZOrVOPe6KHtHw2HT+uuAW+yvxGkhO30vXXt5CbmFKNLmlIG2NmTajYw118kcbJSs8f7Vgx+hZ4zTdqTN1Xg7gzGxvvgiuJ24dt0W77P1QJmcaJqYLqLXdlIYJuHxMReiGaxAIfqfnubvuYkP7pXVXazYMtsAFS1SllXR4bo8N6mpkxRq8puoL3iwDNlXo55gHX5QTNyN4KBPGWBnEKNOcS6cPKMYbdrosFpTHTKsU56b4bU2hYFEc4qjBhZC3CE/yry5CRzr3Tqt+e/9jHGSqkzfS0adD8CNI5L6Mow3S/ARfC3I9pH8bmj5LiPPhuCADzgr8136ZD - template: - metadata: - creationTimestamp: null - name: secrets-forgejo-admin - namespace: apps-roboces ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: secrets-forgejo-oidc - namespace: apps-roboces -spec: - encryptedData: - autoDiscoverUrl: AgADpojDS4NUWIsgD3HF4X11blVZWNtlrkWdbTP2yWLHXti4XV1nQUzSUMxaq0CYtjsWIHF1A+OmzPppwZhIAJrf3+ahaUqOX6UQ8eilOiEgylwzhg7a/AYIdiU1LBfKzB4Hjz2/8hOwmH7GT3TlsFSRy16j7cLSybAEkftWWawD30a8IEFiy+UJwWRswuIwqOK5EzdZu4XNEO1zzbaA1H69KNLFDH6JEMq/rXIuz1tbE9umLkg9tcgnEjqcQumx0u4ft0eLsoHV+s3/EjcGeJGDtvDF96DnTeaOYKDleZc06K8ZK3BrCka3u755lU+p4Qr1BR6XgntqpXE9bV+bwgPPJU6iNCgovaDky7SkxVnXNNcpR7Qwsw7q2w+Px+oDFdrkFcZaVz1VnJAiTksxiy4Yd1udiN1UqERNak9x9zX21sRYPQtUVjKMGhL29kZgEQbwkakioODuy+XxpbjdInc+lcbf8AsKzl/JP8g1NnoT+K43dlQ/XWoPnM5AP1rRVxehTqUQ7z4SAcErxBevUFFCWPsXU7PeS0shCIBmGh/9fbi83cHB0oF1uZGJ5lV2pMi/4zrVIay5su9BfXQrgjZABK3VVeSgljpeBqBxIsu1LfdE2jg2mGMA46t2rJFTNEDlkfhwz4sLgWIHUA6XN+xeibLAtL5ckroWlXdm1K4uOEru62VYyqI0+UtA/IlnjrpiYW8uJAbLlmsZmt4aC9nCUYOU4xXMlY4XoWKj3fGKu35+Fp8242ow0XJTjSEdIqUbUmoYPa/KNbnqkRcXE4cHucpbqs72wHOvNYk06g0gJw== - key: AgCXF1pFfI/IQ5roi4RnsMCRFaPysO6A8nj23tZd9qJJ3an0Bu6X3pSzXmlLdnIt93WoVA0Qw/zmH1/LZzrca4ScE+/csTNA74VdlND4b5zhb59fXp5XKNt4Rv6nu0rSzLfaYvA6ucZeAJb0RUPZB5i7h12KpjZAn1KmpQ0hhaZhT07JxC4e+QVsqkzA2WOyIwX6DRXItaSGEnv7D61Gt/MLHhL3a3MxNGtu1oElQKVMMBMseBnWYFN8LsdIpMx5ertkAGuHC525iLsEJ7cfnWAebHyB295lCkARPEEYeStoJm1t6+PvWKIoq2Jv9SW9JhTkYn9QomDAC07oJ5hS54DZIcdF1rFShhN79rfIPJRuqnehG6DVUlT9uODg2gKRUjaqP1LpiOZN+nze8JtsG/GH28Mg13GRgVkjWqtYYLvDf5iKwEszOBfxeClOeliDVhaoXFoOdkNk83KRQnI13CE5Kpdp88KKAaYxMoI5WHjrqkx8HWhTY/vG9w7lUYAD+CStn1V1h4DqwkE/e7kYyUMmevVOzuXIlRaOF8Ca2l6N3sTmNTYicRL8wNrPqQCSAfxzi9odMWZN1IKlz3AJ7CqKykNuOTEfy7QNIPEKpuTlYMID78k+JhKMYPXy9KmnPRcE6PADDir6zAbUzZVqSSAor4PGDnEiH+Cixk1nMuh4mPUyspOLAYXs/38TvdOjGsp5srtGiT9E2U0sTIVC40xzONkh9wxqo6tg1MTO+ncnf0ILlmT4GF3M - name: AgAhLbpXrfXbLlAWdt3M7YbILunCfpDaI6O2EnzLLCFdDlkXzxHvO64uxYF2P6TST3dfvJl7bAw179meUpy+bn8NRonveSz184Ny+nfy4/w1eZVxb4iVmQ0kZ8EJCBHzHAvyIRfRKUTbW7HqjuQnbN+nOhElb240utR8cNfdnvlASfI+fZbIsz1XPMlGyXTga+kmgIuYk9vTNdDJpjEB1Pzz4BLfApnNFJ78RO49GmS1IyBkL5vFrKOR51GPv1G7VzJApA636XWmykGfMmMPxHXCbHhquJh9ak9/052dQ3u+AMpLCxVjg6ehJi+5O1sA+8ZQpUeHJiggskIOP8AbOYckdcTw7bBSj/SwjX78eE1P5bhTVRbCCyC7RkpBCJnz1Pzqt+vn/M/Tc1hhI5mSLrmZN9l5Fe51bQulM5IMno7jKc5miGLu7C3SyeJM9xDB15JcExiVO9rvyW/Z/V2UcWlVOp7nGc3NPnP+p5ipxe7pPSwW6laSkzvpGAzTshBm7/k3usbEKrwhnmw2datQ9CbO9v6ZqCTLYc4epL7FmQEqc4XvltUqpG+h6tszJSa/bKSnpCFqesE9oxPpXfocaYU9cDcUHuj1QCnYQg61oDU6TL+BvIiqxIKacY0Z2jYQ1Q2VaC0LrH8IDB9JmoNyezGwqJYeY+BLXUcDJs5gMccgwtW93X4ozaRjv0bPrpCi25JfZAWTxIkNeWU= - provider: AgBOMb5L4Ya9Pe+sRN0fsGAFlejDQe4dvqZ4VfUGisN4RLsVmcpIXkNO3Nr2YeCOcvkGOnGDTJHh4mQICh8EXNOjF7yiKd9xG5qYAuPbmaw0mqKHM5YlIEGSWj40AEI3xXJPbhl1hNJPOwjAYbBUzGMi4MzlkBR6Hqk1IvPfTdhNLiCxX/Idv7slE4Kj+4sdNUa7PAUaPXpjlRYtn1exVxcY3E232ec3+EV3k7jJyJJWMG7LS5/NjB9g14lYLKbL8XU2ParD/1O0hXWPvhKGllW5gUXvg3LufKFCk+ALO9CCJ/8rlU4HmmD7U9r8UqfMO3krmXyayLzNHbxmWe8/GJs8re/fW482TCrQkTpPqgjlJtkRBOVmhei6m99x2EVWL4YLZN5mFQo9DZSwd8fCcPw57APGwODnTpK5OwZc+ddQDBFR39AaQWD7CFcnmQDpVZtDQWie3Dk8KiyTZeAPlxXGAcY4BY0eplcXlmOtSEeSiOOOKGG1Ey4qjZMDl87yZcYI0bwpylNWPCvjrpxnuEy+undulGyTJjeLJpEIqpdSmjk4Ope/bfUfqXl8VfEnmlJ5yMgRv0jI77t552iewhbW+CV7NhyOgEzFxaCt45SsFQn3b1qdM3Cy/sJVGkb4bo9K4i38UTvJ9IdJ9DIKM8vQSTCAdCW+YAU2JQsVZLVHuscoUP06Dr7dw0tWZTlja73Wkja2 - secret: AgCoDNye/WbGbO3KhmHh80qkET/RGTTBZxwp/7prKOmOsi2HLWaEcziWZmkSEtMh/dqZwp3E4j00fzFFhbpaX0vzyNgmCYhbBPesdOxoCW2a7C8QwQIFOWiQSxCwwt8Ll3bU9LH8hX7suPOnFnHsOzaTiRMoiRMsi3mXpHJV/2QqLxEVNaiJalxkUqT38sAH/or6OaGaMKibiFkaLh+b0XaBiRzV6t8wYPX7u5YbZczxhEcfV4uLxIzx6PynvF6TtjTHY+PQ3H/+lukakM70IApi++PMCEwf+TiTAI1R7ybmGtI0spzhgY5LgR7ebIUbhNwRxLkedKUOnTgGH0WAh4KVqeVY0qJh6kqNiUmaNuOwDNSkJZWdfvqMIaNTwPlPPZ8SjOheqYIJyHPD8FvFJb/FTzGeHquyfK40qLbqCAIlhDd6OBU5PoqPVMNSaOHs9KpVGDKEL0tT0wz1Bnb/xFrs6Gr5SIXu3m1fUb2O5I+Q3TJOjn1xEfhaFiN/0TsyaNjDKEVbit4BU7Fa8GTbGVKHTJ/h1aG/qsQTWJ13kkuBeQR2DOJWeTvIHSbPCl9Q6bWWw5vPWszA3d9Yjq+nCHQcpsvLrqtuZ1uCxdUl02x7Gv9IjdeZyJ3thvLwhQzQIbo4/wKRPpjdyhu9NJ0578sXZUJYX8W59TsAN38lFj8tUl0mx87TP0dH5eoB39Mu5ufpjIJE2LLl/c5y3aHOYtVQwXVqFmIT5he9yFylMsJD0UeQGedxWSHfap0e+F01u693eUcT3Rjse18eNQ05NqyPUEOqBUQrXClSjbiQVG0ZKeJ4fnY5CNYG0/ZH2jB8Z2yV/CpiJpWXmKINT6hj6zb9XwvM9uJOfkzXgQJK1n4EEg== - template: - metadata: - creationTimestamp: null - name: secrets-forgejo-oidc - namespace: apps-roboces ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: secrets-forgejo-email - namespace: apps-roboces -spec: - encryptedData: - mailer: AgAcnKAn8eDCkN7V6b0afbnoesqIVYnSwPpxIJNoyoTWHgku8SHN9gKdwfLMteNejfpngX3tJql4csMUxy/C9jGp7T8gGVIvkQzdaQgumUR/rRVc384mxEaLbKo3b0rj+tbXejIOPzj3SXTdo6D2L/IqvaEXEOiLODLeZVRcM1d9nXGtxABkaKmKnL0lcNlr7Mdny85EFAtTVyOT29rHEbOskHBcwSwdWnkyxPb2QewRwYqXVFAcjTxB5FltZAI0AodAP0wv0+F3UEiBU8311lXdeubusocH2QvlQ+4JBF6VL3BDP/5guUDlJTBPQ5XN2y4VfRZ9DcNUeCoTs46r69gn8UyUuDO6qxYa3qgsUfLqyvvT3BTFRuAyBF2pFA3zaBUOe12GvM08Hg3AuHXiP2KsewwWuSeTTJ0u+ApHAcRhpyFW5O0voTbqNqbvfnHvpbwrLa6FuChTcLlKpfM/TmQKnqx8JIkkHNYRqtnZtXwAtHsGjBGI2RV5bpgmmD9XhKoNAQfyOG1x1QqZeP6AZB8SJeCzXzqBT6qYWe1kNJR/vPEZ85ijnTgQRMDyhcMOkqc7wJGVhidQantWF3ZT+cQiKG+MZBGMxjoOlv9MCqnDyDjv7wYfZrxDmEB65+A76/4TJlhZ4s2JEHyHbWcbw72V9PfrTrrZdO/0SfDkSUPKni5YLgQ+jszMzxbrN8L7vKbYZU6QyXF5hk+9JeqPT36VcbzPGMcDCNieOKomq8iuK97iQ/n36feY009XSFUrHyrrSMvM59ZyQNNvKQk82MDFzlX2TS5uwOONrfh8XtW0bOr3AcGkCEtmh7JoxqhmeM6XFG9vI01T2SbY1C/bmrbe3NJXIWkJkMlymJU1ISHxXMYgpxOkboVDtlmAn/8i8RDIEBEOaEcj8oH8fN+n0coSIpiMxdRk4/xnHShsaAnYyasOACwuZJcvkCMCZmNm1Rxkf7F2 - template: - metadata: - creationTimestamp: null - name: secrets-forgejo-email - namespace: apps-roboces - ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: secrets-forgejo-db - namespace: apps-roboces -spec: - encryptedData: - database: AgBmTrm6Kdk+pgMO/p88PQVQLH/hZKiEUzaOBqxXyCPPMOpEq/uoT9kR4bcFegVmjeKaZeQC9q5VCgvqfOusAroL3Kf2OvOq0C81jESs9mp5w2vBPJ0z8kE5F7jJ3mLpu2bYmHUbx/Zxs031O6+ciLGKxAu7F1e20zs/GUDYxudAyrz15zYNwPcQgCbMRnjpDpM3Dir0FYZ3uiv/Vn5/Jvr3jHdPlRM1LPBnIsGsNdLwGcGusybk+7vlGu2+KcRYsmOi9EZph4MFwUVsT5If2h/8PSwLkRGvp5XcA6rIhzHnRv8x8N4AsNwuSSHCFUp54xK1fhw/RFsfBiPhuFhrAYbVIk+PLkM/X9p9yZkr/d6ZfAkqlgMpKx4CNzDJqqDA3MDJssUoszcK0wbtbowVz4uDvK19KZuwK8ByUusTSi41aPGjIEBOBflV52sb4F7u5ur7WEgjfPKqQYd/G0ZyPTUeC99bFpyFzvwLmCDX6jI+d1g6qBNe6BzBOahfuBY462yQc8LLD0cAg848lDKHXtOnxVfMFRjaE6BN143FNJcMcE2h95LPD8C4CzO/KGUpeyUxFY4d0b6CEDYpRlTH+ytV352lYrwYVfQ6kyK4VQ9Fy6TNkdgSxr56FxIQrvbsIPrapzlIyLPdFfKCpBrQaYPAXEFWISi9ojJIqiJgNVStpjCcoU5wRGDvCob6MtzFjDnseDzmmM+No2ON+e++tEuNcuKeC0ZYoBFH7izQpxBaT/NTx50ahqwrlovzS0yZ8bKYhMWJsOkLUzAsJPL2QGUhXUcWd0BIC2AashB8Zp6JW1bq7cDRFgFgemU8FFbl9BwxtBUdCuLN1m2AQYzywEJykg7LrV+dhbJOVd7iqQ== - template: - metadata: - creationTimestamp: null - name: secrets-forgejo-db - namespace: apps-roboces - type: Opaque - - ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: secrets-forgejo-lfs - namespace: apps-roboces -spec: - encryptedData: - server: AgCNvexAHYnuFh1c4eo8LaeLzY9ErfuwOyTosom6RiIcfYho8qyotmiCNAmMJ7IHY7zwe3U2ogyBDPJad0ibvWAezoio3vYS7zo6MhyPDzpgNqc46+DbEKBE74gs6ZYMQodxxC1FGKuVs1X7rAhdd73vZ+O7wMJrfgXft9MvJFAG/Vzx0o5fFu7blcjDuHJMuftm2jOB4Y+zxhnjvFqJaahrZEzSjMWQdBpNAWcb5NIupJDCYPvP0aXz1/SYiH34qSVh+GViXm4nrZ5JaHb3PjWV9lDKKmI+3eO5/k+3UuGc8bM0SqgOQMj3yzOW3hASLs9wniDRV+rX70c2AdWKdqwk+vqvkGZnQpobxSI7hNTNZ2iPj/MZTBC7rDpepBRjcEvTSUV4L5DbU/EZi8U8pg9IlAc34DB/5dewh743kq0WV0BmzBVlHntM/pArl3NRgCFrft+swrQB8+pCUic0Y0/ltEYylMuCnH6prjXcro2yHF1eORxM2j9C9gVMM6eoINBvvg+bbj29mKqFsDwpcbuRZckYOHOp/d85FdUeSmW8ddO4Zg8BnNuzDGISMPEqBpRZFZPEGVmSFTAFrlQr2QL6PopwOkcm7StGTyJoldH6XSeO5f54+m+8bD4MPV/JdfruowDavq48uSLtpGTwLkuj1VRkQRM7rEifVx+cOzwWLVYvmvOb0ZduCuO3E6yrrGX+waMIPIEu8FZHIYuoITGxbpdk/UC37amOkzn3H3eBEfd6pTZ73FEDpXtTCSee7wFKItV34s6VM/auY6Y= - template: - metadata: - creationTimestamp: null - name: secrets-forgejo-lfs - namespace: apps-roboces ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: secrets-forgejo-internal - namespace: apps-roboces -spec: - encryptedData: - oauth: AgB7QE54rWd0F20nDHQeVXW2Orzio3qqg9W7iFhKwjt7egILgoe3k4+WqTtFMoq9xPS/KYOW+b7mYsgjm1AnIGfq9iCqEimLaWYu9YZttiC9f+Nv5p2Hc8FmvcVhQhNqHXoFJjnIpWOXr5l7zaysn+FgVk97JhrcbYf113970McP0n3ORloqz5PmyNOwIu+//E2NDcqyGxbGmqB+wP/YvwPzPZQHqqQArn8CVGwlNI1P/NYXtBCc/xuJQyEdGTz/F3c0Pw4xSp+bwuummc8rMzwezxGKw1XAIqC8bFoXoThz5AWIOL3dXpEmkK+bOJioV1zHjeF3ZmeKmLC5p6YtBw04krR36jPBDmhNScHEaKtOQxUNQ9M7mtFXS+hqSguWbuEJKc9okF3SP++HTrwXlMt6epizpb3obTA3EsLHy6tM9YjshWOCA2Dwlye/jipQKXpXKJm+QR0mD+lHv1jKLYV8OH0qSbwTcOzC1D1Bp4VL0RcVXTWBqrgpxG2sftSIPhIwCzxoLWZkIxdOUsb/5HnecbJdwdBci7Uz5Ab6X/EFQICT8fKCrOqjtKfQE6Fr2/jIKdU6fHpkB7Gubu9S4RJb/wMBYrBkW0YHrlAOFMuv19vsO6fdexoLpynzTrsPX26DsDJsv5uRRXGLLKuNvDEabgkui+Q9cdyodjF/Cw+rt8rjMgP1D4pVPUqHCGkFtNNAB8iDrwqMbWXpqCJflrBldsH5g0fHKL2Rsx6jzhh5+iYHYiTH8wcifPXcCL1zGoDypY6uBWQedw== - security: AgB1qzl6d0oh3uB3mTCzZ3Iu+mdjyX/Bk1mhLRLOI+YPBH/Q5KZiHF99VBtCdLLebNIT3ZNoiNrWJ/rU3tB9INi2rXfUn1RhNMHB+ex/K/2yUbFNa/pV+7dN7ECjM2tp2rOolT9ifMrxYFT1nwYVDzNo/kixHBEdPxZA7w/KZn9mfoMfMWUB2VTjlrPQ7Xb7f8h7VR/a8avsMBYG5jAfcPiAk5kyJoZp/YNd3HSBPQoGCQSZujj0vr/hmLoBWCLQ51akSzGUo7vvR6D/Bu5oFOYjy6KguCiH4jGWGdxNtZYvrtj9+Fo4pnDWn+PGjJ7YrcGGswqU+9ivUfpQIIOIh1cmnOjCH1sptMS6PqvHW9jd/N6eMVbb9otl2kuiPLbkyMZs0lnfS0pP5w2szf/kEymr/x9CTTtA2Z8XSnVWjGGfjkbQE6vNcbTwBtaCeMsv+eq8WfTsGfFR1nt0atog6PbqOFt7/0b3icuXIx9DQm1VDGEi+N52mM/0UTU8Bm0c7st6BBUwvcSBNbMpMmVARXhXi7tX1TToc/5IU3LIcTqPKbeyZxBn+COYvlmv2ot8eqW5Ezbxt85m/jbSqo8vpNkPBrJ5oLf0+MMjotc6c7KBXcMo/d3BnqjHMjBUdnTRRZtmM8X8OqOHLnReQyt8+mrr7Qbqw0seEzKCT+HY7o89c6f1kKthQjlhGzeUh5rkwj8EL5RHQnuVO2aG0rv4ZrOvlG27ZGaR/IQgP4zcoPQ0H7jan+vXCqMyn8Zl3naGlT4Vkx8ne162iutAlT7KdHh/SenDyghe4CxNii24cBbc0bwc33EPvw5FMJ8NlMM/moc1bbQTg9RBogVdWa9uXpo35E5ZFYa3TvcBbyNyM+xsAYMgrEZUzzKDRbBIdRvQiL2w/Z5JHYFfc5DlqAztvRPCkezbD2FmxFadm7NFuXwcO+I1QKYHynQ+EHEJ1DXCUp+qMULNQZrE1lSbeVQ= - template: - metadata: - creationTimestamp: null - name: secrets-forgejo-internal - namespace: apps-roboces --- apiVersion: bitnami.com/v1alpha1 kind: SealedSecret @@ -125,12 +7,28 @@ metadata: namespace: apps-roboces spec: encryptedData: - cache: AgB9EAfMyxjZ1VAwT1KONjdq8mw3LUVrKYLuaNH9EVpVEd82GyAqIa4EZKHV6kTKUIyfK/GwEt+ncg+Xjd6IqTlpurtSj1qU29SWeMg293Q0ybecgZ5Dl7kIrzveHhtNNWScl2lPFq5BcY+fPlsRv3CcylzQIAgO6xwFjKPVBIboWMCePAFvzccme6WBwZHK+iuZxPrysRVQJ2wQJXrbEf4kKP11VBrACM74Zoo/Vd2TKlPB6SEypcOOeWTG3/cEsdiQmNyE/iqVUgMozeyoj954wXHKwB/iWUxvKCp5x4+/KUrvO5J6L93fXl6WCfLU03S04bOd6Ypv1tsKu+IOWhOA0vtAi0aHz30QqoLfSKUVqZz7tdJynoo+uqcI+4tLoqXdo9s9DMDZSAbb6Sce6uignxBcSq8EV+9CsCeyMm1Bq17P0/XlbOBSglwdyg/UdBqcsBwkTAhYm7LljwDI3QjJ3JCSJTJ12VkCBWqf++9gjjnq5AqOIo6nGcL4mJz6zQRLpsVqqMm5g20PLL5xmZM5cuoGZCJSaDeeu7PmBz6AqwCUdVNiYqt9PYQAqIN3LOF2fMtgDAccYZAMCJ7DBcLNQ5UwTiz+DAXw3PqzZ6Qk5ZjYymKVMFHiW7odTLwZ1cbTKKBjhXtIwFDPqv/e9BlnBhcXmsb6g2KCP9U4YAlFJaf1/Vs7KpNTAuCgTLv4wOEE0+5nomAr5EAGdjdEd0vU5Sc6fFUDC4OZgApTM1Ve3lAwYfq/XIzfygQGkCDHce/4NcaLzvraKDawyuB7X9KEs9fehZk2DEHf61oaYBB7aeEUHkVky2st5lxTkugIXH0ZOStfFMZjFNw32A4sXO0hTH3TJ1N7CqHvX38= - queue: AgA1DVkPmW5h0Yc0VRYUPvKi+6yFE0Xlaw0GhBtnwO6SHKI9yLOhohiG7zKAeaOG0HCGsmHMnJFdBd9CRxx75yazFL3ZaYJTlCh3de9zLqqmMOXnwSTVJgJ9kGEcs2m9MgFHh1I1UlWe2d4iCdNWzpbvPtTY/dGfvF4A0H0+okfpxcRhEs1WHE+kapm+JZzF/bmrNQy9kuO/EwXSfnDXd+dE9F33XdYhq9sy6Q2qjAgKmZodtY3EbFI8RcQKhIEuRHUw6iF9/IT+UEwnAKX5/V8UetHUSIeC900RU9oCDwPTyV2KVUYD5Rglw+EEyTMA4vv+WJpC/527Lo0H6YeJHKQdaY3GtgG6jvCyKmhw9XsW8mU1huNXtQ7TQxFCZQGlWTHkUx08lOU8Mlvtp/URrqQ3o3BvI2hl5vYIVFraS0ibGO9kd5IoXYD429Q4Z+CeRZS+eTCRlvKJvHKGJXAgT/4VOrhqbb6nnjOny5k1iAVpOVmOFYqhJwK6FIFQt6TpYUHZtwfFcl4euqyRgwdkqT1SzaruZeowm36IANklUAdZATQNQHMd53nNsO0Z/ALfb+aUjhizM5GATJR6fZwXAmcUK6FDbrIIgHJ0vJNnh7L5GgRlb++BPr1ZldR6HkRLQRMN9asZeTkjBdKVkQ1ZHgNTxrSEEgZ9yPgBH7hLabH/HSh1BBDb8HbKKkGjvm7Svp6drgGHWTe5GZYxGSf6ACRkOg7v4DrbTM5oKHvIGs8DO8+H8yWCbHasr+/VoPy+3J91sznBh+symEKZrxAMubgR9EDaD2ahzgV32N6QPc1YinfktqZHfTroYIg2mgN0XGxP/9f5Clx2JZlmVoJ/lA0= - session: AgCkq/AOndCSqvgKBXp+52iJtJQ4aRs1v2oW+OyKcvd2d2a1pR9YOcOH8zDrjeeYjnrrXwSMAqD1VdZDt9cesXq70t5Z072hUW9MEUJU/R8qJBMLv5nvdDfTiTVZ/5dk2vG01lIxY38dPb+yJA/R6UodMsYjkjHF6WAq/qmAG3sEsFk9nokTy6lR0BYJyI1IAqvXGxdiPX/s0aydk3bB0b8F4qC2MHZ5He8JR8QG1DZ8/FZlMrGXJ4De4cvQbB9ZqkdvvpB9xgudKjV6RYV2qEj+8sPYS2H71KySnckN/9twq1TbF+xPRgWpuwHgox2D5sfxouNQAZw1cazj5deNVJdWfI0zcYMx6ovAqofAEcwvX8FXgBpo42CphXX2WGEsJkLOw2AMEiI4d1B9ZqsGr5xevXzlyyH403VvwWCKcW7nAaBhANuvh+sn7t+8q12yEJ0H2dk1ybKlDmnbLj2kZuPxF4RIgn9wgARI/U6PF++82Q6IRSCH5VuziMf4d3r8ootYoc8fEeslQtkReue726mPHIR+jR8WhpdlKCwX/ffbL1IGPLGgPsQAxvyE4WbP95MNR76M9WANYXKwMPt+eGe+LLkruwe4LZLKoU5qhO4LTnrycK8XsxVAUou9gjmPtKR50AZ4H5zpARymdjvkXbo6PylBU1EO270g9NL+AlFrVAtyXGbkb/Y7dM09hC833vIdXlWth/I6X0OH+Y8SPftjwPIXdUVMx1+17tvWoUN8U9La9lueV3OSXDVXesjAukgelooKayZyzXkhZ0U9q0exG95jfx/nXQXV1M3JmPPZ6r2T0MCCUZo2iVHgBCYWw/Jr7JC/xiZASfQ4PthtZa2EHKC31pyjkW55JA== + cache: AgCtLnjUHND7zvKl9Km9HushVbGlom2vvgB3x5kJ2A3EaM3NMJVC4aHvHrPGPkKie0z0wH/GDdXKalxli5hwXJbolcKgS0KUQaMBOhzl8MGer5E/XrLVVi19dMc0rusdR60ZBuAC2eZ+gdyBkUJGPHMniCAGMxwbafZ1+Tvd9o2S3wi3f5M0Dsag97JCQX3pnxJH0PwBj7/Y2qfGJ4DCIrqlLj7yjcSDjskwls3ijSntKYR8FYv3ZrYvJ03QZrfK6jJ8VYd4WVCfR+tDscGhbwTpv3/3DChr8CQRew6Ln3lZjnFMAaz1OzSckzjDS41a7WcjwWtPE7t2Q6gaLEaxejCYOKhJlcX3dvtlz+C9QhSYddWbApvPthFYiww6n2rdKiuq2RHdB28C5oqohDybeZj3AhMh5WFu6QZHhvuDRh4Sri+2O+dNAW5lNRNaPS5J8wblybNFpPiMvXXuXSAsC1w2GYhK34YQry6oFNxy0cuW2olZ/NdlTqyJNVtkxQsnOhPSrQ5H/5FtdoA2zooXADbtrrEO75jNg9+EDYyBrvh+dVSD/ycl9BgowNJclsJAWIeWqd4K6wo12fEu3FMppXCX6sRl85F+gXSPxtclsDWtJHhWKBM8GKliD/attSFDto7qhYC65YGSltOG/BEKidZV927Um57cyUAJa/0EworSul43OMdQLBds7N1GA1xaC5pq4eGWXnrHSoO+3rCXXNdpm5WP5r3cJMDjcKWopPAHo3QyQHdZQzCQ51myeqklz5AtCFuzZSWiEeW4Rfx1J3sPujW7kb/QoGCyPtaNKQUh/wsFpAtNsrGKGn7bvNf6KCkueC8R1Rxf + queue: AgCFtlRgUXLKs0o5GlISZfUlcSv+SVa1FH9ualRe+I4sSZgC15szSIrMad2wWyMGkqpV8v6twnAypYvDDWT77o/jYOXDahU06Cdjd7D2IGXCjSE7+3WW/jMGw0aAZSTFmAKwQrTejgWuAGu1Fu21oX4b9sAoJGnRyW3rbi4KV6bc8LyKG7tplqD26VxzCYgUQhXF+AonyVODUqQAfESrQjQCCT9sSmTiM3cSmJGC92qoYlZx3bkr/2SqXoiBJjW0gf62mB/R46RdRDLmUcWnpkC/T1u5/MaVyAbpRUxuQ5WsJIeGFQy+2iHt2QFgejAiGY04Fo5dezm2wgKSATWbyV2WTQtFbrmfEN3hPs1ONJLLrrX5/N7v9CCs3/zK+zPjJTGVQcgtdPzZBKv6mQKtChEkRT7cqTjqjsAHU4+x8sH1HyiOyTtdEnR3zDYfexWVfPh3tDb7b0JEI6oYJUYDM2j/9jL/Guj3b9hi8SOx/Sjeq/5ehWobf5gblxZ3bSrVCHKyg/lACvy8OYOI+vfJ1QR6ivQod8/SyugewN6pVUu4Aa3EH155vqaEEAhwsQH6gpSe+rBctJC9IDR49cGmeUCZynmL6NniZvxOI7kYfs5gF7fy3dFd4zZ9vCNU/vcuWwQxhK8pWWxptZfbIp/lV6eGU++UfjUVoW54DXrlsctwEjU6DtwNLwt9rJAe8j5TnpOhV6Xp5JRej2Jt+RkvPpZLprAxSYVKqX+8OGL3NDiLhWhZ3REZHy6oI3A/8bUga2rzyd52cpueNROEKfsB0gd4mCEFbvtUMnILucdDacdY1CnBfFjg4COsrwjT + session: AgAJOyBwlfooebrIVH1TsPstRJul+omOOkMqZN5dKH7zV9Jh2W0zBWxH9XW5253fcdZVbhxcEzyL8/xG6zT/sGW//tLWtfgVBL5HL5W82Tzoqz8Jf49MZr0LOL3FPAPThacz+updnk92NY8nikWCW3p1WS+sS5Ozu6uRrVzLGllhV2zsnnhzPZ7ImR7mTN08bmjd4uitOZASeDaUxAQAxgGVRK8AwCN++sArzYV/5GZSBPNCz6SWRAcdDMkIuiI0AC0+ug5YAVNsp9aen+VhHOe0JHSJNGY48I6ZVJUv5Jz4RrzMyJrguX1hMjy1SJSIDD3R7fMJ3Z23xGjHe8kAXMRW+BjoWlGAKcqRYdGD9F1XTZe7p4tpp98bTR6mEyIwzvNiIIW6S0+G2y2doGVSPwAFuJClKlJ5dambZ8jGr8OYXZ00zYd974aOumvIdBvO3bcFkuDfcoXIDhM1BhE6zeand+UgArxP3NtbBCXOPbgnIOTTK/mCaPLSo+5WID2f+3dqLX5mJpxXSHpg7lFpe5OHzR4NFAL5BFlGFHRGgPoqed0d30FxwsqAXz41m4D8BVy/+Pqi2GViepgFNMLmZYWdEW06wbHFJqE2xe6TPk21EGfwQBkWQcQuJCdcgGPzYTiTt8v3MuB/F2UCfuAdbLpUvCzroY+suOZzRW3/h3IB+QfDv9u3owcLmdjzaBNF29hTllQqwBx2UauSgbuTVyXNtxcPI1B7TViK0FPrCArAP8TCUgNYiAYdJ1gQNgisO9dJ3qsJMAY+ilOvkgbU6YP0ASTFa1GNmwVa1A7FgDDnd7mgkfmmjh3G2HPK4EJ/F8KJHBwcqCU= template: metadata: creationTimestamp: null name: gitea-ini-redis namespace: apps-roboces type: Opaque +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: secrets-forgejo-db + namespace: apps-roboces +spec: + encryptedData: + database: AgDMQcRYzEdrk2iqlZtTAlZY08z1Wex1plZHRli5WDAAN/IwvwZ31tQV3uw3tGbylycM4SkeH72AJ0hB3/4m8IPLfN1M6qESW+LPGu+5mv/11XIbhVzjBIoXyej9LohPVp5QzzyU4Og73tILR/i1Gbgh8VqRor2JUESNrdWvGv+hJ2SvJQdtNyMtzFW6NUW1ZPm/IxD45ldTS6Jj67XB3FGYPktL6rB9jn8Zm7OHEFFVL9hEXV+1UHdesWT5L4C8l/1FJPxLWhj+T4//EN3Aqn507w0QSkfvvZxnO0KZC1dznXwNMhVizN/p5x/Xe9UUsoVwoWFOCLqZfRIftKwprvCJbTVcrM5v8cWgXpuwUgE0YgYkKnZSZx0uXL3r/xDtugsQvSmrZH4yQ4cD3BGHVNIm7NLZQ41K4wBYz7m7apYd95PJSKswmyDArjmIzpe3F/mIj48OXp5GdhkuPqtLwh+Krcdx6+fwEq3uk1sB34hEmwajOVw/tqjcG+r0ChS+chJsxqf6bJWSEks8Rz+QG832vxeFCqdTaF1Ztq/DsW4fUbXeA5QujMPsddlQAaRfb8M4NF3Pc25DFG6PNVzN4HMJfb4k34ScOn43Ka4kl/rJ2m1FWXaz+JMUApqcT9/28w5sdUaKs4zO4B9uYXdvNE6cMWN1tS4Mzs/78PjtjUk/+I8/vgO221xxD6HQrEYG9afYQkYgScBINNduxWSC1+V0V1oWaePaelRxy+zw1QVhVZRaVwjcz1zT41BwmABLolAjQKLCJSJy5LLuAS9Hf6CNU2NA+7bkcH9FcGzDZAdvRBbLn/8DEnxwhY8P19A6DtDU3zk0FByR3mfXw918zdITRcqCfrI+OEx2S7fEcQ== + template: + metadata: + creationTimestamp: null + name: secrets-forgejo-db + namespace: apps-roboces + type: Opaque diff --git a/k8s/services/redis/sealedsecrets.yaml b/k8s/services/redis/sealedsecrets.yaml new file mode 100644 index 0000000..5514d72 --- /dev/null +++ b/k8s/services/redis/sealedsecrets.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: secrets-redis + namespace: apps-fuku +spec: + encryptedData: + redis-password: AgBqJ2pqIbdtOtbGnmalrdzSEZYBDhkyhZNv3fEsgLmvZ55ehXreELEZGKcOCqgVKCQZnfLTA7X4vyR6oZVhSdvcJeULmHrmO7ynItoyowvmY5njE7jTWTsSKypCXJXS0u81TD8+sF0DCRrALo4fzCfyxHWg2x7qyVOllOfhaWpggFsqqn7fMLUdhumnW2C5bEj2x/8PkW4aLI86osjKlwDiMXTE6nULQ4Fx76zzjuhCDLN0RGG4xTqVzDcbt+F7cpULyTJ9Kvq53UPMMaCq0huIkU/JYmAHMUcXF2Q1HUdh/K/R0KYqhlEN7t9JPJgsi7s7IKpp0EFRHOfvkZAm5bAqG34q0p/1Hce+0ifOZsQYp4nmj/1uEGshXhWETSI7mAw/sEdG+uJvLP6Sz7KkaLXhV8tGHfyXqwNyo+jV6JqIsynOY5UZc8zN170nQXwM5KzQyIsNz1yjDFGBIC4y/gjwaDXioaMGVg+PRxFEUAahssdPPZ8ug3M8EaqqgPlHTye+LwHDVDJZAWmnYJ6ajYWGqeCx7pKw2+vhr8V4ToSyG3hsPEbREwVSO50fKOL/MelRC24Rrzv8uthtHjHniLt1DJzPkXJUAnMaV4UsJ21Ge5PQo7Op0G/RNSnka2LAt3I6CVbUb0UoBhSNPmDVD5/0pn5oM/PSd0oqszUsFdxoIOpCIt3ReZUD6eHOlcuK8H65nwsb7Cbyde8a8GTD9q7SoDo2IQ== + template: + metadata: + creationTimestamp: null + name: secrets-redis + namespace: apps-fuku + type: Opaque From dddd1b40ec139037bc06dd5204217bc07dab1159 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Oct 2025 02:07:34 +0000 Subject: [PATCH 198/377] chore(deps): update helm release renovate to v44 --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index cee6aa1..4cc0706 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 43.54.* + targetRevision: 44.15.* helm: valuesObject: renovate: From 5fbf0a09a2771373f1ebf038d25f0cf6e717769b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Oct 2025 02:25:14 +0000 Subject: [PATCH 199/377] chore(deps): update netbirdio/signal docker tag to v0.59.8 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 090cbe0..5b5bfe5 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.59.2 + image: netbirdio/signal:0.59.8 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From 1837c1ca14f3b57e5b7662f4d0169e6b43556fbb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Oct 2025 02:24:10 +0000 Subject: [PATCH 200/377] chore(deps): update netbirdio/management docker tag to v0.59.8 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 5b5bfe5..1f59296 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.59.2 + image: netbirdio/management:0.59.8 restart: unless-stopped depends_on: - dashboard From a81ebfe57340c299fc97a7bb457964f30a92d724 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Oct 2025 02:24:59 +0000 Subject: [PATCH 201/377] chore(deps): update netbirdio/relay docker tag to v0.59.8 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 1f59296..307f2ea 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.59.2 + image: netbirdio/relay:0.59.8 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From b938cffd4562e3d0c25e44dbf23dc5bb31d283d5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Oct 2025 02:24:40 +0000 Subject: [PATCH 202/377] chore(deps): update netbirdio/netbird docker tag to v0.59.8 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 307f2ea..4a93255 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.59.0 + image: netbirdio/netbird:0.59.8 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From 8b341ede57030c69c83b52c4f2f16e02bb3d6db7 Mon Sep 17 00:00:00 2001 From: Hane Date: Thu, 23 Oct 2025 21:15:21 +0000 Subject: [PATCH 203/377] feat: add dokuwiki (#504) Co-authored-by: Hane Co-committed-by: Hane --- docker/dokuwiki/Containerfile | 13 +++++++++++++ docker/dokuwiki/docker-compose.yml | 25 +++++++++++++++++++++++++ 2 files changed, 38 insertions(+) create mode 100644 docker/dokuwiki/Containerfile create mode 100644 docker/dokuwiki/docker-compose.yml diff --git a/docker/dokuwiki/Containerfile b/docker/dokuwiki/Containerfile new file mode 100644 index 0000000..0fc0af9 --- /dev/null +++ b/docker/dokuwiki/Containerfile @@ -0,0 +1,13 @@ +FROM docker.io/library/debian:latest +ARG WIKI_NAME="dokuwiki" +ARG WEB_DIR="/var/www" +ARG APACHE_CONFIG_DIR="/etc/apache2" +EXPOSE 443/tcp + +USER root + +RUN apt-get update && apt-get full-upgrade -y && apt-get install vim apache2 libapache2-mod-php w3m php-cli php-xml -y +RUN rm ${APACHE_CONFIG_DIR}/sites-enabled/000-default.conf && a2enmod ssl +RUN ["/bin/bash", "-c", "echo 'date.timezone = \"Europe/Madrid\"' >> /etc/php/*/apache2/php.ini"] + +STOPSIGNAL SIGWINCH diff --git a/docker/dokuwiki/docker-compose.yml b/docker/dokuwiki/docker-compose.yml new file mode 100644 index 0000000..673933d --- /dev/null +++ b/docker/dokuwiki/docker-compose.yml @@ -0,0 +1,25 @@ +services: + wiki: + name: hane-dokuwiki + image: git.roboces.dev/hane/fukuops/hane-dokuwiki-image:latest + volumes: + - type: volume + source: dokuwiki + target: /var/www/dokuwiki + - type: bind + source: /mnt/nas1/shared/dokuwiki/apache2.conf + target: /etc/apache2/apache2.conf + - type: bind + source: /mnt/nas1/shared/dokuwiki/001-wiki.conf + target: /etc/apache2/sites-enabled/001-wiki.conf + - /mnt/nas1/shared/dokuwiki/init.sh:/init.sh + ports: + - "44344:443/tcp" + entrypoint: /init.sh + +volumes: + dokuwiki: + external: true + labels: + - "dev.roboces.wiki=Dokuwiki volume" + name: dokuwiki From 4a418599425dee4f6ba490d5984fab63e1c79848 Mon Sep 17 00:00:00 2001 From: Hane Date: Sat, 25 Oct 2025 00:07:31 +0200 Subject: [PATCH 204/377] fix: changed 'dokuwiki' volume declaration --- docker/dokuwiki/docker-compose.yml | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/docker/dokuwiki/docker-compose.yml b/docker/dokuwiki/docker-compose.yml index 673933d..d232875 100644 --- a/docker/dokuwiki/docker-compose.yml +++ b/docker/dokuwiki/docker-compose.yml @@ -1,11 +1,9 @@ services: wiki: name: hane-dokuwiki - image: git.roboces.dev/hane/fukuops/hane-dokuwiki-image:latest + image: git.roboces.dev/hane/fukuops/hane-dokuwiki-image:dokuwiki-fixed-volume volumes: - - type: volume - source: dokuwiki - target: /var/www/dokuwiki + - /mnt/nas1/shared/dokuwiki/dokuwiki:/var/www/dokuwiki - type: bind source: /mnt/nas1/shared/dokuwiki/apache2.conf target: /etc/apache2/apache2.conf @@ -16,10 +14,3 @@ services: ports: - "44344:443/tcp" entrypoint: /init.sh - -volumes: - dokuwiki: - external: true - labels: - - "dev.roboces.wiki=Dokuwiki volume" - name: dokuwiki From 5fb949c9d5bfee8b2202ea4850b26b00446656b8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Oct 2025 02:25:09 +0000 Subject: [PATCH 205/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v15 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index adede13..f65fc33 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 14.0.4 + targetRevision: 15.0.1 helm: valuesObject: replicaCount: 2 From b67731112157166e9daf2ecbdd1b8c5b07741521 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Oct 2025 02:12:17 +0000 Subject: [PATCH 206/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v11.2.0 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index a885ae2..00f1f6b 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:11.1.2 + image: code.forgejo.org/forgejo/runner:11.2.0 links: - docker-in-docker depends_on: From 502be00fb60fa4ee14be72adf70aa2e7423e8be1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Oct 2025 03:16:53 +0000 Subject: [PATCH 207/377] chore(deps): update https://code.forgejo.org/actions/setup-python action to v6 --- .forgejo/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/ci.yaml b/.forgejo/workflows/ci.yaml index a8f073a..fa7678b 100644 --- a/.forgejo/workflows/ci.yaml +++ b/.forgejo/workflows/ci.yaml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: https://code.forgejo.org/actions/checkout@v5 - - uses: https://code.forgejo.org/actions/setup-python@v5 + - uses: https://code.forgejo.org/actions/setup-python@v6 with: python-version: '3.10' - uses: opentofu/setup-opentofu@v1 From 5f6de8a1a3d7ec6c52ce3125750aebe12afd3f77 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Oct 2025 04:49:38 +0000 Subject: [PATCH 208/377] chore(deps): update nextcloud docker tag to v32 --- docker/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/nextcloud/Dockerfile b/docker/nextcloud/Dockerfile index 8d10898..31efb71 100644 --- a/docker/nextcloud/Dockerfile +++ b/docker/nextcloud/Dockerfile @@ -1,4 +1,4 @@ -FROM nextcloud:31.0.6-apache +FROM nextcloud:32.0.1-apache RUN set -ex; \ \ From 3610526a18dffda6440a614d1a7212215045f889 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Oct 2025 02:23:37 +0000 Subject: [PATCH 209/377] chore(deps): update helm release kubetail to v0.15.4 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index e3d73cb..a23f35e 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.15.2 + targetRevision: 0.15.4 helm: valuesObject: kubetail: From dd6e297f70151554b4cc16d80248e86203b66776 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Oct 2025 02:41:53 +0000 Subject: [PATCH 210/377] chore(deps): update terraform authentik to v2025.8.1 --- tofu/authentik/.terraform.lock.hcl | 60 ++++++++++++++-------------- tofu/authentik/main.tf | 2 +- tofu/modules/authentik-oidc/main.tf | 2 +- tofu/modules/authentik-proxy/main.tf | 2 +- 4 files changed, 33 insertions(+), 33 deletions(-) diff --git a/tofu/authentik/.terraform.lock.hcl b/tofu/authentik/.terraform.lock.hcl index 797ae42..6105b4e 100644 --- a/tofu/authentik/.terraform.lock.hcl +++ b/tofu/authentik/.terraform.lock.hcl @@ -2,36 +2,36 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.6.0" - constraints = "2025.6.0" + version = "2025.8.1" + constraints = "2025.8.1" hashes = [ - "h1:+u1o/H+WAIO5nP+RlQE3ay/+dHCykVoHBq6crfTl4pM=", - "h1:10kMBf77ecT3Xpw+7SG8Arnx0yv+By9o0o0CfGGONn0=", - "h1:3oSIhXwf9EMZZH0TPvD5T2kY6yYfEPROyfQWPNA00xw=", - "h1:FElCnBGnJQ6QZDzetJHlv6epvfmUcj/hDmNSVhnU3pE=", - "h1:K1/iRTwYc9JQbzvnhZ9jB9IFcDPk2rk6PSOZ+Y5aIOQ=", - "h1:eQ6jCmR3rssG5gaKNsc37MXydWNHymVRqpYmrntn2t8=", - "h1:gQyxqd10hfhryLD7QIA03ACS7PQppph62qBXGmZSe+E=", - "h1:gSI5UtIVuBepC1lgci7lv/l4PjiOaRySx3aRYMg6+84=", - "h1:hvkwiVQRya1zE4aXKG29GlwHTNABw/j/ebJIR6EAI24=", - "h1:i/aQKCN/ypAdHr4IcKlEhjC1hp19zh5nlVwOxEfYZvg=", - "h1:jGcZg4z76eUtuZLu8Qd9Ti7/TKg9YuTbTSAaT0nCW5M=", - "h1:uwV8O+jKz1zuosrGh1Lht063OS1heW5Fq1zWTOtr5Yw=", - "h1:zMv5nyNyA+NgQplmrYhpeqOkoAGzzTJP4/W1oJzZtFM=", - "h1:ziINchbQjLKlYXh/0T922Y876F3wgZrvDQmIcaIezTs=", - "zh:091960d2aed06773aa81858ae20c7ffc9943111b3c61ee2341263c3872dd7b89", - "zh:122fac709223acf460912d71877db6ac638f501bac30b3f5516c283a4605d034", - "zh:1d3cddb5e6336c70f701533c83c64c38a9b964e94987ad803b96961bd23a685e", - "zh:3059dd2b2ccdc3287f5fe074d2e41c2960ceb27684d24bc2dd997ab479c796d1", - "zh:37ac615f9fa2a26babbc4d6bc4a5c0c0dee8b40f6ce0f01f1d1b689f5175d62c", - "zh:419c35484d5f4f0ae2d6fa2f99bb5618257cdf3f906fd9877cb4998164e89498", - "zh:5108859f0def7e936e4db8dcb112a2c6c99929c6802663c06ed28793a53b3d45", - "zh:536be1858e2a6bab6a9258c6f2c13e5fc0e5522ffccf2e21857dddde300519c0", - "zh:706947e25935250c1dad74c935c6b100d8b253dc93c5ceedf374031230fdd222", - "zh:801ab4c79ad7a416d64d1665b155d4943fe2311e2e989edb1c41d1e9d102e061", - "zh:88fc9c431e133b47e23c45aa716b9ba1b5e8e509bd220632408c21a400872d8f", - "zh:8996b3b78459f46cb426469aab147b5ce76f99672fa8170023346db3fde3dcb5", - "zh:aaf20636d4d3f166a89f7f05731a89ff85ea8367580f51ceb398d8849e532e52", - "zh:c1d176e6a0383ae9e76f410b072c950d4f5bca341a42c7147662be5c25bb34ac", + "h1:2RTPgzHn4rcuWC9CJVtKGgtCwWY6q88SiulRJZves+w=", + "h1:70zdS8W1oU/ebDBZCAAHaFCVuWpNP10yW+zIEj0+upI=", + "h1:L3Fh0LyQ066laexCAeqLd+AVuSPDemwCmYgq1Bges6c=", + "h1:R3h8ADB0Kkv/aoY0AaHkBiX2/P4+GnW8sSgkN30kJfQ=", + "h1:Ua7MZ8uPdM+6z7qlgHIvRcAjDMXi2PCCt5Ei77kK7W4=", + "h1:W9cD6oC+EZDi0QP0uDCEPbKKPJVWJ7BsJGqWzsyNF3s=", + "h1:WirxN862lRUajkJdzs+w+Hrq3jFHRtLb6rk6SQHOZcA=", + "h1:mJfw4i7hGt0o3nzlnjKtmXx6wbnMMN+V8cvy29Zgf9o=", + "h1:onbihdqPsxnQbtaJ/hzxZbuEGfb+af8o3bv8t0BjBVg=", + "h1:ou18zd0RHRDO0nQnlBptuZMBP8Ab9xMMi0IL7eQwNpo=", + "h1:tkxoj8KYoSJRngeZJyC9qQds9sYsc0e15nRb6SmGabY=", + "h1:ttGo2dkfQEhrIGqAlRRokqyN8oOjrtaOvflISOALzqs=", + "h1:wGPMKWow3qDZlLdbtZGvPu/tfzRO5LERCm2SmapEkRY=", + "h1:zq1iPhr/2Tpa2/UTRToiSZKIeWTmtUfQYcjtX0ve7/Y=", + "zh:0c3f1083fd48f20ed06959401ff1459fbb5d454d81c8175b5b6d321b308c0be3", + "zh:21c6d93f8d26e688da38a660d121b5624e3597c426c671289f31a17a9771abbf", + "zh:301b5763ffc4c5fe47aa7e851ce0b19f71bab4fae5c81003ad81b38775e85f78", + "zh:4f7ee6473f6a687340538ddac0ec4a0453664186b15fdb0bb2fb5fcd8fb3ad30", + "zh:7927f4f634c9e072d4aa6620d09e97dc83eeb1dbd0667102086779cd5fc495c1", + "zh:84e7c2a3f3de721a54abe4c971d9a163127f5e4af91d023260fea305ac74bcf4", + "zh:92af52aaac518c426164eb731d282f51a5825e64e6a02b0695952177a7af7d9c", + "zh:a6920a54d5df69342f4ea2d903676145b00e7375d2f2eecc0840858d83b3b4a8", + "zh:ac8a60801fc55fd05b3471778f908ed43072e046997c0082644c9602b84dafec", + "zh:b1cc29e2878aa94a3827fd5e1dd8cffb98397aa4093d6a4852c6e53157e9b35f", + "zh:c2d78f308c4d70a16ef4f6d1f4822a64f8f160d0a207f2121904cdd6f4942db4", + "zh:ca970e5776f408059a84b4e17f6ac257ec92afae956be74f3807c548e4567eaa", + "zh:eb2e3650ee0eec033207b6d72fcb938dc5846c6feb8a61ae30d61981ea411269", + "zh:fcb93e51c84ba592bc2b075d7342e475126e5029620959666999b5b1bd11cb98", ] } diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 4d08bc3..dcca56f 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.6.0" + version = "2025.8.1" } } } diff --git a/tofu/modules/authentik-oidc/main.tf b/tofu/modules/authentik-oidc/main.tf index 51e6f14..5d0bf23 100644 --- a/tofu/modules/authentik-oidc/main.tf +++ b/tofu/modules/authentik-oidc/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.6.0" + version = "2025.8.1" } } } diff --git a/tofu/modules/authentik-proxy/main.tf b/tofu/modules/authentik-proxy/main.tf index 772c272..beb6fe5 100644 --- a/tofu/modules/authentik-proxy/main.tf +++ b/tofu/modules/authentik-proxy/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.6.0" + version = "2025.8.1" } } } From d12c5a7d3d48d1cca2cf891b0c6b6f82c7161cd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Mon, 27 Oct 2025 23:15:50 +0000 Subject: [PATCH 211/377] feat: remove valheim (#514) --- docker/dokuwiki/Containerfile | 13 -------- docker/dokuwiki/docker-compose.yml | 27 ++++++++-------- docker/minecraft/docker-compose.yml | 40 ------------------------ k8s/argo-apps/valheim.yaml | 41 ------------------------- k8s/services/forgejo/sealedsecrets.yaml | 1 + k8s/services/redis/sealedsecrets.yaml | 1 + 6 files changed, 14 insertions(+), 109 deletions(-) delete mode 100644 docker/dokuwiki/Containerfile delete mode 100644 docker/minecraft/docker-compose.yml delete mode 100644 k8s/argo-apps/valheim.yaml diff --git a/docker/dokuwiki/Containerfile b/docker/dokuwiki/Containerfile deleted file mode 100644 index 0fc0af9..0000000 --- a/docker/dokuwiki/Containerfile +++ /dev/null @@ -1,13 +0,0 @@ -FROM docker.io/library/debian:latest -ARG WIKI_NAME="dokuwiki" -ARG WEB_DIR="/var/www" -ARG APACHE_CONFIG_DIR="/etc/apache2" -EXPOSE 443/tcp - -USER root - -RUN apt-get update && apt-get full-upgrade -y && apt-get install vim apache2 libapache2-mod-php w3m php-cli php-xml -y -RUN rm ${APACHE_CONFIG_DIR}/sites-enabled/000-default.conf && a2enmod ssl -RUN ["/bin/bash", "-c", "echo 'date.timezone = \"Europe/Madrid\"' >> /etc/php/*/apache2/php.ini"] - -STOPSIGNAL SIGWINCH diff --git a/docker/dokuwiki/docker-compose.yml b/docker/dokuwiki/docker-compose.yml index d232875..e0b7419 100644 --- a/docker/dokuwiki/docker-compose.yml +++ b/docker/dokuwiki/docker-compose.yml @@ -1,16 +1,13 @@ +--- services: - wiki: - name: hane-dokuwiki - image: git.roboces.dev/hane/fukuops/hane-dokuwiki-image:dokuwiki-fixed-volume - volumes: - - /mnt/nas1/shared/dokuwiki/dokuwiki:/var/www/dokuwiki - - type: bind - source: /mnt/nas1/shared/dokuwiki/apache2.conf - target: /etc/apache2/apache2.conf - - type: bind - source: /mnt/nas1/shared/dokuwiki/001-wiki.conf - target: /etc/apache2/sites-enabled/001-wiki.conf - - /mnt/nas1/shared/dokuwiki/init.sh:/init.sh - ports: - - "44344:443/tcp" - entrypoint: /init.sh + wiki: + image: dokuwiki/dokuwiki:2024-02-06b + restart: unless-stopped + ports: + - "44344:8080" + volumes: + - /mnt/nas1/shared/dokuwiki/dokuwiki:/storage + environment: + PHP_TIMEZONE: Europe/Madrid + PHP_MEMORYLIMIT: 512M + PHP_UPLOADLIMIT: 128M diff --git a/docker/minecraft/docker-compose.yml b/docker/minecraft/docker-compose.yml deleted file mode 100644 index 57f670a..0000000 --- a/docker/minecraft/docker-compose.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -services: - mc: - image: itzg/minecraft-server:java23-graalvm - tty: true - stdin_open: true - ports: - - "25565:25565" - environment: - EULA: "TRUE" - MEMORY: ${MEMORY:-"6G"} - TZ: "Europe/Madrid" - VERSION: 1.20.1 - ENABLE_ROLLING_LOGS: true - USE_AIKAR_FLAGS: true - MOTD: "Huesoperrers Minecraft Episodio 2: Ahora es personal" - ICON: /data/icon.png - MAX_PLAYERS: 10 - MAX_WORLD_SIZE: 10000 - SEED: huesoperrers2 - MODE: survival - ONLINE_MODE: false - ALLOW_FLIGHT: true - SERVER_NAME: Huesoperrers and co. - PLAYER_IDLE_TIMEOUT: 15 - STOP_SERVER_ANNOUNCE_DELAY: 30 - WHITELIST: ${WHITELIST} - OPS: ${OPS} - SYNCHRONIZE: true - MERGE: true - ENFORCE_WHITELIST: true - ENABLE_RCON: false - MAX_TICK_TIME: -1 - USER_API_PROVIDER: ${USER_API_PROVIDER:-playerdb} - DIFFICULTY: ${DIFFICULTY:-normal} - ENABLE_AUTOPAUSE: true - DEBUG_AUTOPAUSE: false - TYPE: FORGE - volumes: - - ${MC_DATA_DIR:-/mnt/zeruel/nas1/shared/mc2}:/data diff --git a/k8s/argo-apps/valheim.yaml b/k8s/argo-apps/valheim.yaml deleted file mode 100644 index 699f2f2..0000000 --- a/k8s/argo-apps/valheim.yaml +++ /dev/null @@ -1,41 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: valheim - namespace: argocd -spec: - destination: - name: '' - namespace: apps-fuku - server: https://kubernetes.default.svc - sources: - - path: k8s/charts/valheim-server - repoURL: https://git.roboces.dev/catalin/fukuops.git - targetRevision: main - helm: - valuesObject: - server: - name: "Huesoperrers Váljei" - public: 1 - timezone: Europe/Madrid - secret: - name: valheim-secrets - key: server-password - persistence: - saves: - accessMode: ReadWriteMany - server: - accessMode: ReadWriteMany - backups: - accessMode: ReadWriteMany - resources: - requests: - memory: 4Gi - cpu: 2000m - limits: - memory: 8Gi - cpu: 4000m - project: fuku - syncPolicy: - automated: {} diff --git a/k8s/services/forgejo/sealedsecrets.yaml b/k8s/services/forgejo/sealedsecrets.yaml index 4281e2e..e33bd4a 100644 --- a/k8s/services/forgejo/sealedsecrets.yaml +++ b/k8s/services/forgejo/sealedsecrets.yaml @@ -1,3 +1,4 @@ +# yamllint disable rule:line-length --- apiVersion: bitnami.com/v1alpha1 kind: SealedSecret diff --git a/k8s/services/redis/sealedsecrets.yaml b/k8s/services/redis/sealedsecrets.yaml index 5514d72..f92c67f 100644 --- a/k8s/services/redis/sealedsecrets.yaml +++ b/k8s/services/redis/sealedsecrets.yaml @@ -1,3 +1,4 @@ +# yamllint disable rule:line-length --- apiVersion: bitnami.com/v1alpha1 kind: SealedSecret From 222c4ad0b4fcd561a246f425070fe2656e83cd2d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Oct 2025 02:49:20 +0000 Subject: [PATCH 212/377] chore(deps): update terraform authentik to v2025.10.0 --- k8s/argo-apps/authentik.yaml | 2 +- tofu/authentik/.terraform.lock.hcl | 60 ++++++++++++++-------------- tofu/authentik/main.tf | 2 +- tofu/modules/authentik-oidc/main.tf | 2 +- tofu/modules/authentik-proxy/main.tf | 2 +- 5 files changed, 34 insertions(+), 34 deletions(-) diff --git a/k8s/argo-apps/authentik.yaml b/k8s/argo-apps/authentik.yaml index c88c03f..045afd6 100644 --- a/k8s/argo-apps/authentik.yaml +++ b/k8s/argo-apps/authentik.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: authentik repoURL: https://charts.goauthentik.io/ - targetRevision: 2025.8.* + targetRevision: 2025.10.* helm: valuesObject: authentik: diff --git a/tofu/authentik/.terraform.lock.hcl b/tofu/authentik/.terraform.lock.hcl index 6105b4e..ce22035 100644 --- a/tofu/authentik/.terraform.lock.hcl +++ b/tofu/authentik/.terraform.lock.hcl @@ -2,36 +2,36 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.8.1" - constraints = "2025.8.1" + version = "2025.10.0" + constraints = "2025.10.0" hashes = [ - "h1:2RTPgzHn4rcuWC9CJVtKGgtCwWY6q88SiulRJZves+w=", - "h1:70zdS8W1oU/ebDBZCAAHaFCVuWpNP10yW+zIEj0+upI=", - "h1:L3Fh0LyQ066laexCAeqLd+AVuSPDemwCmYgq1Bges6c=", - "h1:R3h8ADB0Kkv/aoY0AaHkBiX2/P4+GnW8sSgkN30kJfQ=", - "h1:Ua7MZ8uPdM+6z7qlgHIvRcAjDMXi2PCCt5Ei77kK7W4=", - "h1:W9cD6oC+EZDi0QP0uDCEPbKKPJVWJ7BsJGqWzsyNF3s=", - "h1:WirxN862lRUajkJdzs+w+Hrq3jFHRtLb6rk6SQHOZcA=", - "h1:mJfw4i7hGt0o3nzlnjKtmXx6wbnMMN+V8cvy29Zgf9o=", - "h1:onbihdqPsxnQbtaJ/hzxZbuEGfb+af8o3bv8t0BjBVg=", - "h1:ou18zd0RHRDO0nQnlBptuZMBP8Ab9xMMi0IL7eQwNpo=", - "h1:tkxoj8KYoSJRngeZJyC9qQds9sYsc0e15nRb6SmGabY=", - "h1:ttGo2dkfQEhrIGqAlRRokqyN8oOjrtaOvflISOALzqs=", - "h1:wGPMKWow3qDZlLdbtZGvPu/tfzRO5LERCm2SmapEkRY=", - "h1:zq1iPhr/2Tpa2/UTRToiSZKIeWTmtUfQYcjtX0ve7/Y=", - "zh:0c3f1083fd48f20ed06959401ff1459fbb5d454d81c8175b5b6d321b308c0be3", - "zh:21c6d93f8d26e688da38a660d121b5624e3597c426c671289f31a17a9771abbf", - "zh:301b5763ffc4c5fe47aa7e851ce0b19f71bab4fae5c81003ad81b38775e85f78", - "zh:4f7ee6473f6a687340538ddac0ec4a0453664186b15fdb0bb2fb5fcd8fb3ad30", - "zh:7927f4f634c9e072d4aa6620d09e97dc83eeb1dbd0667102086779cd5fc495c1", - "zh:84e7c2a3f3de721a54abe4c971d9a163127f5e4af91d023260fea305ac74bcf4", - "zh:92af52aaac518c426164eb731d282f51a5825e64e6a02b0695952177a7af7d9c", - "zh:a6920a54d5df69342f4ea2d903676145b00e7375d2f2eecc0840858d83b3b4a8", - "zh:ac8a60801fc55fd05b3471778f908ed43072e046997c0082644c9602b84dafec", - "zh:b1cc29e2878aa94a3827fd5e1dd8cffb98397aa4093d6a4852c6e53157e9b35f", - "zh:c2d78f308c4d70a16ef4f6d1f4822a64f8f160d0a207f2121904cdd6f4942db4", - "zh:ca970e5776f408059a84b4e17f6ac257ec92afae956be74f3807c548e4567eaa", - "zh:eb2e3650ee0eec033207b6d72fcb938dc5846c6feb8a61ae30d61981ea411269", - "zh:fcb93e51c84ba592bc2b075d7342e475126e5029620959666999b5b1bd11cb98", + "h1:8nN6b5dEGbJJ5ajovedkO//QP4NrWU5GfrenIHAEyz0=", + "h1:EZlTiEEZ0a6AvlLuTKAIyhBI4m4poYUX4QW0wyHfIaw=", + "h1:ElpISil/0po3r4pb9KK7/pBCSLxL18a6IDHDSMFdmS0=", + "h1:F7+3L6JmVEG+PMizB9SuifxbznkZD3462LQpFMOW0M0=", + "h1:L1sFZI0qKeBpUUCMgQkuRge196DsrHaTUJKJWKm0V2w=", + "h1:OQgVyUOOLTGyosEpVHzE37h+91nHN5n9lKHt6nAOZyU=", + "h1:Ph1j1Flr4kXMZKCRlP4Hn0asAz1Yfpk+hf5t6aeF4mc=", + "h1:RjitcUcx/3QKUgs74q3ypbf7KQpg8BoNELW6sE4ONqk=", + "h1:Vw7hY7KdCtQ3hf00uCekrzdDgBJ2EnPXUAnj3ybLXPQ=", + "h1:fDQcyzUJqHb4qXOyze/Te0Fd3dVMdBcLQ+e2xOtsqbM=", + "h1:jKOzsHSorUnub0L+Lq+tPPhHmeKoaiPS8orF9zZf/i0=", + "h1:kXF4EEV9uzXzshloPfJQQzPbs0YVgjUu5aD+Fj040U0=", + "h1:pvMaS6PASVHMJxArSG1pAzS5Micb1fMcLz7MF7bO138=", + "h1:s3wkHrHE8Q/Dj+PIkvuPviLTUcK6h7aoAArrBKNJ8PE=", + "zh:0103a533f474db36223d8dbf2abc80f8d76a162b2e3042a2203f0d426f2c8e16", + "zh:03302f83cd5784435ef22864a936b88293284bfdc091ff2fd0cc18a40e97bb55", + "zh:0730ca92f8bc778dba52425d05c5dceb9ae57660797f88132c06a0bf8a4f4f55", + "zh:63ace720564b3549d482f0bc68b1f4596a1682faeef5fe4d40163abccda90ceb", + "zh:8c4acdc358b1f5b1c13192af81bba552c6ad98debd341d836f4adf1fb85610a8", + "zh:8f101bae1ab303b5e1b91ceb62d11386091a24c2bbd99bca4662bc88f127a8c4", + "zh:a683c5338f16d20a1432fbc093c35db388ec7ef9f657d7478e3a04fc72722ad7", + "zh:a99fcbaf234cb161c8d7018f62946178810c7645436229d05913ff432094734d", + "zh:aa7fc7a3e05e96522507a86ec50b53473ff3e917f56fb2fc7418070fe29f1abc", + "zh:bc3b9f7cce5f5fd4116700411c5f3d14c48a9b56115268094882d949b811e53a", + "zh:cba03e3c31ee1e83fcc25511a34ca5f7132e0bbb41f3edc7c7dc113edd5938db", + "zh:d1f168e7a87a3f74d9932b88daa367242d1e9a2ed1b7b9eaf44fcfcfc190305f", + "zh:eb5af50c8e13980da4830c5f23fa7d911ae07740b37cf9d6c5895da95374e940", + "zh:f9db4dbb47b257123bb70b770714552d873f9c8e2e8017c1de227757c8dfb074", ] } diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index dcca56f..5c0ffef 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.8.1" + version = "2025.10.0" } } } diff --git a/tofu/modules/authentik-oidc/main.tf b/tofu/modules/authentik-oidc/main.tf index 5d0bf23..beb4b02 100644 --- a/tofu/modules/authentik-oidc/main.tf +++ b/tofu/modules/authentik-oidc/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.8.1" + version = "2025.10.0" } } } diff --git a/tofu/modules/authentik-proxy/main.tf b/tofu/modules/authentik-proxy/main.tf index beb6fe5..0d9c6f0 100644 --- a/tofu/modules/authentik-proxy/main.tf +++ b/tofu/modules/authentik-proxy/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.8.1" + version = "2025.10.0" } } } From 2213945f56b3ff721abc889bc4658716b87dd7ed Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Oct 2025 03:13:09 +0000 Subject: [PATCH 213/377] chore(deps): update terraform-linters/setup-tflint action to v6 --- .forgejo/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/ci.yaml b/.forgejo/workflows/ci.yaml index fa7678b..1cf818a 100644 --- a/.forgejo/workflows/ci.yaml +++ b/.forgejo/workflows/ci.yaml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: https://code.forgejo.org/actions/checkout@v5 - - uses: terraform-linters/setup-tflint@v4 + - uses: terraform-linters/setup-tflint@v6 name: Setup TFLint with: tflint_version: v0.50.3 From 7825d88fadcdee4681da98d43ee6255e7290a3f1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Oct 2025 02:48:43 +0000 Subject: [PATCH 214/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v15.0.2 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index f65fc33..fdae5da 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 15.0.1 + targetRevision: 15.0.2 helm: valuesObject: replicaCount: 2 From f1504a9db15b3dd1e5c42229f8ce598a458708a6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 29 Oct 2025 02:36:58 +0000 Subject: [PATCH 215/377] chore(deps): update netbirdio/management docker tag to v0.59.10 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 4a93255..f839de9 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:0.59.8 + image: netbirdio/management:0.59.10 restart: unless-stopped depends_on: - dashboard From 24d65c75d9b149924ae73830fae3091a560af270 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Sun, 2 Nov 2025 13:02:28 +0100 Subject: [PATCH 216/377] feat: update nextcloud compose to v32.0.1 --- docker/nextcloud/Dockerfile | 13 ++++++------- docker/nextcloud/docker-compose.yml | 2 +- k8s/services/argo/project-fuku.yaml | 1 + 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docker/nextcloud/Dockerfile b/docker/nextcloud/Dockerfile index 31efb71..275bef7 100644 --- a/docker/nextcloud/Dockerfile +++ b/docker/nextcloud/Dockerfile @@ -1,18 +1,17 @@ FROM nextcloud:32.0.1-apache + RUN set -ex; \ \ apt-get update; \ apt-get install -y --no-install-recommends \ ffmpeg \ ghostscript \ - libmagickcore-6.q16-6-extra \ + libmagickcore-7.q16-10-extra \ procps \ smbclient \ supervisor \ - vim \ - clamav \ - sudo \ + libreoffice \ ; \ rm -rf /var/lib/apt/lists/* @@ -23,15 +22,15 @@ RUN set -ex; \ apt-get update; \ apt-get install -y --no-install-recommends \ libbz2-dev \ - libc-client-dev \ + #libc-client-dev \ libkrb5-dev \ libsmbclient-dev \ ; \ \ - docker-php-ext-configure imap --with-kerberos --with-imap-ssl; \ + #docker-php-ext-configure imap --with-kerberos --with-imap-ssl; \ docker-php-ext-install \ bz2 \ - imap \ + # imap \ ; \ pecl install smbclient; \ docker-php-ext-enable smbclient; \ diff --git a/docker/nextcloud/docker-compose.yml b/docker/nextcloud/docker-compose.yml index 8d054b6..b658b27 100644 --- a/docker/nextcloud/docker-compose.yml +++ b/docker/nextcloud/docker-compose.yml @@ -14,7 +14,7 @@ services: - nextcloud nextcloud: - image: git.roboces.dev/catalin/fukuops:nextcloud-31.0.6 + image: git.roboces.dev/catalin/fukuops:nextcloud-32.0.1 volumes: - /mnt/nas1/legacy-storage/cloud/cloud/data:/var/www/html/data - /mnt/nas1/legacy-storage/cloud/cloud/config:/var/www/html/config diff --git a/k8s/services/argo/project-fuku.yaml b/k8s/services/argo/project-fuku.yaml index e8941de..c4ab6ee 100644 --- a/k8s/services/argo/project-fuku.yaml +++ b/k8s/services/argo/project-fuku.yaml @@ -30,3 +30,4 @@ spec: - https://kubetail-org.github.io/helm-charts/ - https://groundhog2k.github.io/helm-charts/ - registry-1.docker.io/cloudpirates + - https://vmware-tanzu.github.io/helm-charts/ From d732728deaa98119ad0eadb3f212a437b2b13cb5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 1 Nov 2025 02:47:27 +0000 Subject: [PATCH 217/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.19.3 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index fec42d7..2c6c718 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.18.4 + image: ghcr.io/paperless-ngx/paperless-ngx:2.19.3 restart: unless-stopped ports: - 8002:8000 From 152666647e2359f903aa85135566655b8bf37999 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 1 Nov 2025 02:47:48 +0000 Subject: [PATCH 218/377] chore(deps): update mbround18/valheim docker tag to v3.4 --- k8s/charts/valheim-server/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/charts/valheim-server/values.yaml b/k8s/charts/valheim-server/values.yaml index bdc7966..3dae869 100644 --- a/k8s/charts/valheim-server/values.yaml +++ b/k8s/charts/valheim-server/values.yaml @@ -3,7 +3,7 @@ image: # -- Docker repository to use repository: mbround18/valheim # -- Docker tag to use - use "latest" for most current version - tag: "3.3" + tag: "3.4" # -- Image pull policy pullPolicy: Always From 77ebc7b5af1eef64e8f8a249e9cbc30413c553b2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 1 Nov 2025 02:48:02 +0000 Subject: [PATCH 219/377] chore(deps): update netbirdio/dashboard docker tag to v2.20.2 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index f839de9..7ebaf6a 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -1,7 +1,7 @@ --- services: dashboard: - image: netbirdio/dashboard:v2.19.0 + image: netbirdio/dashboard:v2.20.2 restart: unless-stopped ports: - 8005:80 From c851e6b098cff2b338eed1378005b3c40664a607 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 31 Oct 2025 02:38:08 +0000 Subject: [PATCH 220/377] chore(deps): update netbirdio/signal docker tag to v0.59.11 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 7ebaf6a..febfea7 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:0.59.8 + image: netbirdio/signal:0.59.11 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird From c54552f496116c47c5d1f0b763d167392dd618bb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 31 Oct 2025 02:37:41 +0000 Subject: [PATCH 221/377] chore(deps): update netbirdio/relay docker tag to v0.59.11 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index febfea7..abca948 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:0.59.8 + image: netbirdio/relay:0.59.11 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} From f46f1660335effdfeba8cce2bc5fee645f8b7535 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 30 Oct 2025 01:52:07 +0000 Subject: [PATCH 222/377] chore(deps): update netbirdio/netbird docker tag to v0.59.11 --- docker/netbird/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index abca948..76dc7af 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -91,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.59.8 + image: netbirdio/netbird:0.59.11 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird From dd41bd3af24ea4c48443a50c9171550faad548cb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 5 Nov 2025 01:52:26 +0000 Subject: [PATCH 223/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v11.3.0 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index 00f1f6b..4d45db8 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:11.2.0 + image: code.forgejo.org/forgejo/runner:11.3.0 links: - docker-in-docker depends_on: From 8becd750daeff5c3473eba1f69db04f19ea530ff Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 4 Nov 2025 01:45:23 +0000 Subject: [PATCH 224/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.19.4 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 2c6c718..92230d6 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.19.3 + image: ghcr.io/paperless-ngx/paperless-ngx:2.19.4 restart: unless-stopped ports: - 8002:8000 From f76ed737a0584d7fe31b593062028f52f65af26d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 8 Nov 2025 02:40:25 +0000 Subject: [PATCH 225/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v11.3.1 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index 4d45db8..e98dc66 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:11.3.0 + image: code.forgejo.org/forgejo/runner:11.3.1 links: - docker-in-docker depends_on: From 46d4414044596ce40d6408bb2986d3987b9264c0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 7 Nov 2025 02:09:38 +0000 Subject: [PATCH 226/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.19.5 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 92230d6..4bb523e 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.19.4 + image: ghcr.io/paperless-ngx/paperless-ngx:2.19.5 restart: unless-stopped ports: - 8002:8000 From 4a7ea8f4d67e5c1b029406f8f1ab7ef6f4dec786 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 10 Nov 2025 02:02:20 +0000 Subject: [PATCH 227/377] chore(deps): update helm release renovate to v45 --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 4cc0706..940a12a 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 44.15.* + targetRevision: 45.1.* helm: valuesObject: renovate: From a33615f7b7130fab8a1124eb3b11ba560ccee4b9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 7 Nov 2025 02:10:53 +0000 Subject: [PATCH 228/377] chore(deps): update helm release kubetail to v0.16.1 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index a23f35e..0c6b50f 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.15.4 + targetRevision: 0.16.1 helm: valuesObject: kubetail: From 83d2ed914142884721e48bb9215dd2805c9d19b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Mon, 17 Nov 2025 21:53:42 +0100 Subject: [PATCH 229/377] feat: add rustical --- docker/rustical/docker-compose.yml | 17 +++++++++++++++++ tofu/authentik/main.tf | 13 ++++++++++++- tofu/authentik/vars.tf | 14 ++++++++++---- 3 files changed, 39 insertions(+), 5 deletions(-) create mode 100644 docker/rustical/docker-compose.yml diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml new file mode 100644 index 0000000..662a7df --- /dev/null +++ b/docker/rustical/docker-compose.yml @@ -0,0 +1,17 @@ +--- +services: + rustical: + image: ghcr.io/lennart-k/rustical:0.10.5 + ports: + - '4000:4000' + volumes: + - "${RUSTICAL_DATA_VOLUME:-/mnt/nas1/shared/rustical/:/var/lib/rustical/}" + environment: + RUSTICAL_OIDC__NAME: ${RUSTICAL_OIDC_NAME:-Authentik} + RUSTICAL_OIDC__ISSUER: ${RUSTICAL_OIDC_ISSUER:-https://auth.fukurokuju.dev/application/o/rustical/} + RUSTICAL_OIDC__CLIENT_ID: ${RUSTICAL_OIDC_CLIENT_ID} + RUSTICAL_OIDC__CLIENT_SECRET: ${RUSTICAL_OIDC_CLIENT_SECRET} + RUSTICAL_OIDC__CLAIM_USERID: ${RUSTICAL_OIDC_CLAIM_USERID:-preferred_username} + RUSTICAL_OIDC__SCOPES: '["openid", "profile", "groups"]' + RUSTICAL_OIDC__ALLOW_SIGN_UP: "true" + RUSTICAL_FRONTEND__ALLOW_PASSWORD_LOGIN: ${RUSTICAL_FRONTED_ALLOW_PASSWORD_LOGIN:-false} diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 5c0ffef..c062e8f 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -42,6 +42,7 @@ resource "authentik_group" "ftp" { is_superuser = false } + module "gitea" { source = "../modules/authentik-oidc" app_name = "Gitea" @@ -199,7 +200,6 @@ module "netbird" { app_name = "netbird" app_slug = "netbird" client_id = var.netbird_client_id - client_secret = var.netbird_client_secret client_type = "public" app_access_group_id = authentik_group.vpn.id redirect_uris = [ @@ -223,4 +223,15 @@ module "netbird" { ] app_icon = "https://vpn.fukurokuju.dev/apple-icon.png" access_token_validity = "days=10" + client_secret = "" +} + +module "rustical" { + source = "../modules/authentik-oidc" + app_name = "rustical" + app_slug = "rustical" + client_id = var.rustical_client_id + client_secret = var.rustical_client_secret + redirect_uris = [{ matching_mode = "strict", url = "https://cal.roboces.dev/frontend/login/oidc/callback" }] + app_access_group_id = "" } diff --git a/tofu/authentik/vars.tf b/tofu/authentik/vars.tf index 50cba45..3dca992 100644 --- a/tofu/authentik/vars.tf +++ b/tofu/authentik/vars.tf @@ -44,10 +44,6 @@ variable "netbird_client_id" { type = string } -variable "netbird_client_secret" { - description = "Netbird client secret" - type = string -} variable "sftpgo_client_id" { description = "SFTPGo client ID" @@ -58,3 +54,13 @@ variable "sftpgo_client_secret" { description = "SFTPGo client secret" type = string } + +variable "rustical_client_id" { + description = "Radicale client ID" + type = string +} + +variable "rustical_client_secret" { + description = "Radicale client secret" + type = string +} From fcb7a80d0aa13a130a3190ec50af6859310d27ed Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 23 Nov 2025 02:32:34 +0000 Subject: [PATCH 230/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.20.0 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 4bb523e..58acc07 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.19.5 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.0 restart: unless-stopped ports: - 8002:8000 From 0a27275688530215e9b87360745c6c477abf0add Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 27 Nov 2025 02:11:51 +0000 Subject: [PATCH 231/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v15.0.3 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index fdae5da..277a779 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 15.0.2 + targetRevision: 15.0.3 helm: valuesObject: replicaCount: 2 From 6386316395d260e565fc1dc767dd038ac3be4033 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 19 Nov 2025 01:56:15 +0000 Subject: [PATCH 232/377] chore(deps): update helm release kubetail to v0.16.3 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index 0c6b50f..453b3b8 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.16.1 + targetRevision: 0.16.3 helm: valuesObject: kubetail: From e4dbf4efaf9e36559d955415d3b2662aaf5ff99f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 27 Nov 2025 02:12:40 +0000 Subject: [PATCH 233/377] chore(deps): update helm release renovate to 45.21.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 940a12a..83c3d3a 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 45.1.* + targetRevision: 45.21.* helm: valuesObject: renovate: From b5db854806a94a2b5bf1e6464dce2d3a58e0a895 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 10 Dec 2025 08:57:52 +0100 Subject: [PATCH 234/377] feat: update huesoporro to v0.3.7 --- k8s/argo-apps/huesporro.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/huesporro.yaml b/k8s/argo-apps/huesporro.yaml index 0376ee9..93ac93f 100644 --- a/k8s/argo-apps/huesporro.yaml +++ b/k8s/argo-apps/huesporro.yaml @@ -12,7 +12,7 @@ spec: sources: - path: charts/huesoporro repoURL: https://git.roboces.dev/catalin/huesoporro.git - targetRevision: v0.3.6 + targetRevision: v0.3.7 helm: valuesObject: secret: From ccbf5162138bda9c12be906738ceda3bfe77223e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Mon, 5 Jan 2026 01:42:20 +0100 Subject: [PATCH 235/377] feat: update nextcloud compose to v32.0.3 --- docker/nextcloud/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/nextcloud/docker-compose.yml b/docker/nextcloud/docker-compose.yml index b658b27..7599f20 100644 --- a/docker/nextcloud/docker-compose.yml +++ b/docker/nextcloud/docker-compose.yml @@ -14,7 +14,7 @@ services: - nextcloud nextcloud: - image: git.roboces.dev/catalin/fukuops:nextcloud-32.0.1 + image: git.roboces.dev/catalin/fukuops:nextcloud-32.0.3 volumes: - /mnt/nas1/legacy-storage/cloud/cloud/data:/var/www/html/data - /mnt/nas1/legacy-storage/cloud/cloud/config:/var/www/html/config From 758b40563cfcb2cb3eaa63c10db713c9a201fe62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Mon, 5 Jan 2026 20:48:30 +0100 Subject: [PATCH 236/377] chore: update forgejo and miniflux secrets --- docker/nextcloud/Dockerfile | 2 +- k8s/services/forgejo/sealedsecrets.yaml | 107 +++++++- k8s/services/miniflux/sealedsecrets.yaml | 10 +- scripts/proxmox-power.sh | 313 +++++++++++++++++++++++ tofu/authentik/main.tf | 14 + tofu/authentik/sample.env | 9 +- tofu/authentik/vars.tf | 14 +- 7 files changed, 454 insertions(+), 15 deletions(-) create mode 100644 scripts/proxmox-power.sh diff --git a/docker/nextcloud/Dockerfile b/docker/nextcloud/Dockerfile index 275bef7..acfa490 100644 --- a/docker/nextcloud/Dockerfile +++ b/docker/nextcloud/Dockerfile @@ -1,4 +1,4 @@ -FROM nextcloud:32.0.1-apache +FROM nextcloud:32.0.3-apache RUN set -ex; \ diff --git a/k8s/services/forgejo/sealedsecrets.yaml b/k8s/services/forgejo/sealedsecrets.yaml index e33bd4a..8c2f780 100644 --- a/k8s/services/forgejo/sealedsecrets.yaml +++ b/k8s/services/forgejo/sealedsecrets.yaml @@ -2,15 +2,114 @@ --- apiVersion: bitnami.com/v1alpha1 kind: SealedSecret +metadata: + creationTimestamp: null + name: secrets-forgejo-signing + namespace: apps-roboces +spec: + encryptedData: + privateKey: AgB+r00bfAxkhQM2mxWpDRusubkWgkTH0/fWe/pPS0WOmo4iUVPPndSRmomo5g4cB7Oq8DasAV/oBEjmDquDCMPk8mXa+oikjx0ewvaaZ7651Vk1LVyqDik680QGUn2zwzOtVrWJa9tvXzfe+ciwj6tJhUmJaI0kgR/yFkqu4/JrmNXMnYtmT9ahMbjNJeOyKm5uyF4p4RxMxReycAnHw+FMe6Tdn3Zdl5/kHtfJHaEDDUVJHV2c9rZUbGmsJK3q2Fz3tkXyjawBL5tnh62G9o9Cet6flIZDabnWtTaqSDdpEMhFOc3uHTgTe3U2tyTHG671IGDTjRJDr4gBStbzHqGu5Tydaz+EMgDBtJkP0PLn6CWawrxzg2myJND/g6vmO7RQjT6TnEpFd4pHsUH57cx+xRxz7K0ioA7Ad/kFctluy41TNrDOa0j8eEMNELOVEv4tEsfjgHGSgdJIG9pjK8zRSIlvBPxF7vf/XcRoSKfba5xwaNVNfSBkhB0oQK8ExHAf16Yg6+anIvnmR1bugnbGOPMMvQRswdw3pC2c7OVscDl8MNHSr9/Z+1iVv3PkTSFsPv8JBvuXlqMWSe7tMZnunscZ35T8nyDdiKJhMOK30K3vrspWy8V1xvyovqkONLuz8wWmNziTjc1/Z3Y3EL23NPTry1+luGMF6++ocpZ8ROy+n5ijSkNOVBt/Wsc3du17zUuKhT+oTN2Sn0nJGNVXcvuVHshsg5CH04+rO6b4SjtA1BGGKTzOOuSrdlhat7M8fiEpJ2/s2s/azF362nVE2EFY0w8OojAbIBcEQkQZtH6ZJ1mLIgCt86pstTVen48PmrjAE002NegL1RUU5ls8nOizdSszs2iYz4cfWNmYAzqU8wjqiKV06Dpx+xCdZ3HnQFGalDxQmItFz8EKGtuNnaCsRbzKG1k+EVMRtctFNyCnbxajeBAvIE/W7MkgrfkraGU98EGDGqs9AP6tfMoVIoHy3+zcVlGa3KIReSEUQaQlvP1WSe0+G8PKyzR3S8teakyk3WR9Dt3B54E2kFEGy6BwnEsede9MQhOf80A1zezIcdVKBINm5uD4gM84kmHDv9fA5E8K5eWQLQEP+6F2G27XGDvUIJuPmf1dzelGXpwHZhqP/xVbP0qfNVqzhoArTTmnU9COB+qgjoxJtZy9kTT9eHKHbKzgdDtRRt0UFUz29MZQFEKmD2bra4Ouxy6g7TXGNjIKVW8ZG2Mn576yw87VMARQuwA1klybXzSxYOOT7ffk15KPdt8tqhdlTjOiM145e0BQUAIwkuziyp7PSPuvGasZUtz3Zo48lz5HgXeBIxBnSy0jVYNSeIjWBrPpAzHZdTN0IBAQqQ854bnV/7tA0w7L5ZMwStpbWki8iQpln3omsq0hEmMJv8W8W9GLx2qXplyOjWDKbuwTVKtw0EaH0eYZG7/iVxk/9hzxIkvA7Gpyptifef18iRUSE6JORFPRMOTHn5vLFrBNvzQ1fnXzVIA018ZbprV1sLrHfVDcy9n4J0xCYDnAX43GhX/ewu1C8a3l13bpPJAU0RP9UZNRTGtVV3KiEdvF4pMRuDFfXdSv+it/q22qgl8oGekqvm4HlGXXkncLJKlF/sSlj5jV + template: + metadata: + creationTimestamp: null + name: secrets-forgejo-signing + namespace: apps-roboces +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: secrets-forgejo-admin + namespace: apps-roboces +spec: + encryptedData: + email: AgCYRBSTXcL7g7PozKI/AjqWJfY0YsDtBBJrCp/iEBGBt5jestwDukWXvddRWc1b/Mme0s42/lqukqx43UDtPJ/obWh3icWnsXJaViH5+JRp81MjKjXMNSy9dnpDOKfdA/BGn6fuUo+U6xM6GfsNLT2LPVdq61i4Vfs4BDMuleQAdGc+p8nUJpmde0KiUwGiSKQOsUQHyiPM3xYcdDOXmBaPC3d6pN1YarXpuV9BCRhJeBez+/C1QbHlBOf5vr9Xno1CUGlc12zrT372mmhUP9UNKJWolY7ZwnwZiUktBkXFixZ3pYD2mdqlcj81BNXLP3OuWrAjQiRwMgjcI83jwvrlC7DJKSkk9OYSVfSvWoQOLCVwtxXDSWqPPl6l0mhv5ie+b/DM8kvrtr0kxj4ngrOtmpE/l7QuCh54wEdVLk+O1qlS5tgKFnBnZTdL+muGAJpC/dS3bVskumMC21ew+tRCCXQlaMywjl4fZea/yz8TuNZACY5guC+oK/iOqKD3eeHQxO2zNPI/xTjvgdMh98jd6OkREUNuaDkoqXfDt83XLHAZTrLzGqdvnfSYtpeyREga3wOh+JYAvYH180QAB8Pm52VWBvIYyQCCEprcXQQWwnnram1Wzvn5YlGdd3Ezt3z++4brtuICyYuWMF51LuKzVYrsde9tbe7rLp+gzZwy4P/rFV1G0KW87Axm/NnyedhU2NspTQv2T/w+WQFm9+LTbHBg + password: AgAmczO/BhnHqi1TO73JKF0J/e9Nvxm3F6nxvoMD+yq+qIaEqHlKVYT+uKirokj1PfGCX/Jgeoa+VKpsDY86JlK+PTIzvcM0/VQAh4ty9ER+CHNY+c8ZMXyrXkRCu8qjQfKVNJ0/eGSUj1bXsxOpQlFsIdk8FFgq9rOaL89hL388zLj7DC1KR6pI7+1ETtQqdadMTKEHshDKz58cQZHUU0+6GbVoXwd7OEDJ6BMEPUyZagX9dtKJXyxN69tAC60T9vCJyfLkMV8IS93PZGcwJ63yOELV+hIdNwRLOBODuQjWftbdPGzZygv4fr6g3QOhgNsRp78BXYR/Y2lEEn/e3yXrhQJJnv8gnczb79ymUdHLHFBdykrnEDqUaSWZay9kEfk9XGTwealCMlSkMAPw+0kLfU0jjlsrazycsxZlbOmSe3O8hRPxhTAMFGzHVkqXo5UVLw3CrU9w4enVPnKXZ9Z7B/61ObCbj6QdCh8CQem2FwRORs2SdQAOjKfFp4TXMkIPOXyAFusPsomFpkix8aRXD5QIi2Ex2GyHsh4BonIvTwGd1oVgkCgF9QpC2FyVIiy8pSVGX0r7Gx7YI0LYeL0nF6jT3HxP0HBeDpSZkCcGQn3kNPvtiYrVi39aaU8OTSzwghfYQclWKwbCSuEr33yFPcAfgPbWwFIN2M73zn2iGEmirqUwfH76UdbWU2+beXwDKeKXcY4HiUUHqsQjKA== + passwordMode: AgCWjs796wR9evramu2S8ALTqbyn6vfdLFqnNkNUJGx7Cxvx+vo2j7J4/g8iEtUXzqAGSw5JYH/ifOPLZz9pWZwTO9vFu2Rr91KpJA14Eo5GNj/KJO1NafVMxRXDpXd/gENPrwonbrCj+s1YxQGQeY2STqINcpuCT+/sH3SsEL6Dei3KW39ZfHw+UcY68Vv3hKejd1F3HDMOgqwA9TOj4cRCt5Eq1VmNjhE6dpFBNFU+cwNDpsYgCMw/Ir8VkSAJcpllSW+W7vTRS1BYGQEoKRTaRbQD/2mpTh2W2hCFmUrUHsed4I63V0lfa2OpQjSDbCfKAtEwvrOiFm16L4A2dxX9FRAVpIS3L5hXwZTNFui+4gD5JuatZPcZjqvHKvk6gvZdi0D2B1Cl9+kT7A6h+kEN7Ru5tMFIUOyPtrdqSKf1V78C0HlvhK8tt5NYjIiV1gRGRVzUwfep8zolPE4jPsTsf4Edahqkq9z3JLlZ7sHLOVfTkoop4DTHAzTS8a0FTHnVMn5QIGiec2t6gAW3gOvufqcRA6/M1ZcdusBrt1p6DsLFhHTOCehrgW0+o4GByj3IAdGl+suAtAZcedXkUulifEgtGNuXZwF4euLYlsGallwcUa+6xeKClchJO7CYYEKG317xSdGN+y+PRqPnB4YtbDjIqsbFInGDEPY5b7rRbMhE38zYxPUopgqbv9QfGefyCRj26B8Z2uQ6Kw== + username: AgBiBO7O5wif0N98fTSxk2rBkuyJSmDyWIlNmPntcdTs7/VVSkC8TwKmxLKlfJgANd1fZ0SeEQN+Z3U97YTVMm9h6XBfFeOe+UUJVF2Vt6+duIG1mBLNURuMkdXmc3A3pUYnDL5/mczFXn+XkEjAOSdILk3DpvVWymUbYTIB4qaJqzK9LKKnR/igK0Yb0kxXbzmffhs54hsgwuTlZRlkR7DtVCdOmVQVBjA4OEiBQFMjJrVz68OD/Cs5l3IB43D7zKwIZWAvL1ePoVNm88XhaTNgSYL+ccy8I4WJIz/3lVckv2Y7IQSeVoAH2nVKCQqEBjbjxr09RVBk2E8qWYTqTUVADIsbq/5XPROmjZ4H0R2H0zBbNcY5K0oV+tSZjRZOrVOPe6KHtHw2HT+uuAW+yvxGkhO30vXXt5CbmFKNLmlIG2NmTajYw118kcbJSs8f7Vgx+hZ4zTdqTN1Xg7gzGxvvgiuJ24dt0W77P1QJmcaJqYLqLXdlIYJuHxMReiGaxAIfqfnubvuYkP7pXVXazYMtsAFS1SllXR4bo8N6mpkxRq8puoL3iwDNlXo55gHX5QTNyN4KBPGWBnEKNOcS6cPKMYbdrosFpTHTKsU56b4bU2hYFEc4qjBhZC3CE/yry5CRzr3Tqt+e/9jHGSqkzfS0adD8CNI5L6Mow3S/ARfC3I9pH8bmj5LiPPhuCADzgr8136ZD + template: + metadata: + creationTimestamp: null + name: secrets-forgejo-admin + namespace: apps-roboces +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: secrets-forgejo-oidc + namespace: apps-roboces +spec: + encryptedData: + autoDiscoverUrl: AgADpojDS4NUWIsgD3HF4X11blVZWNtlrkWdbTP2yWLHXti4XV1nQUzSUMxaq0CYtjsWIHF1A+OmzPppwZhIAJrf3+ahaUqOX6UQ8eilOiEgylwzhg7a/AYIdiU1LBfKzB4Hjz2/8hOwmH7GT3TlsFSRy16j7cLSybAEkftWWawD30a8IEFiy+UJwWRswuIwqOK5EzdZu4XNEO1zzbaA1H69KNLFDH6JEMq/rXIuz1tbE9umLkg9tcgnEjqcQumx0u4ft0eLsoHV+s3/EjcGeJGDtvDF96DnTeaOYKDleZc06K8ZK3BrCka3u755lU+p4Qr1BR6XgntqpXE9bV+bwgPPJU6iNCgovaDky7SkxVnXNNcpR7Qwsw7q2w+Px+oDFdrkFcZaVz1VnJAiTksxiy4Yd1udiN1UqERNak9x9zX21sRYPQtUVjKMGhL29kZgEQbwkakioODuy+XxpbjdInc+lcbf8AsKzl/JP8g1NnoT+K43dlQ/XWoPnM5AP1rRVxehTqUQ7z4SAcErxBevUFFCWPsXU7PeS0shCIBmGh/9fbi83cHB0oF1uZGJ5lV2pMi/4zrVIay5su9BfXQrgjZABK3VVeSgljpeBqBxIsu1LfdE2jg2mGMA46t2rJFTNEDlkfhwz4sLgWIHUA6XN+xeibLAtL5ckroWlXdm1K4uOEru62VYyqI0+UtA/IlnjrpiYW8uJAbLlmsZmt4aC9nCUYOU4xXMlY4XoWKj3fGKu35+Fp8242ow0XJTjSEdIqUbUmoYPa/KNbnqkRcXE4cHucpbqs72wHOvNYk06g0gJw== + key: AgCXF1pFfI/IQ5roi4RnsMCRFaPysO6A8nj23tZd9qJJ3an0Bu6X3pSzXmlLdnIt93WoVA0Qw/zmH1/LZzrca4ScE+/csTNA74VdlND4b5zhb59fXp5XKNt4Rv6nu0rSzLfaYvA6ucZeAJb0RUPZB5i7h12KpjZAn1KmpQ0hhaZhT07JxC4e+QVsqkzA2WOyIwX6DRXItaSGEnv7D61Gt/MLHhL3a3MxNGtu1oElQKVMMBMseBnWYFN8LsdIpMx5ertkAGuHC525iLsEJ7cfnWAebHyB295lCkARPEEYeStoJm1t6+PvWKIoq2Jv9SW9JhTkYn9QomDAC07oJ5hS54DZIcdF1rFShhN79rfIPJRuqnehG6DVUlT9uODg2gKRUjaqP1LpiOZN+nze8JtsG/GH28Mg13GRgVkjWqtYYLvDf5iKwEszOBfxeClOeliDVhaoXFoOdkNk83KRQnI13CE5Kpdp88KKAaYxMoI5WHjrqkx8HWhTY/vG9w7lUYAD+CStn1V1h4DqwkE/e7kYyUMmevVOzuXIlRaOF8Ca2l6N3sTmNTYicRL8wNrPqQCSAfxzi9odMWZN1IKlz3AJ7CqKykNuOTEfy7QNIPEKpuTlYMID78k+JhKMYPXy9KmnPRcE6PADDir6zAbUzZVqSSAor4PGDnEiH+Cixk1nMuh4mPUyspOLAYXs/38TvdOjGsp5srtGiT9E2U0sTIVC40xzONkh9wxqo6tg1MTO+ncnf0ILlmT4GF3M + name: AgAhLbpXrfXbLlAWdt3M7YbILunCfpDaI6O2EnzLLCFdDlkXzxHvO64uxYF2P6TST3dfvJl7bAw179meUpy+bn8NRonveSz184Ny+nfy4/w1eZVxb4iVmQ0kZ8EJCBHzHAvyIRfRKUTbW7HqjuQnbN+nOhElb240utR8cNfdnvlASfI+fZbIsz1XPMlGyXTga+kmgIuYk9vTNdDJpjEB1Pzz4BLfApnNFJ78RO49GmS1IyBkL5vFrKOR51GPv1G7VzJApA636XWmykGfMmMPxHXCbHhquJh9ak9/052dQ3u+AMpLCxVjg6ehJi+5O1sA+8ZQpUeHJiggskIOP8AbOYckdcTw7bBSj/SwjX78eE1P5bhTVRbCCyC7RkpBCJnz1Pzqt+vn/M/Tc1hhI5mSLrmZN9l5Fe51bQulM5IMno7jKc5miGLu7C3SyeJM9xDB15JcExiVO9rvyW/Z/V2UcWlVOp7nGc3NPnP+p5ipxe7pPSwW6laSkzvpGAzTshBm7/k3usbEKrwhnmw2datQ9CbO9v6ZqCTLYc4epL7FmQEqc4XvltUqpG+h6tszJSa/bKSnpCFqesE9oxPpXfocaYU9cDcUHuj1QCnYQg61oDU6TL+BvIiqxIKacY0Z2jYQ1Q2VaC0LrH8IDB9JmoNyezGwqJYeY+BLXUcDJs5gMccgwtW93X4ozaRjv0bPrpCi25JfZAWTxIkNeWU= + provider: AgBOMb5L4Ya9Pe+sRN0fsGAFlejDQe4dvqZ4VfUGisN4RLsVmcpIXkNO3Nr2YeCOcvkGOnGDTJHh4mQICh8EXNOjF7yiKd9xG5qYAuPbmaw0mqKHM5YlIEGSWj40AEI3xXJPbhl1hNJPOwjAYbBUzGMi4MzlkBR6Hqk1IvPfTdhNLiCxX/Idv7slE4Kj+4sdNUa7PAUaPXpjlRYtn1exVxcY3E232ec3+EV3k7jJyJJWMG7LS5/NjB9g14lYLKbL8XU2ParD/1O0hXWPvhKGllW5gUXvg3LufKFCk+ALO9CCJ/8rlU4HmmD7U9r8UqfMO3krmXyayLzNHbxmWe8/GJs8re/fW482TCrQkTpPqgjlJtkRBOVmhei6m99x2EVWL4YLZN5mFQo9DZSwd8fCcPw57APGwODnTpK5OwZc+ddQDBFR39AaQWD7CFcnmQDpVZtDQWie3Dk8KiyTZeAPlxXGAcY4BY0eplcXlmOtSEeSiOOOKGG1Ey4qjZMDl87yZcYI0bwpylNWPCvjrpxnuEy+undulGyTJjeLJpEIqpdSmjk4Ope/bfUfqXl8VfEnmlJ5yMgRv0jI77t552iewhbW+CV7NhyOgEzFxaCt45SsFQn3b1qdM3Cy/sJVGkb4bo9K4i38UTvJ9IdJ9DIKM8vQSTCAdCW+YAU2JQsVZLVHuscoUP06Dr7dw0tWZTlja73Wkja2 + secret: AgCoDNye/WbGbO3KhmHh80qkET/RGTTBZxwp/7prKOmOsi2HLWaEcziWZmkSEtMh/dqZwp3E4j00fzFFhbpaX0vzyNgmCYhbBPesdOxoCW2a7C8QwQIFOWiQSxCwwt8Ll3bU9LH8hX7suPOnFnHsOzaTiRMoiRMsi3mXpHJV/2QqLxEVNaiJalxkUqT38sAH/or6OaGaMKibiFkaLh+b0XaBiRzV6t8wYPX7u5YbZczxhEcfV4uLxIzx6PynvF6TtjTHY+PQ3H/+lukakM70IApi++PMCEwf+TiTAI1R7ybmGtI0spzhgY5LgR7ebIUbhNwRxLkedKUOnTgGH0WAh4KVqeVY0qJh6kqNiUmaNuOwDNSkJZWdfvqMIaNTwPlPPZ8SjOheqYIJyHPD8FvFJb/FTzGeHquyfK40qLbqCAIlhDd6OBU5PoqPVMNSaOHs9KpVGDKEL0tT0wz1Bnb/xFrs6Gr5SIXu3m1fUb2O5I+Q3TJOjn1xEfhaFiN/0TsyaNjDKEVbit4BU7Fa8GTbGVKHTJ/h1aG/qsQTWJ13kkuBeQR2DOJWeTvIHSbPCl9Q6bWWw5vPWszA3d9Yjq+nCHQcpsvLrqtuZ1uCxdUl02x7Gv9IjdeZyJ3thvLwhQzQIbo4/wKRPpjdyhu9NJ0578sXZUJYX8W59TsAN38lFj8tUl0mx87TP0dH5eoB39Mu5ufpjIJE2LLl/c5y3aHOYtVQwXVqFmIT5he9yFylMsJD0UeQGedxWSHfap0e+F01u693eUcT3Rjse18eNQ05NqyPUEOqBUQrXClSjbiQVG0ZKeJ4fnY5CNYG0/ZH2jB8Z2yV/CpiJpWXmKINT6hj6zb9XwvM9uJOfkzXgQJK1n4EEg== + template: + metadata: + creationTimestamp: null + name: secrets-forgejo-oidc + namespace: apps-roboces +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: secrets-forgejo-email + namespace: apps-roboces +spec: + encryptedData: + mailer: AgAcnKAn8eDCkN7V6b0afbnoesqIVYnSwPpxIJNoyoTWHgku8SHN9gKdwfLMteNejfpngX3tJql4csMUxy/C9jGp7T8gGVIvkQzdaQgumUR/rRVc384mxEaLbKo3b0rj+tbXejIOPzj3SXTdo6D2L/IqvaEXEOiLODLeZVRcM1d9nXGtxABkaKmKnL0lcNlr7Mdny85EFAtTVyOT29rHEbOskHBcwSwdWnkyxPb2QewRwYqXVFAcjTxB5FltZAI0AodAP0wv0+F3UEiBU8311lXdeubusocH2QvlQ+4JBF6VL3BDP/5guUDlJTBPQ5XN2y4VfRZ9DcNUeCoTs46r69gn8UyUuDO6qxYa3qgsUfLqyvvT3BTFRuAyBF2pFA3zaBUOe12GvM08Hg3AuHXiP2KsewwWuSeTTJ0u+ApHAcRhpyFW5O0voTbqNqbvfnHvpbwrLa6FuChTcLlKpfM/TmQKnqx8JIkkHNYRqtnZtXwAtHsGjBGI2RV5bpgmmD9XhKoNAQfyOG1x1QqZeP6AZB8SJeCzXzqBT6qYWe1kNJR/vPEZ85ijnTgQRMDyhcMOkqc7wJGVhidQantWF3ZT+cQiKG+MZBGMxjoOlv9MCqnDyDjv7wYfZrxDmEB65+A76/4TJlhZ4s2JEHyHbWcbw72V9PfrTrrZdO/0SfDkSUPKni5YLgQ+jszMzxbrN8L7vKbYZU6QyXF5hk+9JeqPT36VcbzPGMcDCNieOKomq8iuK97iQ/n36feY009XSFUrHyrrSMvM59ZyQNNvKQk82MDFzlX2TS5uwOONrfh8XtW0bOr3AcGkCEtmh7JoxqhmeM6XFG9vI01T2SbY1C/bmrbe3NJXIWkJkMlymJU1ISHxXMYgpxOkboVDtlmAn/8i8RDIEBEOaEcj8oH8fN+n0coSIpiMxdRk4/xnHShsaAnYyasOACwuZJcvkCMCZmNm1Rxkf7F2 + template: + metadata: + creationTimestamp: null + name: secrets-forgejo-email + namespace: apps-roboces + type: Opaque +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: secrets-forgejo-lfs + namespace: apps-roboces +spec: + encryptedData: + server: AgCNvexAHYnuFh1c4eo8LaeLzY9ErfuwOyTosom6RiIcfYho8qyotmiCNAmMJ7IHY7zwe3U2ogyBDPJad0ibvWAezoio3vYS7zo6MhyPDzpgNqc46+DbEKBE74gs6ZYMQodxxC1FGKuVs1X7rAhdd73vZ+O7wMJrfgXft9MvJFAG/Vzx0o5fFu7blcjDuHJMuftm2jOB4Y+zxhnjvFqJaahrZEzSjMWQdBpNAWcb5NIupJDCYPvP0aXz1/SYiH34qSVh+GViXm4nrZ5JaHb3PjWV9lDKKmI+3eO5/k+3UuGc8bM0SqgOQMj3yzOW3hASLs9wniDRV+rX70c2AdWKdqwk+vqvkGZnQpobxSI7hNTNZ2iPj/MZTBC7rDpepBRjcEvTSUV4L5DbU/EZi8U8pg9IlAc34DB/5dewh743kq0WV0BmzBVlHntM/pArl3NRgCFrft+swrQB8+pCUic0Y0/ltEYylMuCnH6prjXcro2yHF1eORxM2j9C9gVMM6eoINBvvg+bbj29mKqFsDwpcbuRZckYOHOp/d85FdUeSmW8ddO4Zg8BnNuzDGISMPEqBpRZFZPEGVmSFTAFrlQr2QL6PopwOkcm7StGTyJoldH6XSeO5f54+m+8bD4MPV/JdfruowDavq48uSLtpGTwLkuj1VRkQRM7rEifVx+cOzwWLVYvmvOb0ZduCuO3E6yrrGX+waMIPIEu8FZHIYuoITGxbpdk/UC37amOkzn3H3eBEfd6pTZ73FEDpXtTCSee7wFKItV34s6VM/auY6Y= + template: + metadata: + creationTimestamp: null + name: secrets-forgejo-lfs + namespace: apps-roboces +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: secrets-forgejo-internal + namespace: apps-roboces +spec: + encryptedData: + oauth: AgB7QE54rWd0F20nDHQeVXW2Orzio3qqg9W7iFhKwjt7egILgoe3k4+WqTtFMoq9xPS/KYOW+b7mYsgjm1AnIGfq9iCqEimLaWYu9YZttiC9f+Nv5p2Hc8FmvcVhQhNqHXoFJjnIpWOXr5l7zaysn+FgVk97JhrcbYf113970McP0n3ORloqz5PmyNOwIu+//E2NDcqyGxbGmqB+wP/YvwPzPZQHqqQArn8CVGwlNI1P/NYXtBCc/xuJQyEdGTz/F3c0Pw4xSp+bwuummc8rMzwezxGKw1XAIqC8bFoXoThz5AWIOL3dXpEmkK+bOJioV1zHjeF3ZmeKmLC5p6YtBw04krR36jPBDmhNScHEaKtOQxUNQ9M7mtFXS+hqSguWbuEJKc9okF3SP++HTrwXlMt6epizpb3obTA3EsLHy6tM9YjshWOCA2Dwlye/jipQKXpXKJm+QR0mD+lHv1jKLYV8OH0qSbwTcOzC1D1Bp4VL0RcVXTWBqrgpxG2sftSIPhIwCzxoLWZkIxdOUsb/5HnecbJdwdBci7Uz5Ab6X/EFQICT8fKCrOqjtKfQE6Fr2/jIKdU6fHpkB7Gubu9S4RJb/wMBYrBkW0YHrlAOFMuv19vsO6fdexoLpynzTrsPX26DsDJsv5uRRXGLLKuNvDEabgkui+Q9cdyodjF/Cw+rt8rjMgP1D4pVPUqHCGkFtNNAB8iDrwqMbWXpqCJflrBldsH5g0fHKL2Rsx6jzhh5+iYHYiTH8wcifPXcCL1zGoDypY6uBWQedw== + security: AgB1qzl6d0oh3uB3mTCzZ3Iu+mdjyX/Bk1mhLRLOI+YPBH/Q5KZiHF99VBtCdLLebNIT3ZNoiNrWJ/rU3tB9INi2rXfUn1RhNMHB+ex/K/2yUbFNa/pV+7dN7ECjM2tp2rOolT9ifMrxYFT1nwYVDzNo/kixHBEdPxZA7w/KZn9mfoMfMWUB2VTjlrPQ7Xb7f8h7VR/a8avsMBYG5jAfcPiAk5kyJoZp/YNd3HSBPQoGCQSZujj0vr/hmLoBWCLQ51akSzGUo7vvR6D/Bu5oFOYjy6KguCiH4jGWGdxNtZYvrtj9+Fo4pnDWn+PGjJ7YrcGGswqU+9ivUfpQIIOIh1cmnOjCH1sptMS6PqvHW9jd/N6eMVbb9otl2kuiPLbkyMZs0lnfS0pP5w2szf/kEymr/x9CTTtA2Z8XSnVWjGGfjkbQE6vNcbTwBtaCeMsv+eq8WfTsGfFR1nt0atog6PbqOFt7/0b3icuXIx9DQm1VDGEi+N52mM/0UTU8Bm0c7st6BBUwvcSBNbMpMmVARXhXi7tX1TToc/5IU3LIcTqPKbeyZxBn+COYvlmv2ot8eqW5Ezbxt85m/jbSqo8vpNkPBrJ5oLf0+MMjotc6c7KBXcMo/d3BnqjHMjBUdnTRRZtmM8X8OqOHLnReQyt8+mrr7Qbqw0seEzKCT+HY7o89c6f1kKthQjlhGzeUh5rkwj8EL5RHQnuVO2aG0rv4ZrOvlG27ZGaR/IQgP4zcoPQ0H7jan+vXCqMyn8Zl3naGlT4Vkx8ne162iutAlT7KdHh/SenDyghe4CxNii24cBbc0bwc33EPvw5FMJ8NlMM/moc1bbQTg9RBogVdWa9uXpo35E5ZFYa3TvcBbyNyM+xsAYMgrEZUzzKDRbBIdRvQiL2w/Z5JHYFfc5DlqAztvRPCkezbD2FmxFadm7NFuXwcO+I1QKYHynQ+EHEJ1DXCUp+qMULNQZrE1lSbeVQ= + template: + metadata: + creationTimestamp: null + name: secrets-forgejo-internal + namespace: apps-roboces +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret metadata: creationTimestamp: null name: gitea-ini-redis namespace: apps-roboces spec: encryptedData: - cache: AgCtLnjUHND7zvKl9Km9HushVbGlom2vvgB3x5kJ2A3EaM3NMJVC4aHvHrPGPkKie0z0wH/GDdXKalxli5hwXJbolcKgS0KUQaMBOhzl8MGer5E/XrLVVi19dMc0rusdR60ZBuAC2eZ+gdyBkUJGPHMniCAGMxwbafZ1+Tvd9o2S3wi3f5M0Dsag97JCQX3pnxJH0PwBj7/Y2qfGJ4DCIrqlLj7yjcSDjskwls3ijSntKYR8FYv3ZrYvJ03QZrfK6jJ8VYd4WVCfR+tDscGhbwTpv3/3DChr8CQRew6Ln3lZjnFMAaz1OzSckzjDS41a7WcjwWtPE7t2Q6gaLEaxejCYOKhJlcX3dvtlz+C9QhSYddWbApvPthFYiww6n2rdKiuq2RHdB28C5oqohDybeZj3AhMh5WFu6QZHhvuDRh4Sri+2O+dNAW5lNRNaPS5J8wblybNFpPiMvXXuXSAsC1w2GYhK34YQry6oFNxy0cuW2olZ/NdlTqyJNVtkxQsnOhPSrQ5H/5FtdoA2zooXADbtrrEO75jNg9+EDYyBrvh+dVSD/ycl9BgowNJclsJAWIeWqd4K6wo12fEu3FMppXCX6sRl85F+gXSPxtclsDWtJHhWKBM8GKliD/attSFDto7qhYC65YGSltOG/BEKidZV927Um57cyUAJa/0EworSul43OMdQLBds7N1GA1xaC5pq4eGWXnrHSoO+3rCXXNdpm5WP5r3cJMDjcKWopPAHo3QyQHdZQzCQ51myeqklz5AtCFuzZSWiEeW4Rfx1J3sPujW7kb/QoGCyPtaNKQUh/wsFpAtNsrGKGn7bvNf6KCkueC8R1Rxf - queue: AgCFtlRgUXLKs0o5GlISZfUlcSv+SVa1FH9ualRe+I4sSZgC15szSIrMad2wWyMGkqpV8v6twnAypYvDDWT77o/jYOXDahU06Cdjd7D2IGXCjSE7+3WW/jMGw0aAZSTFmAKwQrTejgWuAGu1Fu21oX4b9sAoJGnRyW3rbi4KV6bc8LyKG7tplqD26VxzCYgUQhXF+AonyVODUqQAfESrQjQCCT9sSmTiM3cSmJGC92qoYlZx3bkr/2SqXoiBJjW0gf62mB/R46RdRDLmUcWnpkC/T1u5/MaVyAbpRUxuQ5WsJIeGFQy+2iHt2QFgejAiGY04Fo5dezm2wgKSATWbyV2WTQtFbrmfEN3hPs1ONJLLrrX5/N7v9CCs3/zK+zPjJTGVQcgtdPzZBKv6mQKtChEkRT7cqTjqjsAHU4+x8sH1HyiOyTtdEnR3zDYfexWVfPh3tDb7b0JEI6oYJUYDM2j/9jL/Guj3b9hi8SOx/Sjeq/5ehWobf5gblxZ3bSrVCHKyg/lACvy8OYOI+vfJ1QR6ivQod8/SyugewN6pVUu4Aa3EH155vqaEEAhwsQH6gpSe+rBctJC9IDR49cGmeUCZynmL6NniZvxOI7kYfs5gF7fy3dFd4zZ9vCNU/vcuWwQxhK8pWWxptZfbIp/lV6eGU++UfjUVoW54DXrlsctwEjU6DtwNLwt9rJAe8j5TnpOhV6Xp5JRej2Jt+RkvPpZLprAxSYVKqX+8OGL3NDiLhWhZ3REZHy6oI3A/8bUga2rzyd52cpueNROEKfsB0gd4mCEFbvtUMnILucdDacdY1CnBfFjg4COsrwjT - session: AgAJOyBwlfooebrIVH1TsPstRJul+omOOkMqZN5dKH7zV9Jh2W0zBWxH9XW5253fcdZVbhxcEzyL8/xG6zT/sGW//tLWtfgVBL5HL5W82Tzoqz8Jf49MZr0LOL3FPAPThacz+updnk92NY8nikWCW3p1WS+sS5Ozu6uRrVzLGllhV2zsnnhzPZ7ImR7mTN08bmjd4uitOZASeDaUxAQAxgGVRK8AwCN++sArzYV/5GZSBPNCz6SWRAcdDMkIuiI0AC0+ug5YAVNsp9aen+VhHOe0JHSJNGY48I6ZVJUv5Jz4RrzMyJrguX1hMjy1SJSIDD3R7fMJ3Z23xGjHe8kAXMRW+BjoWlGAKcqRYdGD9F1XTZe7p4tpp98bTR6mEyIwzvNiIIW6S0+G2y2doGVSPwAFuJClKlJ5dambZ8jGr8OYXZ00zYd974aOumvIdBvO3bcFkuDfcoXIDhM1BhE6zeand+UgArxP3NtbBCXOPbgnIOTTK/mCaPLSo+5WID2f+3dqLX5mJpxXSHpg7lFpe5OHzR4NFAL5BFlGFHRGgPoqed0d30FxwsqAXz41m4D8BVy/+Pqi2GViepgFNMLmZYWdEW06wbHFJqE2xe6TPk21EGfwQBkWQcQuJCdcgGPzYTiTt8v3MuB/F2UCfuAdbLpUvCzroY+suOZzRW3/h3IB+QfDv9u3owcLmdjzaBNF29hTllQqwBx2UauSgbuTVyXNtxcPI1B7TViK0FPrCArAP8TCUgNYiAYdJ1gQNgisO9dJ3qsJMAY+ilOvkgbU6YP0ASTFa1GNmwVa1A7FgDDnd7mgkfmmjh3G2HPK4EJ/F8KJHBwcqCU= + cache: AgAd4e8faLRBWaHzBxEF8VQbPQ1Kg6d4jfSwesrdJVijhmvE+ruGfbiwL0FXhn0XLfVAB1f99+Wvus93fOwfeh3RA95L1AZK/7+QntNHQe6LP2+ydZaPQfAOdkQBf+7ZQG04QiTqr3Ckkh3eNIvAyFMIrmaYf9qY5BwVMYrjg8iNi0jRgfgSBm5w3Dd3V0G3ry3yI4aawQN7pj9PuhA3pSqq3ynK4qXdf/6nEqvA5+7m/Ys0xWSOJwAgWHUVT2KLQ7rvI4y1TiCciWEpFvhIbwtE+bc+lOARJBBUCmRcDKOD5N3qXYX4846XUTTm3W8LhO7e9cIE0saPsPkS/qKkMgW51hh2r70hgTKi9/174I6tVYU4t208UScrNlF3AkGqHzXsisI8Yw28OApLrwxkFbh/y9zbci/KmQGpw2RZYdFeXuS1RGzGDDaiCwZIUONChchAPxb0PGpDZpGrW/MOAdJFj700YW+Abzihr0GV0bSnKHf/uYdXn+3+Oz2Uk35B+Vwc+tqKCHpSzoa4SRNlwGlQ71ysEKx6zUmcPEalqKnNHMmVOocRuQuxGnRasj62tNwZmg9hC/1IriMEJJkdEcymlo7pQqQ8YXmkKAUu3w69S5v9LKBG/DGzhxUagqhErM8KSMOjXmfoNIZEVE3ey9sUDtRZTnLgDj2rl9avAAnGo7+qF6etPNuKGFknK+xTegy3DwyzBEjXzgNaKhkBqvDS+Iggko+CEspBdUqerjIydU2dXwdiY2t+wm5gztDAimROvgouW5GqwUFK50s4tcSJjvsiw4OsOBZp6r/61lejlggk + queue: AgC2LtW2jJPhh062ezMvWLLIAlyUNYO084VrSHsJ/K9UvZNVhFc6CnUrgcrvT/AIQflMYTm4RHKJgt4P5slzmKzHT/hc8RqB3L5FIhBsnmy/w55bXkrsohwcwzmw867a7bmnbAlyUglsAkKraMSpasTW4rOiMoCwXYKVtGcsDn1JLUj9Hp62BPXkQJ1Cr36lK/6Z4dHUwStVmq+wYAnm9sp1axnlwAqPgZ3mfqndKh9qZYjI2CIMuQ46HFDiwZGUSgspaVezMb7nkCk9CaoUTi1zHxsbCBMVv/abdvTPmZjqgXzR88EsAGTZMSpljc2ZB8zU9zwkkEBA5TPV4kVUNHTpDJirFvlofc7gST7CkCeoBhQ6P+vgokPa2AhcWeXVgR0PUoecpqpIqdFkAOluS7Gcu3GNu43IRzR6+9oHgbL/SHebQvK/hzVVq3yGAKaGmIXTLJS1wMm4k2KBqqaT1MpWFwO4YowRuKrOMXf634WzPsU3zOpkSbHEke6vvU2glDEdSwOGs1zPbO6Xzhqj5kTtDIiCs70mnxk1Zwve/1kYhBE/JZTi6QcQbG1uEDq8bsygj1qJZbGQMekUHQzIIfGTeOuXfoBch77MEMHu4h/2F+IC5O487FiPrQ64uBZ4I6gRM1PsiPxWnvmtNEXtLt+mMNp+l8Uuk5mvET5i0RpIH62/JYinhheDNgxwubXVEFuUClSzXomNt3GWy0KNAWsxouZEh0CQDfxmw4lTnjPcGegcZtrIqncDpe6/6gTIblOs7L41LEkOyOmBSHROQBeA11fVvE4Y + session: AgAwlEuCZq+5T0AXDJ8PXllX5lzaiBK0nlZsMlvJQKl+FNgGhuZkqZhQQSPq53W9KlJbVkRr5KFAkLY0p0CznGoI2xPaxbZ3z6c/kVU1mBqmTOF8HJ2oKBhjRKaZhlwFARpbgrqYkZRS5syb6SwtNT48NPuTKwRgzu3xxwUBkfuyHxZX4IP7/9GtEAWK1nqYXU3rxLYbRq/utSuQYnOd3Uu3ZYjQZz0din0R8VTHp01STMHgGzbX08PEwz2JH/C4Q6CUC/GcXSgSajg0PJECbibGoGEJXTVT1HWucWH7B0CQSAMYzosqPZV3JwTN+4HESZ2H9YBRHbGWpp5KGBicT+rleQ36+jva6qWmwfcXXZgsYDUCx+kb8e+b7cBZhPHDf9w9ZEzXe2OUUoKZQBt5LbjTSRtt//PhWQy16mxi0996zGAWUwshVefWsbdSFZiKOI+lL/i0yVZUn3R/olmP7de9b4iapZ7TUzvovm7ZTFU+5SgCLRk125NJNoUXdrh7Y1Hym8xlMSnajHGDjuMxrwtAU/Nq7JN9WQr5XFSEdiuP38sLdQzHdXaht4lXJn5KUf8H55ie0JNVvspwtZ2fQGo/dJXBf9EMa6s6qW/Lf9O2JVU/0sSCAl/jz2tMI9VZ4scHzOlpscmKyBFcoGFb7JtYzkPTCQn7Hz7RlgUeLLir6D6+q3vLXrz+oMbwNChlENlBS1M1Ho1BKwZgBRj75nog3k5EOEi3ym6B/g3xc2YWnlZkL+ZM0TFuTFy2y36RMKb90744tAVXNXHaVz0i85ATJJ8Vs/OogMDN8yKHBPaqlZQ= template: metadata: creationTimestamp: null @@ -26,7 +125,7 @@ metadata: namespace: apps-roboces spec: encryptedData: - database: AgDMQcRYzEdrk2iqlZtTAlZY08z1Wex1plZHRli5WDAAN/IwvwZ31tQV3uw3tGbylycM4SkeH72AJ0hB3/4m8IPLfN1M6qESW+LPGu+5mv/11XIbhVzjBIoXyej9LohPVp5QzzyU4Og73tILR/i1Gbgh8VqRor2JUESNrdWvGv+hJ2SvJQdtNyMtzFW6NUW1ZPm/IxD45ldTS6Jj67XB3FGYPktL6rB9jn8Zm7OHEFFVL9hEXV+1UHdesWT5L4C8l/1FJPxLWhj+T4//EN3Aqn507w0QSkfvvZxnO0KZC1dznXwNMhVizN/p5x/Xe9UUsoVwoWFOCLqZfRIftKwprvCJbTVcrM5v8cWgXpuwUgE0YgYkKnZSZx0uXL3r/xDtugsQvSmrZH4yQ4cD3BGHVNIm7NLZQ41K4wBYz7m7apYd95PJSKswmyDArjmIzpe3F/mIj48OXp5GdhkuPqtLwh+Krcdx6+fwEq3uk1sB34hEmwajOVw/tqjcG+r0ChS+chJsxqf6bJWSEks8Rz+QG832vxeFCqdTaF1Ztq/DsW4fUbXeA5QujMPsddlQAaRfb8M4NF3Pc25DFG6PNVzN4HMJfb4k34ScOn43Ka4kl/rJ2m1FWXaz+JMUApqcT9/28w5sdUaKs4zO4B9uYXdvNE6cMWN1tS4Mzs/78PjtjUk/+I8/vgO221xxD6HQrEYG9afYQkYgScBINNduxWSC1+V0V1oWaePaelRxy+zw1QVhVZRaVwjcz1zT41BwmABLolAjQKLCJSJy5LLuAS9Hf6CNU2NA+7bkcH9FcGzDZAdvRBbLn/8DEnxwhY8P19A6DtDU3zk0FByR3mfXw918zdITRcqCfrI+OEx2S7fEcQ== + database: AgCPUgtry8Pctkfr+pQvJ8TQpj2YJ9TwUBaRXo7JP4MMsWOXazfVxd8A7sqnNicpmXJ5hx3OMwfxTFg3KcyGWGbTxTGkwJj0Lxwo92sDxhd59NORadlqQYOx19z8foQ+3HSdkhPAEAHzNq2IBgUcTPRZTKuAXyIsrSVbgaAEwWz8fCkwP/CEJvgC7xztQA0MzrPagH2hlbD4MZ0E7mBhrpo9YTQfvSEDQo0dNKsh/4xvXQoriayDtxoRq2mF8jc3f4f6wmbNWrGsdOv84KAXgLm7bzmffTwqCM1dTbuOCLtxvt1M5r39HQTAsBp1H5yWCFsx4paWyhdVh9t3sjDzEYZNYSLrga/bLJ2+CaQWaLpLJBC9u8r4ANHs+KqwdiMyo1RXqlJsfg1gn/udBpXelzpwtWIWIMtsvNrWxOBhOFsWCFnVvxJWwdcxLoe5wmH75OhbP6Ewl7SddL/4kyXqgZfQi1DsbK5VftWdo7aDEVrwTa4Jq4WF7TbTX9GwIxUQ6ahuBzq4De+vZ/jCV0rE7WtGBvxLHIXb6pX7sNsJFwGYvy63SIhWnQXadeTjLNdy3Tq9aK/HeQJsqXPOAAm/oc2udBkygWs2D77NM0wEcH0YU8i0wPS5ig6HxLQTrf0qLew3E8KOjNyetar1QHVl3iTqGQ0C4U5TgIke54eh8/X1Vgd11dgZBpRx8JsUWMe7Itm+819FB+0tMwWJqrmoFyCEBL7rLl+VAS+oabIXD/ruHJFc/blgtLRqatLtOTARqDsfVK9Bm0YpcsDjEbqAiRGHmOaK8Qp9ywle9sh+iVUG4ODFun2goVfgwYcsD62B7CUMb80ZYiY04dTmXjcIzYww+zGkjhqaIPmB/OHovw== template: metadata: creationTimestamp: null diff --git a/k8s/services/miniflux/sealedsecrets.yaml b/k8s/services/miniflux/sealedsecrets.yaml index 130b427..a361623 100644 --- a/k8s/services/miniflux/sealedsecrets.yaml +++ b/k8s/services/miniflux/sealedsecrets.yaml @@ -8,11 +8,11 @@ metadata: namespace: apps-roboces spec: encryptedData: - ADMIN_PASSWORD: AgAHylzGx3pyxBBLQapB3nmKVbbT7TJ2l2mpX/GOOQnSLySjBQF+ji1ZSjjgW9a/eq6OSfvqDB0pyFIWD51hC7gwXFSH07dwWgguI0yDATg7RgTagvvebi1GFrmkOPC++C/+QbVfxsj7S7SvhhHcjv1K3IQjiAlNof/pD7J9fe59H53fh62eegC55VMI++AXS1iEFxLMq7gQ9+pgapW5a4tR2WhdkGKdTaLCG5OKpzAzoodixyP/fYBDmd8OvpXnG9lv+0tohFlRrYD0Vgl/PR8yobPYoi0Oo5CqOK59zELOjsepZfziw9OB6NaOmxN6QWYAmFNXVBrWDfuvMCG4SHARbfaNhIX9VVvlr7XUi0ZIzGYyWVgI4ZcsvfQjB11RznZzSPyv5Sos4UR7UCL9aU+p/OnTcyGrbQ/JsX3ZjGaaJCtpScfD9xNzQVnnaAizVNt2sBIqNG1TOzd2rVZKkl5B2QsNZ4mpyFNAeqx3IlXK+y+m61Zzoa1V0kN507bmSVg0rAspw/045hf6GtpHNQtFn5BBnoI54qn5CrntkfQzM3YJp+OaEywg3ekktmhGfMZorJYtg77YaYFXKmvgkc08WtVFQFISXzGXcWUqxloE47DlQkgITgTEXnBryIrwS6mGOiuMVv12eEwYl1QTjAuqYYerZq2QAObbw8xCkGkfN/oksfrivsmE2KLCIrLr7HxisprBi9vLjEQ7mRDFXg== - ADMIN_USERNAME: AgBJw0U5eXLX6Tvgm2If6axOPgFxiV58OM+Xt3c4XwVwYDuvNJw+ccOcwy97d1oYgE9t6bmSLIPLDv2oUN+GOzQ/danayN4tC/778qeWBjKA/ffwX8hHSmDPLtU/nwhm4+lZj+doWrom6MrI0A4oNlqNtxulK0neN+PFDK9X0Hn7FkZtOMnKC42KW8H80oXLdPcRB8u3ZM5WgcXaRm/vPiCsTPAXHywNMcIWnsjH3SaX5Aoc0VjB82tfQ62M3hM9tngoOcrIuRlolLQVFmLD/4qNQYQOs7cXy9BWB2GcIyVPiS3WJ4L9UETDYqSeiZVbrFS/C6RVHIP6TTrS+0XhIX/8DuY8vV3qt5wN4iwC+nq8qvI7LpogDl1sGhjHJp9hAvGzYpYLAXTTxVTAh2rgqw6TAWpGABOzFghUwhN0/RRJdSqkxENO8p6LZOvDia5zTQARu1061kyy4+6ownTw8DvIcnEaSCqvmJZbsUHIG9UnQlrUUpSMEdsr4NDOrh2hroGTYtXsl/iQ1yFBqNbtSQqUTsca1Hiny9TQjGjwyluZ6StoighZH3jbelubv3yHghN6PgZaLt94hnDN78eBxhB9XQ03rcdbm8WTZIOQ8k3RGcVgY5oGBqTGOq2IFZm8zTO0Ze9+jnFhGM2zuFGK6rv8RHbXhAautoQxpd+jdeTEpGRTQgG/7ebEe7WFchlNcNoCsm0OCA== - DATABASE_URL: AgCc0sAAV+6T9PuImOkcKWBcyNUYsNXuoS2G2ex3AUAXdLmNXwo03vFDyvLRZNFskpF1M8hHEo1W3o9PKXyPb6Ba8RiWTicQOSgQlJhpG6c4iDvX9ZuIe62V8tQUBbpNkXDXCJ35mEmQgLWl5WccindGJI1eIEkVcAnpFwO7vPpGGNCYi7rIvu92961nssYcGKrZ5UNxvsYdsmG3mWdUNq00klqi39p9QQZOc+vslsZn8R3i+Qe2g4jzBpv2Rn7EAcZawLruo1lAl6UhTGAMWosm2t/Kmd5JX0+q3dsUQ3V6n1tC855UolztEt24Q5lfudkKqAK9RaKPsC7qnRC7LuYHv0WmP66uCcI1Uc72IIxrDTvGI5F63Psk4JJd0xgie9bMd2qFAtr0N9o4RNShUk3igghl1SexGmwvWxsCadegQOVv7/6Pm3SgH5K0UxNuBDa3MLwlLmshBtEQcMDBbboWS8AdRzI2I6hf3I5AiFRCz7Fux+VDEQVziCFGXjGAq5jADmqR4tkto1Lx5sYvI//NS5ZQzrwa5tOxlpb89WUs3IxN2b+m8Vc2GI6FPkoVjRUxYZuyUIPTJqCrVistyVSGu0281ojb9+r6fc7wPiHjZngZ6E3wL5xXQb+k0cpBX8bYPr3wPNY6/mx61kyDBXjZ8+CrdKw71nVHQSYDpv8vlFsVd1fOd40S8D9XkTP3P/5LQpdMQxAkCF/qLjeBhZX+jGwMEIdedxc8t09R+JLev4ehnjNoxFTFLlckvYrX6P5Lp6hXE5jCylahNr/K1rFmxqF7RrGOoF26GiuO - OAUTH2_CLIENT_ID: AgBuTfIdxdW96TnjQor2KtH5/wDJfvWXJ9wSln1wUW7fzBaZ2tLoPxvOUv8NyyFWPYC/J7AeShOwJHJIT4iCLqBPT7qY+MiM8xn4k2yz0mfNia0CUNrs+0eHfUrYdAjVJah+NAO2TvBhXSmGYQ3nNDU3TQOqXj3x+PWpc0w5ulz+4V62Oc/gO+KAcK2Pn2ISD7IzkVYW+H6allQXzG/b23SQVYB49g9bgWuJIzVRlIE+91uI+CyFQE03guS1Jpya8J04UkZI8ki8O7cz9N6ak6OG73toZUQpcP3d6bMIt/NRa/qTEOp1bLf6ZQ0e7+gVgI+73WUVg2NhkMraHzeMfHRa8bD2/BQ/bk45r0U0eyntXjYv9bkE7l954QPPVjJ59zlGzQfD0QMB3U8OiCdqUiyfyojulWNhwzuipwFX8HfLvSnkrIFNo/zeHJzUasha9UJY+NorzOnXvXWHN2aLN5Tr0Rh5Wk3//PzbYd9UlPSBDxLVw86Fg0SfHkhngMatSkfzLeYHwDSl8pSQI39uMJKVUOpflkeZVbWX8knjr4D+S16zhnqk6K37PDDV9hb6Sp7luAgFesBIn+gtwTpfwT0CDtotm6yNfHOnLvLOMlFn35N1ic5HghFW8h5mkJTgoAMkmU9Yehb9RjrEVAUbabR8RhchO9cqVyakAp9/4/Nb6pG09O2XIBMrKS5bdqEwuObM4ygFSz16ByzQ8dekGEQECej+o95bI1qNxO3Yaslh06Z2NKV1DUJ7 - OAUTH2_CLIENT_SECRET: AgCJgI3M7DDvNspsDLZ6CeXxYtPLs3WabskA5Tp9d4vNYUk5XvLbYUhzkxcdtWsG1dgazH+RrvgGgCZFVOw2cgb2EEkt+zxB10ihN7HwHtOGDMZDJFOLGso2VJvbKu4yntBTv/1w86gtz0n3CilhvAcEAD1UrmVrTwfJTF7DmCHVEEPCOLal/lF9rSMwFrhdLTUVp+eSEZ3kC+F8WQR69nk7JmWjEXeamJ+HzahLm2Bp2D9GtxaF37TjV0pXqgyybIpSfdabVGwcik3bT12lf+6gmEPDKvFoq2eUB7esIuSH+RCHy1M1Rk7EO81Ku3ELoSJPzd1JRuTn1jFY8DzOOQmUU6yFbZUdTWpECImnI+OwZYg82rPqG5Gy3xmKv+5h1SkejQwJ/olqG9M4BlG2DlTS2t9GAW7Z6Q7O4oglMpUmG3v8fZUblJT7HhyJv+K2FqZHuYjo64we+14qEnV0LvFdHhEoHrbKi7b7qwDYshHycZs+DcF9HiqkK1NMFjszY9W85uH1Trtx3yTEUC3t6yMacef1OTL8SMr7AQMlo4jo6QRzggGJw2EGIZqiAXAbpiiQyPfjoZ4A1jQlemwAd25SRfnGu7ZvGt/LOKZ/sBfMWhk3Eshw9ffvW2TQKA4oODb+6o6MiRVhL5UkqNxMLIt9IV7o7EnBsW7xQHgZUq9qq+Mqb2mvB2NVYC0skyQtHE7SU4nCOeSiIsmt4Y5jwjsGyHbAxJzp3H+cjcefZOf6Rb+iweNB5rtYBhQsTlPA6lZ9GPe04wRwMtyyv/sEh6LbDPvRyuIK5sLAApPZKBEmgqahri2/BNdARf54vHDkba3qlB2cgCxjJJdT1XuuPUn6+W7vE1gYrKP5TXBi/YZ2Qg== + ADMIN_PASSWORD: AgBbFquTKFmBFHnsexbzAFrfPtr0ipW7Hs/2aBFdITZJG87rHmvDo5l/sW//fPjW24kVgbey1YEwdPMcwyhd9AX6dkxXxlrAwshMk3mZc7ZefBne2dT/cGBBvY1EhTaIhtvJwEzsOJ0LEV6Lr5NtZeFMxqpgwd5ap93qGS5F/pZPkYwHHZZ7pv8pjXwVMqOlFFhgG+Lo8915Q1SSo7gvkMOz26gFel/FaYAAuA0Rj+NTAlBbgXaDraabhWX71J5fzyLt8vxqlEvpaXzLFJBqlvvo0HLI6ODS9XDuAfEsng70qT+zoSXwcb/zKuTjQ7nlC9Bsri73NBY4wqzxFTE6a4kb7XTmHDFMjetSraAqewJP7kjI/4/hlKO3ioawnQD9GCnfMEGlcdW0Cf9ENaoiJro+3Bi/ya0x3Zuf20fPY7ALh0TcIV5FvUh40gMkcY2mqGabkerPcXozCpY+RV00N3CjDpqLvux69LL7gFKAN+mZJ7+V2XxHTgtCMww+VhCG3BvRqC8zLGaU+QYN0VIsqb6f82J19Ok12hyn6w3quh+SgSQRenhO205cg579pUA//QneiFLYOKx8C+4rUobj2J8Q594xYR8Qu6/6yJzuzO1vCDDsVuaWewcOB31rsZhRIKu+0eogCSK0AOenYLqFmNcMYXJzbvfsuw5+yK24jW3Vhux4lTQ4qbUuaz3O/8AZJTrC5raEzerm7heElYAqig== + ADMIN_USERNAME: AgCDJJHFCX0GiNN92fsmuDXk+p/jqyovj48PbrP9SDBoA1W3ehq8GBbcI+ZkOJ5ogHK/LHDQ+Dr9+Ral341nJ1G64oZimUYarJQHpqJNmnTnFx5qPGXayf06bE9xXZdLBxv/f/AuB9dgDHLJO/M0p0XSjsVjAtTAcGb5hdb281gvOIgf3PsOHyRL8qx8W+KkQ9Q7AufvvAzmszRY7VLaOzdW6X+34sgMeclsuPJ41uArod0qYt2MEZt/ssBDsr94EiAnITX/n3qb29xwhPUJV7UIEtTtM/Z0W4bjbG5YMVGnyIlNNdl8/B9gmFX2TLH8TEu4ynC8cxVvZytnk+N8AUHrK/d2BwpAHPeUPETkfCa9TGdtuMP9xtf5pPDsaAKFKxkKFFcjn497K78yMyCtm8VJn21L+e2bylfE6Nrry6L5Mc8LUCViqoR+CHF9vk590uFKM9FhIZEQ7Jb5DYiftyE0stYt3b1vLeBSZCt1VFaQBBKkth3N4EIEY48tTrE4pDmuesz/phgQtZO7ulp/t+Hq+wej8P1xbh1HjQ5Sq8xc8oysCMvdQy6bYckFHd73Ctn2VeMEZYH81x6GhlYp1Q8lgHl6fUwbWWDFvlDD2oyfjAD9hQEmt3qF4b73So4h+pNiG32o9Nv4t8yKj7ACPD3wJZi5RSLPeaDonX/SnX0ocV0uitR+LlzaI81gwzpgIe4jYpqNpQ== + DATABASE_URL: AgApgzFV2gNZtppBMCo1WtPVS+WrNly+6JvrZQAiv1FHQuqQYPmaZvFJ9VHXZ7cOFVH+8gSVBYgDSUdPfhjkVaK4frFrxAPLdNjqjqXNRQngI+yF5YtlZr74TP6mLlmY3wqRKS5w2M8mEX+7ME+E5XxIalweUoFecRri6ZsJ8ubNnJUA3afGFvHugnLCrMzmIlur1x3rz5HTv7crxWajECvHpjYvb5hIjdbIWDV6OiKMYpUIjGJFFylP5X6O14PJpQXtN5vAIz5Kvf/1zLuAG9lxsR+P0Ab7wCLIqIQG6utoZMIpNP3PvscD2D4DJnRsH3soUdHSUe+8RIpR0os3nl7Q+YKD5cuP1dS7NJdb7ER6l/RagFUCDMbrFpP13QInIPI3oiMyW6hPNkVs9kCM9efL9POG/O2PMaE0SlJzK0i1HKUT/DDiyTnXFdjVk5UY1Ltt0t7i67/nBoq0GZwZjJBVCyCOz68icISW/kZprI1/7XssukQyaRw8Nwk68jYHg3iXazBz3NR+RPTl8JcKimv+GhSewEToSHemAGO4kWAZXunVP3Pnn/D9+4Ng7wTypE7xUReXlkwJMIEoMad3Scdx/DdIwbbmhOONjgl9Sd5twl7Bj6UWPDf6/awL+fVhz/brr51jV0dF/+2uty6CATxhPvf7CdKP4rsXIE3iLzqiLtaHD2hQN/b43/ipuhULu3ymqA1RJPsOQfSu7exR5pabWUxQ7rDZAS05h1+NumGxCmPUudRHGid3Djj3S8Eq730TlOBW9LDoVPml33icLp1HEV3pa2yTN0t5oU0= + OAUTH2_CLIENT_ID: AgCEyqsIU2Q6PCXzmQDyl/aIZBtUSuWmkgr8MWVmWTrwnTKxTKq60wQzbjpA42x5QI7761xftvFjPx0UYwv+06PdvG8eJDhCYEjimrq9oSuuTq/SwBhxT3NwcwUJ9H/N+pe1K4qwARwgfAowoXiWQ8d1PHKTQ2NleOlXNGuIy83e9KDGWjMDnIbQr3NqFn5Kdv4V1A5eFZyDkm6FmpXl0JbuWNVBzC/kQDhsgZzRKDBYMqXAlp1CymvT2KsGa+PEDXZsYAGnf//JfIx30Qtqc8urmDzWIedHGBtDhNQPI+1P4mZCJ5ue5XmvlZr35C1w6EMsBzK/B+a0MRSqO5l2zyWdSTFXLWR7XjqvtCYt4XTSAqJNnVd8H4y/V9AD3hyQGnTPHFhqfTyO0JXdFdHWPt99Xk7yRENnRrnCPs/2IWympqsi7dYF/hrXUeQO3bTW5qMttDWblDDzPvOaz9egRjDfVk7HDiFTC3q0v8d4zlVpDcWPkduVNbI9OaKSzIW/9kSrF2aI8KtG8QYMoKWQMAKBNEyy3u53pmZ1JNGVFweRvOjUPj69aqOAjI+4T81TPDlbitujVyaFr5qKAcNVMNJhUCkJJtVyVPlUbShAh1OKpIclpK8QaB/a3BS8OPZQYTg2G++7wrPbDlP4BszjhGdJZuAJ4X/TRRra+IfjTYS0QVxWCq1x8uj3jhT1XBpoSNCuQNcBQHjlKFFXKW7oXbAa077CCtI550QOJKblnBIicsQLcySyZVjd + OAUTH2_CLIENT_SECRET: AgBX99LPH02S5NgguyWm9cj7NDgafTzygg5qkv1GG2Z23fe7ebuH9AQmvV0LQKZx6NosZsH/mG5d3etrc+zQXfsuzGfp5ubzlSwJOfFjUQDBc+h91IKJLmTgLSCYWkt5hrxMp2sAqzDQ+uFQr7VF7hA1G79HTKSd4NzLFLas967ft0Rgqm7hOSnPbE8lqoWOy+WezjzdmHfNqqFFdyYy8X5G18gEglaBta/cYzorSwESv/oZhuQK+RaNeyb8bShWrbw5NVudAYidWTouuZxp21bv4wYYzqFi4Lzwn57bYLFf5L/1JhVklWsF7cWLSVRQch86kgScV8gp9DK5OI+g7xKI9fwM4v7D8JkujC3pp0ONtLku0Wv/498J4yqWf43ZNyqBi7HiX/4jl4Rwy2J3IDN2Uj18GR1FxS8TgWI4NChugIzmuYKywk7fKd+2NxulOe9X8dtflLLiSuwOWkIzWMB8MYOtR+RqJVLyEA2GZaKRtskiRGfzPYcacj/FHRHwWuO2uuXQhHSZetcW+YjOCmwm+q7WKbH0wRpMoMOIeMwQJ9Tew0NgOepOrtwkx0mj0qdNu5O0HvQU3tCxt7wKLN9hk6zt50iWFnoloQCjK1CmTVr01JoIhKh+LUH+sHVt5dtW0LVR1+757uh35/DYqdTK4KcHQEGf8Cf08yfAv5ZyfTluBxp35iORsVCm63Py7txVaBwoJO1qg5Hmpvj0G7woBPC2V/0DOJJ0+QAGqtrFvbNTcRORS3G6mmKwJObA1WsqWifdBLArrF52Z+9vncLxHw/ty2/++R4ljISrkAMQilrfNc9xqNeG+KE+PSRfQFS1Kc/lcotJLgbbpUjr/bOwB+8TuG1EHXBRINgcWXFcXw== template: metadata: creationTimestamp: null diff --git a/scripts/proxmox-power.sh b/scripts/proxmox-power.sh new file mode 100644 index 0000000..2db86ca --- /dev/null +++ b/scripts/proxmox-power.sh @@ -0,0 +1,313 @@ +#!/usr/bin/env bash + +set -euo pipefail + +# Proxmox cluster power helper +# - Start or shutdown a set of QEMU VMs and/or LXC containers by ID, or all. +# - Auth via API token or username/password (env vars or secret-tool). +# +# Requirements: curl, jq; optional: secret-tool (GNOME keyring) +# +# Environment variables (examples): +# PVE_HOST=proxmox.example.com[:8006] +# PVE_TOKEN_ID="user@pam!automation" # when using API token +# PVE_TOKEN_SECRET="xxxxxxxx-xxxx-xxxx" # when using API token +# PVE_USER="user" # when using password login +# PVE_REALM="pam" # default pam +# PVE_PASSWORD="..." # or provided via keyring +# PVE_SCHEME="https" # default https +# PVE_VERIFY_SSL="true|false" # default true +# PVE_NODE_FILTER="" # optional: restrict to node name +# +# Examples: +# scripts/proxmox-power.sh --op shutdown --all +# scripts/proxmox-power.sh --op start --ids 100 101 --only-qemu +# PVE_TOKEN_ID=me@pam!ci PVE_TOKEN_SECRET=... scripts/proxmox-power.sh --op shutdown --all + +SCHEME=${PVE_SCHEME:-https} +HOST=${PVE_HOST:-} +VERIFY_SSL=${PVE_VERIFY_SSL:-true} +INSECURE_FLAG="" + +if [[ ${VERIFY_SSL} != "true" ]]; then + INSECURE_FLAG="-k" +fi + +usage() { + cat < [ ...]] [options] + +Options: + --host HOST Proxmox host (env PVE_HOST). Example: proxmox.example.com:8006 + --op OP Operation: start or shutdown + --all Apply to all VMs/containers in the cluster (honors filters) + --ids LIST Space-separated list of VMIDs to operate on + --only-qemu Only operate on QEMU VMs + --only-lxc Only operate on LXC containers + --include-stopped Include stopped guests when op=shutdown (no-op otherwise) + --force If shutdown times out, force stop + --timeout SEC Shutdown wait timeout (default 120) + --concurrency N Parallel operations (default 4) + --node NODE Restrict to a specific node name + --dry-run Show actions without executing + --insecure Do not verify SSL (same as PVE_VERIFY_SSL=false) + -h, --help Show this help + +Auth (choose one): + API Token: env PVE_TOKEN_ID and PVE_TOKEN_SECRET + Password: env PVE_USER, PVE_PASSWORD (or from keyring), optional PVE_REALM (default pam) + +Keyring: + If PVE_PASSWORD is empty and 'secret-tool' is available, the script tries: + secret-tool lookup service proxmox user "+$PVE_USER+" realm "+${PVE_REALM:-pam}+" + If PVE_TOKEN_SECRET is empty, it tries: + secret-tool lookup service proxmox token_id "+$PVE_TOKEN_ID+" +EOF +} + +require_cmd() { + command -v "$1" >/dev/null 2>&1 || { echo "Error: required command '$1' not found" >&2; exit 1; } +} + +get_keyring() { + local value="" + if command -v secret-tool >/dev/null 2>&1; then + value=$(secret-tool lookup "$@" || true) + fi + printf '%s' "$value" +} + +# Globals set by auth_init +AUTH_HEADER="" +COOKIE_HEADER="" +CSRF_HEADER="" + +auth_init() { + local base_url="$SCHEME://$HOST/api2/json" + + if [[ -n "${PVE_TOKEN_ID:-}" && -z "${PVE_TOKEN_SECRET:-}" ]]; then + PVE_TOKEN_SECRET=$(get_keyring service proxmox token_id "${PVE_TOKEN_ID}") || true + fi + + if [[ -n "${PVE_TOKEN_ID:-}" && -n "${PVE_TOKEN_SECRET:-}" ]]; then + AUTH_HEADER=("-H" "Authorization: PVEAPIToken=${PVE_TOKEN_ID}=${PVE_TOKEN_SECRET}") + return 0 + fi + + local user="${PVE_USER:-}" + local realm="${PVE_REALM:-pam}" + local password="${PVE_PASSWORD:-}" + + if [[ -z "$user" ]]; then + echo "Error: set PVE_TOKEN_ID/PVE_TOKEN_SECRET or PVE_USER[/PVE_PASSWORD]" >&2 + exit 2 + fi + + if [[ -z "$password" ]]; then + password=$(get_keyring service proxmox user "$user" realm "$realm") || true + fi + + if [[ -z "$password" ]]; then + echo "Error: password not provided and not found in keyring for user '$user' realm '$realm'" >&2 + exit 2 + fi + + # Login to get ticket and CSRF token + local resp + resp=$(curl -sS $INSECURE_FLAG -X POST \("${AUTH_HEADER[*]}"\) \ + -d "username=${user}@${realm}" \ + -d "password=${password}" \ + "$base_url/access/ticket") + + local ticket csrf + ticket=$(echo "$resp" | jq -r '.data.ticket // empty') + csrf=$(echo "$resp" | jq -r '.data.CSRFPreventionToken // empty') + if [[ -z "$ticket" || -z "$csrf" ]]; then + echo "Error: failed to obtain auth ticket (check credentials)" >&2 + echo "$resp" | jq -r '.' >&2 || true + exit 3 + fi + COOKIE_HEADER=("-H" "Cookie: PVEAuthCookie=${ticket}") + CSRF_HEADER=("-H" "CSRFPreventionToken: ${csrf}") +} + +api_get() { + local path="$1"; shift + local url="$SCHEME://$HOST/api2/json$path" + curl -sS $INSECURE_FLAG "${AUTH_HEADER[@]}" "${COOKIE_HEADER[@]}" -X GET "$url" "$@" +} + +api_post() { + local path="$1"; shift + local url="$SCHEME://$HOST/api2/json$path" + curl -sS $INSECURE_FLAG "${AUTH_HEADER[@]}" "${COOKIE_HEADER[@]}" "${CSRF_HEADER[@]}" -X POST "$url" "$@" +} + +# Parse CLI +OP="" +DO_ALL=false +IDS=() +ONLY_QEMU=false +ONLY_LXC=false +INCLUDE_STOPPED=false +FORCE=false +TIMEOUT=120 +CONCURRENCY=4 +NODE_FILTER="${PVE_NODE_FILTER:-}" +DRY_RUN=false + +while [[ $# -gt 0 ]]; do + case "$1" in + --op) OP="$2"; shift 2;; + --all) DO_ALL=true; shift;; + --ids) shift; while [[ $# -gt 0 && ! "$1" =~ ^-- ]]; do IDS+=("$1"); shift; done ;; + --only-qemu) ONLY_QEMU=true; shift;; + --only-lxc) ONLY_LXC=true; shift;; + --include-stopped) INCLUDE_STOPPED=true; shift;; + --force) FORCE=true; shift;; + --timeout) TIMEOUT="$2"; shift 2;; + --concurrency) CONCURRENCY="$2"; shift 2;; + --node) NODE_FILTER="$2"; shift 2;; + --host) HOST="$2"; shift 2;; + --dry-run) DRY_RUN=true; shift;; + --insecure) VERIFY_SSL=false; INSECURE_FLAG="-k"; shift;; + -h|--help) usage; exit 0;; + *) echo "Unknown argument: $1" >&2; usage; exit 2;; + esac +done + +require_cmd curl +require_cmd jq + +if [[ -z "$HOST" ]]; then + echo "Error: --host or PVE_HOST is required" >&2 + usage + exit 2 +fi + +case "$OP" in + start|shutdown) :;; + *) echo "Error: --op must be 'start' or 'shutdown'" >&2; usage; exit 2;; +esac + +if ! $DO_ALL && [[ ${#IDS[@]} -eq 0 ]]; then + echo "Error: specify --all or a list of --ids" >&2 + exit 2 +fi + +if $ONLY_QEMU && $ONLY_LXC; then + echo "Error: cannot use --only-qemu and --only-lxc together" >&2 + exit 2 +fi + +auth_init + +# Collect targets +resources=$(api_get "/cluster/resources?type=vm") + +filter_jq='[.data[] | {type, vmid: (.vmid|tostring), status, node}]' +items=$(echo "$resources" | jq "$filter_jq") + +if [[ -n "$NODE_FILTER" ]]; then + items=$(echo "$items" | jq --arg node "$NODE_FILTER" '[.[] | select(.node==$node)]') +fi + +if $ONLY_QEMU; then + items=$(echo "$items" | jq '[.[] | select(.type=="qemu")]') +elif $ONLY_LXC; then + items=$(echo "$items" | jq '[.[] | select(.type=="lxc")]') +fi + +select_ids=() +if $DO_ALL; then + mapfile -t select_ids < <(echo "$items" | jq -r '.[].vmid') +else + select_ids=("${IDS[@]}") +fi + +if [[ ${#select_ids[@]} -eq 0 ]]; then + echo "No matching guests found." >&2 + exit 0 +fi + +# Build an associative map of vmid -> node,type,status +declare -A VM_NODE VM_TYPE VM_STATUS +while IFS=$'\t' read -r vid node type status; do + VM_NODE[$vid]="$node" + VM_TYPE[$vid]="$type" + VM_STATUS[$vid]="$status" +done < <( + echo "$items" | jq -r '.[] | "\(.vmid)\t\(.node)\t\(.type)\t\(.status)"' +) + +work_list=() +for vid in "${select_ids[@]}"; do + if [[ -z "${VM_NODE[$vid]:-}" ]]; then + echo "Skip vmid=$vid (not found by filters)" >&2 + continue + fi + # Idempotence: skip if already desired state + st="${VM_STATUS[$vid]}" + case "$OP" in + start) + if [[ "$st" == "running" ]]; then + echo "Already running: $vid (${VM_TYPE[$vid]} on ${VM_NODE[$vid]})" + continue + fi + ;; + shutdown) + if [[ "$st" != "running" && $INCLUDE_STOPPED == false ]]; then + echo "Already stopped: $vid (${VM_TYPE[$vid]} on ${VM_NODE[$vid]})" + continue + fi + ;; + esac + work_list+=("$vid") +done + +if [[ ${#work_list[@]} -eq 0 ]]; then + echo "Nothing to do." + exit 0 +fi + +run_action() { + local vid="$1" + local node="${VM_NODE[$vid]}" + local type="${VM_TYPE[$vid]}" + local path_base="/nodes/${node}/${type}/${vid}/status" + + echo "[$OP] ${type}:${vid} on node ${node}" + if $DRY_RUN; then + return 0 + fi + + case "$OP" in + start) + api_post "${path_base}/start" >/dev/null + ;; + shutdown) + # Try graceful shutdown + api_post "${path_base}/shutdown" -d "timeout=${TIMEOUT}" >/dev/null || true + # Optionally force stop if still running after timeout + # We poll once after timeout window to check status + sleep 2 + local st_json + st_json=$(api_get "/nodes/${node}/${type}/${vid}/status/current") + local cur + cur=$(echo "$st_json" | jq -r '.data.status // .data.status.current // empty') + if [[ "$cur" == "running" && $FORCE == true ]]; then + echo "Forcing stop: ${type}:${vid}" + api_post "${path_base}/stop" >/dev/null || true + fi + ;; + esac +} + +# Parallelize with xargs -P +export -f run_action api_post api_get +export SCHEME HOST INSECURE_FLAG AUTH_HEADER COOKIE_HEADER CSRF_HEADER TIMEOUT FORCE DRY_RUN +declare -p VM_NODE VM_TYPE VM_STATUS >/dev/null 2>&1 || true + +printf '%s\n' "${work_list[@]}" | xargs -I{} -P "$CONCURRENCY" bash -c 'run_action "$@"' _ {} + +echo "Done: $OP ${#work_list[@]} item(s)." diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index c062e8f..5b58c64 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -42,6 +42,10 @@ resource "authentik_group" "ftp" { is_superuser = false } +resource "authentik_group" "mediamanager" { + name = "mediamanager" + is_superuser = false +} module "gitea" { source = "../modules/authentik-oidc" @@ -235,3 +239,13 @@ module "rustical" { redirect_uris = [{ matching_mode = "strict", url = "https://cal.roboces.dev/frontend/login/oidc/callback" }] app_access_group_id = "" } + +module "mediamanager" { + source = "../modules/authentik-oidc" + app_name = "mediamanager" + app_slug = "mediamanager" + client_id = var.mediamanager_client_id + client_secret = var.mediamanager_client_secret + redirect_uris = [{ matching_mode = "strict", url = "https://mediamanager.roboces.dev/api/v1/auth/oauth/callback" }] + app_access_group_id = authentik_group.mediamanager.id +} diff --git a/tofu/authentik/sample.env b/tofu/authentik/sample.env index 52c3922..f7ff6ea 100644 --- a/tofu/authentik/sample.env +++ b/tofu/authentik/sample.env @@ -1,7 +1,5 @@ AUTHENTIK_URL=https://auth.fukurokuju.dev AUTHENTIK_TOKEN= -TF_VAR_firezone_client_id= -TF_VAR_firezone_client_secret= TF_VAR_gitea_client_id= TF_VAR_gitea_client_secret= TF_VAR_miniflux_client_id= @@ -10,5 +8,10 @@ TF_VAR_portainer_client_id= TF_VAR_portainer_client_secret= TF_VAR_paperless_client_id= TF_VAR_paperless_client_secret= +TF_VAR_sftpgo_client_id= +TF_VAR_sftpgo_client_secret= TF_VAR_netbird_client_id= -TF_VAR_netbird_client_secret= +TF_VAR_rustical_client_id= +TF_VAR_rustical_client_secret= +TF_VAR_mediamanager_client_id= +TF_VAR_mediamanager_client_secret= diff --git a/tofu/authentik/vars.tf b/tofu/authentik/vars.tf index 3dca992..4a1c5dd 100644 --- a/tofu/authentik/vars.tf +++ b/tofu/authentik/vars.tf @@ -56,11 +56,21 @@ variable "sftpgo_client_secret" { } variable "rustical_client_id" { - description = "Radicale client ID" + description = "Rustical client ID" type = string } variable "rustical_client_secret" { - description = "Radicale client secret" + description = "Rustical client secret" + type = string +} + +variable "mediamanager_client_id" { + description = "MediaManager client ID" + type = string +} + +variable "mediamanager_client_secret" { + description = "MediaManager client secret" type = string } From d3ccbdde5a5330f64de5b5552ce26fb1cdd96757 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 30 Mar 2025 02:01:22 +0000 Subject: [PATCH 237/377] chore(deps): update helm release democratic-csi to 0.15.* --- k8s/argo-apps/dcsi.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/dcsi.yaml b/k8s/argo-apps/dcsi.yaml index 55c2edd..13a5a3c 100644 --- a/k8s/argo-apps/dcsi.yaml +++ b/k8s/argo-apps/dcsi.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: democratic-csi repoURL: https://democratic-csi.github.io/charts/ - targetRevision: 0.14.* + targetRevision: 0.15.* helm: releaseName: zfs-nfs valuesObject: From c3560f7a6f2d995d7c1a60f989acb5ca7f9990aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Fri, 9 Jan 2026 11:24:37 +0100 Subject: [PATCH 238/377] chore(deps): update dcsi's images to v1.9.5 --- k8s/argo-apps/dcsi.yaml | 60 ++++++++++++++++++++++++----------------- 1 file changed, 35 insertions(+), 25 deletions(-) diff --git a/k8s/argo-apps/dcsi.yaml b/k8s/argo-apps/dcsi.yaml index 13a5a3c..563de65 100644 --- a/k8s/argo-apps/dcsi.yaml +++ b/k8s/argo-apps/dcsi.yaml @@ -2,29 +2,39 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: democratic-csi - namespace: argocd + name: democratic-csi + namespace: argocd spec: - destination: - name: '' - namespace: democratic-csi - server: https://kubernetes.default.svc - sources: - - chart: democratic-csi - repoURL: https://democratic-csi.github.io/charts/ - targetRevision: 0.15.* - helm: - releaseName: zfs-nfs - valuesObject: - csiDriver: - name: org.dcsi.nfs - driver: - existingConfigSecret: secrets-dcsi - config: - driver: freenas-api-nfs - - repoURL: https://git.roboces.dev/catalin/fukuops.git - path: k8s/services/dcsi - targetRevision: main - project: management - syncPolicy: - automated: {} + destination: + name: '' + namespace: democratic-csi + server: https://kubernetes.default.svc + sources: + - chart: democratic-csi + repoURL: https://democratic-csi.github.io/charts/ + targetRevision: 0.15.* + helm: + releaseName: zfs-nfs + valuesObject: + node: + driver: + image: + tag: 1.9.5 + controller: + driver: + image: + tag: 1.9.5 + csiDriver: + name: org.dcsi.nfs + driver: + image: + tag: 1.9.5 + existingConfigSecret: secrets-dcsi + config: + driver: freenas-api-nfs + - repoURL: https://git.roboces.dev/catalin/fukuops.git + path: k8s/services/dcsi + targetRevision: main + project: management + syncPolicy: + automated: {} From 2354f5971bdb53fd63797bfce1d006b708ed4a6d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 6 Jan 2026 02:25:01 +0000 Subject: [PATCH 239/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.20.3 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 58acc07..e1f79a8 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.20.0 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.3 restart: unless-stopped ports: - 8002:8000 From a856c4b230d24f75af36e7793a02061dde1658a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Fri, 9 Jan 2026 12:50:53 +0100 Subject: [PATCH 240/377] feat: add authentik-ldap module --- k8s/argo-apps/dcsi.yaml | 6 +-- tofu/authentik/.terraform.lock.hcl | 47 ++++++----------- tofu/authentik/main.tf | 17 +++--- tofu/authentik/sample.env | 2 - .../authentik-ldap/.terraform.lock.hcl | 24 +++++++++ tofu/modules/authentik-ldap/main.tf | 45 ++++++++++++++++ tofu/modules/authentik-ldap/vars.tf | 52 +++++++++++++++++++ tofu/modules/authentik-oidc/main.tf | 2 +- tofu/modules/authentik-proxy/main.tf | 2 +- 9 files changed, 151 insertions(+), 46 deletions(-) create mode 100644 tofu/modules/authentik-ldap/.terraform.lock.hcl create mode 100644 tofu/modules/authentik-ldap/main.tf create mode 100644 tofu/modules/authentik-ldap/vars.tf diff --git a/k8s/argo-apps/dcsi.yaml b/k8s/argo-apps/dcsi.yaml index 563de65..9c9e48d 100644 --- a/k8s/argo-apps/dcsi.yaml +++ b/k8s/argo-apps/dcsi.yaml @@ -19,16 +19,16 @@ spec: node: driver: image: - tag: 1.9.5 + tag: next controller: driver: image: - tag: 1.9.5 + tag: next csiDriver: name: org.dcsi.nfs driver: image: - tag: 1.9.5 + tag: next existingConfigSecret: secrets-dcsi config: driver: freenas-api-nfs diff --git a/tofu/authentik/.terraform.lock.hcl b/tofu/authentik/.terraform.lock.hcl index ce22035..de2d5a9 100644 --- a/tofu/authentik/.terraform.lock.hcl +++ b/tofu/authentik/.terraform.lock.hcl @@ -2,36 +2,23 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.10.0" - constraints = "2025.10.0" + version = "2025.10.1" + constraints = "2025.10.1" hashes = [ - "h1:8nN6b5dEGbJJ5ajovedkO//QP4NrWU5GfrenIHAEyz0=", - "h1:EZlTiEEZ0a6AvlLuTKAIyhBI4m4poYUX4QW0wyHfIaw=", - "h1:ElpISil/0po3r4pb9KK7/pBCSLxL18a6IDHDSMFdmS0=", - "h1:F7+3L6JmVEG+PMizB9SuifxbznkZD3462LQpFMOW0M0=", - "h1:L1sFZI0qKeBpUUCMgQkuRge196DsrHaTUJKJWKm0V2w=", - "h1:OQgVyUOOLTGyosEpVHzE37h+91nHN5n9lKHt6nAOZyU=", - "h1:Ph1j1Flr4kXMZKCRlP4Hn0asAz1Yfpk+hf5t6aeF4mc=", - "h1:RjitcUcx/3QKUgs74q3ypbf7KQpg8BoNELW6sE4ONqk=", - "h1:Vw7hY7KdCtQ3hf00uCekrzdDgBJ2EnPXUAnj3ybLXPQ=", - "h1:fDQcyzUJqHb4qXOyze/Te0Fd3dVMdBcLQ+e2xOtsqbM=", - "h1:jKOzsHSorUnub0L+Lq+tPPhHmeKoaiPS8orF9zZf/i0=", - "h1:kXF4EEV9uzXzshloPfJQQzPbs0YVgjUu5aD+Fj040U0=", - "h1:pvMaS6PASVHMJxArSG1pAzS5Micb1fMcLz7MF7bO138=", - "h1:s3wkHrHE8Q/Dj+PIkvuPviLTUcK6h7aoAArrBKNJ8PE=", - "zh:0103a533f474db36223d8dbf2abc80f8d76a162b2e3042a2203f0d426f2c8e16", - "zh:03302f83cd5784435ef22864a936b88293284bfdc091ff2fd0cc18a40e97bb55", - "zh:0730ca92f8bc778dba52425d05c5dceb9ae57660797f88132c06a0bf8a4f4f55", - "zh:63ace720564b3549d482f0bc68b1f4596a1682faeef5fe4d40163abccda90ceb", - "zh:8c4acdc358b1f5b1c13192af81bba552c6ad98debd341d836f4adf1fb85610a8", - "zh:8f101bae1ab303b5e1b91ceb62d11386091a24c2bbd99bca4662bc88f127a8c4", - "zh:a683c5338f16d20a1432fbc093c35db388ec7ef9f657d7478e3a04fc72722ad7", - "zh:a99fcbaf234cb161c8d7018f62946178810c7645436229d05913ff432094734d", - "zh:aa7fc7a3e05e96522507a86ec50b53473ff3e917f56fb2fc7418070fe29f1abc", - "zh:bc3b9f7cce5f5fd4116700411c5f3d14c48a9b56115268094882d949b811e53a", - "zh:cba03e3c31ee1e83fcc25511a34ca5f7132e0bbb41f3edc7c7dc113edd5938db", - "zh:d1f168e7a87a3f74d9932b88daa367242d1e9a2ed1b7b9eaf44fcfcfc190305f", - "zh:eb5af50c8e13980da4830c5f23fa7d911ae07740b37cf9d6c5895da95374e940", - "zh:f9db4dbb47b257123bb70b770714552d873f9c8e2e8017c1de227757c8dfb074", + "h1:X0bV1LqI7nu4np+xiGP8yLVfyl6rh/XNXz7QQ7Hsr6g=", + "zh:02ac2478c8901043a0455b8b6b8185e9814786bd802a9aa6d4126d4f56d4735d", + "zh:24d680732a9ea72a86c1e7bf4aa13ab9cc0c60ee4bd4cae8af43670eff88edd9", + "zh:4f415f177671eeea2234eb835479bbb710e811e60864cec6a00ee0e03a412fa3", + "zh:55498caa20504dd52a1870823e15dec6c78948eac2e6ec98e6ec122b5407630b", + "zh:570f9ca7f909bda94b97feab7898ef392e01ae6178d8a9d36aac984d8a433ec1", + "zh:92ac78b97e2d5310ed82233980f941ebecf69ae1f9d03f3e719d8687aa6f4cc7", + "zh:95f852a4e7d22daac86901ebc6b327d5987832b707ad3fd3aeff6c36dd088717", + "zh:98c8659f468a58a9d224b2fca9d5909d39bcabf9e2593e9b4a574dbffb6e2dca", + "zh:a7d1428ec803ae794ebb05d772fa44020827a6b762a5b2da11869fc618ea59cd", + "zh:b1ef054b09fed4282c625a38a4aa6d1276c58e541f4cffcc716aa7d2b773f30a", + "zh:b95e3edeb0da3ee0c0392afa18957cf7d41b2f71ed08a50f4bf38010aaf77d30", + "zh:c3ce9f57889e6bb33f34ee4cc4463a77652b811351bbb25e6fc5ba9dc0c61e14", + "zh:f6d2fe811ad5c242ced99a6b51b2d7f60f060d4bc6837fe1026c2abb7cb6f9a4", + "zh:f78b8e20e7d9f53e1622051c706369a7c6d0f1e37c16df67a214697cd5d0a4fb", ] } diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 5b58c64..7b27b0c 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.10.0" + version = "2025.10.1" } } } @@ -240,12 +240,11 @@ module "rustical" { app_access_group_id = "" } -module "mediamanager" { - source = "../modules/authentik-oidc" - app_name = "mediamanager" - app_slug = "mediamanager" - client_id = var.mediamanager_client_id - client_secret = var.mediamanager_client_secret - redirect_uris = [{ matching_mode = "strict", url = "https://mediamanager.roboces.dev/api/v1/auth/oauth/callback" }] - app_access_group_id = authentik_group.mediamanager.id +module "jellyfin" { + source = "../modules/authentik-ldap" + app_name = "Jellyfin" + app_slug = "jellyfin" + base_dn = "DC=ldap,DC=fukurokuju,DC=dev" + name = "jellyfin" + app_access_group_id = authentik_group.arrs.id } diff --git a/tofu/authentik/sample.env b/tofu/authentik/sample.env index f7ff6ea..a784c41 100644 --- a/tofu/authentik/sample.env +++ b/tofu/authentik/sample.env @@ -13,5 +13,3 @@ TF_VAR_sftpgo_client_secret= TF_VAR_netbird_client_id= TF_VAR_rustical_client_id= TF_VAR_rustical_client_secret= -TF_VAR_mediamanager_client_id= -TF_VAR_mediamanager_client_secret= diff --git a/tofu/modules/authentik-ldap/.terraform.lock.hcl b/tofu/modules/authentik-ldap/.terraform.lock.hcl new file mode 100644 index 0000000..de2d5a9 --- /dev/null +++ b/tofu/modules/authentik-ldap/.terraform.lock.hcl @@ -0,0 +1,24 @@ +# This file is maintained automatically by "tofu init". +# Manual edits may be lost in future updates. + +provider "registry.opentofu.org/goauthentik/authentik" { + version = "2025.10.1" + constraints = "2025.10.1" + hashes = [ + "h1:X0bV1LqI7nu4np+xiGP8yLVfyl6rh/XNXz7QQ7Hsr6g=", + "zh:02ac2478c8901043a0455b8b6b8185e9814786bd802a9aa6d4126d4f56d4735d", + "zh:24d680732a9ea72a86c1e7bf4aa13ab9cc0c60ee4bd4cae8af43670eff88edd9", + "zh:4f415f177671eeea2234eb835479bbb710e811e60864cec6a00ee0e03a412fa3", + "zh:55498caa20504dd52a1870823e15dec6c78948eac2e6ec98e6ec122b5407630b", + "zh:570f9ca7f909bda94b97feab7898ef392e01ae6178d8a9d36aac984d8a433ec1", + "zh:92ac78b97e2d5310ed82233980f941ebecf69ae1f9d03f3e719d8687aa6f4cc7", + "zh:95f852a4e7d22daac86901ebc6b327d5987832b707ad3fd3aeff6c36dd088717", + "zh:98c8659f468a58a9d224b2fca9d5909d39bcabf9e2593e9b4a574dbffb6e2dca", + "zh:a7d1428ec803ae794ebb05d772fa44020827a6b762a5b2da11869fc618ea59cd", + "zh:b1ef054b09fed4282c625a38a4aa6d1276c58e541f4cffcc716aa7d2b773f30a", + "zh:b95e3edeb0da3ee0c0392afa18957cf7d41b2f71ed08a50f4bf38010aaf77d30", + "zh:c3ce9f57889e6bb33f34ee4cc4463a77652b811351bbb25e6fc5ba9dc0c61e14", + "zh:f6d2fe811ad5c242ced99a6b51b2d7f60f060d4bc6837fe1026c2abb7cb6f9a4", + "zh:f78b8e20e7d9f53e1622051c706369a7c6d0f1e37c16df67a214697cd5d0a4fb", + ] +} diff --git a/tofu/modules/authentik-ldap/main.tf b/tofu/modules/authentik-ldap/main.tf new file mode 100644 index 0000000..19cf5a6 --- /dev/null +++ b/tofu/modules/authentik-ldap/main.tf @@ -0,0 +1,45 @@ +terraform { + required_version = ">= 1.6" + required_providers { + authentik = { + source = "goauthentik/authentik" + version = "2025.10.1" + } + } +} + + +data "authentik_flow" "default-authentication-flow" { + slug = "default-authentication-flow" +} + +data "authentik_flow" "default-invalidation-flow" { + slug = "default-invalidation-flow" +} + + +resource "authentik_provider_ldap" "provider_ldap" { + base_dn = var.base_dn + bind_flow = data.authentik_flow.default-authentication-flow.id + name = var.name + unbind_flow = data.authentik_flow.default-invalidation-flow.id +} + + +resource "authentik_application" "app" { + name = var.app_name + slug = var.app_slug + protocol_provider = authentik_provider_ldap.provider_ldap.id + open_in_new_tab = var.open_in_new_tab + meta_icon = var.app_icon + meta_description = var.app_description + meta_publisher = var.app_publisher + meta_launch_url = var.app_url +} + +resource "authentik_policy_binding" "app_access" { + target = authentik_application.app.uuid + group = var.app_access_group_id + order = 0 + count = var.app_access_group_id != "" ? 1 : 0 # only add it if the group's name exists +} diff --git a/tofu/modules/authentik-ldap/vars.tf b/tofu/modules/authentik-ldap/vars.tf new file mode 100644 index 0000000..3d44d35 --- /dev/null +++ b/tofu/modules/authentik-ldap/vars.tf @@ -0,0 +1,52 @@ +variable "app_name" { + description = "App name" + type = string +} + +variable "app_slug" { + description = "App slug, a human-readable URL identifier, e.g.: Google -> google" + type = string +} + + +variable "app_access_group_id" { + description = "ID of a group which will have access to the app" + type = string +} + + +variable "open_in_new_tab" { + type = bool + description = "Open apps in a new tab" + default = true +} + +variable "app_icon" { + type = string + default = "" +} + +variable "app_description" { + type = string + default = "" +} + +variable "app_publisher" { + type = string + default = "" +} +variable "app_url" { + type = string + default = "" +} + + +variable "base_dn" { + type = string + description = "Base DN" +} + +variable "name" { + type = string + description = "Name" +} diff --git a/tofu/modules/authentik-oidc/main.tf b/tofu/modules/authentik-oidc/main.tf index beb4b02..d78086a 100644 --- a/tofu/modules/authentik-oidc/main.tf +++ b/tofu/modules/authentik-oidc/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.10.0" + version = "2025.10.1" } } } diff --git a/tofu/modules/authentik-proxy/main.tf b/tofu/modules/authentik-proxy/main.tf index 0d9c6f0..49179aa 100644 --- a/tofu/modules/authentik-proxy/main.tf +++ b/tofu/modules/authentik-proxy/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.10.0" + version = "2025.10.1" } } } From b0a23c7c056c41090350c45eb895ce8c82477469 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 11 Jan 2026 05:54:36 +0000 Subject: [PATCH 241/377] chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.11.11 --- docker/rustical/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index 662a7df..8bd23bf 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -1,7 +1,7 @@ --- services: rustical: - image: ghcr.io/lennart-k/rustical:0.10.5 + image: ghcr.io/lennart-k/rustical:0.11.11 ports: - '4000:4000' volumes: From b0daf0c1bec41d9fb17f542d34152f0b7aa91aac Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 10 Jan 2026 02:03:10 +0000 Subject: [PATCH 242/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v15.0.4 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 277a779..4edfbf5 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 15.0.3 + targetRevision: 15.0.4 helm: valuesObject: replicaCount: 2 From 951fc71b18494d6db756a77e37e1bae63ca16a62 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 12 Jan 2026 02:08:49 +0000 Subject: [PATCH 243/377] chore(deps): update helm release sealed-secrets to 2.18.* --- k8s/argo-apps/sealed-secrets.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/sealed-secrets.yaml b/k8s/argo-apps/sealed-secrets.yaml index d60c2ec..c180041 100644 --- a/k8s/argo-apps/sealed-secrets.yaml +++ b/k8s/argo-apps/sealed-secrets.yaml @@ -12,7 +12,7 @@ spec: source: chart: sealed-secrets repoURL: https://bitnami-labs.github.io/sealed-secrets - targetRevision: 2.17.* + targetRevision: 2.18.* helm: releaseName: sealed-secrets valuesObject: From b99cb2c04054a6c7cf5d1afa5263210e3cca9552 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 14 Jan 2026 03:22:02 +0000 Subject: [PATCH 244/377] chore(deps): update helm release renovate to 45.74.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 83c3d3a..73787dd 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 45.21.* + targetRevision: 45.74.* helm: valuesObject: renovate: From 806dc64134e07291213b783da153b10724c00c2a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 17 Jan 2026 03:00:29 +0000 Subject: [PATCH 245/377] chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.11.17 --- docker/rustical/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index 8bd23bf..d5361b7 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -1,7 +1,7 @@ --- services: rustical: - image: ghcr.io/lennart-k/rustical:0.11.11 + image: ghcr.io/lennart-k/rustical:0.11.17 ports: - '4000:4000' volumes: From 2c176d77003efe7ac2a47ba52101077de538da57 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 17 Jan 2026 03:00:50 +0000 Subject: [PATCH 246/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.20.4 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index e1f79a8..06bb407 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.20.3 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.4 restart: unless-stopped ports: - 8002:8000 From 8281d9a0509f66550807b8dc3a537a3e2526f884 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 20 Jan 2026 03:28:17 +0000 Subject: [PATCH 247/377] chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.12.0 --- docker/rustical/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index d5361b7..ccaff81 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -1,7 +1,7 @@ --- services: rustical: - image: ghcr.io/lennart-k/rustical:0.11.17 + image: ghcr.io/lennart-k/rustical:0.12.0 ports: - '4000:4000' volumes: From 8341c04580b9a022f7b8de43791f757e7a371fdd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 18 Jan 2026 03:16:28 +0000 Subject: [PATCH 248/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v15.1.0 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 4edfbf5..1f49a0c 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 15.0.4 + targetRevision: 15.1.0 helm: valuesObject: replicaCount: 2 From fd2870513788877a5f6d4b8b57c1a9f1cf5b9d36 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 20 Jan 2026 03:27:40 +0000 Subject: [PATCH 249/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.20.5 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 06bb407..7e14770 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.20.4 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.5 restart: unless-stopped ports: - 8002:8000 From 63db0bc4c37d661dc36b0abd450338fb0cbef791 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 21 Jan 2026 03:22:01 +0000 Subject: [PATCH 250/377] chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.12.1 --- docker/rustical/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index ccaff81..1b2688e 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -1,7 +1,7 @@ --- services: rustical: - image: ghcr.io/lennart-k/rustical:0.12.0 + image: ghcr.io/lennart-k/rustical:0.12.1 ports: - '4000:4000' volumes: From 7f92604fb04477f7cf52035ca9c9cb31fd8ec2e8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 18 Jan 2026 03:16:41 +0000 Subject: [PATCH 251/377] chore(deps): update helm release kubetail to v0.17.0 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index 453b3b8..b7d79e3 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.16.3 + targetRevision: 0.17.0 helm: valuesObject: kubetail: From 6356c4954832bad834c27befc4ae8c5aa7bdeab7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Mon, 26 Jan 2026 10:13:27 +0100 Subject: [PATCH 252/377] chore(deps): update authentik to 2025.12 --- k8s/argo-apps/authentik.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/authentik.yaml b/k8s/argo-apps/authentik.yaml index 045afd6..b046a8b 100644 --- a/k8s/argo-apps/authentik.yaml +++ b/k8s/argo-apps/authentik.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: authentik repoURL: https://charts.goauthentik.io/ - targetRevision: 2025.10.* + targetRevision: 2025.12.* helm: valuesObject: authentik: From 0764181b9048fa49d064a8b32265db86081aed54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Mon, 26 Jan 2026 17:38:03 +0100 Subject: [PATCH 253/377] feat: remove netbird --- docker/netbird/docker-compose.yml | 112 ---------------------------- docker/netbird/sample.env | 2 - k8s/services/argo/project-fuku.yaml | 1 + 3 files changed, 1 insertion(+), 114 deletions(-) delete mode 100644 docker/netbird/docker-compose.yml delete mode 100644 docker/netbird/sample.env diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml deleted file mode 100644 index 76dc7af..0000000 --- a/docker/netbird/docker-compose.yml +++ /dev/null @@ -1,112 +0,0 @@ ---- -services: - dashboard: - image: netbirdio/dashboard:v2.20.2 - restart: unless-stopped - ports: - - 8005:80 - environment: - NETBIRD_MGMT_API_ENDPOINT: ${NETBIRD_MGMT_API_ENDPOINT:-https://vpn.fukurokuju.dev} - NETBIRD_MGMT_GRPC_API_ENDPOINT: ${NETBIRD_MGMT_GRPC_API_ENDPOINT:-https://vpn.fukurokuju.dev} - AUTH_AUDIENCE: ${NETBIRD_AUTH_AUDIENCE:-64e44b85ebdec2a3cf87c0c9916e2dbb0570f6d87b03ca8d149c3551565c3057ce1e559d16b5399cb7df60646e4e2bc6515842a198efb09d1620ea9ac1d8ace2} # yamllint disable rule:line-length - AUTH_CLIENT_ID: ${NETBIRD_AUTH_CLIENT_ID:-64e44b85ebdec2a3cf87c0c9916e2dbb0570f6d87b03ca8d149c3551565c3057ce1e559d16b5399cb7df60646e4e2bc6515842a198efb09d1620ea9ac1d8ace2} # yamllint disable rule:line-length - AUTH_AUTHORITY: ${NETBIRD_AUTH_AUTHORITY:-https://auth.fukurokuju.dev/application/o/netbird/} - USE_AUTH0: false - AUTH_SUPPORTED_SCOPES: ${NETBIRD_AUTH_SUPPORTED_SCOPES:-api offline_access openid email profile} - AUTH_REDIRECT_URI: - AUTH_SILENT_REDIRECT_URI: - NETBIRD_TOKEN_SOURCE: accessToken - NGINX_SSL_PORT: 443 - logging: - driver: "json-file" - options: - max-size: "500m" - max-file: "2" - signal: - image: netbirdio/signal:0.59.11 - restart: unless-stopped - volumes: - - netbird-signal:/var/lib/netbird - ports: - - "10000:80" - logging: - driver: "json-file" - options: - max-size: "500m" - max-file: "2" - relay: - image: netbirdio/relay:0.59.11 - restart: unless-stopped - environment: - NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} - NB_LISTEN_ADDRESS: ${NB_LISTEN_ADDRESS:-:33080} - NB_EXPOSED_ADDRESS: ${NB_EXPOSED_ADDRESS:-vpn.fukurokuju.dev:33080} - NB_AUTH_SECRET: ${NB_AUTH_SECRET} - ports: - - "33080:33080" - logging: - driver: "json-file" - options: - max-size: "500m" - max-file: "2" - management: - image: netbirdio/management:0.59.10 - restart: unless-stopped - depends_on: - - dashboard - volumes: - - ${NETBIRD_MANAGEMENT_VOLUME:-/mnt/nas1/shared/netbird/management}/data:/var/lib/netbird - - ${NETBIRD_MANAGEMENT_VOLUME:-/mnt/nas1/shared/netbird/management}/management.json:/etc/netbird/management.json:z - ports: - - "33073:443" - command: [ - "--port", "443", - "--log-file", "console", - "--log-level", "info", - "--disable-anonymous-metrics=false", - "--single-account-mode-domain=vpn.fukurokuju.dev", - "--dns-domain=netbird.fuku", - ] - logging: - driver: "json-file" - options: - max-size: "500m" - max-file: "2" - environment: - - NETBIRD_STORE_ENGINE_POSTGRES_DSN= - - coturn: - image: coturn/coturn:4.7 - restart: unless-stopped - domainname: vpn.fukurokuju.dev - volumes: - - ${NETBIRD_COTURN_VOLUME:-/mnt/nas1/shared/netbird/coturn}/turnserver.conf:/etc/turnserver.conf:ro - network_mode: host - command: - - -c /etc/turnserver.conf - logging: - driver: "json-file" - options: - max-size: "500m" - max-file: "2" - - peer-1: - image: netbirdio/netbird:0.59.11 - restart: unless-stopped - volumes: - - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird - environment: - NB_MANAGEMENT_URL: https://vpn.fukurokuju.dev:443 - NB_SETUP_KEY: ${NB_SETUP_KEY} - cap_add: - - NET_ADMIN - depends_on: - - management - - dashboard - - relay - - signal - - coturn - -volumes: - netbird-mgmt: - netbird-signal: diff --git a/docker/netbird/sample.env b/docker/netbird/sample.env deleted file mode 100644 index 6a76871..0000000 --- a/docker/netbird/sample.env +++ /dev/null @@ -1,2 +0,0 @@ -NB_AUTH_SECRET= -NB_SETUP_KEY= diff --git a/k8s/services/argo/project-fuku.yaml b/k8s/services/argo/project-fuku.yaml index c4ab6ee..43e602a 100644 --- a/k8s/services/argo/project-fuku.yaml +++ b/k8s/services/argo/project-fuku.yaml @@ -31,3 +31,4 @@ spec: - https://groundhog2k.github.io/helm-charts/ - registry-1.docker.io/cloudpirates - https://vmware-tanzu.github.io/helm-charts/ + - https://helm.runix.net From d0b57297ea4e07badffeb1c48c09d3c15d458311 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Mon, 26 Jan 2026 19:37:42 +0100 Subject: [PATCH 254/377] feat: add tandoor --- docker/tandoor/docker-compose.yml | 21 ++++++++++++++++ docker/tandoor/sample.env | 11 +++++++++ tofu/authentik/main.tf | 40 ++++++++----------------------- tofu/authentik/sample.env | 3 ++- tofu/authentik/vars.tf | 16 ++++--------- 5 files changed, 49 insertions(+), 42 deletions(-) create mode 100644 docker/tandoor/docker-compose.yml create mode 100644 docker/tandoor/sample.env diff --git a/docker/tandoor/docker-compose.yml b/docker/tandoor/docker-compose.yml new file mode 100644 index 0000000..8133b76 --- /dev/null +++ b/docker/tandoor/docker-compose.yml @@ -0,0 +1,21 @@ +--- +services: + web_recipes: + restart: always + image: vabene1111/recipes:2.3.6 + volumes: + - ${TANDOOR_STATICFILES:-/mnt/nas1/shared/tandoor/staticfiles}:/opt/recipes/staticfiles + - ${TANDOOR_MEDIAFILES:-/mnt/nas1/shared/tandoor/mediafiles}:/opt/recipes/mediafiles + environment: + SECRET_KEY: ${TANDOOR_SECRET_KEY} + TZ: ${TANDOOR_TZ:-Europe/Madrid} + ALLOWED_HOSTS: ${TANDOOR_ALLOWED_HOSTS:-recipes.roboces.dev} + SOCIAL_PROVIDERS: ${TANDOOR_SOCIAL_PROVIDERS:-allauth.socialaccount.providers.openid_connect} + SOCIALACCOUNT_PROVIDERS: ${TANDOOR_SOCIALACCOUNT_PROVIDERS} + POSTGRES_HOST: ${TANDOOR_POSTGRES_HOST:-192.168.1.3} + POSTGRES_DB: ${TANDOOR_POSTGRES_DB:-tandoor} + POSTGRES_PORT: ${TANDOOR_POSTGRES_PORT:-5432} + POSTGRES_USER: ${TANDOOR_POSTGRES_USER} + POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD} + ports: + - "8081:80" diff --git a/docker/tandoor/sample.env b/docker/tandoor/sample.env new file mode 100644 index 0000000..e5029ad --- /dev/null +++ b/docker/tandoor/sample.env @@ -0,0 +1,11 @@ +TANDOOR_STATICFILES= +TANDOOR_MEDIAFILES= +TANDOOR_SECRET_KEY= +TANDOOR_TZ=Europe/Madrid +TANDOOR_ALLOWED_HOSTS= +TANDOOR_SOCIALACCOUNT_PROVIDERS= +TANDOOR_POSTGRES_HOST= +TANDOOR_POSTGRES_DB= +TANDOOR_POSTGRES_PORT= +TANDOOR_POSTGRES_USER= +TANDOOR_POSTGRES_PASSWORD= diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 7b27b0c..87ebc58 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -199,36 +199,6 @@ module "sftpgo" { sub_mode = "user_username" } -module "netbird" { - source = "../modules/authentik-oidc" - app_name = "netbird" - app_slug = "netbird" - client_id = var.netbird_client_id - client_type = "public" - app_access_group_id = authentik_group.vpn.id - redirect_uris = [ - { - matching_mode = "strict", - url = "https://vpn.fukurokuju.dev", - }, - { - matching_mode = "regex", - url = "https://vpn.fukurokuju.dev.*", - }, - { - matching_mode = "strict", - url = "http://localhost:53000" - }, - - ] - sub_mode = "user_id" - extra_property_mappings = [ - "goauthentik.io/providers/oauth2/scope-authentik_api" - ] - app_icon = "https://vpn.fukurokuju.dev/apple-icon.png" - access_token_validity = "days=10" - client_secret = "" -} module "rustical" { source = "../modules/authentik-oidc" @@ -248,3 +218,13 @@ module "jellyfin" { name = "jellyfin" app_access_group_id = authentik_group.arrs.id } + +module "tandoor" { + source = "../modules/authentik-oidc" + app_name = "Tandoor" + app_slug = "tandoor" + app_access_group_id = "" + redirect_uris = [{ matching_mode = "strict", url = "https://recipes.roboces.dev/accounts/oidc/authentik/login/callback/" }] + client_id = var.tandoor_client_id + client_secret = var.tandoor_client_secret +} diff --git a/tofu/authentik/sample.env b/tofu/authentik/sample.env index a784c41..3887146 100644 --- a/tofu/authentik/sample.env +++ b/tofu/authentik/sample.env @@ -10,6 +10,7 @@ TF_VAR_paperless_client_id= TF_VAR_paperless_client_secret= TF_VAR_sftpgo_client_id= TF_VAR_sftpgo_client_secret= -TF_VAR_netbird_client_id= TF_VAR_rustical_client_id= TF_VAR_rustical_client_secret= +TF_VAR_tandoor_client_id= +TF_VAR_tandoor_client_secret= diff --git a/tofu/authentik/vars.tf b/tofu/authentik/vars.tf index 4a1c5dd..30ec835 100644 --- a/tofu/authentik/vars.tf +++ b/tofu/authentik/vars.tf @@ -39,12 +39,6 @@ variable "paperless_client_secret" { type = string } -variable "netbird_client_id" { - description = "Netbird client ID" - type = string -} - - variable "sftpgo_client_id" { description = "SFTPGo client ID" type = string @@ -61,16 +55,16 @@ variable "rustical_client_id" { } variable "rustical_client_secret" { - description = "Rustical client secret" + description = "Tandoor client secret" type = string } -variable "mediamanager_client_id" { - description = "MediaManager client ID" +variable "tandoor_client_id" { + description = "Tandoor client ID" type = string } -variable "mediamanager_client_secret" { - description = "MediaManager client secret" +variable "tandoor_client_secret" { + description = "Tandoor client secret" type = string } From 0706f4e6377a1f75161339164f4f210e99048203 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 28 Jan 2026 03:33:44 +0000 Subject: [PATCH 255/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v16 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 1f49a0c..44b2f4d 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 15.1.0 + targetRevision: 16.0.1 helm: valuesObject: replicaCount: 2 From 1b1dc44b5b69a31290c9312a22133af9d63912e5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 28 Jan 2026 03:33:28 +0000 Subject: [PATCH 256/377] chore(deps): update vaultwarden/server docker tag to v1.35.2 --- docker/vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/vaultwarden/docker-compose.yml b/docker/vaultwarden/docker-compose.yml index 4c2b3dc..bef3334 100644 --- a/docker/vaultwarden/docker-compose.yml +++ b/docker/vaultwarden/docker-compose.yml @@ -1,7 +1,7 @@ --- services: vaultwarden: - image: vaultwarden/server:1.34.3-alpine + image: vaultwarden/server:1.35.2-alpine restart: unless-stopped environment: DATABASE_URL: ${DATABASE_URL} From 79c399ad0c4764d254db5ef44ea6dc6eda487bec Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 27 Jan 2026 03:25:54 +0000 Subject: [PATCH 257/377] chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.12.3 --- docker/rustical/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index 1b2688e..2818a50 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -1,7 +1,7 @@ --- services: rustical: - image: ghcr.io/lennart-k/rustical:0.12.1 + image: ghcr.io/lennart-k/rustical:0.12.3 ports: - '4000:4000' volumes: From b61b882081ac24b2d22424d91004b83e4e34d83e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 27 Jan 2026 03:27:44 +0000 Subject: [PATCH 258/377] chore(deps): update terraform authentik to v2025.12.0 --- tofu/authentik/.terraform.lock.hcl | 47 ++++++++++++------- tofu/authentik/main.tf | 2 +- .../authentik-ldap/.terraform.lock.hcl | 47 ++++++++++++------- tofu/modules/authentik-ldap/main.tf | 2 +- tofu/modules/authentik-oidc/main.tf | 2 +- tofu/modules/authentik-proxy/main.tf | 2 +- 6 files changed, 64 insertions(+), 38 deletions(-) diff --git a/tofu/authentik/.terraform.lock.hcl b/tofu/authentik/.terraform.lock.hcl index de2d5a9..61e958d 100644 --- a/tofu/authentik/.terraform.lock.hcl +++ b/tofu/authentik/.terraform.lock.hcl @@ -2,23 +2,36 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.10.1" - constraints = "2025.10.1" + version = "2025.12.0" + constraints = "2025.12.0" hashes = [ - "h1:X0bV1LqI7nu4np+xiGP8yLVfyl6rh/XNXz7QQ7Hsr6g=", - "zh:02ac2478c8901043a0455b8b6b8185e9814786bd802a9aa6d4126d4f56d4735d", - "zh:24d680732a9ea72a86c1e7bf4aa13ab9cc0c60ee4bd4cae8af43670eff88edd9", - "zh:4f415f177671eeea2234eb835479bbb710e811e60864cec6a00ee0e03a412fa3", - "zh:55498caa20504dd52a1870823e15dec6c78948eac2e6ec98e6ec122b5407630b", - "zh:570f9ca7f909bda94b97feab7898ef392e01ae6178d8a9d36aac984d8a433ec1", - "zh:92ac78b97e2d5310ed82233980f941ebecf69ae1f9d03f3e719d8687aa6f4cc7", - "zh:95f852a4e7d22daac86901ebc6b327d5987832b707ad3fd3aeff6c36dd088717", - "zh:98c8659f468a58a9d224b2fca9d5909d39bcabf9e2593e9b4a574dbffb6e2dca", - "zh:a7d1428ec803ae794ebb05d772fa44020827a6b762a5b2da11869fc618ea59cd", - "zh:b1ef054b09fed4282c625a38a4aa6d1276c58e541f4cffcc716aa7d2b773f30a", - "zh:b95e3edeb0da3ee0c0392afa18957cf7d41b2f71ed08a50f4bf38010aaf77d30", - "zh:c3ce9f57889e6bb33f34ee4cc4463a77652b811351bbb25e6fc5ba9dc0c61e14", - "zh:f6d2fe811ad5c242ced99a6b51b2d7f60f060d4bc6837fe1026c2abb7cb6f9a4", - "zh:f78b8e20e7d9f53e1622051c706369a7c6d0f1e37c16df67a214697cd5d0a4fb", + "h1:1WOionGZogRGfcwgsBshgGDDMFWqioq62s/FmpTonI8=", + "h1:7EkbL1fO5vkX5IvlGhKIjWcEPIc7U3zS/x0+rMC+NKE=", + "h1:N65bk3gPCHEJE8c68LCjQ2NMwDKDJlt0+ofnmeNM4FI=", + "h1:S2NDeRAxbfKPGvBqM7WES5znedi0V2AWc5wxkczYDd8=", + "h1:ZmqC2orWU2UItPZJZfsSnBBX7Ds0OEk8EarBtWjuFsc=", + "h1:aofPDDDWm9c87uip8IwKlhGDePNNr6Sy0Q+m9NgOols=", + "h1:f3+jlDlxpgKdCbcB7ac4lVn5pdSMM1e2Qh0AB0RDNsA=", + "h1:jt+Gtla0Z7zN4gCltMg//aDfCoSIdCyFF4ept4Qwc6E=", + "h1:msEjekUeIUKY6lipADjuQpaU1HPrp0MU19R9LpZv5UM=", + "h1:t61WX+9iOOCLlZ8tt/vZP7X8M/Q7F5k6QUyduYtpVf8=", + "h1:tI7fyxvSatX28mp0woFsBbhrnzgeZTZAaitzKThlyAo=", + "h1:wzjwM6RA9Jth4iCN5J9dzxnfjO56ZFl1T5rAQhuU1og=", + "h1:xZZSwrSXnUCPmP9U3EY9fKPmBru58wZozovF2+i//oY=", + "h1:z/+UpU0PH5hae3WEqJO7Lreo0wYO77UuJrimJyV3Mcg=", + "zh:0ce23bd10c1782a3ae9321a572093df2c283df9003fc1cf33f6e63df18a81b7a", + "zh:0de1db5b3363603e6bd25c9c420e24e872bcfe8d43a7015b710a0292ffa7a649", + "zh:1d719e62eb5195a6461cdf2e175960093cdb77b190a7b15eb3fd0e1fc38409e1", + "zh:3adba178a720c90f296183479872a82719f5497b24e90224c044bcc9e29092b7", + "zh:54e5895e61a39b955be26977c273d9581beccf0e22ec58932708472cab40b03b", + "zh:59b8df5b3be8bf9e8a8dcc7b5edf96b0ca505f93fc0db022cc33513172dbc2c8", + "zh:6d86630e353b874ad43d09e3d3541ba4f824c578122a21c7895a452a0534ca05", + "zh:b6c7466446ce685971dee0c7b2dcb16917e3d23805a51d7a2091e475908c8d87", + "zh:ca306de78ea0f99f698548d51b094501e8299340ccc9c6549d1b62fc1fe29456", + "zh:cc6bd38417c0a6c0d7a1c8533007c113155d82d085ea705d955dadf62b2f9f66", + "zh:da657c9db5647620fca377fdc934db6a0f6d05d4cc0dd91a47404850805fd6da", + "zh:dc0b1effedb7a35d1756be915ff8b48d0f422b7a9da75e7f14a2d3efa2d4806f", + "zh:eef8d1715e9cfcb6cbe05dc071390ee91276d12f6fd870bac116af47518f6176", + "zh:f4c0cd2168f59d4fbf4b1fada95a9c973224bbf81975e948f741ad18ef665690", ] } diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 87ebc58..7d43f4f 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.10.1" + version = "2025.12.0" } } } diff --git a/tofu/modules/authentik-ldap/.terraform.lock.hcl b/tofu/modules/authentik-ldap/.terraform.lock.hcl index de2d5a9..61e958d 100644 --- a/tofu/modules/authentik-ldap/.terraform.lock.hcl +++ b/tofu/modules/authentik-ldap/.terraform.lock.hcl @@ -2,23 +2,36 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.10.1" - constraints = "2025.10.1" + version = "2025.12.0" + constraints = "2025.12.0" hashes = [ - "h1:X0bV1LqI7nu4np+xiGP8yLVfyl6rh/XNXz7QQ7Hsr6g=", - "zh:02ac2478c8901043a0455b8b6b8185e9814786bd802a9aa6d4126d4f56d4735d", - "zh:24d680732a9ea72a86c1e7bf4aa13ab9cc0c60ee4bd4cae8af43670eff88edd9", - "zh:4f415f177671eeea2234eb835479bbb710e811e60864cec6a00ee0e03a412fa3", - "zh:55498caa20504dd52a1870823e15dec6c78948eac2e6ec98e6ec122b5407630b", - "zh:570f9ca7f909bda94b97feab7898ef392e01ae6178d8a9d36aac984d8a433ec1", - "zh:92ac78b97e2d5310ed82233980f941ebecf69ae1f9d03f3e719d8687aa6f4cc7", - "zh:95f852a4e7d22daac86901ebc6b327d5987832b707ad3fd3aeff6c36dd088717", - "zh:98c8659f468a58a9d224b2fca9d5909d39bcabf9e2593e9b4a574dbffb6e2dca", - "zh:a7d1428ec803ae794ebb05d772fa44020827a6b762a5b2da11869fc618ea59cd", - "zh:b1ef054b09fed4282c625a38a4aa6d1276c58e541f4cffcc716aa7d2b773f30a", - "zh:b95e3edeb0da3ee0c0392afa18957cf7d41b2f71ed08a50f4bf38010aaf77d30", - "zh:c3ce9f57889e6bb33f34ee4cc4463a77652b811351bbb25e6fc5ba9dc0c61e14", - "zh:f6d2fe811ad5c242ced99a6b51b2d7f60f060d4bc6837fe1026c2abb7cb6f9a4", - "zh:f78b8e20e7d9f53e1622051c706369a7c6d0f1e37c16df67a214697cd5d0a4fb", + "h1:1WOionGZogRGfcwgsBshgGDDMFWqioq62s/FmpTonI8=", + "h1:7EkbL1fO5vkX5IvlGhKIjWcEPIc7U3zS/x0+rMC+NKE=", + "h1:N65bk3gPCHEJE8c68LCjQ2NMwDKDJlt0+ofnmeNM4FI=", + "h1:S2NDeRAxbfKPGvBqM7WES5znedi0V2AWc5wxkczYDd8=", + "h1:ZmqC2orWU2UItPZJZfsSnBBX7Ds0OEk8EarBtWjuFsc=", + "h1:aofPDDDWm9c87uip8IwKlhGDePNNr6Sy0Q+m9NgOols=", + "h1:f3+jlDlxpgKdCbcB7ac4lVn5pdSMM1e2Qh0AB0RDNsA=", + "h1:jt+Gtla0Z7zN4gCltMg//aDfCoSIdCyFF4ept4Qwc6E=", + "h1:msEjekUeIUKY6lipADjuQpaU1HPrp0MU19R9LpZv5UM=", + "h1:t61WX+9iOOCLlZ8tt/vZP7X8M/Q7F5k6QUyduYtpVf8=", + "h1:tI7fyxvSatX28mp0woFsBbhrnzgeZTZAaitzKThlyAo=", + "h1:wzjwM6RA9Jth4iCN5J9dzxnfjO56ZFl1T5rAQhuU1og=", + "h1:xZZSwrSXnUCPmP9U3EY9fKPmBru58wZozovF2+i//oY=", + "h1:z/+UpU0PH5hae3WEqJO7Lreo0wYO77UuJrimJyV3Mcg=", + "zh:0ce23bd10c1782a3ae9321a572093df2c283df9003fc1cf33f6e63df18a81b7a", + "zh:0de1db5b3363603e6bd25c9c420e24e872bcfe8d43a7015b710a0292ffa7a649", + "zh:1d719e62eb5195a6461cdf2e175960093cdb77b190a7b15eb3fd0e1fc38409e1", + "zh:3adba178a720c90f296183479872a82719f5497b24e90224c044bcc9e29092b7", + "zh:54e5895e61a39b955be26977c273d9581beccf0e22ec58932708472cab40b03b", + "zh:59b8df5b3be8bf9e8a8dcc7b5edf96b0ca505f93fc0db022cc33513172dbc2c8", + "zh:6d86630e353b874ad43d09e3d3541ba4f824c578122a21c7895a452a0534ca05", + "zh:b6c7466446ce685971dee0c7b2dcb16917e3d23805a51d7a2091e475908c8d87", + "zh:ca306de78ea0f99f698548d51b094501e8299340ccc9c6549d1b62fc1fe29456", + "zh:cc6bd38417c0a6c0d7a1c8533007c113155d82d085ea705d955dadf62b2f9f66", + "zh:da657c9db5647620fca377fdc934db6a0f6d05d4cc0dd91a47404850805fd6da", + "zh:dc0b1effedb7a35d1756be915ff8b48d0f422b7a9da75e7f14a2d3efa2d4806f", + "zh:eef8d1715e9cfcb6cbe05dc071390ee91276d12f6fd870bac116af47518f6176", + "zh:f4c0cd2168f59d4fbf4b1fada95a9c973224bbf81975e948f741ad18ef665690", ] } diff --git a/tofu/modules/authentik-ldap/main.tf b/tofu/modules/authentik-ldap/main.tf index 19cf5a6..86d1806 100644 --- a/tofu/modules/authentik-ldap/main.tf +++ b/tofu/modules/authentik-ldap/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.10.1" + version = "2025.12.0" } } } diff --git a/tofu/modules/authentik-oidc/main.tf b/tofu/modules/authentik-oidc/main.tf index d78086a..3ca69a3 100644 --- a/tofu/modules/authentik-oidc/main.tf +++ b/tofu/modules/authentik-oidc/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.10.1" + version = "2025.12.0" } } } diff --git a/tofu/modules/authentik-proxy/main.tf b/tofu/modules/authentik-proxy/main.tf index 49179aa..288bd61 100644 --- a/tofu/modules/authentik-proxy/main.tf +++ b/tofu/modules/authentik-proxy/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.10.1" + version = "2025.12.0" } } } From 1ce70d911f4d7d9a9eb46e179a0681934b91e272 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 28 Jan 2026 10:17:13 +0100 Subject: [PATCH 259/377] feat: add ganymede --- docker/ganymede/docker-compose.yml | 48 ++++++++++++++++++++++++++++++ docker/ganymede/sample.env | 27 +++++++++++++++++ tofu/authentik/main.tf | 23 ++++++++++++++ tofu/authentik/sample.env | 2 ++ tofu/authentik/vars.tf | 10 +++++++ 5 files changed, 110 insertions(+) create mode 100644 docker/ganymede/docker-compose.yml create mode 100644 docker/ganymede/sample.env diff --git a/docker/ganymede/docker-compose.yml b/docker/ganymede/docker-compose.yml new file mode 100644 index 0000000..7ba5213 --- /dev/null +++ b/docker/ganymede/docker-compose.yml @@ -0,0 +1,48 @@ +--- +services: + ganymede: + container_name: ganymede + image: ghcr.io/zibbp/ganymede:4.11.3 + restart: unless-stopped + environment: + DEBUG: ${GANYMEDE_DEBUG:-false} + TZ: ${GANYMEDE_TZ:-Europe/Madrid} + VIDEOS_DIR: ${GANYMEDE_VIDEOS_DIR:-/data/videos} + TEMP_DIR: ${GANYMEDE_TEMP_DIR:-/data/temp} + LOGS_DIR: ${GANYMEDE_LOGS_DIR:-/data/logs} + CONFIG_DIR: ${GANYMEDE_CONFIG_DIR:-/data/config} + DB_HOST: ${GANYMEDE_DB_HOST:-192.168.1.3} + DB_PORT: ${GANYMEDE_DB_PORT:-5432} + DB_USER: ${GANYMEDE_DB_USER:-ganymede} + DB_PASS: ${GANYMEDE_DB_PASS} + DB_NAME: ${GANYMEDE_DB_NAME:-ganymede} + DB_SSL: ${GANYMEDE_DB_SSL:-disable} + TWITCH_CLIENT_ID: ${GANYMEDE_TWITCH_CLIENT_ID} + TWITCH_CLIENT_SECRET: ${GANYMEDE_TWITCH_CLIENT_SECRET} + MAX_CHAT_DOWNLOAD_EXECUTIONS: ${GANYMEDE_MAX_CHAT_DOWNLOAD_EXECUTIONS:-3} + MAX_CHAT_RENDER_EXECUTIONS: ${GANYMEDE_MAX_CHAT_RENDER_EXECUTIONS:-2} + MAX_VIDEO_DOWNLOAD_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_DOWNLOAD_EXECUTIONS:-2} + MAX_VIDEO_CONVERT_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_CONVERT_EXECUTIONS:-3} + MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS:-2} + OAUTH_ENABLED: ${GANYMEDE_OAUTH_ENABLED:-true} + OAUTH_PROVIDER_URL: ${GANYMEDE_OAUTH_PROVIDER_URL:-https://auth.fukurokuju.dev/application/o/ganymede/} + OAUTH_CLIENT_ID: ${GANYMEDE_OAUTH_CLIENT_ID} + OAUTH_CLIENT_SECRET: ${GANYMEDE_OAUTH_CLIENT_SECRET} + OAUTH_REDIRECT_URL: ${GANYMEDE_OAUTH_REDIRECT_URL:-https://vods.roboces.dev/api/v1/auth/oauth/callback} + SHOW_SSO_LOGIN_BUTTON: ${GANYMEDE_SHOW_SSO_LOGIN_BUTTON:-true} + FORCE_SSO_AUTH: ${GANYMEDE_FORCE_SSO_AUTH:-true} + REQUIRE_LOGIN: ${GANYMEDE_REQUIRE_LOGIN:-true} + volumes: + - ${GANYMEDE_VIDEOS:-/mnt/vods/ganymede/videos}:/data/videos + - ${GANYMEDE_TEMP:-/mnt/vods/ganymede/temp}:/data/temp + - ${GANYMEDE_CACHE:-/mnt/vods/ganymede/cache}:/data/.cache + - ${GANYMEDE_LOGS:-/mnt/vods/ganymede/logs}:/data/logs + - ${GANYMEDE_CONFIG:-/mnt/vods/ganymede/config}:/data/config + ports: + - "4800:4000" + healthcheck: + test: curl --fail http://localhost:4000/health || exit 1 + interval: 60s + retries: 5 + start_period: 60s + timeout: 10s diff --git a/docker/ganymede/sample.env b/docker/ganymede/sample.env new file mode 100644 index 0000000..5b2205b --- /dev/null +++ b/docker/ganymede/sample.env @@ -0,0 +1,27 @@ +GANYMEDE_DEBUG=false +GANYMEDE_TZ=Europe/Madrid +GANYMEDE_VIDEOS_DIR=/data/videos +GANYMEDE_TEMP_DIR=/data/temp +GANYMEDE_LOGS_DIR=/data/logs +GANYMEDE_CONFIG_DIR=/data/config +GANYMEDE_DB_HOST=192.168.1.3 +GANYMEDE_DB_PORT=5432 +GANYMEDE_DB_USER=ganymede +GANYMEDE_DB_PASS= +GANYMEDE_DB_NAME=ganymede +GANYMEDE_DB_SSL=disable +GANYMEDE_TWITCH_CLIENT_ID= +GANYMEDE_TWITCH_CLIENT_SECRET= +GANYMEDE_MAX_CHAT_DOWNLOAD_EXECUTIONS=3 +GANYMEDE_MAX_CHAT_RENDER_EXECUTIONS=2 +GANYMEDE_MAX_VIDEO_DOWNLOAD_EXECUTIONS=2 +GANYMEDE_MAX_VIDEO_CONVERT_EXECUTIONS=3 +GANYMEDE_MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS=2 +GANYMEDE_OAUTH_ENABLED=true +GANYMEDE_OAUTH_PROVIDER_URL=https://auth.fukurokuju.dev/application/o/ganymede/ +GANYMEDE_OAUTH_CLIENT_ID= +GANYMEDE_OAUTH_CLIENT_SECRET= +GANYMEDE_OAUTH_REDIRECT_URL=https://vods.roboces.dev/api/v1/auth/oauth/callback +GANYMEDE_SHOW_SSO_LOGIN_BUTTON=true +GANYMEDE_FORCE_SSO_AUTH=false +GANYMEDE_REQUIRE_LOGIN=false diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 7d43f4f..42c0582 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -22,6 +22,11 @@ resource "authentik_group" "ci" { users = [data.authentik_user.catalin.id] } +resource "authentik_group" "vods" { + name = "vods" + users = [data.authentik_user.catalin.id] +} + resource "authentik_group" "admins" { name = "authentik Admins" is_superuser = true @@ -204,6 +209,8 @@ module "rustical" { source = "../modules/authentik-oidc" app_name = "rustical" app_slug = "rustical" + app_url = "https://cal.roboces.dev" + app_icon = "https://cal.roboces.dev/favicon.ico" client_id = var.rustical_client_id client_secret = var.rustical_client_secret redirect_uris = [{ matching_mode = "strict", url = "https://cal.roboces.dev/frontend/login/oidc/callback" }] @@ -216,6 +223,8 @@ module "jellyfin" { app_slug = "jellyfin" base_dn = "DC=ldap,DC=fukurokuju,DC=dev" name = "jellyfin" + app_url = "https://jelly.roboces.dev" + app_icon = "https://jelly.roboces.dev/favicon.ico" app_access_group_id = authentik_group.arrs.id } @@ -224,7 +233,21 @@ module "tandoor" { app_name = "Tandoor" app_slug = "tandoor" app_access_group_id = "" + app_url = "https://recipes.roboces.dev" redirect_uris = [{ matching_mode = "strict", url = "https://recipes.roboces.dev/accounts/oidc/authentik/login/callback/" }] + app_icon = "https://recipes.roboces.dev/favicon.icon" client_id = var.tandoor_client_id client_secret = var.tandoor_client_secret } + +module "ganymede" { + source = "../modules/authentik-oidc" + app_name = "Ganymede" + app_slug = "ganymede" + redirect_uris = [{ matching_mode = "strict", url = "https://vods.roboces.dev/api/v1/auth/oauth/callback" }] + client_id = var.ganymede_client_id + client_secret = var.ganymede_client_secret + app_url = "https://vods.roboces.dev" + app_icon = "https://vods.roboces.dev/favicon.ico" + app_access_group_id = authentik_group.vods.id +} diff --git a/tofu/authentik/sample.env b/tofu/authentik/sample.env index 3887146..d7e4361 100644 --- a/tofu/authentik/sample.env +++ b/tofu/authentik/sample.env @@ -14,3 +14,5 @@ TF_VAR_rustical_client_id= TF_VAR_rustical_client_secret= TF_VAR_tandoor_client_id= TF_VAR_tandoor_client_secret= +TF_VAR_ganymede_client_id= +TF_VAR_ganymede_client_secret= diff --git a/tofu/authentik/vars.tf b/tofu/authentik/vars.tf index 30ec835..f85bfe7 100644 --- a/tofu/authentik/vars.tf +++ b/tofu/authentik/vars.tf @@ -68,3 +68,13 @@ variable "tandoor_client_secret" { description = "Tandoor client secret" type = string } + +variable "ganymede_client_id" { + description = "Ganymede client ID" + type = string +} + +variable "ganymede_client_secret" { + description = "Ganymede client secret" + type = string +} From 7a4f608d2e8df5a030bb2afd15e311b9f7a8eddc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 28 Jan 2026 11:07:42 +0100 Subject: [PATCH 260/377] feat: add jellyseerr --- tofu/authentik/main.tf | 25 ++++++++---- tofu/modules/authentik-app/main.tf | 26 +++++++++++++ tofu/modules/authentik-app/vars.tf | 62 ++++++++++++++++++++++++++++++ 3 files changed, 105 insertions(+), 8 deletions(-) create mode 100644 tofu/modules/authentik-app/main.tf create mode 100644 tofu/modules/authentik-app/vars.tf diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 42c0582..7979f79 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -52,6 +52,7 @@ resource "authentik_group" "mediamanager" { is_superuser = false } + module "gitea" { source = "../modules/authentik-oidc" app_name = "Gitea" @@ -133,7 +134,7 @@ module "sonarr" { app_slug = "sonarr" app_access_group_id = authentik_group.arrs.id app_url = "https://sonarr.fukurokuju.dev" - internal_host = "http://192.168.1.3:38013/" + internal_host = "http://192.168.1.3:30113/" internal_host_ssl_validation = false app_icon = "https://sonarr.tv/img/logo.png" } @@ -144,7 +145,7 @@ module "radarr" { app_slug = "radarr" app_access_group_id = authentik_group.arrs.id app_url = "https://radarr.fukurokuju.dev" - internal_host = "http://192.168.1.3:38012/" + internal_host = "http://192.168.1.3:30025/" internal_host_ssl_validation = false app_icon = "https://radarr.video/img/background/logo.png" } @@ -155,7 +156,7 @@ module "lidarr" { app_slug = "lidarr" app_access_group_id = authentik_group.arrs.id app_url = "https://lidarr.fukurokuju.dev" - internal_host = "http://192.168.1.3:38010/" + internal_host = "http://192.168.1.3:30071/" internal_host_ssl_validation = false app_icon = "https://lidarr.audio/img/background/logo.png" } @@ -176,7 +177,7 @@ module "prowlarr" { app_slug = "prowlarr" app_access_group_id = authentik_group.admins.id app_url = "https://prowlarr.fukurokuju.dev" - internal_host = "http://192.168.1.3:38014" + internal_host = "http://192.168.1.3:30050" internal_host_ssl_validation = false } @@ -204,13 +205,11 @@ module "sftpgo" { sub_mode = "user_username" } - module "rustical" { source = "../modules/authentik-oidc" app_name = "rustical" app_slug = "rustical" app_url = "https://cal.roboces.dev" - app_icon = "https://cal.roboces.dev/favicon.ico" client_id = var.rustical_client_id client_secret = var.rustical_client_secret redirect_uris = [{ matching_mode = "strict", url = "https://cal.roboces.dev/frontend/login/oidc/callback" }] @@ -224,7 +223,7 @@ module "jellyfin" { base_dn = "DC=ldap,DC=fukurokuju,DC=dev" name = "jellyfin" app_url = "https://jelly.roboces.dev" - app_icon = "https://jelly.roboces.dev/favicon.ico" + app_icon = "https://jelly.roboces.dev/web/touchicon.f5bbb798cb2c65908633.png" app_access_group_id = authentik_group.arrs.id } @@ -235,7 +234,7 @@ module "tandoor" { app_access_group_id = "" app_url = "https://recipes.roboces.dev" redirect_uris = [{ matching_mode = "strict", url = "https://recipes.roboces.dev/accounts/oidc/authentik/login/callback/" }] - app_icon = "https://recipes.roboces.dev/favicon.icon" + app_icon = "https://recipes.roboces.dev/static/assets/logo_color_192.c9b9177ff941.png" client_id = var.tandoor_client_id client_secret = var.tandoor_client_secret } @@ -251,3 +250,13 @@ module "ganymede" { app_icon = "https://vods.roboces.dev/favicon.ico" app_access_group_id = authentik_group.vods.id } + +module "jellyseerr" { + source = "../modules/authentik-app" + app_name = "Solicitudes Jelly" + app_slug = "jellyseer" + app_url = "https://requests.roboces.dev" + app_icon = "https://requests.roboces.dev/os_icon.svg" + app_description = "Solicita series, animes y pelis para ser añadidas automáticamente a Jellyfin" + app_access_group_id = authentik_group.arrs.id +} diff --git a/tofu/modules/authentik-app/main.tf b/tofu/modules/authentik-app/main.tf new file mode 100644 index 0000000..778e119 --- /dev/null +++ b/tofu/modules/authentik-app/main.tf @@ -0,0 +1,26 @@ +terraform { + required_version = ">= 1.6" + required_providers { + authentik = { + source = "goauthentik/authentik" + version = "2025.12.0" + } + } +} + +resource "authentik_application" "app" { + name = var.app_name + slug = var.app_slug + open_in_new_tab = var.open_in_new_tab + meta_icon = var.app_icon + meta_description = var.app_description + meta_publisher = var.app_publisher + meta_launch_url = var.app_url +} + +resource "authentik_policy_binding" "app_access" { + target = authentik_application.app.uuid + group = var.app_access_group_id + order = 0 + count = var.app_access_group_id != "" ? 1 : 0 # only add it if the group's name exists +} diff --git a/tofu/modules/authentik-app/vars.tf b/tofu/modules/authentik-app/vars.tf new file mode 100644 index 0000000..445710f --- /dev/null +++ b/tofu/modules/authentik-app/vars.tf @@ -0,0 +1,62 @@ +variable "app_name" { + description = "App name" + type = string +} + +variable "app_slug" { + description = "App slug, a human-readable URL identifier, e.g.: Google -> google" + type = string +} + + +variable "client_type" { + type = string + default = "confidential" + + validation { + condition = contains(["confidential", "public"], var.client_type) + error_message = "client_type must be 'confidential' or 'public'" + } +} + +variable "app_access_group_id" { + description = "ID of a group which will have access to the app" + type = string +} + +variable "sub_mode" { + type = string + default = "user_username" + + validation { + condition = contains(["user_id", "user_username", "hashed_user_id"], var.sub_mode) + error_message = "sub_mode must be 'user_id', 'user_username' or 'hashed_user_id'" + } +} + + +variable "open_in_new_tab" { + type = bool + description = "Open apps in a new tab" + default = true +} + +variable "app_icon" { + type = string + default = "" +} + +variable "app_description" { + type = string + default = "" +} + +variable "app_publisher" { + type = string + default = "" +} + +variable "app_url" { + type = string + default = "" +} From aa05c20e2d5986661675c544cf4169a582aeb3b8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 28 Jan 2026 12:37:28 +0100 Subject: [PATCH 261/377] feat: add pulse --- k8s/argo-apps/factorio.yaml | 45 ----------- k8s/argo-apps/pulse.yaml | 43 +++++++++++ k8s/services/argo/project-fuku.yaml | 1 + k8s/services/pulse/ds.yaml | 105 ++++++++++++++++++++++++++ k8s/services/pulse/sealedsecrets.yaml | 17 +++++ tofu/adguard/main.tf | 6 +- tofu/authentik/main.tf | 12 +++ tofu/authentik/sample.env | 2 + tofu/authentik/vars.tf | 10 +++ 9 files changed, 195 insertions(+), 46 deletions(-) delete mode 100644 k8s/argo-apps/factorio.yaml create mode 100644 k8s/argo-apps/pulse.yaml create mode 100644 k8s/services/pulse/ds.yaml create mode 100644 k8s/services/pulse/sealedsecrets.yaml diff --git a/k8s/argo-apps/factorio.yaml b/k8s/argo-apps/factorio.yaml deleted file mode 100644 index cd2d97d..0000000 --- a/k8s/argo-apps/factorio.yaml +++ /dev/null @@ -1,45 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: factorio - namespace: argocd -spec: - destination: - name: '' - namespace: apps-fuku - server: https://kubernetes.default.svc - sources: - - chart: factorio-server-charts - repoURL: https://sqljames.github.io/factorio-server-charts/ - targetRevision: 2.5.* - helm: - valuesObject: - rcon: - passwordSecret: secrets-factorio - nodeSelector: - kubernetes.io/hostname: agent1 - image: - tag: latest - factorioServer: - save_name: fukurokuju-space - admin_list: - - Phireh - account: - accountSecret: secrets-factorio - server_settings: - name: factorio-fukurokuju - visibility: - public: false - require_user_verification: false - persistence: - storageClassName: truenas-nfs-csi - serverPassword: - passwordSecret: secrets-factorio - - - repoURL: https://git.roboces.dev/catalin/fukuops.git - path: k8s/services/factorio - targetRevision: main - project: fuku - syncPolicy: - automated: {} diff --git a/k8s/argo-apps/pulse.yaml b/k8s/argo-apps/pulse.yaml new file mode 100644 index 0000000..7873917 --- /dev/null +++ b/k8s/argo-apps/pulse.yaml @@ -0,0 +1,43 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: pulse + namespace: argocd +spec: + destination: + name: '' + namespace: apps-fuku + server: https://kubernetes.default.svc + project: fuku + syncPolicy: + automated: {} + sources: + - repoURL: https://rcourtman.github.io/Pulse + chart: pulse + targetRevision: v5.0.* + helm: + valuesObject: + persistence: + enabled: true + size: 10Gi + storageClass: truenas-nfs-csi + accessModes: + - ReadWriteMany + service: + type: LoadBalancer + ingress: + enabled: true + hosts: + - host: pulse.fukurokuju.dev + paths: + - path: / + pathType: Prefix + tls: [] + monitoring: + serviceMonitor: + enabled: true + + - path: k8s/services/pulse + repoURL: https://git.roboces.dev/catalin/fukuops.git + targetRevision: main diff --git a/k8s/services/argo/project-fuku.yaml b/k8s/services/argo/project-fuku.yaml index 43e602a..ead0d89 100644 --- a/k8s/services/argo/project-fuku.yaml +++ b/k8s/services/argo/project-fuku.yaml @@ -32,3 +32,4 @@ spec: - registry-1.docker.io/cloudpirates - https://vmware-tanzu.github.io/helm-charts/ - https://helm.runix.net + - https://rcourtman.github.io/Pulse diff --git a/k8s/services/pulse/ds.yaml b/k8s/services/pulse/ds.yaml new file mode 100644 index 0000000..26516fa --- /dev/null +++ b/k8s/services/pulse/ds.yaml @@ -0,0 +1,105 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pulse-agent + namespace: apps-fuku +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pulse-agent-read +rules: + - apiGroups: [""] + resources: ["nodes", "pods"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apps"] + resources: ["deployments"] + verbs: ["get", "list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pulse-agent-read +subjects: + - kind: ServiceAccount + name: pulse-agent + namespace: apps-fuku +roleRef: + kind: ClusterRole + name: pulse-agent-read + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: pulse-agent + namespace: apps-fuku +spec: + selector: + matchLabels: + app: pulse-agent + template: + metadata: + labels: + app: pulse-agent + spec: + serviceAccountName: pulse-agent + containers: + - name: pulse-agent + image: rcourtman/pulse:v5.0.17 + command: ["/opt/pulse/bin/pulse-agent-linux-amd64"] + args: + - --enable-kubernetes + env: + - name: PULSE_URL + value: "https://pulse.fukurokuju.dev" + - name: PULSE_TOKEN + valueFrom: + secretKeyRef: + name: pulse-agent-secrets + key: PULSE_TOKEN + - name: PULSE_AGENT_ID + value: "k8s-cluster" + - name: PULSE_ENABLE_HOST + value: "true" + - name: HOST_PROC + value: "/host/proc" + - name: HOST_SYS + value: "/host/sys" + - name: HOST_ETC + value: "/host/etc" + - name: PULSE_KUBE_INCLUDE_ALL_PODS + value: "true" + - name: PULSE_KUBE_INCLUDE_ALL_DEPLOYMENTS + value: "true" + securityContext: + privileged: true + resources: + requests: + cpu: 50m + memory: 128Mi + limits: + memory: 512Mi + volumeMounts: + - name: host-proc + mountPath: /host/proc + readOnly: true + - name: host-sys + mountPath: /host/sys + readOnly: true + - name: host-root + mountPath: /host/root + readOnly: true + volumes: + - name: host-proc + hostPath: + path: /proc + - name: host-sys + hostPath: + path: /sys + - name: host-root + hostPath: + path: / + tolerations: + - operator: Exists diff --git a/k8s/services/pulse/sealedsecrets.yaml b/k8s/services/pulse/sealedsecrets.yaml new file mode 100644 index 0000000..0cade5d --- /dev/null +++ b/k8s/services/pulse/sealedsecrets.yaml @@ -0,0 +1,17 @@ +# yamllint disable rule:line-length +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: pulse-agent-secrets + namespace: apps-fuku +spec: + encryptedData: + PULSE_TOKEN: AgBBxrJ80IpJ0RvYKQuN6p3G8vIdSL9nESO9OTAR0NiMjSGZNbNEELKE/a1f2ixQUSsNc/k31c+7GlAi+8PmNC4c7rmRJTe+z3uO/BNNLYeTi7DsEk9/oJZTWn7iOcLogiZJQKxbGozCp/S8zrWisH67N2ZHmzz5UEJAzq57+fBEyAk22/WR0QMfW3oOYHGZFNR5AdAxrdfyRwTvSEOz4R2YlrQKRtOFVIPG/aEaAn42AGYfrq2cLVEiCygjE+8nZQ62TMmQqMiwiCjk5do9uRhhiRimuD78FrNnFU5dSwe/11ji5sSrEPjszPB8O0TBbsCssxfz48cKRm/6IdI9B5pKHYob68Ed8u5UgpRU/ZhUWJLyXuZF/Tgw+WcIsVkQXb3eqQTARBeZueugnA23lnzxh5gjR17wjPw7ePYaLiUWTYikOK5HvgpJyiuB0ev2cjGSqYeeAAn5ewCGM/NODXUAlFdC+N9S7ft1+chJrHoaXgHy8J9LWm/maKW99+yT08a68RvGGoZtFPZNlFjzurNF6EY9SLUFf0RLzShkyq6uuOzLm8gENyDIQ+Ru7wWEwyEcUz4ceAR5I78k0gCIDR1o4Ti22asdbRjMptZdOTbep+PWmu2K1oUvxXtXwgKkn8pvTkJpcdejqehnYPWfRAI3Guxi7LQDf++yShKS1NdXMdjhtFoNLa03xHM/G94sF3/mnJwivNhur1V7iC1yCY5NlruPr4KCd5AgOnKqoreRRvRbCVlFO1mtP6XV4sjqEIhmZyXWFJ76bwAC+hxSlFzL + template: + metadata: + creationTimestamp: null + name: pulse-agent-secrets + namespace: apps-fuku + type: Opaque diff --git a/tofu/adguard/main.tf b/tofu/adguard/main.tf index e419eee..894cfea 100644 --- a/tofu/adguard/main.tf +++ b/tofu/adguard/main.tf @@ -85,8 +85,12 @@ resource "adguard_rewrite" "master2" { answer = "192.168.1.32" } - resource "adguard_rewrite" "k3m3" { domain = "k3m3.fuku" answer = "192.168.1.43" } + +resource "adguard_rewrite" "pulse" { + answer = "pulse.fukurokuju.dev" + domain = "192.168.1.12" +} diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 7979f79..6151382 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -260,3 +260,15 @@ module "jellyseerr" { app_description = "Solicita series, animes y pelis para ser añadidas automáticamente a Jellyfin" app_access_group_id = authentik_group.arrs.id } + +module "pulse" { + source = "../modules/authentik-oidc" + app_name = "Pulse" + app_slug = "pulse" + app_url = "https://pulse.fukurokuju.dev" + client_id = var.pulse_client_id + client_secret = var.pulse_client_secret + app_icon = "https://pulse.fukurokuju.dev/logo.svg" + redirect_uris = [{ matching_mode = "strict", url = "https://pulse.fukurokuju.dev/api/oidc/callback" }] + app_access_group_id = authentik_group.admins.id +} diff --git a/tofu/authentik/sample.env b/tofu/authentik/sample.env index d7e4361..31a7461 100644 --- a/tofu/authentik/sample.env +++ b/tofu/authentik/sample.env @@ -16,3 +16,5 @@ TF_VAR_tandoor_client_id= TF_VAR_tandoor_client_secret= TF_VAR_ganymede_client_id= TF_VAR_ganymede_client_secret= +TF_VAR_pulse_client_id= +TF_VAR_pulse_client_secret= diff --git a/tofu/authentik/vars.tf b/tofu/authentik/vars.tf index f85bfe7..f0e5dc2 100644 --- a/tofu/authentik/vars.tf +++ b/tofu/authentik/vars.tf @@ -78,3 +78,13 @@ variable "ganymede_client_secret" { description = "Ganymede client secret" type = string } + +variable "pulse_client_id" { + description = "Pulse client ID" + type = string +} + +variable "pulse_client_secret" { + description = "Pulse client secret" + type = string +} From 4b095e9fd378da24f11c8faff887f743acc62ed9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 28 Jan 2026 03:32:45 +0000 Subject: [PATCH 262/377] chore(deps): update helm release renovate to 45.86.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 73787dd..9616b6d 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 45.74.* + targetRevision: 45.86.* helm: valuesObject: renovate: From a0ff2179155ddc23f9c50ec5240116805884efdb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 28 Jan 2026 19:23:35 +0100 Subject: [PATCH 263/377] feat: add tailscale exit node --- docker/tailscale/docker-compose.yml | 18 ++++++++++++++++++ docker/tailscale/sample.env | 5 +++++ 2 files changed, 23 insertions(+) create mode 100644 docker/tailscale/docker-compose.yml create mode 100644 docker/tailscale/sample.env diff --git a/docker/tailscale/docker-compose.yml b/docker/tailscale/docker-compose.yml new file mode 100644 index 0000000..71384f1 --- /dev/null +++ b/docker/tailscale/docker-compose.yml @@ -0,0 +1,18 @@ +--- +services: + tailscale: + image: tailscale/tailscale:v1.92.4 + hostname: tailscale + environment: + TS_AUTHKEY: ${TS_AUTHKEY} + TS_HOSTNAME: ${TS_HOSTNAME:-docker-exit-node} + TS_EXTRA_ARGS: ${TS_EXTRA_ARGS:---advertise-exit-node} + TS_ROUTES: ${TS_ROUTES:-192.168.1.0/24} + TS_STATE_DIR: /var/lib/tailscale + volumes: + - ${TS_VOLUME:-/mnt/nas1/shared/tailscale}:/var/lib/tailscale + devices: + - /dev/net/tun:/dev/net/tun + cap_add: + - net_admin + restart: unless-stopped diff --git a/docker/tailscale/sample.env b/docker/tailscale/sample.env new file mode 100644 index 0000000..83646d5 --- /dev/null +++ b/docker/tailscale/sample.env @@ -0,0 +1,5 @@ +TS_AUTHKEY= +TS_HOSTNAME=docker-exit-node +TS_EXTRA_ARGS=--advertise-exit-node +TS_ROUTES=192.168.1.0/24 +TS_VOLUME=/mnt/nas1/shared/tailscale From 970bc7e125615d685bb56b0e91ef7ba2e2a51617 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 29 Jan 2026 03:22:25 +0000 Subject: [PATCH 264/377] chore(deps): update tailscale/tailscale docker tag to v1.92.5 --- docker/tailscale/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/tailscale/docker-compose.yml b/docker/tailscale/docker-compose.yml index 71384f1..f0d25e1 100644 --- a/docker/tailscale/docker-compose.yml +++ b/docker/tailscale/docker-compose.yml @@ -1,7 +1,7 @@ --- services: tailscale: - image: tailscale/tailscale:v1.92.4 + image: tailscale/tailscale:v1.92.5 hostname: tailscale environment: TS_AUTHKEY: ${TS_AUTHKEY} From f41e6349ef6f1cb4da43922c19559e522a07457b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 29 Jan 2026 03:21:56 +0000 Subject: [PATCH 265/377] chore(deps): update ghcr.io/zibbp/ganymede docker tag to v4.11.4 --- docker/ganymede/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/ganymede/docker-compose.yml b/docker/ganymede/docker-compose.yml index 7ba5213..93b9928 100644 --- a/docker/ganymede/docker-compose.yml +++ b/docker/ganymede/docker-compose.yml @@ -2,7 +2,7 @@ services: ganymede: container_name: ganymede - image: ghcr.io/zibbp/ganymede:4.11.3 + image: ghcr.io/zibbp/ganymede:4.11.4 restart: unless-stopped environment: DEBUG: ${GANYMEDE_DEBUG:-false} From a390412f56f84b8dcf73eded5938a58449760d45 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 30 Jan 2026 03:31:39 +0000 Subject: [PATCH 266/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v16.0.2 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 44b2f4d..1106bc3 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 16.0.1 + targetRevision: 16.0.2 helm: valuesObject: replicaCount: 2 From 27136043831c3d8e1a4f803754a1a86c75e01d8c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 1 Feb 2026 03:20:32 +0000 Subject: [PATCH 267/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v12 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index e98dc66..c839404 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:11.3.1 + image: code.forgejo.org/forgejo/runner:12.6.3 links: - docker-in-docker depends_on: From 00d8d0adec936fc3da932bfda6675b4312b2a84d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 1 Feb 2026 03:18:42 +0000 Subject: [PATCH 268/377] chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.12.4 --- docker/rustical/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index 2818a50..2bca4ee 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -1,7 +1,7 @@ --- services: rustical: - image: ghcr.io/lennart-k/rustical:0.12.3 + image: ghcr.io/lennart-k/rustical:0.12.4 ports: - '4000:4000' volumes: From 9f00f56733db90a2d7cf2bd2713b64d084f5bf8c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 1 Feb 2026 03:18:58 +0000 Subject: [PATCH 269/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.20.6 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 7e14770..99209c6 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.20.5 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.6 restart: unless-stopped ports: - 8002:8000 From c5a6d64a8bfc7ba67086b611f53e96e390b5e765 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 2 Feb 2026 09:55:07 +0000 Subject: [PATCH 270/377] chore(deps): update vabene1111/recipes docker tag to v2.4.2 --- docker/tandoor/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/tandoor/docker-compose.yml b/docker/tandoor/docker-compose.yml index 8133b76..5bf5d88 100644 --- a/docker/tandoor/docker-compose.yml +++ b/docker/tandoor/docker-compose.yml @@ -2,7 +2,7 @@ services: web_recipes: restart: always - image: vabene1111/recipes:2.3.6 + image: vabene1111/recipes:2.4.2 volumes: - ${TANDOOR_STATICFILES:-/mnt/nas1/shared/tandoor/staticfiles}:/opt/recipes/staticfiles - ${TANDOOR_MEDIAFILES:-/mnt/nas1/shared/tandoor/mediafiles}:/opt/recipes/mediafiles From c07ddb4c8605bc155ecd22b845a21f50a1beddbb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 3 Feb 2026 10:04:46 +0000 Subject: [PATCH 271/377] chore(deps): update helm release renovate to v46 --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 9616b6d..70b68ef 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 45.86.* + targetRevision: 46.2.* helm: valuesObject: renovate: From b144f9a03a118b60268f60e63b8648c0ab2c8925 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 2 Feb 2026 09:50:49 +0000 Subject: [PATCH 272/377] chore(deps): update ghcr.io/zibbp/ganymede docker tag to v4.11.5 --- docker/ganymede/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/ganymede/docker-compose.yml b/docker/ganymede/docker-compose.yml index 93b9928..1f24da0 100644 --- a/docker/ganymede/docker-compose.yml +++ b/docker/ganymede/docker-compose.yml @@ -2,7 +2,7 @@ services: ganymede: container_name: ganymede - image: ghcr.io/zibbp/ganymede:4.11.4 + image: ghcr.io/zibbp/ganymede:4.11.5 restart: unless-stopped environment: DEBUG: ${GANYMEDE_DEBUG:-false} From e6fa586fbe413cdb83dd674de2e18dca1e5b3d10 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 6 Feb 2026 16:36:26 +0000 Subject: [PATCH 273/377] chore(deps): update helm release pulse to 5.1.* --- k8s/argo-apps/pulse.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/pulse.yaml b/k8s/argo-apps/pulse.yaml index 7873917..aa2dd3f 100644 --- a/k8s/argo-apps/pulse.yaml +++ b/k8s/argo-apps/pulse.yaml @@ -15,7 +15,7 @@ spec: sources: - repoURL: https://rcourtman.github.io/Pulse chart: pulse - targetRevision: v5.0.* + targetRevision: 5.1.* helm: valuesObject: persistence: From 6a56ed25a4e4bd3e563621f7d1434b11f61da48f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 10 Feb 2026 03:21:37 +0000 Subject: [PATCH 274/377] chore(deps): update rcourtman/pulse docker tag to v5.1.6 --- k8s/services/pulse/ds.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/services/pulse/ds.yaml b/k8s/services/pulse/ds.yaml index 26516fa..3419d52 100644 --- a/k8s/services/pulse/ds.yaml +++ b/k8s/services/pulse/ds.yaml @@ -47,7 +47,7 @@ spec: serviceAccountName: pulse-agent containers: - name: pulse-agent - image: rcourtman/pulse:v5.0.17 + image: rcourtman/pulse:5.1.6 command: ["/opt/pulse/bin/pulse-agent-linux-amd64"] args: - --enable-kubernetes From ab6338496dae272c63d5cb5cf436c159932d4681 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 10 Feb 2026 03:21:11 +0000 Subject: [PATCH 275/377] chore(deps): update helm release renovate to 46.6.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 70b68ef..61305e6 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.2.* + targetRevision: 46.6.* helm: valuesObject: renovate: From 28c8df19678a34a2e4d02fff88adac17bb49008b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 6 Feb 2026 16:33:31 +0000 Subject: [PATCH 276/377] chore(deps): update terraform authentik to v2025.12.1 --- tofu/authentik/.terraform.lock.hcl | 60 +++++++++---------- tofu/authentik/main.tf | 2 +- tofu/modules/authentik-app/main.tf | 2 +- .../authentik-ldap/.terraform.lock.hcl | 60 +++++++++---------- tofu/modules/authentik-ldap/main.tf | 2 +- tofu/modules/authentik-oidc/main.tf | 2 +- tofu/modules/authentik-proxy/main.tf | 2 +- 7 files changed, 65 insertions(+), 65 deletions(-) diff --git a/tofu/authentik/.terraform.lock.hcl b/tofu/authentik/.terraform.lock.hcl index 61e958d..fe7616b 100644 --- a/tofu/authentik/.terraform.lock.hcl +++ b/tofu/authentik/.terraform.lock.hcl @@ -2,36 +2,36 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.12.0" - constraints = "2025.12.0" + version = "2025.12.1" + constraints = "2025.12.1" hashes = [ - "h1:1WOionGZogRGfcwgsBshgGDDMFWqioq62s/FmpTonI8=", - "h1:7EkbL1fO5vkX5IvlGhKIjWcEPIc7U3zS/x0+rMC+NKE=", - "h1:N65bk3gPCHEJE8c68LCjQ2NMwDKDJlt0+ofnmeNM4FI=", - "h1:S2NDeRAxbfKPGvBqM7WES5znedi0V2AWc5wxkczYDd8=", - "h1:ZmqC2orWU2UItPZJZfsSnBBX7Ds0OEk8EarBtWjuFsc=", - "h1:aofPDDDWm9c87uip8IwKlhGDePNNr6Sy0Q+m9NgOols=", - "h1:f3+jlDlxpgKdCbcB7ac4lVn5pdSMM1e2Qh0AB0RDNsA=", - "h1:jt+Gtla0Z7zN4gCltMg//aDfCoSIdCyFF4ept4Qwc6E=", - "h1:msEjekUeIUKY6lipADjuQpaU1HPrp0MU19R9LpZv5UM=", - "h1:t61WX+9iOOCLlZ8tt/vZP7X8M/Q7F5k6QUyduYtpVf8=", - "h1:tI7fyxvSatX28mp0woFsBbhrnzgeZTZAaitzKThlyAo=", - "h1:wzjwM6RA9Jth4iCN5J9dzxnfjO56ZFl1T5rAQhuU1og=", - "h1:xZZSwrSXnUCPmP9U3EY9fKPmBru58wZozovF2+i//oY=", - "h1:z/+UpU0PH5hae3WEqJO7Lreo0wYO77UuJrimJyV3Mcg=", - "zh:0ce23bd10c1782a3ae9321a572093df2c283df9003fc1cf33f6e63df18a81b7a", - "zh:0de1db5b3363603e6bd25c9c420e24e872bcfe8d43a7015b710a0292ffa7a649", - "zh:1d719e62eb5195a6461cdf2e175960093cdb77b190a7b15eb3fd0e1fc38409e1", - "zh:3adba178a720c90f296183479872a82719f5497b24e90224c044bcc9e29092b7", - "zh:54e5895e61a39b955be26977c273d9581beccf0e22ec58932708472cab40b03b", - "zh:59b8df5b3be8bf9e8a8dcc7b5edf96b0ca505f93fc0db022cc33513172dbc2c8", - "zh:6d86630e353b874ad43d09e3d3541ba4f824c578122a21c7895a452a0534ca05", - "zh:b6c7466446ce685971dee0c7b2dcb16917e3d23805a51d7a2091e475908c8d87", - "zh:ca306de78ea0f99f698548d51b094501e8299340ccc9c6549d1b62fc1fe29456", - "zh:cc6bd38417c0a6c0d7a1c8533007c113155d82d085ea705d955dadf62b2f9f66", - "zh:da657c9db5647620fca377fdc934db6a0f6d05d4cc0dd91a47404850805fd6da", - "zh:dc0b1effedb7a35d1756be915ff8b48d0f422b7a9da75e7f14a2d3efa2d4806f", - "zh:eef8d1715e9cfcb6cbe05dc071390ee91276d12f6fd870bac116af47518f6176", - "zh:f4c0cd2168f59d4fbf4b1fada95a9c973224bbf81975e948f741ad18ef665690", + "h1:+R2MRgaXvmR1l+nYxYJqMSuvA4VBzfBoh2Er6TnDRPE=", + "h1:1y5I173i8qvxp8GQHBBI/bxkr6YOqY4IqOiJWIUSeeM=", + "h1:XHaltkhuTgyFCCZgpay2orOgc0TyZf0KqrFHNfUgY20=", + "h1:XvFByv5e6fKSlayYaXpFD/JbTYZN1ybujVJJjny1Q18=", + "h1:ZU9d05CLVYBbmdB0IGiG9MueY4/fVo4D6FeyQtbeujA=", + "h1:doHtDOiEIgIUWlUUc9jC7Uqdhj1hsy3etvdYmegcUZM=", + "h1:hUgMx2B40ByfaMA4Al0h7xotp/pZxJJxZZa/HJb6NDc=", + "h1:kG5J46qkCdUWJp/1p8CLifqc7Fy54IDZEjYhpmWcars=", + "h1:lNx+bJr11tPJxpkL5aTdOkGwB41O2Kv8fvKuiMl/LLs=", + "h1:mSOL+FqSLNkWeXopegyK/MoCkMD/VmW9V3PHLaIePjU=", + "h1:oCKzPBsyaD1ENda7qbREG3DYV3Opu09ub+msk3vRCkw=", + "h1:p9AGeRqK50wTHEIp7z7O4MUP83cs+lt7wPajZ9m9TB8=", + "h1:tBoVWDOhByI7cg9TYAAw6LDdMmWLpa2LYwJzzcukdiA=", + "h1:zHQHXKmlGNYBaWLJ9SuXsJ7dbpsvhDJl5pJi+PFU+2w=", + "zh:0e856d3b13614bc32346a236a8e84ba55ecd17238c2008d4b3e71aa8cb49f515", + "zh:2dcc44cd499c18ebbc4f763eff97a7b725763c8ac8fbb5d69c935413ccdc4962", + "zh:434100fc75ec7cd6b64cc9497e8273e79325fa8d285e9fd9d341c1a67421643b", + "zh:483484f66d2e8ce6fa4bfd91e824ceebf07d10acb5df5f366397c55227c4ae91", + "zh:596743a6f1c77a6f103b06ef8d932fe8f2376793b92478853dc84571d17c429f", + "zh:5ed2d5eb7db13229baaf042c725d5c64b58ffdcc641370175e0a88900af94bf1", + "zh:8aecd4cf782c82bee01098f72fe4ffff83707516007b32a01c7fcb19a9260338", + "zh:928c05ecac309287ff7d73ed6e478350fe3003557658ae5dc2be817a4268dba7", + "zh:9b9fd36dfb3e75da8b4478485272505ae9a3c67b10db173e1d2d76cfe2b637b8", + "zh:ab7cd8c61ab67a045854e32f0be1940a92746770dbf3c17bbe923e0259c4f897", + "zh:bb1360ec19a4fc1095d0ef1b7b6c5c3c1a91daac7cd1957d43a4cdbb7356a2e3", + "zh:d2186f4063aa1a547b52a53745d472e43f5343bc1674f2bbb91421c61b0fab50", + "zh:d74bbb67a77951b18ffd7b2863954e70ac03450ad2023cc305c66a5ff25d8d18", + "zh:f5970569ea0a479bbfbf2d452f5962e1c9bd472b82756db822d0e951363daa25", ] } diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 6151382..4ff4a0c 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.12.0" + version = "2025.12.1" } } } diff --git a/tofu/modules/authentik-app/main.tf b/tofu/modules/authentik-app/main.tf index 778e119..1b65990 100644 --- a/tofu/modules/authentik-app/main.tf +++ b/tofu/modules/authentik-app/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.12.0" + version = "2025.12.1" } } } diff --git a/tofu/modules/authentik-ldap/.terraform.lock.hcl b/tofu/modules/authentik-ldap/.terraform.lock.hcl index 61e958d..fe7616b 100644 --- a/tofu/modules/authentik-ldap/.terraform.lock.hcl +++ b/tofu/modules/authentik-ldap/.terraform.lock.hcl @@ -2,36 +2,36 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.12.0" - constraints = "2025.12.0" + version = "2025.12.1" + constraints = "2025.12.1" hashes = [ - "h1:1WOionGZogRGfcwgsBshgGDDMFWqioq62s/FmpTonI8=", - "h1:7EkbL1fO5vkX5IvlGhKIjWcEPIc7U3zS/x0+rMC+NKE=", - "h1:N65bk3gPCHEJE8c68LCjQ2NMwDKDJlt0+ofnmeNM4FI=", - "h1:S2NDeRAxbfKPGvBqM7WES5znedi0V2AWc5wxkczYDd8=", - "h1:ZmqC2orWU2UItPZJZfsSnBBX7Ds0OEk8EarBtWjuFsc=", - "h1:aofPDDDWm9c87uip8IwKlhGDePNNr6Sy0Q+m9NgOols=", - "h1:f3+jlDlxpgKdCbcB7ac4lVn5pdSMM1e2Qh0AB0RDNsA=", - "h1:jt+Gtla0Z7zN4gCltMg//aDfCoSIdCyFF4ept4Qwc6E=", - "h1:msEjekUeIUKY6lipADjuQpaU1HPrp0MU19R9LpZv5UM=", - "h1:t61WX+9iOOCLlZ8tt/vZP7X8M/Q7F5k6QUyduYtpVf8=", - "h1:tI7fyxvSatX28mp0woFsBbhrnzgeZTZAaitzKThlyAo=", - "h1:wzjwM6RA9Jth4iCN5J9dzxnfjO56ZFl1T5rAQhuU1og=", - "h1:xZZSwrSXnUCPmP9U3EY9fKPmBru58wZozovF2+i//oY=", - "h1:z/+UpU0PH5hae3WEqJO7Lreo0wYO77UuJrimJyV3Mcg=", - "zh:0ce23bd10c1782a3ae9321a572093df2c283df9003fc1cf33f6e63df18a81b7a", - "zh:0de1db5b3363603e6bd25c9c420e24e872bcfe8d43a7015b710a0292ffa7a649", - "zh:1d719e62eb5195a6461cdf2e175960093cdb77b190a7b15eb3fd0e1fc38409e1", - "zh:3adba178a720c90f296183479872a82719f5497b24e90224c044bcc9e29092b7", - "zh:54e5895e61a39b955be26977c273d9581beccf0e22ec58932708472cab40b03b", - "zh:59b8df5b3be8bf9e8a8dcc7b5edf96b0ca505f93fc0db022cc33513172dbc2c8", - "zh:6d86630e353b874ad43d09e3d3541ba4f824c578122a21c7895a452a0534ca05", - "zh:b6c7466446ce685971dee0c7b2dcb16917e3d23805a51d7a2091e475908c8d87", - "zh:ca306de78ea0f99f698548d51b094501e8299340ccc9c6549d1b62fc1fe29456", - "zh:cc6bd38417c0a6c0d7a1c8533007c113155d82d085ea705d955dadf62b2f9f66", - "zh:da657c9db5647620fca377fdc934db6a0f6d05d4cc0dd91a47404850805fd6da", - "zh:dc0b1effedb7a35d1756be915ff8b48d0f422b7a9da75e7f14a2d3efa2d4806f", - "zh:eef8d1715e9cfcb6cbe05dc071390ee91276d12f6fd870bac116af47518f6176", - "zh:f4c0cd2168f59d4fbf4b1fada95a9c973224bbf81975e948f741ad18ef665690", + "h1:+R2MRgaXvmR1l+nYxYJqMSuvA4VBzfBoh2Er6TnDRPE=", + "h1:1y5I173i8qvxp8GQHBBI/bxkr6YOqY4IqOiJWIUSeeM=", + "h1:XHaltkhuTgyFCCZgpay2orOgc0TyZf0KqrFHNfUgY20=", + "h1:XvFByv5e6fKSlayYaXpFD/JbTYZN1ybujVJJjny1Q18=", + "h1:ZU9d05CLVYBbmdB0IGiG9MueY4/fVo4D6FeyQtbeujA=", + "h1:doHtDOiEIgIUWlUUc9jC7Uqdhj1hsy3etvdYmegcUZM=", + "h1:hUgMx2B40ByfaMA4Al0h7xotp/pZxJJxZZa/HJb6NDc=", + "h1:kG5J46qkCdUWJp/1p8CLifqc7Fy54IDZEjYhpmWcars=", + "h1:lNx+bJr11tPJxpkL5aTdOkGwB41O2Kv8fvKuiMl/LLs=", + "h1:mSOL+FqSLNkWeXopegyK/MoCkMD/VmW9V3PHLaIePjU=", + "h1:oCKzPBsyaD1ENda7qbREG3DYV3Opu09ub+msk3vRCkw=", + "h1:p9AGeRqK50wTHEIp7z7O4MUP83cs+lt7wPajZ9m9TB8=", + "h1:tBoVWDOhByI7cg9TYAAw6LDdMmWLpa2LYwJzzcukdiA=", + "h1:zHQHXKmlGNYBaWLJ9SuXsJ7dbpsvhDJl5pJi+PFU+2w=", + "zh:0e856d3b13614bc32346a236a8e84ba55ecd17238c2008d4b3e71aa8cb49f515", + "zh:2dcc44cd499c18ebbc4f763eff97a7b725763c8ac8fbb5d69c935413ccdc4962", + "zh:434100fc75ec7cd6b64cc9497e8273e79325fa8d285e9fd9d341c1a67421643b", + "zh:483484f66d2e8ce6fa4bfd91e824ceebf07d10acb5df5f366397c55227c4ae91", + "zh:596743a6f1c77a6f103b06ef8d932fe8f2376793b92478853dc84571d17c429f", + "zh:5ed2d5eb7db13229baaf042c725d5c64b58ffdcc641370175e0a88900af94bf1", + "zh:8aecd4cf782c82bee01098f72fe4ffff83707516007b32a01c7fcb19a9260338", + "zh:928c05ecac309287ff7d73ed6e478350fe3003557658ae5dc2be817a4268dba7", + "zh:9b9fd36dfb3e75da8b4478485272505ae9a3c67b10db173e1d2d76cfe2b637b8", + "zh:ab7cd8c61ab67a045854e32f0be1940a92746770dbf3c17bbe923e0259c4f897", + "zh:bb1360ec19a4fc1095d0ef1b7b6c5c3c1a91daac7cd1957d43a4cdbb7356a2e3", + "zh:d2186f4063aa1a547b52a53745d472e43f5343bc1674f2bbb91421c61b0fab50", + "zh:d74bbb67a77951b18ffd7b2863954e70ac03450ad2023cc305c66a5ff25d8d18", + "zh:f5970569ea0a479bbfbf2d452f5962e1c9bd472b82756db822d0e951363daa25", ] } diff --git a/tofu/modules/authentik-ldap/main.tf b/tofu/modules/authentik-ldap/main.tf index 86d1806..b0fc742 100644 --- a/tofu/modules/authentik-ldap/main.tf +++ b/tofu/modules/authentik-ldap/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.12.0" + version = "2025.12.1" } } } diff --git a/tofu/modules/authentik-oidc/main.tf b/tofu/modules/authentik-oidc/main.tf index 3ca69a3..aea24f7 100644 --- a/tofu/modules/authentik-oidc/main.tf +++ b/tofu/modules/authentik-oidc/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.12.0" + version = "2025.12.1" } } } diff --git a/tofu/modules/authentik-proxy/main.tf b/tofu/modules/authentik-proxy/main.tf index 288bd61..86e4baa 100644 --- a/tofu/modules/authentik-proxy/main.tf +++ b/tofu/modules/authentik-proxy/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.12.0" + version = "2025.12.1" } } } From cb6959808180facc1a0feb8263886158e0de2464 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 11 Feb 2026 03:03:46 +0000 Subject: [PATCH 277/377] chore(deps): update rcourtman/pulse docker tag to v5.1.8 --- k8s/services/pulse/ds.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/services/pulse/ds.yaml b/k8s/services/pulse/ds.yaml index 3419d52..2785813 100644 --- a/k8s/services/pulse/ds.yaml +++ b/k8s/services/pulse/ds.yaml @@ -47,7 +47,7 @@ spec: serviceAccountName: pulse-agent containers: - name: pulse-agent - image: rcourtman/pulse:5.1.6 + image: rcourtman/pulse:5.1.8 command: ["/opt/pulse/bin/pulse-agent-linux-amd64"] args: - --enable-kubernetes From 6ff4153f7d6a36f33beab6d3cd2433b2d3d69015 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 11 Feb 2026 03:03:03 +0000 Subject: [PATCH 278/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v12.6.4 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index c839404..903042c 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:12.6.3 + image: code.forgejo.org/forgejo/runner:12.6.4 links: - docker-in-docker depends_on: From c76d3db733f08314b9d7f7cc9931a0f29842cdbc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 12 Feb 2026 03:06:50 +0000 Subject: [PATCH 279/377] chore(deps): update vaultwarden/server docker tag to v1.35.3 --- docker/vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/vaultwarden/docker-compose.yml b/docker/vaultwarden/docker-compose.yml index bef3334..dfd51a4 100644 --- a/docker/vaultwarden/docker-compose.yml +++ b/docker/vaultwarden/docker-compose.yml @@ -1,7 +1,7 @@ --- services: vaultwarden: - image: vaultwarden/server:1.35.2-alpine + image: vaultwarden/server:1.35.3-alpine restart: unless-stopped environment: DATABASE_URL: ${DATABASE_URL} From 2b71507c5eb5d96dbb99d55b7166b231b70390bf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 15 Feb 2026 23:49:51 +0000 Subject: [PATCH 280/377] chore(deps): update ghcr.io/zibbp/ganymede docker tag to v4.12.0 --- docker/ganymede/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/ganymede/docker-compose.yml b/docker/ganymede/docker-compose.yml index 1f24da0..ad7d8bd 100644 --- a/docker/ganymede/docker-compose.yml +++ b/docker/ganymede/docker-compose.yml @@ -2,7 +2,7 @@ services: ganymede: container_name: ganymede - image: ghcr.io/zibbp/ganymede:4.11.5 + image: ghcr.io/zibbp/ganymede:4.12.0 restart: unless-stopped environment: DEBUG: ${GANYMEDE_DEBUG:-false} From 26b2654443aaed58e9039076a71ca8d28ec0576a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 15 Feb 2026 23:47:43 +0000 Subject: [PATCH 281/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v16.2.0 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 1106bc3..3b72b4d 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 16.0.2 + targetRevision: 16.2.0 helm: valuesObject: replicaCount: 2 From c991fd57bafcbe0b19e7655d33d342c8ada4206c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 22 Feb 2026 03:30:29 +0000 Subject: [PATCH 282/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.20.8 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 99209c6..16eae90 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.20.6 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.8 restart: unless-stopped ports: - 8002:8000 From 1e4fb8347287ee61da2f9b4f7df5fd01893ea463 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 23 Feb 2026 03:59:57 +0000 Subject: [PATCH 283/377] chore(deps): update rcourtman/pulse docker tag to v5.1.13 --- k8s/services/pulse/ds.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/services/pulse/ds.yaml b/k8s/services/pulse/ds.yaml index 2785813..8247d97 100644 --- a/k8s/services/pulse/ds.yaml +++ b/k8s/services/pulse/ds.yaml @@ -47,7 +47,7 @@ spec: serviceAccountName: pulse-agent containers: - name: pulse-agent - image: rcourtman/pulse:5.1.8 + image: rcourtman/pulse:5.1.13 command: ["/opt/pulse/bin/pulse-agent-linux-amd64"] args: - --enable-kubernetes From 6d85d8f90dcb3996039d70df1c989d79e859b61e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 23 Feb 2026 03:58:42 +0000 Subject: [PATCH 284/377] chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.12.9 --- docker/rustical/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index 2bca4ee..47a847b 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -1,7 +1,7 @@ --- services: rustical: - image: ghcr.io/lennart-k/rustical:0.12.4 + image: ghcr.io/lennart-k/rustical:0.12.9 ports: - '4000:4000' volumes: From 5c282202c142e216b03a94919d8b20791d367556 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 22 Feb 2026 03:32:01 +0000 Subject: [PATCH 285/377] chore(deps): update helm release renovate to 46.31.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 61305e6..15f578d 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.6.* + targetRevision: 46.31.* helm: valuesObject: renovate: From 41b277b9153c2ea3c3e82146269704dadc4558f4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 6 Feb 2026 03:55:49 +0000 Subject: [PATCH 286/377] chore(deps): update helm release kubetail to v0.18.0 --- k8s/argo-apps/kubetail.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml index b7d79e3..0a6db1f 100644 --- a/k8s/argo-apps/kubetail.yaml +++ b/k8s/argo-apps/kubetail.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: kubetail repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.17.0 + targetRevision: 0.18.0 helm: valuesObject: kubetail: From 83307d3a8620ffa3557716486e25a58a3d559104 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 4 Feb 2026 12:02:19 +0000 Subject: [PATCH 287/377] chore(deps): update https://code.forgejo.org/actions/checkout action to v6 --- .forgejo/workflows/ci.yaml | 6 +++--- .forgejo/workflows/deploy-tofu.yaml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.forgejo/workflows/ci.yaml b/.forgejo/workflows/ci.yaml index 1cf818a..8c68c11 100644 --- a/.forgejo/workflows/ci.yaml +++ b/.forgejo/workflows/ci.yaml @@ -7,7 +7,7 @@ jobs: pre-commit: runs-on: ubuntu-22.04 steps: - - uses: https://code.forgejo.org/actions/checkout@v5 + - uses: https://code.forgejo.org/actions/checkout@v6 - uses: https://code.forgejo.org/actions/setup-python@v6 with: python-version: '3.10' @@ -19,7 +19,7 @@ jobs: k8s: runs-on: ubuntu-22.04 steps: - - uses: https://code.forgejo.org/actions/checkout@v5 + - uses: https://code.forgejo.org/actions/checkout@v6 - name: Set up Kubeconform uses: bmuschko/setup-kubeconform@v1 @@ -30,7 +30,7 @@ jobs: tflint: runs-on: ubuntu-22.04 steps: - - uses: https://code.forgejo.org/actions/checkout@v5 + - uses: https://code.forgejo.org/actions/checkout@v6 - uses: terraform-linters/setup-tflint@v6 name: Setup TFLint with: diff --git a/.forgejo/workflows/deploy-tofu.yaml b/.forgejo/workflows/deploy-tofu.yaml index 96b6c38..15d8a83 100644 --- a/.forgejo/workflows/deploy-tofu.yaml +++ b/.forgejo/workflows/deploy-tofu.yaml @@ -10,7 +10,7 @@ jobs: authentik: runs-on: ubuntu-22.04 steps: - - uses: https://code.forgejo.org/actions/checkout@v5 + - uses: https://code.forgejo.org/actions/checkout@v6 - uses: opentofu/setup-opentofu@v1 with: tofu_version: 1.8.1 @@ -40,7 +40,7 @@ jobs: adguard: runs-on: ubuntu-22.04 steps: - - uses: https://code.forgejo.org/actions/checkout@v5 + - uses: https://code.forgejo.org/actions/checkout@v6 - uses: opentofu/setup-opentofu@v1 with: tofu_version: 1.7.0 From 49fa998a475e9ff4deddbae4b46fca93de57ba71 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 15 Feb 2026 23:53:58 +0000 Subject: [PATCH 288/377] chore(deps): update helm release kured to 5.11.* --- k8s/argo-apps/kured.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/kured.yaml b/k8s/argo-apps/kured.yaml index c2c8d84..d15330a 100644 --- a/k8s/argo-apps/kured.yaml +++ b/k8s/argo-apps/kured.yaml @@ -13,7 +13,7 @@ spec: source: chart: kured repoURL: https://kubereboot.github.io/charts - targetRevision: 5.10.* + targetRevision: 5.11.* helm: valuesObject: configuration.rebootDays: From fd5188f5c8019d92c0721b18c44306cb2351ac19 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 4 Feb 2026 12:00:34 +0000 Subject: [PATCH 289/377] chore(deps): update helm release meilisearch to 0.25.* --- k8s/argo-apps/meili.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index 64b6f10..8d256c6 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -18,7 +18,7 @@ spec: targetRevision: main - chart: meilisearch repoURL: https://meilisearch.github.io/meilisearch-kubernetes - targetRevision: 0.17.* + targetRevision: 0.25.* helm: valuesObject: environment: From 79722144fa9348d0599e0d2427467f74348aeebb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Feb 2026 04:47:02 +0000 Subject: [PATCH 290/377] chore(deps): update vaultwarden/server docker tag to v1.35.4 --- docker/vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/vaultwarden/docker-compose.yml b/docker/vaultwarden/docker-compose.yml index dfd51a4..3970c77 100644 --- a/docker/vaultwarden/docker-compose.yml +++ b/docker/vaultwarden/docker-compose.yml @@ -1,7 +1,7 @@ --- services: vaultwarden: - image: vaultwarden/server:1.35.3-alpine + image: vaultwarden/server:1.35.4-alpine restart: unless-stopped environment: DATABASE_URL: ${DATABASE_URL} From 7bce1b85a91babd6cde8b49696563a5e008a98ca Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Feb 2026 04:49:06 +0000 Subject: [PATCH 291/377] chore(deps): update ghcr.io/zibbp/ganymede docker tag to v4.13.0 --- docker/ganymede/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/ganymede/docker-compose.yml b/docker/ganymede/docker-compose.yml index ad7d8bd..174eacb 100644 --- a/docker/ganymede/docker-compose.yml +++ b/docker/ganymede/docker-compose.yml @@ -2,7 +2,7 @@ services: ganymede: container_name: ganymede - image: ghcr.io/zibbp/ganymede:4.12.0 + image: ghcr.io/zibbp/ganymede:4.13.0 restart: unless-stopped environment: DEBUG: ${GANYMEDE_DEBUG:-false} From c5f8fef0f409201ad26fddac6feb5a2938059c44 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Feb 2026 03:23:17 +0000 Subject: [PATCH 292/377] chore(deps): update helm release authentik to v2026 --- k8s/argo-apps/authentik.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/authentik.yaml b/k8s/argo-apps/authentik.yaml index b046a8b..fc44e71 100644 --- a/k8s/argo-apps/authentik.yaml +++ b/k8s/argo-apps/authentik.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: authentik repoURL: https://charts.goauthentik.io/ - targetRevision: 2025.12.* + targetRevision: 2026.2.* helm: valuesObject: authentik: From b2ef06fdb84e5e9ec64507ba7004a5212f21adee Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Feb 2026 03:45:46 +0000 Subject: [PATCH 293/377] chore(deps): update helm release portainer to 2.39.* --- k8s/argo-apps/portainer.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/portainer.yaml b/k8s/argo-apps/portainer.yaml index 69ad625..b2f201b 100644 --- a/k8s/argo-apps/portainer.yaml +++ b/k8s/argo-apps/portainer.yaml @@ -15,7 +15,7 @@ spec: sources: - repoURL: https://portainer.github.io/k8s/ chart: portainer - targetRevision: 2.33.* + targetRevision: 2.39.* helm: valuesObject: service: From 351119601f6d5bf4725d03ee550773a331f9b86d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Feb 2026 03:46:42 +0000 Subject: [PATCH 294/377] chore(deps): update tailscale/tailscale docker tag to v1.94.2 --- docker/tailscale/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/tailscale/docker-compose.yml b/docker/tailscale/docker-compose.yml index f0d25e1..e139f18 100644 --- a/docker/tailscale/docker-compose.yml +++ b/docker/tailscale/docker-compose.yml @@ -1,7 +1,7 @@ --- services: tailscale: - image: tailscale/tailscale:v1.92.5 + image: tailscale/tailscale:v1.94.2 hostname: tailscale environment: TS_AUTHKEY: ${TS_AUTHKEY} From b20e4f0ef4d5611cf0f3a850fd05c4581af535da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 4 Mar 2026 10:31:34 +0100 Subject: [PATCH 295/377] feat: add docker/minecraft --- docker/backrest/docker-compose.yml | 19 +++++++++++++++ docker/minecraft/docker-compose.yml | 38 +++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+) create mode 100644 docker/backrest/docker-compose.yml create mode 100644 docker/minecraft/docker-compose.yml diff --git a/docker/backrest/docker-compose.yml b/docker/backrest/docker-compose.yml new file mode 100644 index 0000000..83451f2 --- /dev/null +++ b/docker/backrest/docker-compose.yml @@ -0,0 +1,19 @@ +--- +services: + backrest: + image: garethgeorge/backrest:v1.11.2 + container_name: backrest + hostname: backrest + volumes: + - ${DATA2BACKUP_DIR:-/mnt/zeruel}:/data2backup + - ${BACKREST_DATA_DIR:-/mnt/zeruel/nas1/shared/backrest/data}:/data + - ${BACKREST_CONFIG_DIR:-/mnt/zeruel/nas1/shared/backrest/config}:/config + - ${BACKREST_CACHE_DIR:-/mnt/zeruel/nas1/shared/backrest}:/cache + environment: + - BACKREST_DATA=/data + - BACKREST_CONFIG=/config/config.json + - XDG_CACHE_HOME=/cache + - TZ=Europe/Madrid + restart: unless-stopped + ports: + - "9898:9898" diff --git a/docker/minecraft/docker-compose.yml b/docker/minecraft/docker-compose.yml new file mode 100644 index 0000000..176cac0 --- /dev/null +++ b/docker/minecraft/docker-compose.yml @@ -0,0 +1,38 @@ +--- +services: + mc: + image: itzg/minecraft-server:java23-graalvm + tty: true + stdin_open: true + ports: + - "25565:25565" + environment: + EULA: "TRUE" + MEMORY: ${MEMORY:-"6G"} + TZ: "Europe/Madrid" + VERSION: 1.21.1 + ENABLE_ROLLING_LOGS: true + USE_AIKAR_FLAGS: true + MOTD: "Huesoperrers Minecraft Episodio 3: La venganza de los huesos" + MAX_PLAYERS: 10 + MAX_WORLD_SIZE: 10000 + SEED: huesoperrers3 + MODE: survival + ONLINE_MODE: false + ALLOW_FLIGHT: true + SERVER_NAME: Huesoperrers and co. + PLAYER_IDLE_TIMEOUT: 15 + STOP_SERVER_ANNOUNCE_DELAY: 30 + OPS: ${OPS:-robosap1ens,commandkatt,Malva25} + SYNCHRONIZE: true + MERGE: true + ENFORCE_WHITELIST: true + ENABLE_RCON: false + MAX_TICK_TIME: -1 + USER_API_PROVIDER: ${USER_API_PROVIDER:-playerdb} + DIFFICULTY: ${DIFFICULTY:-normal} + ENABLE_AUTOPAUSE: true + DEBUG_AUTOPAUSE: false + TYPE: NEOFORGE + volumes: + - ${MC_DATA_DIR:-/mnt/zeruel/nas1/shared/mc3}:/data From 708173d84e5cbd3a12e3069d06f424df4e60d416 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Tue, 10 Mar 2026 11:20:46 +0100 Subject: [PATCH 296/377] feat: add docker/oxicloud --- .gitmodules | 3 ++ docker/minecraft/docker-compose.yml | 1 + docker/oxicloud/OxiCloud | 1 + docker/oxicloud/docker-compose.yml | 22 ++++++++++++ docker/oxicloud/sample.env | 10 ++++++ docker/rustical/docker-compose.yml | 1 + k8s/argo-apps/authentik.yaml | 2 +- tofu/authentik/main.tf | 54 ++++++++--------------------- tofu/authentik/sample.env | 2 ++ tofu/authentik/vars.tf | 10 ++++++ 10 files changed, 65 insertions(+), 41 deletions(-) create mode 100644 .gitmodules create mode 160000 docker/oxicloud/OxiCloud create mode 100644 docker/oxicloud/docker-compose.yml create mode 100644 docker/oxicloud/sample.env diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..e4e58db --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "docker/oxicloud/OxiCloud"] + path = docker/oxicloud/OxiCloud + url = git@github.com:DioCrafts/OxiCloud.git diff --git a/docker/minecraft/docker-compose.yml b/docker/minecraft/docker-compose.yml index 176cac0..7d65b94 100644 --- a/docker/minecraft/docker-compose.yml +++ b/docker/minecraft/docker-compose.yml @@ -2,6 +2,7 @@ services: mc: image: itzg/minecraft-server:java23-graalvm + restart: unless-stopped tty: true stdin_open: true ports: diff --git a/docker/oxicloud/OxiCloud b/docker/oxicloud/OxiCloud new file mode 160000 index 0000000..cf9fe82 --- /dev/null +++ b/docker/oxicloud/OxiCloud @@ -0,0 +1 @@ +Subproject commit cf9fe82b5f72f173d140321448ded789c604989a diff --git a/docker/oxicloud/docker-compose.yml b/docker/oxicloud/docker-compose.yml new file mode 100644 index 0000000..f89895f --- /dev/null +++ b/docker/oxicloud/docker-compose.yml @@ -0,0 +1,22 @@ +--- +services: + oxicloud: + image: git.roboces.dev/catalin/fukuops:oxicloud-0.5.2 + restart: always + ports: + - "8086:8086" + environment: + OXICLOUD_DB_CONNECTION_STRING: ${OXICLOUD_DB_CONNECTION_STRING:-postgres://postgres:postgres@postgres/oxicloud} + OXICLOUD_OIDC_ENABLED: ${OXICLOUD_OIDC_ENABLED:-true} + OXICLOUD_OIDC_ISSUER_URL: ${OXICLOUD_OIDC_ISSUER_URL:-https://auth.fukurokuju.dev/application/o/ganymede/} + OXICLOUD_OIDC_CLIENT_ID: ${OXICLOUD_OIDC_CLIENT_ID} + OXICLOUD_OIDC_CLIENT_SECRET: ${OXICLOUD_OIDC_CLIENT_SECRET} + OXICLOUD_OIDC_REDIRECT_URI: ${OXICLOUD_OIDC_REDIRECT_URI:-https://cloud.roboces.dev/api/auth/oidc/callback} + OXICLOUD_OIDC_FRONTEND_URL: ${OXICLOUD_OIDC_FRONTEND_URL:-https://cloud.roboces.dev} + OXICLOUD_OIDC_ADMIN_GROUPS: ${OXICLOUD_OIDC_ADMIN_GROUPS:-""} + OXICLOUD_OIDC_SCOPES: ${OXICLOUD_OIDC_SCOPES:-offline_access openid profile email} + OXICLOUD_OIDC_PROVIDER_NAME: ${OXICLOUD_OIDC_PROVIDER_NAME:-Authentik} + OXICLOUD_OIDC_AUTO_PROVISION: ${OXICLOUD_OIDC_AUTO_PROVISION:-true} + RUST_LOG: debug + volumes: + - ${OXICLOUD_DATA_VOLUME:-/mnt/zeruel/nas1/shared/storage/data}:/app/storage diff --git a/docker/oxicloud/sample.env b/docker/oxicloud/sample.env new file mode 100644 index 0000000..032e2f8 --- /dev/null +++ b/docker/oxicloud/sample.env @@ -0,0 +1,10 @@ +OXICLOUD_DB_CONNECTION_STRING= +OXICLOUD_OIDC_ENABLED= +OXICLOUD_OIDC_ISSUER_URL= +OXICLOUD_OIDC_CLIENT_ID= +OXICLOUD_OIDC_CLIENT_SECRET= +OXICLOUD_OIDC_REDIRECT_URI= +OXICLOUD_OIDC_FRONTEND_URL= +OXICLOUD_OIDC_ADMIN_GROUPS="" +OXICLOUD_OIDC_PROVIDER_NAME= +OXICLOUD_OIDC_SCOPES=offline_access openid profile email diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index 47a847b..9bb09f3 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -2,6 +2,7 @@ services: rustical: image: ghcr.io/lennart-k/rustical:0.12.9 + restart: unless-stopped ports: - '4000:4000' volumes: diff --git a/k8s/argo-apps/authentik.yaml b/k8s/argo-apps/authentik.yaml index fc44e71..1c9e424 100644 --- a/k8s/argo-apps/authentik.yaml +++ b/k8s/argo-apps/authentik.yaml @@ -26,7 +26,7 @@ spec: timeout: 30 from: auth@fukurokuju.dev postgresql: - host: psql15-postgres.apps-fuku.svc.cluster.local + host: 192.168.1.3 port: 5432 name: auth user: file:///authentik-creds/pg_username diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 4ff4a0c..a941542 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -37,22 +37,6 @@ resource "authentik_group" "arrs" { is_superuser = false } -resource "authentik_group" "vpn" { - name = "vpn" - is_superuser = false -} - -resource "authentik_group" "ftp" { - name = "ftp" - is_superuser = false -} - -resource "authentik_group" "mediamanager" { - name = "mediamanager" - is_superuser = false -} - - module "gitea" { source = "../modules/authentik-oidc" app_name = "Gitea" @@ -181,30 +165,6 @@ module "prowlarr" { internal_host_ssl_validation = false } -module "sftpgo" { - source = "../modules/authentik-oidc" - app_name = "SFTPGo" - app_slug = "SFTPGo" - client_id = var.sftpgo_client_id - client_secret = var.sftpgo_client_secret - client_type = "confidential" - app_access_group_id = authentik_group.ftp.id - redirect_uris = [ - { - matching_mode = "regex", - url = "https://ftp.fukurokuju.dev/.*" - } - ] - extra_property_mappings = [ - - ] - app_icon = "https://ftp.fukurokuju.dev/static/img/logo.png" - access_token_validity = "days=10" - app_url = "https://ftp.fukurokuju.dev" - app_description = "SFTPGo" - sub_mode = "user_username" -} - module "rustical" { source = "../modules/authentik-oidc" app_name = "rustical" @@ -272,3 +232,17 @@ module "pulse" { redirect_uris = [{ matching_mode = "strict", url = "https://pulse.fukurokuju.dev/api/oidc/callback" }] app_access_group_id = authentik_group.admins.id } + +module "cloud" { + source = "../modules/authentik-oidc" + app_name = "Cloud" + app_slug = "cloud" + app_url = "https://cloud.roboces.dev" + client_id = var.oxicloud_client_id + client_secret = var.oxicloud_client_secret + app_icon = "https://cloud.roboces.dev/themes/opencloud/assets/favicon.svg" + redirect_uris = [{ + matching_mode = "strict", url = "https://cloud.roboces.dev/api/auth/oidc/callback" + }] + app_access_group_id = "" +} diff --git a/tofu/authentik/sample.env b/tofu/authentik/sample.env index 31a7461..7230d1f 100644 --- a/tofu/authentik/sample.env +++ b/tofu/authentik/sample.env @@ -18,3 +18,5 @@ TF_VAR_ganymede_client_id= TF_VAR_ganymede_client_secret= TF_VAR_pulse_client_id= TF_VAR_pulse_client_secret= +TF_VAR_oxicloud_client_id=aef61f77326b813cf8d8ba71d1ac994b5642685ca37e4710ab0079e91d87702d55fd9775d473b05aff45603bf08e78dba26850af3a815f3c3ac171d163368aa0 +TF_VAR_oxicloud_client_secret=a4038df17c9fd06f86372aeaaae8f3fd1374d8978983af7b398d948ef15d1efe522a1faa2fc7652bc410c516d96cd2e4211dad4e05ba6297bdd8d9090460d5fc diff --git a/tofu/authentik/vars.tf b/tofu/authentik/vars.tf index f0e5dc2..920d995 100644 --- a/tofu/authentik/vars.tf +++ b/tofu/authentik/vars.tf @@ -88,3 +88,13 @@ variable "pulse_client_secret" { description = "Pulse client secret" type = string } + +variable "oxicloud_client_id" { + description = "Oxicloud client ID" + type = string +} + +variable "oxicloud_client_secret" { + description = "Oxicloud client secret" + type = string +} From 9627c49ad81623140546ee970aed12b3c9159d05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Tue, 10 Mar 2026 17:00:30 +0100 Subject: [PATCH 297/377] feat: remove k8s/psql --- k8s/argo-apps/psql.yaml | 26 ------------------------- k8s/services/forgejo/sealedsecrets.yaml | 12 ++++-------- 2 files changed, 4 insertions(+), 34 deletions(-) delete mode 100644 k8s/argo-apps/psql.yaml diff --git a/k8s/argo-apps/psql.yaml b/k8s/argo-apps/psql.yaml deleted file mode 100644 index 96bf839..0000000 --- a/k8s/argo-apps/psql.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: psql15 - namespace: argocd -spec: - destination: - namespace: apps-fuku - server: 'https://kubernetes.default.svc' - sources: - - chart: postgres - targetRevision: 1.3.6 - repoURL: https://groundhog2k.github.io/helm-charts/ - helm: - valuesObject: - service: - type: LoadBalancer - storage: - accessModes: - - ReadWriteMany - className: truenas-nfs-csi - requestedSize: 150Gi - project: fuku - syncPolicy: - automated: {} diff --git a/k8s/services/forgejo/sealedsecrets.yaml b/k8s/services/forgejo/sealedsecrets.yaml index 8c2f780..8a48da7 100644 --- a/k8s/services/forgejo/sealedsecrets.yaml +++ b/k8s/services/forgejo/sealedsecrets.yaml @@ -102,17 +102,15 @@ spec: apiVersion: bitnami.com/v1alpha1 kind: SealedSecret metadata: - creationTimestamp: null name: gitea-ini-redis namespace: apps-roboces spec: encryptedData: - cache: AgAd4e8faLRBWaHzBxEF8VQbPQ1Kg6d4jfSwesrdJVijhmvE+ruGfbiwL0FXhn0XLfVAB1f99+Wvus93fOwfeh3RA95L1AZK/7+QntNHQe6LP2+ydZaPQfAOdkQBf+7ZQG04QiTqr3Ckkh3eNIvAyFMIrmaYf9qY5BwVMYrjg8iNi0jRgfgSBm5w3Dd3V0G3ry3yI4aawQN7pj9PuhA3pSqq3ynK4qXdf/6nEqvA5+7m/Ys0xWSOJwAgWHUVT2KLQ7rvI4y1TiCciWEpFvhIbwtE+bc+lOARJBBUCmRcDKOD5N3qXYX4846XUTTm3W8LhO7e9cIE0saPsPkS/qKkMgW51hh2r70hgTKi9/174I6tVYU4t208UScrNlF3AkGqHzXsisI8Yw28OApLrwxkFbh/y9zbci/KmQGpw2RZYdFeXuS1RGzGDDaiCwZIUONChchAPxb0PGpDZpGrW/MOAdJFj700YW+Abzihr0GV0bSnKHf/uYdXn+3+Oz2Uk35B+Vwc+tqKCHpSzoa4SRNlwGlQ71ysEKx6zUmcPEalqKnNHMmVOocRuQuxGnRasj62tNwZmg9hC/1IriMEJJkdEcymlo7pQqQ8YXmkKAUu3w69S5v9LKBG/DGzhxUagqhErM8KSMOjXmfoNIZEVE3ey9sUDtRZTnLgDj2rl9avAAnGo7+qF6etPNuKGFknK+xTegy3DwyzBEjXzgNaKhkBqvDS+Iggko+CEspBdUqerjIydU2dXwdiY2t+wm5gztDAimROvgouW5GqwUFK50s4tcSJjvsiw4OsOBZp6r/61lejlggk - queue: AgC2LtW2jJPhh062ezMvWLLIAlyUNYO084VrSHsJ/K9UvZNVhFc6CnUrgcrvT/AIQflMYTm4RHKJgt4P5slzmKzHT/hc8RqB3L5FIhBsnmy/w55bXkrsohwcwzmw867a7bmnbAlyUglsAkKraMSpasTW4rOiMoCwXYKVtGcsDn1JLUj9Hp62BPXkQJ1Cr36lK/6Z4dHUwStVmq+wYAnm9sp1axnlwAqPgZ3mfqndKh9qZYjI2CIMuQ46HFDiwZGUSgspaVezMb7nkCk9CaoUTi1zHxsbCBMVv/abdvTPmZjqgXzR88EsAGTZMSpljc2ZB8zU9zwkkEBA5TPV4kVUNHTpDJirFvlofc7gST7CkCeoBhQ6P+vgokPa2AhcWeXVgR0PUoecpqpIqdFkAOluS7Gcu3GNu43IRzR6+9oHgbL/SHebQvK/hzVVq3yGAKaGmIXTLJS1wMm4k2KBqqaT1MpWFwO4YowRuKrOMXf634WzPsU3zOpkSbHEke6vvU2glDEdSwOGs1zPbO6Xzhqj5kTtDIiCs70mnxk1Zwve/1kYhBE/JZTi6QcQbG1uEDq8bsygj1qJZbGQMekUHQzIIfGTeOuXfoBch77MEMHu4h/2F+IC5O487FiPrQ64uBZ4I6gRM1PsiPxWnvmtNEXtLt+mMNp+l8Uuk5mvET5i0RpIH62/JYinhheDNgxwubXVEFuUClSzXomNt3GWy0KNAWsxouZEh0CQDfxmw4lTnjPcGegcZtrIqncDpe6/6gTIblOs7L41LEkOyOmBSHROQBeA11fVvE4Y - session: AgAwlEuCZq+5T0AXDJ8PXllX5lzaiBK0nlZsMlvJQKl+FNgGhuZkqZhQQSPq53W9KlJbVkRr5KFAkLY0p0CznGoI2xPaxbZ3z6c/kVU1mBqmTOF8HJ2oKBhjRKaZhlwFARpbgrqYkZRS5syb6SwtNT48NPuTKwRgzu3xxwUBkfuyHxZX4IP7/9GtEAWK1nqYXU3rxLYbRq/utSuQYnOd3Uu3ZYjQZz0din0R8VTHp01STMHgGzbX08PEwz2JH/C4Q6CUC/GcXSgSajg0PJECbibGoGEJXTVT1HWucWH7B0CQSAMYzosqPZV3JwTN+4HESZ2H9YBRHbGWpp5KGBicT+rleQ36+jva6qWmwfcXXZgsYDUCx+kb8e+b7cBZhPHDf9w9ZEzXe2OUUoKZQBt5LbjTSRtt//PhWQy16mxi0996zGAWUwshVefWsbdSFZiKOI+lL/i0yVZUn3R/olmP7de9b4iapZ7TUzvovm7ZTFU+5SgCLRk125NJNoUXdrh7Y1Hym8xlMSnajHGDjuMxrwtAU/Nq7JN9WQr5XFSEdiuP38sLdQzHdXaht4lXJn5KUf8H55ie0JNVvspwtZ2fQGo/dJXBf9EMa6s6qW/Lf9O2JVU/0sSCAl/jz2tMI9VZ4scHzOlpscmKyBFcoGFb7JtYzkPTCQn7Hz7RlgUeLLir6D6+q3vLXrz+oMbwNChlENlBS1M1Ho1BKwZgBRj75nog3k5EOEi3ym6B/g3xc2YWnlZkL+ZM0TFuTFy2y36RMKb90744tAVXNXHaVz0i85ATJJ8Vs/OogMDN8yKHBPaqlZQ= + cache: AgBfhhRVgy0VonwvXF+qqhh1x9+Z1e0o/OJCI11srR6XLVCf+SIBejOSYyoYChS8HYgBdIuqKNS7Un5bdws5NF1HC0gbf8/XRCfivocceoXVta2MugJxz7Y0+9Ro3RH9uEKi6KVqAyHcev1oOW0eqmkNqHust06+VKa5Bw8F4NHa/3a1Rl9b9xaMwrJLxVMKZMyAIl2/WISUovKFPTjPU1HK9ftEaXwzj5HG/s2jm/MjrrvcoA5z1OGUm02xjqyooUNM6gsuNy8LTXDQybeav+PxlQztcOfNaqipTUkHLjmGWiste/Yl6ik05Dkh7BKmL2czY0KPhxtNGcUq4e2oE+b6DKGcJpbuSVxZLSqTKhg6Jing1GwNyembfRE3nwsvYgj9nzit1SZoQXWnIuBjxlfWGjGJeaj6PmcG1YK4wvwFFqBKIhUGH6fhWjxDl7y1FPsxxGvFg9Fnvcjex34K4J6UmnGO3G2Dts/V4pgJTGx5lp6wpvYVtr7U9ENRTym8GM5oVZ3DT0lONKcfZXRH4EDcMHKMfJ/nDnpQWJC+lihcTRVeSznxu8I073hk6MMAZ8Ho5/28rOCOdJc2HI807ipe39BzTn4U+ows34uFG55GgaTdfbbeFwLjrcVc9ht1WaApkdj8Bnt9inmFPsI14Zwb4Ap/gSSO+ztwhnwrA2rWD7fko53INLJLUb4/49H1xRpMeqEkjoUb76zpdnazuF0ksqs1zhPOUTpnQniduotkwZZrtdU2WPRxVzHXTaZD6/1oTrmFBoBOLnkBPz1CXY/rxMoxHrFoS3zdUtLYWXKqVZy5 + queue: AgC1CxaTdBFeP3M4x8TMJKK2QsWydXC/eAslML9T1yzl4ZStKioMh8QJKbhj6oY3KTLyqBHpLZSGFuhtX/y9Z4JvkFhihfsKtlYL8OrNvO3kxjzku5l3vR6tJ5vCQfIi27hUjVKHN4L/6DGsegbgBGIidCsN5kHRv4C5ToAw/EvxgbHIRILIo+KOBALT1kqKIF+Zdd4fQGbIExwclhFl5SgzumXPh+/j1NUZ1peYYFRnvr5G9aeKPpgJ2wK4eMPQ3ZyaAcRCtxdEhZUF1DF0ESBQ++Nr/gU4GMoron/wSr5cUFmNjSoUTJA3xJeEROyoSGaaH45mLDYH5QZdeA/av8e6vaiMIuWr/UgV7wONFKsJLf0q9Fcr726maJwGiMmIjeCwLq4k+ZI+N6S8/xNe2sTrRUmwjWtbL82ZmafvoUwv0lmxxXpmFqZmG/Zy/KCx9QSDaBJBCStoCgMZZ04HdnxnxFdFj2DMXyshVxH3wqEFAKY0oDfrnIBxzngOEXxu0APp7rlMvFq++HMJ7+JC+JBLG6zfNSfpQyuXEwfSkvowA1i9uhAQVb3D7nSS39xKF7oK8aYDVK4j9QL3w9qxOkYW7bHVd4zDgtiidKDAFWoloMnjPYQDwJojc/dc52+SxJGH8qpYJ8cn7BOy80cvmkwQ2ITGGPo9FXyvMttD0hUmFRouNb4t4PHdmKauuml6hcfF3dqLqrvBhJ0H7tKRJMCK+rHehIQt8VNPhp2JN7n5/KKt5vtMFDUDpc/BbHiDqg3qnICTMESzWZD752tOucW7TJAA89JU + session: AgA+o9DsObwNhAaDpkgh7ZJ9Vx+xzjex+JG2k4yfv1EbLFDpdrSnKOl5BzEZyvydxoWG7Jtlhf/QoWKPUMBMgoRS+cMAH4R3C1FHxFbiEzh/olQBH2DyGnK5d+hAy3RmTC+Kgwgh4sdePWJ3KxwbaAa18tsju9fThQOBD+TOw5khZi2YUehDiviqCV3VGH+caJgDxAmXtut1mHaFLB4QXLzX9vPoULGmxGMARiMSrEqMruTRff17dZ3s0VPeu/s/Lau5yP7oPeMjhNw8P9W8QP/KnW28y0QETtXZyvmNQGCwxyVp7sHfDgo1slxWsgjDpep/jXiyfVeV8KL2AWE2pekGD0CVaCWPOV/MOrU+pe8xBrEcaXQMpWLT5d4/Unu8TLZ7RdEdgrOI8bOVrl9TO51itw0V7EorfeaKxB6j/flRMd8vU0i29+/UOTbEeRtxuHoyH4zy+v7h49b5ODN88z7f6uEp7diuS3WEHs30EHYtXRSMA6V6+H1aaUMEM0lWG6CXtccgAToqlw3k/+Mod8kVagPNQnJ6YB7BFqu74nHo/3lGKHT6+jRfLWUhbJ5teG0pLTutNN0jIqEUY4NfeLVtKhab5Nkxr6UFSUltQwO/dwVD2mqC80yXjf1Bhq07YGIV/M5DYf7oV1+z6UWoQwALcjCdZNgPkbyGqznfGsBpafJwv3MCmZwt50r8FH4ksb8P8lo28Eqepcf+vVL6C+tJGwm3F0CbawhU9mTLb0ksiYXrY3VYmYzUZVWHsosWI05bhQgN2g+B4+ANYX0SXtEc0/YbD8HusQvnoXWbj3CkQd0= template: metadata: - creationTimestamp: null name: gitea-ini-redis namespace: apps-roboces type: Opaque @@ -120,15 +118,13 @@ spec: apiVersion: bitnami.com/v1alpha1 kind: SealedSecret metadata: - creationTimestamp: null name: secrets-forgejo-db namespace: apps-roboces spec: encryptedData: - database: AgCPUgtry8Pctkfr+pQvJ8TQpj2YJ9TwUBaRXo7JP4MMsWOXazfVxd8A7sqnNicpmXJ5hx3OMwfxTFg3KcyGWGbTxTGkwJj0Lxwo92sDxhd59NORadlqQYOx19z8foQ+3HSdkhPAEAHzNq2IBgUcTPRZTKuAXyIsrSVbgaAEwWz8fCkwP/CEJvgC7xztQA0MzrPagH2hlbD4MZ0E7mBhrpo9YTQfvSEDQo0dNKsh/4xvXQoriayDtxoRq2mF8jc3f4f6wmbNWrGsdOv84KAXgLm7bzmffTwqCM1dTbuOCLtxvt1M5r39HQTAsBp1H5yWCFsx4paWyhdVh9t3sjDzEYZNYSLrga/bLJ2+CaQWaLpLJBC9u8r4ANHs+KqwdiMyo1RXqlJsfg1gn/udBpXelzpwtWIWIMtsvNrWxOBhOFsWCFnVvxJWwdcxLoe5wmH75OhbP6Ewl7SddL/4kyXqgZfQi1DsbK5VftWdo7aDEVrwTa4Jq4WF7TbTX9GwIxUQ6ahuBzq4De+vZ/jCV0rE7WtGBvxLHIXb6pX7sNsJFwGYvy63SIhWnQXadeTjLNdy3Tq9aK/HeQJsqXPOAAm/oc2udBkygWs2D77NM0wEcH0YU8i0wPS5ig6HxLQTrf0qLew3E8KOjNyetar1QHVl3iTqGQ0C4U5TgIke54eh8/X1Vgd11dgZBpRx8JsUWMe7Itm+819FB+0tMwWJqrmoFyCEBL7rLl+VAS+oabIXD/ruHJFc/blgtLRqatLtOTARqDsfVK9Bm0YpcsDjEbqAiRGHmOaK8Qp9ywle9sh+iVUG4ODFun2goVfgwYcsD62B7CUMb80ZYiY04dTmXjcIzYww+zGkjhqaIPmB/OHovw== + database: AgBouV3XhCd3Z66sDHDz0nbqbvAfip94yr9R90stLz2H/vJFGyx4xumE/9xe3b5GUd9aYQbTonhzHFl+zP3yoeTsGIGAbuvpeDimDKUIdnI6MJ2oGVHSn08QY/eu2vuj4nUODCeWPE7W5EFqxCxCq1YxZZpoBLzE3zBuIf8R48KAxs7aau8k4WPPSBxHgXuIeUWR/fNtQrA032f1wS5p6bae8403ro4aithq7J6DiOz69MXIQWwqufay+krsEEqIoE8CioQP993w+AUH1q2tk6O7WQLuzKt4T0mZm6F3cWyNbpCV9GT7q5LtejFn1NAwsmM4UG2toZfuWe9NgiSwyqNNUW7IjzfW/+CF3UfAtkgDfn7IAFu1Wg0yzufsnJuazFy2FiVDYNiHYS3Rq1iboKQl84svuq6oYdgvK6kf4IUfU2j02TgCyYc79/sLFqlbLOsZI07fAg/tDIzRkWQyG5P1HreIiDYZdgm50BgAzyEsvLjguKqPUl/c0LLwS6IxleN6RgcxfczCnaf3lezPXol37qCcyTqCqyiYlpI0i0Y45RTpLmTlyATVpzXCiir3IM0yEbK0ff2y2c7czTdoQSaIowAguUD3SamNY5y3530ZQDbZAXF0U4nDq7Pn59tfrlvvlsA8cSGjgyjwGJobGJUCsGWfOtKSbTNV0zd6EFHlqN5ilf15BSaWXU+6g/UbJKxjgk5aNpXH8LHuAQBVAxpRQR6CNlaz6kp87b5CEnLtPCE9nlQGYBXA9sqdvABGSTGdJzf5k57w7Q5LiTLwA6h8x8TCbkRgArl4r5RGEdtfBr3ZBCzKL+EHJGYGHas= template: metadata: - creationTimestamp: null name: secrets-forgejo-db namespace: apps-roboces type: Opaque From 9d01bc51772813db8096d8cfd695f19f4e93dad7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Tue, 10 Mar 2026 18:14:16 +0100 Subject: [PATCH 298/377] feat: add k8s/vaultwarden-secrets-manager --- .../vaultwarden-secrets-manager.yaml | 64 +++++++++++++++++++ k8s/services/argo/project-fuku.yaml | 1 + k8s/services/valheim/sealedsecrets.yaml | 16 ----- .../sealedsecrets.yaml | 17 +++++ 4 files changed, 82 insertions(+), 16 deletions(-) create mode 100644 k8s/argo-apps/vaultwarden-secrets-manager.yaml delete mode 100644 k8s/services/valheim/sealedsecrets.yaml create mode 100644 k8s/services/vaultwarden-kubernetes-secrets/sealedsecrets.yaml diff --git a/k8s/argo-apps/vaultwarden-secrets-manager.yaml b/k8s/argo-apps/vaultwarden-secrets-manager.yaml new file mode 100644 index 0000000..e2fc9d9 --- /dev/null +++ b/k8s/argo-apps/vaultwarden-secrets-manager.yaml @@ -0,0 +1,64 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: vaultwarden-secrets-manager + namespace: argocd +spec: + destination: + name: '' + namespace: apps-fuku + server: https://kubernetes.default.svc + sources: + - chart: vaultwarden-kubernetes-secrets + repoURL: ghcr.io/antoniolago/charts + targetRevision: 1.2.8 + helm: + valuesObject: + api: + enabled: true + service: + type: LoadBalancer + persistence: + storageClass: truenas-nfs-csi + dashboard: + enabled: true + service: + type: LoadBalancer + ingress: + enabled: true + className: traefik + hosts: + - host: vault-secrets.fuku + paths: + - path: / + pathType: Prefix + backend: dashboard + port: 80 + - path: /api + pathType: Prefix + backend: api + port: 8080 + env: + config: + VAULTWARDEN__SERVERURL: "https://vault.roboces.dev" + secrets: + BW_CLIENTID: + secretName: "vaultwarden-kubernetes-secrets" + secretKey: "BW_CLIENTID" + BW_CLIENTSECRET: + secretName: "vaultwarden-kubernetes-secrets" + secretKey: "BW_CLIENTSECRET" + VAULTWARDEN__MASTERPASSWORD: + secretName: "vaultwarden-kubernetes-secrets" + secretKey: "VAULTWARDEN__MASTERPASSWORD" + - path: k8s/services/vaultwarden-kubernetes-secrets + repoURL: https://git.roboces.dev/catalin/fukuops.git + targetRevision: main + project: fuku + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/k8s/services/argo/project-fuku.yaml b/k8s/services/argo/project-fuku.yaml index ead0d89..6f03737 100644 --- a/k8s/services/argo/project-fuku.yaml +++ b/k8s/services/argo/project-fuku.yaml @@ -33,3 +33,4 @@ spec: - https://vmware-tanzu.github.io/helm-charts/ - https://helm.runix.net - https://rcourtman.github.io/Pulse + - ghcr.io/antoniolago/charts diff --git a/k8s/services/valheim/sealedsecrets.yaml b/k8s/services/valheim/sealedsecrets.yaml deleted file mode 100644 index ad59cb1..0000000 --- a/k8s/services/valheim/sealedsecrets.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# yamllint disable rule:line-length ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: valheim-secrets - namespace: apps-fuku -spec: - encryptedData: - server-password: AgBsm7Qg9ej7FtFh5twb4ALyL0I/fzVukURvFg17aweeDX7bM/9p/Yq7S2XG8gbqOYbC1GxknGMHQUnTXqXC9YZ4tZVUAptTCrAsPZHhHiet8bM39KCo2tGa5mCyC7lcmxae26cHuKj8Df6iMQCHL9ZH58A2SU8OIaszkonjwvSnbk6u7/HLCE8UyqP1JjXBMd4wx4BFDrhbauZr10f51tI55ksY+x44QQNrz84QEXmQ/dgwdzGAWqcPQTf57BebSI+ZKtUIvrMpNtz1ioqGnH3vWlb7QnqyqcyAYri3W3j8DB03EpfI2QjYi5Rs1NaJoO8L5HFdHW5p+rmttuwRxiEUPmURftH25o6Mgv/EcWGsB1TpyyFXM8JNU01lWJ+Wty316YF1BV3zHqdQeKu82R/wSv+iVm1dYKTfSOLe3YJr+aFnhYX3hCpBup1cB2KeOe/X9wTo2ETdvKhcIJPz8x7TRcXaCerVmVBw6LagmmdtMsCL4AIXw2gdkBeGONQmOzR1hDyTBAmpTv59WYzAJcCPZRE6gGxCPqH32G36E7WGEI4UOsjvT3GkVDnYx4FUDppzSP0ebnHZOwwAPFtXojHUaHg7ZTjZiuXDQa9Hkqt4mIOKa0i1HI0MyPu8eZJjoRXNS4j1yLfDCP2eSuhGjtVNbbyQthaITolitZ0VeUU8St1iKB7rvAGHqhBoPSw9TOBVSsBcHgIAV64oRqto4kM8 - template: - metadata: - creationTimestamp: null - name: valheim-secrets - namespace: apps-fuku diff --git a/k8s/services/vaultwarden-kubernetes-secrets/sealedsecrets.yaml b/k8s/services/vaultwarden-kubernetes-secrets/sealedsecrets.yaml new file mode 100644 index 0000000..a8f2585 --- /dev/null +++ b/k8s/services/vaultwarden-kubernetes-secrets/sealedsecrets.yaml @@ -0,0 +1,17 @@ +# yamllint disable rule:line-length +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: vaultwarden-kubernetes-secrets + namespace: apps-fuku +spec: + encryptedData: + BW_CLIENTID: AgB6UpzjiBqifwHwm4YfevKVQLTt/2JxrTdJ0O29i416TrvPvYlrofG6ihWQDIr7zAROq5RE1YI1mFdczzcHTccMV+/rPPBTY04rdkoypc17/+P5eVLO03dcSldhbcgiMJQYgji+U59SFebPxxPI9gn6GmOss368Wqgdffu/d7V6RtvBNN+qgIu1FjS26FYxKRKi/mEjPmF6GCkkWRHkkpimdjKalVkuQXiu04cwDTSRYNmgePv5ihem/5tP7ZqgQCFpYafpia6CnQwhHNoPP4Dq+cV5VVPw7AfVdm28HgFLiZhiUWXoGiiFvTZcDwViG4T80gqxtfN/2ur94V7zc/PTGXSsVWBJYM93/jf3zcK7h5wag0nXeYm7nD+NT1JM/2NZguqLVl3iX4qE+f0C83dPTUrBv8+9H3aw0YLI/zgnT8Fdg6VAdbGrXMXrTEqm2IChRZ65/WIgwaRWIH+ETsWPFqUj3mH9Cx8NkNNSRfTqmZS28VEfcCzutSgTJ4zs2VwTYDBBD1QQSMrhUSLrCihWLK3ZTjVTEwAaoUObnaFrYpNBGVZQne9zzWO38/y4NQ2D1Q1YTx0cBP8qcKit9v1GFmOcNDsVG1WCFkZh0qz4j37SOBH0J00sG1lwGvkb05pOjcGVUexjzvHloUjSauFypW+2XQqnVshMbNgKgZYZmZmWbHf8nyq7+wssivbjB5qX5foiCN/Qp2WtIG92k08ZU1+hTq/w/GX8DI/UsbSLU7p/0vpAKMDBuw== + BW_CLIENTSECRET: AgBfsr/ECO+lxSojrp1Ailv7SOYMqtGzmQCmXI3g7+K0W+RT7dOHuZOk7VlvYG5l4qVjriXhMo1xGcGYf8WeAebx+OWTs9Y9sRQ7eGnQW/KD7ihV3vCy2+jEdWZas9wEN1coUUt7Lbg09jz+nrt8Di2xFigJWSjuWejyAwmnRC0O0gLSudidf2x1aTeclid1tFvubbKbYUrLbTCLPW1bDuDs8BseRX6sF8/CVR1ZKWbcADUYvP7Amygc4WMElRREMQJjKBiPYNA4OuepvpQDlNVz/wq499XJAnFMDP8BhKxYalwOqTYzWQT0DA4mwBokMnpRE0VJ3erAAKQwzDHqO8pFE5bqhgzjwTWryH0ZmRF96JVLxx5IMetb8jYEPAHA/ymz9GmSUyVDXDRoeyH2xM4vuD/6A2JXc6kgcpfRx+5UJUybajO7urvHBCS/5X5cEiEOyEtqPMqkRdv2LgN1wXMEU88eK2NqpVX7zhLIJgoMusdHtkDmSlS+pFIb3GwGQRmn5khj5xkyQKweMoPvC5Pq+T/F5/2NziJGRj56HYvaiOPfyfzetaw7Zh3I+umMfZ6mtKD7ntYB1EYaqIMhTlAQv8DxS98t19LOke3h5QKcX6SdKeAqAvlqxuYZ5rweNtZsDevtnaFdmDzbve6xbZrtNwAurpZMYC/7tetyH+jFHrcFjDCuMMLdD5t4d8NW50nks71Pofe6KO/8lkzNOjiQwBIUfG+8Y6bAmPiBBr0= + VAULTWARDEN__MASTERPASSWORD: AgBlRRDUcWw8Kq8IJ/dBk1RQwA6jg4VtpDTzU9eRtkdZfBoEI+KnQt2QHtGv7ZMmyCHztRAoJcEWyoN25RMdG4dQQN40IOPBiv7D8e036nQv7rQqZWE7mPPs9veskS+8sE+h3HFlwIEytn4721nHw4DNl2Uwbtgo1rTRRyJ3Px2UoCfnCU1xVtimWhj7uLjf2kPkSvWRUFZFfzSkuMWtiAPDxspk7q8CTktdiUHV6ZsuuIcZfJ1mHkuredVGYpOcrKLJcwGE7Auzn382lILNwkSuiZjt0T+O5A0c406SPVGU/ovofbRgdUQmmIbS+q6y17HMDkwLutdmIyJgqMEPJXR0KfebjzdtaNdSbmL68QsdECqCbQm6Az3uMEOJ8TVm9rH5yfZZoXLMVjzHgwtQbV9vBb0ubMUKdqJahD0zUQ/1FqDtYHt9OBv8bLh8SXiTKNxz2GByHjcGFUNZhZac1eTqmtYxxUhk4KNFsqx7FvJNUi0VTfINvHAd9Tjlrd0vQbST3VgdiIEHcuxW5HShdSnl8o5WXKmEtlecMqB3Y/C6IIPF+CZ6HoMgfE59G2dchnNccSwdZRa0n6OWt3BWJi7fuhrBXvTBpa5Zxrqh6o1VX3k5wXDgBRN7a8pZawhuCXbcBcrhcs+wDm7YlK3Gj3F01dIOGc7qMpdMWUHcUxCikC9Wlnp5b+OKB2huiHWr2p8v0IeOu8MfC65GEkx/dInxW1CkitHsGVA= + template: + metadata: + name: vaultwarden-kubernetes-secrets + namespace: apps-fuku + type: Opaque From 8f2669ab77d23ae573cff46954abc898d81e78dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Tue, 10 Mar 2026 18:14:33 +0100 Subject: [PATCH 299/377] feat: delete k8s/redis --- k8s/argo-apps/redis.yaml | 32 --------------------------- k8s/services/redis/sealedsecrets.yaml | 17 -------------- 2 files changed, 49 deletions(-) delete mode 100644 k8s/argo-apps/redis.yaml delete mode 100644 k8s/services/redis/sealedsecrets.yaml diff --git a/k8s/argo-apps/redis.yaml b/k8s/argo-apps/redis.yaml deleted file mode 100644 index 698214d..0000000 --- a/k8s/argo-apps/redis.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: redis - namespace: argocd -spec: - destination: - name: '' - namespace: apps-fuku - server: https://kubernetes.default.svc - sources: - - chart: redis - repoURL: registry-1.docker.io/cloudpirates - targetRevision: "0.9.*" - helm: - valuesObject: - auth: - existingSecret: secrets-redis - existingSecretPasswordKey: redis-password - persistence: - storageClass: truenas-nfs-csi - size: 10Gi - accessMode: ReadWriteMany - service: - type: LoadBalancer - - repoURL: https://git.roboces.dev/catalin/fukuops.git - path: k8s/services/redis - targetRevision: main - project: fuku - syncPolicy: - automated: {} diff --git a/k8s/services/redis/sealedsecrets.yaml b/k8s/services/redis/sealedsecrets.yaml deleted file mode 100644 index f92c67f..0000000 --- a/k8s/services/redis/sealedsecrets.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# yamllint disable rule:line-length ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: secrets-redis - namespace: apps-fuku -spec: - encryptedData: - redis-password: AgBqJ2pqIbdtOtbGnmalrdzSEZYBDhkyhZNv3fEsgLmvZ55ehXreELEZGKcOCqgVKCQZnfLTA7X4vyR6oZVhSdvcJeULmHrmO7ynItoyowvmY5njE7jTWTsSKypCXJXS0u81TD8+sF0DCRrALo4fzCfyxHWg2x7qyVOllOfhaWpggFsqqn7fMLUdhumnW2C5bEj2x/8PkW4aLI86osjKlwDiMXTE6nULQ4Fx76zzjuhCDLN0RGG4xTqVzDcbt+F7cpULyTJ9Kvq53UPMMaCq0huIkU/JYmAHMUcXF2Q1HUdh/K/R0KYqhlEN7t9JPJgsi7s7IKpp0EFRHOfvkZAm5bAqG34q0p/1Hce+0ifOZsQYp4nmj/1uEGshXhWETSI7mAw/sEdG+uJvLP6Sz7KkaLXhV8tGHfyXqwNyo+jV6JqIsynOY5UZc8zN170nQXwM5KzQyIsNz1yjDFGBIC4y/gjwaDXioaMGVg+PRxFEUAahssdPPZ8ug3M8EaqqgPlHTye+LwHDVDJZAWmnYJ6ajYWGqeCx7pKw2+vhr8V4ToSyG3hsPEbREwVSO50fKOL/MelRC24Rrzv8uthtHjHniLt1DJzPkXJUAnMaV4UsJ21Ge5PQo7Op0G/RNSnka2LAt3I6CVbUb0UoBhSNPmDVD5/0pn5oM/PSd0oqszUsFdxoIOpCIt3ReZUD6eHOlcuK8H65nwsb7Cbyde8a8GTD9q7SoDo2IQ== - template: - metadata: - creationTimestamp: null - name: secrets-redis - namespace: apps-fuku - type: Opaque From 1fe44ddc30279782f7c8a7ebffeca6c3ecb68e7b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Tue, 10 Mar 2026 18:15:48 +0100 Subject: [PATCH 300/377] feat: remove k8s/kubetail --- k8s/argo-apps/kubetail.yaml | 38 ------------------------------------- 1 file changed, 38 deletions(-) delete mode 100644 k8s/argo-apps/kubetail.yaml diff --git a/k8s/argo-apps/kubetail.yaml b/k8s/argo-apps/kubetail.yaml deleted file mode 100644 index 0a6db1f..0000000 --- a/k8s/argo-apps/kubetail.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: kubetail - namespace: argocd -spec: - destination: - name: '' - namespace: apps-fuku - server: https://kubernetes.default.svc - sources: - - chart: kubetail - repoURL: https://kubetail-org.github.io/helm-charts/ - targetRevision: 0.18.0 - helm: - valuesObject: - kubetail: - dashboard: - ingress: - enabled: true - className: traefik - tls: [] - rules: - - host: logs.fuku - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: kubetail-dashboard - port: - number: 8080 - - project: fuku - syncPolicy: - automated: {} From ba3e9c69a066b0f2554f4083b331d0bfd6d1ec70 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Tue, 10 Mar 2026 18:16:35 +0100 Subject: [PATCH 301/377] feat: remove k8s/pulse --- k8s/argo-apps/pulse.yaml | 43 ----------- k8s/services/pulse/ds.yaml | 105 -------------------------- k8s/services/pulse/sealedsecrets.yaml | 17 ----- 3 files changed, 165 deletions(-) delete mode 100644 k8s/argo-apps/pulse.yaml delete mode 100644 k8s/services/pulse/ds.yaml delete mode 100644 k8s/services/pulse/sealedsecrets.yaml diff --git a/k8s/argo-apps/pulse.yaml b/k8s/argo-apps/pulse.yaml deleted file mode 100644 index aa2dd3f..0000000 --- a/k8s/argo-apps/pulse.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: pulse - namespace: argocd -spec: - destination: - name: '' - namespace: apps-fuku - server: https://kubernetes.default.svc - project: fuku - syncPolicy: - automated: {} - sources: - - repoURL: https://rcourtman.github.io/Pulse - chart: pulse - targetRevision: 5.1.* - helm: - valuesObject: - persistence: - enabled: true - size: 10Gi - storageClass: truenas-nfs-csi - accessModes: - - ReadWriteMany - service: - type: LoadBalancer - ingress: - enabled: true - hosts: - - host: pulse.fukurokuju.dev - paths: - - path: / - pathType: Prefix - tls: [] - monitoring: - serviceMonitor: - enabled: true - - - path: k8s/services/pulse - repoURL: https://git.roboces.dev/catalin/fukuops.git - targetRevision: main diff --git a/k8s/services/pulse/ds.yaml b/k8s/services/pulse/ds.yaml deleted file mode 100644 index 8247d97..0000000 --- a/k8s/services/pulse/ds.yaml +++ /dev/null @@ -1,105 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pulse-agent - namespace: apps-fuku ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: pulse-agent-read -rules: - - apiGroups: [""] - resources: ["nodes", "pods"] - verbs: ["get", "list", "watch"] - - apiGroups: ["apps"] - resources: ["deployments"] - verbs: ["get", "list", "watch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: pulse-agent-read -subjects: - - kind: ServiceAccount - name: pulse-agent - namespace: apps-fuku -roleRef: - kind: ClusterRole - name: pulse-agent-read - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: pulse-agent - namespace: apps-fuku -spec: - selector: - matchLabels: - app: pulse-agent - template: - metadata: - labels: - app: pulse-agent - spec: - serviceAccountName: pulse-agent - containers: - - name: pulse-agent - image: rcourtman/pulse:5.1.13 - command: ["/opt/pulse/bin/pulse-agent-linux-amd64"] - args: - - --enable-kubernetes - env: - - name: PULSE_URL - value: "https://pulse.fukurokuju.dev" - - name: PULSE_TOKEN - valueFrom: - secretKeyRef: - name: pulse-agent-secrets - key: PULSE_TOKEN - - name: PULSE_AGENT_ID - value: "k8s-cluster" - - name: PULSE_ENABLE_HOST - value: "true" - - name: HOST_PROC - value: "/host/proc" - - name: HOST_SYS - value: "/host/sys" - - name: HOST_ETC - value: "/host/etc" - - name: PULSE_KUBE_INCLUDE_ALL_PODS - value: "true" - - name: PULSE_KUBE_INCLUDE_ALL_DEPLOYMENTS - value: "true" - securityContext: - privileged: true - resources: - requests: - cpu: 50m - memory: 128Mi - limits: - memory: 512Mi - volumeMounts: - - name: host-proc - mountPath: /host/proc - readOnly: true - - name: host-sys - mountPath: /host/sys - readOnly: true - - name: host-root - mountPath: /host/root - readOnly: true - volumes: - - name: host-proc - hostPath: - path: /proc - - name: host-sys - hostPath: - path: /sys - - name: host-root - hostPath: - path: / - tolerations: - - operator: Exists diff --git a/k8s/services/pulse/sealedsecrets.yaml b/k8s/services/pulse/sealedsecrets.yaml deleted file mode 100644 index 0cade5d..0000000 --- a/k8s/services/pulse/sealedsecrets.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# yamllint disable rule:line-length ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: pulse-agent-secrets - namespace: apps-fuku -spec: - encryptedData: - PULSE_TOKEN: AgBBxrJ80IpJ0RvYKQuN6p3G8vIdSL9nESO9OTAR0NiMjSGZNbNEELKE/a1f2ixQUSsNc/k31c+7GlAi+8PmNC4c7rmRJTe+z3uO/BNNLYeTi7DsEk9/oJZTWn7iOcLogiZJQKxbGozCp/S8zrWisH67N2ZHmzz5UEJAzq57+fBEyAk22/WR0QMfW3oOYHGZFNR5AdAxrdfyRwTvSEOz4R2YlrQKRtOFVIPG/aEaAn42AGYfrq2cLVEiCygjE+8nZQ62TMmQqMiwiCjk5do9uRhhiRimuD78FrNnFU5dSwe/11ji5sSrEPjszPB8O0TBbsCssxfz48cKRm/6IdI9B5pKHYob68Ed8u5UgpRU/ZhUWJLyXuZF/Tgw+WcIsVkQXb3eqQTARBeZueugnA23lnzxh5gjR17wjPw7ePYaLiUWTYikOK5HvgpJyiuB0ev2cjGSqYeeAAn5ewCGM/NODXUAlFdC+N9S7ft1+chJrHoaXgHy8J9LWm/maKW99+yT08a68RvGGoZtFPZNlFjzurNF6EY9SLUFf0RLzShkyq6uuOzLm8gENyDIQ+Ru7wWEwyEcUz4ceAR5I78k0gCIDR1o4Ti22asdbRjMptZdOTbep+PWmu2K1oUvxXtXwgKkn8pvTkJpcdejqehnYPWfRAI3Guxi7LQDf++yShKS1NdXMdjhtFoNLa03xHM/G94sF3/mnJwivNhur1V7iC1yCY5NlruPr4KCd5AgOnKqoreRRvRbCVlFO1mtP6XV4sjqEIhmZyXWFJ76bwAC+hxSlFzL - template: - metadata: - creationTimestamp: null - name: pulse-agent-secrets - namespace: apps-fuku - type: Opaque From ba2b4129315c40822ffc218087673d01f76a2a26 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 11 Mar 2026 03:24:24 +0000 Subject: [PATCH 302/377] chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.12.10 --- docker/rustical/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index 9bb09f3..bdc0d01 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -1,7 +1,7 @@ --- services: rustical: - image: ghcr.io/lennart-k/rustical:0.12.9 + image: ghcr.io/lennart-k/rustical:0.12.10 restart: unless-stopped ports: - '4000:4000' From de2acfc6901c2b9aaf0a187db3d4534a32ead896 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 1 Mar 2026 03:26:31 +0000 Subject: [PATCH 303/377] chore(deps): update helm release portainer to v239 --- k8s/argo-apps/portainer.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/portainer.yaml b/k8s/argo-apps/portainer.yaml index b2f201b..c1ce3bd 100644 --- a/k8s/argo-apps/portainer.yaml +++ b/k8s/argo-apps/portainer.yaml @@ -15,7 +15,7 @@ spec: sources: - repoURL: https://portainer.github.io/k8s/ chart: portainer - targetRevision: 2.39.* + targetRevision: 239.0.* helm: valuesObject: service: From cf0e490096343225d78f02ab2deea5035cdb8c1a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 5 Mar 2026 07:10:30 +0000 Subject: [PATCH 304/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.20.10 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 16eae90..8aa9e86 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.20.8 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.10 restart: unless-stopped ports: - 8002:8000 From 4d0d2532fe3375f7bb42fccfa078e7aa5d07c275 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 11 Mar 2026 03:25:33 +0000 Subject: [PATCH 305/377] chore(deps): update helm release renovate to 46.58.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 15f578d..a8e4be5 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.31.* + targetRevision: 46.58.* helm: valuesObject: renovate: From 3f598b02f19703d2b3a53eaf17b7da53e1de30ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 11 Mar 2026 10:15:11 +0100 Subject: [PATCH 306/377] feat: remove oxicloud git submodule --- .gitmodules | 3 --- docker/oxicloud/OxiCloud | 1 - 2 files changed, 4 deletions(-) delete mode 100644 .gitmodules delete mode 160000 docker/oxicloud/OxiCloud diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index e4e58db..0000000 --- a/.gitmodules +++ /dev/null @@ -1,3 +0,0 @@ -[submodule "docker/oxicloud/OxiCloud"] - path = docker/oxicloud/OxiCloud - url = git@github.com:DioCrafts/OxiCloud.git diff --git a/docker/oxicloud/OxiCloud b/docker/oxicloud/OxiCloud deleted file mode 160000 index cf9fe82..0000000 --- a/docker/oxicloud/OxiCloud +++ /dev/null @@ -1 +0,0 @@ -Subproject commit cf9fe82b5f72f173d140321448ded789c604989a From 63e5a993601b151a6fe97b3e7b156d980ede8217 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 11 Mar 2026 10:25:50 +0100 Subject: [PATCH 307/377] feat: migrate miniflux to helm --- k8s/argo-apps/miniflux.yaml | 94 +++++++++++++++--- k8s/charts/miniflux/Chart.yaml | 6 ++ k8s/charts/miniflux/templates/_helpers.tpl | 62 ++++++++++++ k8s/charts/miniflux/templates/deployment.yaml | 73 ++++++++++++++ k8s/charts/miniflux/templates/ingress.yaml | 45 +++++++++ .../templates/poddisruptionbudget.yaml | 18 ++++ k8s/charts/miniflux/templates/secret.yaml | 13 +++ k8s/charts/miniflux/templates/service.yaml | 15 +++ k8s/charts/miniflux/values.yaml | 42 ++++++++ k8s/services/miniflux/deployment.yaml | 96 ------------------- k8s/services/miniflux/ingress.yaml | 21 ---- .../miniflux/poddisruptionbudget.yaml | 11 --- k8s/services/miniflux/sealedsecrets.yaml | 20 ---- k8s/services/miniflux/service.yaml | 19 ---- 14 files changed, 354 insertions(+), 181 deletions(-) create mode 100644 k8s/charts/miniflux/Chart.yaml create mode 100644 k8s/charts/miniflux/templates/_helpers.tpl create mode 100644 k8s/charts/miniflux/templates/deployment.yaml create mode 100644 k8s/charts/miniflux/templates/ingress.yaml create mode 100644 k8s/charts/miniflux/templates/poddisruptionbudget.yaml create mode 100644 k8s/charts/miniflux/templates/secret.yaml create mode 100644 k8s/charts/miniflux/templates/service.yaml create mode 100644 k8s/charts/miniflux/values.yaml delete mode 100644 k8s/services/miniflux/deployment.yaml delete mode 100644 k8s/services/miniflux/ingress.yaml delete mode 100644 k8s/services/miniflux/poddisruptionbudget.yaml delete mode 100644 k8s/services/miniflux/sealedsecrets.yaml delete mode 100644 k8s/services/miniflux/service.yaml diff --git a/k8s/argo-apps/miniflux.yaml b/k8s/argo-apps/miniflux.yaml index f274685..aaedef3 100644 --- a/k8s/argo-apps/miniflux.yaml +++ b/k8s/argo-apps/miniflux.yaml @@ -2,18 +2,84 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: miniflux - namespace: argocd + name: miniflux + namespace: argocd spec: - destination: - name: '' - namespace: apps-roboces - server: https://kubernetes.default.svc - source: - path: k8s/services/miniflux - repoURL: https://git.roboces.dev/catalin/fukuops.git - targetRevision: main - sources: [] - project: roboces - syncPolicy: - automated: {} + destination: + name: '' + namespace: apps-roboces + server: https://kubernetes.default.svc + sources: + - path: k8s/charts/miniflux + repoURL: https://git.roboces.dev/catalin/fukuops.git + targetRevision: main + helm: + valuesObject: + replicaCount: 3 + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsUser: 10000 + runAsGroup: 10000 + capabilities: + drop: + - all + service: + type: LoadBalancer + ingress: + enabled: true + className: "traefik" + hosts: + - host: feeds.roboces.dev + paths: + - path: / + pathType: Prefix + resources: + requests: + cpu: 300m + memory: 300Mi + ephemeral-storage: 2Gi + limits: + cpu: 400m + memory: 500Mi + ephemeral-storage: 4Gi + livenessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 3 + periodSeconds: 10 + readinessProbe: + httpGet: + path: / + port: 8080 + initialDelaySeconds: 15 + timeoutSeconds: 2 + successThreshold: 1 + failureThreshold: 3 + periodSeconds: 10 + podDisruptionBudget: + enabled: true + maxUnavailable: 1 + env: + RUN_MIGRATIONS: "1" + CREATE_ADMIN: "1" + OAUTH2_PROVIDER: oidc + OAUTH2_REDIRECT_URL: https://feeds.roboces.dev/oauth2/oidc/callback + OAUTH2_OIDC_DISCOVERY_ENDPOINT: https://auth.fukurokuju.dev/application/o/miniflux/ + OAUTH2_USER_CREATION: "1" + FETCH_YOUTUBE_WATCH_TIME: "1" + WORKER_POOL_SIZE: "1" + POLLING_FREQUENCY: "120" + BATCH_SIZE: "25" + METRICS_COLLECTOR: "1" + METRICS_ALLOWED_NETWORKS: 10.42.1.0/16 + secret: + existingSecretName: miniflux + project: roboces + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/k8s/charts/miniflux/Chart.yaml b/k8s/charts/miniflux/Chart.yaml new file mode 100644 index 0000000..af89594 --- /dev/null +++ b/k8s/charts/miniflux/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: miniflux +description: A Helm chart for Miniflux RSS reader +type: application +version: 0.1.0 +appVersion: "2.2.17" diff --git a/k8s/charts/miniflux/templates/_helpers.tpl b/k8s/charts/miniflux/templates/_helpers.tpl new file mode 100644 index 0000000..276f979 --- /dev/null +++ b/k8s/charts/miniflux/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "miniflux.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "miniflux.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "miniflux.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "miniflux.labels" -}} +helm.sh/chart: {{ include "miniflux.chart" . }} +{{ include "miniflux.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "miniflux.selectorLabels" -}} +app.kubernetes.io/name: {{ include "miniflux.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "miniflux.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "miniflux.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s/charts/miniflux/templates/deployment.yaml b/k8s/charts/miniflux/templates/deployment.yaml new file mode 100644 index 0000000..f7091f8 --- /dev/null +++ b/k8s/charts/miniflux/templates/deployment.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "miniflux.fullname" . }} + labels: + {{- include "miniflux.labels" . | nindent 4 }} + annotations: + kube-score/ignore: pod-networkpolicy,deployment-has-host-podantiaffinity +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "miniflux.selectorLabels" . | nindent 6 }} + strategy: + rollingUpdate: + maxSurge: 50% + maxUnavailable: 50% + type: RollingUpdate + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "miniflux.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + envFrom: + - secretRef: + name: {{ .Values.secret.existingSecretName | default (include "miniflux.fullname" .) }} + env: + {{- range $key, $value := .Values.env }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + restartPolicy: Always + automountServiceAccountToken: false diff --git a/k8s/charts/miniflux/templates/ingress.yaml b/k8s/charts/miniflux/templates/ingress.yaml new file mode 100644 index 0000000..db3f090 --- /dev/null +++ b/k8s/charts/miniflux/templates/ingress.yaml @@ -0,0 +1,45 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "miniflux.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "miniflux.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.className }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if .pathType }} + pathType: {{ .pathType }} + {{- end }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- end }} + {{- end }} +{{- end }} diff --git a/k8s/charts/miniflux/templates/poddisruptionbudget.yaml b/k8s/charts/miniflux/templates/poddisruptionbudget.yaml new file mode 100644 index 0000000..59e31ee --- /dev/null +++ b/k8s/charts/miniflux/templates/poddisruptionbudget.yaml @@ -0,0 +1,18 @@ +{{- if .Values.podDisruptionBudget.enabled -}} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "miniflux.fullname" . }} + labels: + {{- include "miniflux.labels" . | nindent 4 }} +spec: + {{- if .Values.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} + {{- end }} + selector: + matchLabels: + {{- include "miniflux.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/k8s/charts/miniflux/templates/secret.yaml b/k8s/charts/miniflux/templates/secret.yaml new file mode 100644 index 0000000..91c8d4f --- /dev/null +++ b/k8s/charts/miniflux/templates/secret.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.secret.enabled (not .Values.secret.existingSecretName) -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "miniflux.fullname" . }} + labels: + {{- include "miniflux.labels" . | nindent 4 }} +type: Opaque +stringData: + {{- range $key, $value := .Values.secret.data }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} diff --git a/k8s/charts/miniflux/templates/service.yaml b/k8s/charts/miniflux/templates/service.yaml new file mode 100644 index 0000000..c70a4ab --- /dev/null +++ b/k8s/charts/miniflux/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "miniflux.fullname" . }} + labels: + {{- include "miniflux.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: {{ .Values.service.targetPort }} + protocol: TCP + name: http + selector: + {{- include "miniflux.selectorLabels" . | nindent 4 }} diff --git a/k8s/charts/miniflux/values.yaml b/k8s/charts/miniflux/values.yaml new file mode 100644 index 0000000..5b4b49f --- /dev/null +++ b/k8s/charts/miniflux/values.yaml @@ -0,0 +1,42 @@ +# Configuration is managed in k8s/argo-apps/miniflux.yaml +replicaCount: 1 + +image: + repository: miniflux/miniflux + pullPolicy: Always + tag: "" + +imagePullSecrets: [] +podAnnotations: {} +podSecurityContext: {} +securityContext: {} + +service: + type: ClusterIP + port: 8888 + targetPort: 8080 + +ingress: + enabled: false + +resources: {} + +livenessProbe: {} +readinessProbe: {} + +autoscaling: + enabled: false + +nodeSelector: {} +tolerations: [] +affinity: {} + +podDisruptionBudget: + enabled: false + +env: {} + +secret: + enabled: false + existingSecretName: "" + data: {} diff --git a/k8s/services/miniflux/deployment.yaml b/k8s/services/miniflux/deployment.yaml deleted file mode 100644 index f6be938..0000000 --- a/k8s/services/miniflux/deployment.yaml +++ /dev/null @@ -1,96 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: miniflux-deployment - namespace: apps-roboces - labels: - app.kubernetes.io/name: miniflux - app.kubernetes.io/managed-by: argo - app.kubernetes.io/version: 2.2.13 - annotations: - kube-score/ignore: pod-networkpolicy,deployment-has-host-podantiaffinity -spec: - selector: - matchLabels: - app.kubernetes.io/name: miniflux - replicas: 3 - strategy: - rollingUpdate: - maxSurge: 50% - maxUnavailable: 50% - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/name: miniflux - app.kubernetes.io/version: 2.2.13 - spec: - containers: - - name: miniflux - image: miniflux/miniflux:2.2.13 - imagePullPolicy: Always - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsUser: 10000 - runAsGroup: 10000 - capabilities: - drop: - - all - resources: - requests: - cpu: 300m - memory: 300Mi - ephemeral-storage: 2Gi - limits: - cpu: 400m - memory: 500Mi - ephemeral-storage: 4Gi - livenessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - timeoutSeconds: 15 - successThreshold: 1 - failureThreshold: 3 - periodSeconds: 10 - readinessProbe: - httpGet: - path: / - port: 8080 - initialDelaySeconds: 15 - timeoutSeconds: 2 - successThreshold: 1 - failureThreshold: 3 - periodSeconds: 10 - envFrom: - - secretRef: - name: miniflux - env: - - name: RUN_MIGRATIONS - value: '1' - - name: CREATE_ADMIN - value: '1' - - name: OAUTH2_PROVIDER - value: oidc - - name: OAUTH2_REDIRECT_URL - value: https://feeds.roboces.dev/oauth2/oidc/callback - - name: OAUTH2_OIDC_DISCOVERY_ENDPOINT - value: https://auth.fukurokuju.dev/application/o/miniflux/ - - name: OAUTH2_USER_CREATION - value: '1' - - name: FETCH_YOUTUBE_WATCH_TIME - value: '1' - - name: WORKER_POOL_SIZE - value: '1' - - name: POLLING_FREQUENCY - value: '120' - - name: BATCH_SIZE - value: '25' - - name: METRICS_COLLECTOR - value: '1' - - name: METRICS_ALLOWED_NETWORKS - value: 10.42.1.0/16 - restartPolicy: Always - automountServiceAccountToken: false diff --git a/k8s/services/miniflux/ingress.yaml b/k8s/services/miniflux/ingress.yaml deleted file mode 100644 index c97c2d6..0000000 --- a/k8s/services/miniflux/ingress.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: miniflux - namespace: apps-roboces - annotations: - nginx.ingress.kubernetes.io/rewrite-target: / -spec: - ingressClassName: traefik - rules: - - host: feeds.roboces.dev - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: miniflux-service - port: - number: 8888 diff --git a/k8s/services/miniflux/poddisruptionbudget.yaml b/k8s/services/miniflux/poddisruptionbudget.yaml deleted file mode 100644 index 7724274..0000000 --- a/k8s/services/miniflux/poddisruptionbudget.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: miniflux-pdb - namespace: apps-roboces -spec: - selector: - matchLabels: - app.kubernetes.io/name: miniflux - maxUnavailable: 1 diff --git a/k8s/services/miniflux/sealedsecrets.yaml b/k8s/services/miniflux/sealedsecrets.yaml deleted file mode 100644 index a361623..0000000 --- a/k8s/services/miniflux/sealedsecrets.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# yamllint disable rule:line-length ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: miniflux - namespace: apps-roboces -spec: - encryptedData: - ADMIN_PASSWORD: AgBbFquTKFmBFHnsexbzAFrfPtr0ipW7Hs/2aBFdITZJG87rHmvDo5l/sW//fPjW24kVgbey1YEwdPMcwyhd9AX6dkxXxlrAwshMk3mZc7ZefBne2dT/cGBBvY1EhTaIhtvJwEzsOJ0LEV6Lr5NtZeFMxqpgwd5ap93qGS5F/pZPkYwHHZZ7pv8pjXwVMqOlFFhgG+Lo8915Q1SSo7gvkMOz26gFel/FaYAAuA0Rj+NTAlBbgXaDraabhWX71J5fzyLt8vxqlEvpaXzLFJBqlvvo0HLI6ODS9XDuAfEsng70qT+zoSXwcb/zKuTjQ7nlC9Bsri73NBY4wqzxFTE6a4kb7XTmHDFMjetSraAqewJP7kjI/4/hlKO3ioawnQD9GCnfMEGlcdW0Cf9ENaoiJro+3Bi/ya0x3Zuf20fPY7ALh0TcIV5FvUh40gMkcY2mqGabkerPcXozCpY+RV00N3CjDpqLvux69LL7gFKAN+mZJ7+V2XxHTgtCMww+VhCG3BvRqC8zLGaU+QYN0VIsqb6f82J19Ok12hyn6w3quh+SgSQRenhO205cg579pUA//QneiFLYOKx8C+4rUobj2J8Q594xYR8Qu6/6yJzuzO1vCDDsVuaWewcOB31rsZhRIKu+0eogCSK0AOenYLqFmNcMYXJzbvfsuw5+yK24jW3Vhux4lTQ4qbUuaz3O/8AZJTrC5raEzerm7heElYAqig== - ADMIN_USERNAME: AgCDJJHFCX0GiNN92fsmuDXk+p/jqyovj48PbrP9SDBoA1W3ehq8GBbcI+ZkOJ5ogHK/LHDQ+Dr9+Ral341nJ1G64oZimUYarJQHpqJNmnTnFx5qPGXayf06bE9xXZdLBxv/f/AuB9dgDHLJO/M0p0XSjsVjAtTAcGb5hdb281gvOIgf3PsOHyRL8qx8W+KkQ9Q7AufvvAzmszRY7VLaOzdW6X+34sgMeclsuPJ41uArod0qYt2MEZt/ssBDsr94EiAnITX/n3qb29xwhPUJV7UIEtTtM/Z0W4bjbG5YMVGnyIlNNdl8/B9gmFX2TLH8TEu4ynC8cxVvZytnk+N8AUHrK/d2BwpAHPeUPETkfCa9TGdtuMP9xtf5pPDsaAKFKxkKFFcjn497K78yMyCtm8VJn21L+e2bylfE6Nrry6L5Mc8LUCViqoR+CHF9vk590uFKM9FhIZEQ7Jb5DYiftyE0stYt3b1vLeBSZCt1VFaQBBKkth3N4EIEY48tTrE4pDmuesz/phgQtZO7ulp/t+Hq+wej8P1xbh1HjQ5Sq8xc8oysCMvdQy6bYckFHd73Ctn2VeMEZYH81x6GhlYp1Q8lgHl6fUwbWWDFvlDD2oyfjAD9hQEmt3qF4b73So4h+pNiG32o9Nv4t8yKj7ACPD3wJZi5RSLPeaDonX/SnX0ocV0uitR+LlzaI81gwzpgIe4jYpqNpQ== - DATABASE_URL: AgApgzFV2gNZtppBMCo1WtPVS+WrNly+6JvrZQAiv1FHQuqQYPmaZvFJ9VHXZ7cOFVH+8gSVBYgDSUdPfhjkVaK4frFrxAPLdNjqjqXNRQngI+yF5YtlZr74TP6mLlmY3wqRKS5w2M8mEX+7ME+E5XxIalweUoFecRri6ZsJ8ubNnJUA3afGFvHugnLCrMzmIlur1x3rz5HTv7crxWajECvHpjYvb5hIjdbIWDV6OiKMYpUIjGJFFylP5X6O14PJpQXtN5vAIz5Kvf/1zLuAG9lxsR+P0Ab7wCLIqIQG6utoZMIpNP3PvscD2D4DJnRsH3soUdHSUe+8RIpR0os3nl7Q+YKD5cuP1dS7NJdb7ER6l/RagFUCDMbrFpP13QInIPI3oiMyW6hPNkVs9kCM9efL9POG/O2PMaE0SlJzK0i1HKUT/DDiyTnXFdjVk5UY1Ltt0t7i67/nBoq0GZwZjJBVCyCOz68icISW/kZprI1/7XssukQyaRw8Nwk68jYHg3iXazBz3NR+RPTl8JcKimv+GhSewEToSHemAGO4kWAZXunVP3Pnn/D9+4Ng7wTypE7xUReXlkwJMIEoMad3Scdx/DdIwbbmhOONjgl9Sd5twl7Bj6UWPDf6/awL+fVhz/brr51jV0dF/+2uty6CATxhPvf7CdKP4rsXIE3iLzqiLtaHD2hQN/b43/ipuhULu3ymqA1RJPsOQfSu7exR5pabWUxQ7rDZAS05h1+NumGxCmPUudRHGid3Djj3S8Eq730TlOBW9LDoVPml33icLp1HEV3pa2yTN0t5oU0= - OAUTH2_CLIENT_ID: AgCEyqsIU2Q6PCXzmQDyl/aIZBtUSuWmkgr8MWVmWTrwnTKxTKq60wQzbjpA42x5QI7761xftvFjPx0UYwv+06PdvG8eJDhCYEjimrq9oSuuTq/SwBhxT3NwcwUJ9H/N+pe1K4qwARwgfAowoXiWQ8d1PHKTQ2NleOlXNGuIy83e9KDGWjMDnIbQr3NqFn5Kdv4V1A5eFZyDkm6FmpXl0JbuWNVBzC/kQDhsgZzRKDBYMqXAlp1CymvT2KsGa+PEDXZsYAGnf//JfIx30Qtqc8urmDzWIedHGBtDhNQPI+1P4mZCJ5ue5XmvlZr35C1w6EMsBzK/B+a0MRSqO5l2zyWdSTFXLWR7XjqvtCYt4XTSAqJNnVd8H4y/V9AD3hyQGnTPHFhqfTyO0JXdFdHWPt99Xk7yRENnRrnCPs/2IWympqsi7dYF/hrXUeQO3bTW5qMttDWblDDzPvOaz9egRjDfVk7HDiFTC3q0v8d4zlVpDcWPkduVNbI9OaKSzIW/9kSrF2aI8KtG8QYMoKWQMAKBNEyy3u53pmZ1JNGVFweRvOjUPj69aqOAjI+4T81TPDlbitujVyaFr5qKAcNVMNJhUCkJJtVyVPlUbShAh1OKpIclpK8QaB/a3BS8OPZQYTg2G++7wrPbDlP4BszjhGdJZuAJ4X/TRRra+IfjTYS0QVxWCq1x8uj3jhT1XBpoSNCuQNcBQHjlKFFXKW7oXbAa077CCtI550QOJKblnBIicsQLcySyZVjd - OAUTH2_CLIENT_SECRET: AgBX99LPH02S5NgguyWm9cj7NDgafTzygg5qkv1GG2Z23fe7ebuH9AQmvV0LQKZx6NosZsH/mG5d3etrc+zQXfsuzGfp5ubzlSwJOfFjUQDBc+h91IKJLmTgLSCYWkt5hrxMp2sAqzDQ+uFQr7VF7hA1G79HTKSd4NzLFLas967ft0Rgqm7hOSnPbE8lqoWOy+WezjzdmHfNqqFFdyYy8X5G18gEglaBta/cYzorSwESv/oZhuQK+RaNeyb8bShWrbw5NVudAYidWTouuZxp21bv4wYYzqFi4Lzwn57bYLFf5L/1JhVklWsF7cWLSVRQch86kgScV8gp9DK5OI+g7xKI9fwM4v7D8JkujC3pp0ONtLku0Wv/498J4yqWf43ZNyqBi7HiX/4jl4Rwy2J3IDN2Uj18GR1FxS8TgWI4NChugIzmuYKywk7fKd+2NxulOe9X8dtflLLiSuwOWkIzWMB8MYOtR+RqJVLyEA2GZaKRtskiRGfzPYcacj/FHRHwWuO2uuXQhHSZetcW+YjOCmwm+q7WKbH0wRpMoMOIeMwQJ9Tew0NgOepOrtwkx0mj0qdNu5O0HvQU3tCxt7wKLN9hk6zt50iWFnoloQCjK1CmTVr01JoIhKh+LUH+sHVt5dtW0LVR1+757uh35/DYqdTK4KcHQEGf8Cf08yfAv5ZyfTluBxp35iORsVCm63Py7txVaBwoJO1qg5Hmpvj0G7woBPC2V/0DOJJ0+QAGqtrFvbNTcRORS3G6mmKwJObA1WsqWifdBLArrF52Z+9vncLxHw/ty2/++R4ljISrkAMQilrfNc9xqNeG+KE+PSRfQFS1Kc/lcotJLgbbpUjr/bOwB+8TuG1EHXBRINgcWXFcXw== - template: - metadata: - creationTimestamp: null - name: miniflux - namespace: apps-roboces diff --git a/k8s/services/miniflux/service.yaml b/k8s/services/miniflux/service.yaml deleted file mode 100644 index 8e38cbc..0000000 --- a/k8s/services/miniflux/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: miniflux-service - namespace: apps-roboces - labels: - app.kubernetes.io/name: miniflux - app.kubernetes.io/managed-by: argo - app.kubernetes.io/version: 2.2.13 -spec: - selector: - app.kubernetes.io/name: miniflux - type: LoadBalancer - ports: - - name: miniflux-service - protocol: TCP - port: 8888 - targetPort: 8080 From 3c676e91517778e793867d185d7a4343475a6f15 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 26 Feb 2026 03:55:44 +0000 Subject: [PATCH 308/377] chore(deps): update mbround18/valheim docker tag to v3.6 --- k8s/charts/valheim-server/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/charts/valheim-server/values.yaml b/k8s/charts/valheim-server/values.yaml index 3dae869..744d84c 100644 --- a/k8s/charts/valheim-server/values.yaml +++ b/k8s/charts/valheim-server/values.yaml @@ -3,7 +3,7 @@ image: # -- Docker repository to use repository: mbround18/valheim # -- Docker tag to use - use "latest" for most current version - tag: "3.4" + tag: "3.6" # -- Image pull policy pullPolicy: Always From 6b934e23dce83cac2a30ca217268edbd68bb243d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 11 Mar 2026 11:20:31 +0100 Subject: [PATCH 309/377] feat: remove backrest --- docker/backrest/docker-compose.yml | 19 ------------------- 1 file changed, 19 deletions(-) delete mode 100644 docker/backrest/docker-compose.yml diff --git a/docker/backrest/docker-compose.yml b/docker/backrest/docker-compose.yml deleted file mode 100644 index 83451f2..0000000 --- a/docker/backrest/docker-compose.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -services: - backrest: - image: garethgeorge/backrest:v1.11.2 - container_name: backrest - hostname: backrest - volumes: - - ${DATA2BACKUP_DIR:-/mnt/zeruel}:/data2backup - - ${BACKREST_DATA_DIR:-/mnt/zeruel/nas1/shared/backrest/data}:/data - - ${BACKREST_CONFIG_DIR:-/mnt/zeruel/nas1/shared/backrest/config}:/config - - ${BACKREST_CACHE_DIR:-/mnt/zeruel/nas1/shared/backrest}:/cache - environment: - - BACKREST_DATA=/data - - BACKREST_CONFIG=/config/config.json - - XDG_CACHE_HOME=/cache - - TZ=Europe/Madrid - restart: unless-stopped - ports: - - "9898:9898" From fedc5e69694b03acff3948d7c83f6d6ea2d5d5d9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 12 Mar 2026 04:41:45 +0000 Subject: [PATCH 310/377] chore(deps): update ghcr.io/zibbp/ganymede docker tag to v4.14.0 --- docker/ganymede/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/ganymede/docker-compose.yml b/docker/ganymede/docker-compose.yml index 174eacb..437a9a0 100644 --- a/docker/ganymede/docker-compose.yml +++ b/docker/ganymede/docker-compose.yml @@ -2,7 +2,7 @@ services: ganymede: container_name: ganymede - image: ghcr.io/zibbp/ganymede:4.13.0 + image: ghcr.io/zibbp/ganymede:4.14.0 restart: unless-stopped environment: DEBUG: ${GANYMEDE_DEBUG:-false} From 3b16ee38a35758c5743ba15083bac40ae6a896f1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 12 Mar 2026 04:42:18 +0000 Subject: [PATCH 311/377] chore(deps): update helm release meilisearch to 0.27.* --- k8s/argo-apps/meili.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index 8d256c6..9880371 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -18,7 +18,7 @@ spec: targetRevision: main - chart: meilisearch repoURL: https://meilisearch.github.io/meilisearch-kubernetes - targetRevision: 0.25.* + targetRevision: 0.27.* helm: valuesObject: environment: From fa452a9940a744b2908d51caa6de7f7cdc939807 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Feb 2026 03:22:58 +0000 Subject: [PATCH 312/377] chore(deps): update vabene1111/recipes docker tag to v2.5.3 --- docker/tandoor/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/tandoor/docker-compose.yml b/docker/tandoor/docker-compose.yml index 5bf5d88..21ab77e 100644 --- a/docker/tandoor/docker-compose.yml +++ b/docker/tandoor/docker-compose.yml @@ -2,7 +2,7 @@ services: web_recipes: restart: always - image: vabene1111/recipes:2.4.2 + image: vabene1111/recipes:2.5.3 volumes: - ${TANDOOR_STATICFILES:-/mnt/nas1/shared/tandoor/staticfiles}:/opt/recipes/staticfiles - ${TANDOOR_MEDIAFILES:-/mnt/nas1/shared/tandoor/mediafiles}:/opt/recipes/mediafiles From b1635c088cc9bfa9027dbc37537a9d33d5c63234 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 16 Mar 2026 06:43:38 +0000 Subject: [PATCH 313/377] chore(deps): update ghcr.io/antoniolago/charts/vaultwarden-kubernetes-secrets docker tag to v1.3.0 --- k8s/argo-apps/vaultwarden-secrets-manager.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/vaultwarden-secrets-manager.yaml b/k8s/argo-apps/vaultwarden-secrets-manager.yaml index e2fc9d9..1f09c24 100644 --- a/k8s/argo-apps/vaultwarden-secrets-manager.yaml +++ b/k8s/argo-apps/vaultwarden-secrets-manager.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: vaultwarden-kubernetes-secrets repoURL: ghcr.io/antoniolago/charts - targetRevision: 1.2.8 + targetRevision: 1.3.0 helm: valuesObject: api: From 021170111d742ea9f0e40f8e990ccfbcce68d691 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 17 Mar 2026 07:06:59 +0000 Subject: [PATCH 314/377] chore(deps): update helm release meilisearch to 0.28.* --- k8s/argo-apps/meili.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index 9880371..af41827 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -18,7 +18,7 @@ spec: targetRevision: main - chart: meilisearch repoURL: https://meilisearch.github.io/meilisearch-kubernetes - targetRevision: 0.27.* + targetRevision: 0.28.* helm: valuesObject: environment: From b305270466402dbd3f5bcd3eb68a70d1495c847a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 17 Mar 2026 07:08:27 +0000 Subject: [PATCH 315/377] chore(deps): update opentofu/setup-opentofu action to v2 --- .forgejo/workflows/ci.yaml | 2 +- .forgejo/workflows/deploy-tofu.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.forgejo/workflows/ci.yaml b/.forgejo/workflows/ci.yaml index 8c68c11..4d1bf40 100644 --- a/.forgejo/workflows/ci.yaml +++ b/.forgejo/workflows/ci.yaml @@ -11,7 +11,7 @@ jobs: - uses: https://code.forgejo.org/actions/setup-python@v6 with: python-version: '3.10' - - uses: opentofu/setup-opentofu@v1 + - uses: opentofu/setup-opentofu@v2 with: tofu_version: 1.7.0 - uses: pre-commit/action@v3.0.1 diff --git a/.forgejo/workflows/deploy-tofu.yaml b/.forgejo/workflows/deploy-tofu.yaml index 15d8a83..543f381 100644 --- a/.forgejo/workflows/deploy-tofu.yaml +++ b/.forgejo/workflows/deploy-tofu.yaml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: https://code.forgejo.org/actions/checkout@v6 - - uses: opentofu/setup-opentofu@v1 + - uses: opentofu/setup-opentofu@v2 with: tofu_version: 1.8.1 - name: Deploy @@ -41,7 +41,7 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: https://code.forgejo.org/actions/checkout@v6 - - uses: opentofu/setup-opentofu@v1 + - uses: opentofu/setup-opentofu@v2 with: tofu_version: 1.7.0 - name: Deploy From 9de29c25ebf0bb12bd7ac2ce8a587d3d65626a94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 18 Mar 2026 17:16:22 +0100 Subject: [PATCH 316/377] feat: remove minecraft --- docker/minecraft/docker-compose.yml | 39 ----------------------------- 1 file changed, 39 deletions(-) delete mode 100644 docker/minecraft/docker-compose.yml diff --git a/docker/minecraft/docker-compose.yml b/docker/minecraft/docker-compose.yml deleted file mode 100644 index 7d65b94..0000000 --- a/docker/minecraft/docker-compose.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -services: - mc: - image: itzg/minecraft-server:java23-graalvm - restart: unless-stopped - tty: true - stdin_open: true - ports: - - "25565:25565" - environment: - EULA: "TRUE" - MEMORY: ${MEMORY:-"6G"} - TZ: "Europe/Madrid" - VERSION: 1.21.1 - ENABLE_ROLLING_LOGS: true - USE_AIKAR_FLAGS: true - MOTD: "Huesoperrers Minecraft Episodio 3: La venganza de los huesos" - MAX_PLAYERS: 10 - MAX_WORLD_SIZE: 10000 - SEED: huesoperrers3 - MODE: survival - ONLINE_MODE: false - ALLOW_FLIGHT: true - SERVER_NAME: Huesoperrers and co. - PLAYER_IDLE_TIMEOUT: 15 - STOP_SERVER_ANNOUNCE_DELAY: 30 - OPS: ${OPS:-robosap1ens,commandkatt,Malva25} - SYNCHRONIZE: true - MERGE: true - ENFORCE_WHITELIST: true - ENABLE_RCON: false - MAX_TICK_TIME: -1 - USER_API_PROVIDER: ${USER_API_PROVIDER:-playerdb} - DIFFICULTY: ${DIFFICULTY:-normal} - ENABLE_AUTOPAUSE: true - DEBUG_AUTOPAUSE: false - TYPE: NEOFORGE - volumes: - - ${MC_DATA_DIR:-/mnt/zeruel/nas1/shared/mc3}:/data From 0b05fdcf73613d4b71d11cb3b461adf6f272b180 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 18 Mar 2026 17:16:33 +0100 Subject: [PATCH 317/377] feat: remove tandoor --- docker/tandoor/docker-compose.yml | 21 --------------------- docker/tandoor/sample.env | 11 ----------- 2 files changed, 32 deletions(-) delete mode 100644 docker/tandoor/docker-compose.yml delete mode 100644 docker/tandoor/sample.env diff --git a/docker/tandoor/docker-compose.yml b/docker/tandoor/docker-compose.yml deleted file mode 100644 index 21ab77e..0000000 --- a/docker/tandoor/docker-compose.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -services: - web_recipes: - restart: always - image: vabene1111/recipes:2.5.3 - volumes: - - ${TANDOOR_STATICFILES:-/mnt/nas1/shared/tandoor/staticfiles}:/opt/recipes/staticfiles - - ${TANDOOR_MEDIAFILES:-/mnt/nas1/shared/tandoor/mediafiles}:/opt/recipes/mediafiles - environment: - SECRET_KEY: ${TANDOOR_SECRET_KEY} - TZ: ${TANDOOR_TZ:-Europe/Madrid} - ALLOWED_HOSTS: ${TANDOOR_ALLOWED_HOSTS:-recipes.roboces.dev} - SOCIAL_PROVIDERS: ${TANDOOR_SOCIAL_PROVIDERS:-allauth.socialaccount.providers.openid_connect} - SOCIALACCOUNT_PROVIDERS: ${TANDOOR_SOCIALACCOUNT_PROVIDERS} - POSTGRES_HOST: ${TANDOOR_POSTGRES_HOST:-192.168.1.3} - POSTGRES_DB: ${TANDOOR_POSTGRES_DB:-tandoor} - POSTGRES_PORT: ${TANDOOR_POSTGRES_PORT:-5432} - POSTGRES_USER: ${TANDOOR_POSTGRES_USER} - POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD} - ports: - - "8081:80" diff --git a/docker/tandoor/sample.env b/docker/tandoor/sample.env deleted file mode 100644 index e5029ad..0000000 --- a/docker/tandoor/sample.env +++ /dev/null @@ -1,11 +0,0 @@ -TANDOOR_STATICFILES= -TANDOOR_MEDIAFILES= -TANDOOR_SECRET_KEY= -TANDOOR_TZ=Europe/Madrid -TANDOOR_ALLOWED_HOSTS= -TANDOOR_SOCIALACCOUNT_PROVIDERS= -TANDOOR_POSTGRES_HOST= -TANDOOR_POSTGRES_DB= -TANDOOR_POSTGRES_PORT= -TANDOOR_POSTGRES_USER= -TANDOOR_POSTGRES_PASSWORD= From 4807e3b6db25389d4fa344dde7633b7fde9823b7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 16 Mar 2026 06:42:51 +0000 Subject: [PATCH 318/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.20.11 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 8aa9e86..acc164d 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.20.10 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.11 restart: unless-stopped ports: - 8002:8000 From 5387e46cb2e9a863a7cb361ba547e19b1bf5b2fe Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 17 Mar 2026 07:07:35 +0000 Subject: [PATCH 319/377] chore(deps): update helm release renovate to 46.72.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index a8e4be5..5d8d7ef 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.58.* + targetRevision: 46.72.* helm: valuesObject: renovate: From 25464f94d7dcde5828256916fed0e6705d1ab483 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 20 Mar 2026 05:20:27 +0000 Subject: [PATCH 320/377] chore(deps): update helm release portainer to 239.1.* --- k8s/argo-apps/portainer.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/portainer.yaml b/k8s/argo-apps/portainer.yaml index c1ce3bd..f461333 100644 --- a/k8s/argo-apps/portainer.yaml +++ b/k8s/argo-apps/portainer.yaml @@ -15,7 +15,7 @@ spec: sources: - repoURL: https://portainer.github.io/k8s/ chart: portainer - targetRevision: 239.0.* + targetRevision: 239.1.* helm: valuesObject: service: From 79f307f0b64be05449f5ab813e47140cced4abe8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 19 Mar 2026 06:01:21 +0000 Subject: [PATCH 321/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v16.2.1 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 3b72b4d..1c55a69 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 16.2.0 + targetRevision: 16.2.1 helm: valuesObject: replicaCount: 2 From b1940a25818fd629e535a5aaf528844c0047f92d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Mar 2026 03:48:00 +0000 Subject: [PATCH 322/377] chore(deps): update helm release renovate to 46.82.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 5d8d7ef..42cfab1 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.72.* + targetRevision: 46.82.* helm: valuesObject: renovate: From 028576be9265e2c7682cb7983bcc19470a6178c7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 22 Mar 2026 11:15:09 +0000 Subject: [PATCH 323/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.20.13 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index acc164d..9980275 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.20.11 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.13 restart: unless-stopped ports: - 8002:8000 From 610f8af7ccc49f7df416e6a4849d8cb69af588a5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 19 Mar 2026 06:01:52 +0000 Subject: [PATCH 324/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v12.7.2 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index 903042c..dcfa03a 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:12.6.4 + image: code.forgejo.org/forgejo/runner:12.7.2 links: - docker-in-docker depends_on: From 7cb0c2b6b66c8de1a4e8fc007a8ea9008211a502 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Mar 2026 03:44:53 +0000 Subject: [PATCH 325/377] chore(deps): update helm release renovate to 46.84.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 42cfab1..cda6cfd 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.82.* + targetRevision: 46.84.* helm: valuesObject: renovate: From 5d430206dddc54b9a161ea007e7e4c42c017ff5e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Mar 2026 03:44:23 +0000 Subject: [PATCH 326/377] chore(deps): update code.forgejo.org/forgejo/runner docker tag to v12.7.3 --- docker/forgejo-runner/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index dcfa03a..3cc2359 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:12.7.2 + image: code.forgejo.org/forgejo/runner:12.7.3 links: - docker-in-docker depends_on: From 55b116672ae112733f29039893b202fe761a7491 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 26 Mar 2026 04:30:26 +0000 Subject: [PATCH 327/377] chore(deps): update ghcr.io/zibbp/ganymede docker tag to v4.14.1 --- docker/ganymede/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/ganymede/docker-compose.yml b/docker/ganymede/docker-compose.yml index 437a9a0..dffcb71 100644 --- a/docker/ganymede/docker-compose.yml +++ b/docker/ganymede/docker-compose.yml @@ -2,7 +2,7 @@ services: ganymede: container_name: ganymede - image: ghcr.io/zibbp/ganymede:4.14.0 + image: ghcr.io/zibbp/ganymede:4.14.1 restart: unless-stopped environment: DEBUG: ${GANYMEDE_DEBUG:-false} From 0fe44b4b3abed13d4d72939a513012b62bdb982f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 26 Mar 2026 04:31:33 +0000 Subject: [PATCH 328/377] chore(deps): update helm release renovate to 46.86.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index cda6cfd..56cf429 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.84.* + targetRevision: 46.86.* helm: valuesObject: renovate: From 838dde47e612376c6e543f4a3da6f5fd9a8bc259 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Mar 2026 04:55:33 +0000 Subject: [PATCH 329/377] chore(deps): update helm release meilisearch to 0.29.* --- k8s/argo-apps/meili.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index af41827..8c0ff65 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -18,7 +18,7 @@ spec: targetRevision: main - chart: meilisearch repoURL: https://meilisearch.github.io/meilisearch-kubernetes - targetRevision: 0.28.* + targetRevision: 0.29.* helm: valuesObject: environment: From 68cf9339e1fdd7f28dafb5817890878c7d3690d9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Mar 2026 04:28:26 +0000 Subject: [PATCH 330/377] chore(deps): update helm release meilisearch to 0.30.* --- k8s/argo-apps/meili.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index 8c0ff65..1f51360 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -18,7 +18,7 @@ spec: targetRevision: main - chart: meilisearch repoURL: https://meilisearch.github.io/meilisearch-kubernetes - targetRevision: 0.29.* + targetRevision: 0.30.* helm: valuesObject: environment: From 16fddc240f912471762d1650529ebf22d1257cdf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Mar 2026 04:28:48 +0000 Subject: [PATCH 331/377] chore(deps): update helm release renovate to 46.97.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 56cf429..7353296 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.86.* + targetRevision: 46.97.* helm: valuesObject: renovate: From 90f78305c5f10be89060c55b70037788a978bff7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Mon, 23 Mar 2026 09:27:51 +0100 Subject: [PATCH 332/377] feat: remove oxicloud --- docker/oxicloud/docker-compose.yml | 22 ---------------------- docker/oxicloud/sample.env | 10 ---------- 2 files changed, 32 deletions(-) delete mode 100644 docker/oxicloud/docker-compose.yml delete mode 100644 docker/oxicloud/sample.env diff --git a/docker/oxicloud/docker-compose.yml b/docker/oxicloud/docker-compose.yml deleted file mode 100644 index f89895f..0000000 --- a/docker/oxicloud/docker-compose.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -services: - oxicloud: - image: git.roboces.dev/catalin/fukuops:oxicloud-0.5.2 - restart: always - ports: - - "8086:8086" - environment: - OXICLOUD_DB_CONNECTION_STRING: ${OXICLOUD_DB_CONNECTION_STRING:-postgres://postgres:postgres@postgres/oxicloud} - OXICLOUD_OIDC_ENABLED: ${OXICLOUD_OIDC_ENABLED:-true} - OXICLOUD_OIDC_ISSUER_URL: ${OXICLOUD_OIDC_ISSUER_URL:-https://auth.fukurokuju.dev/application/o/ganymede/} - OXICLOUD_OIDC_CLIENT_ID: ${OXICLOUD_OIDC_CLIENT_ID} - OXICLOUD_OIDC_CLIENT_SECRET: ${OXICLOUD_OIDC_CLIENT_SECRET} - OXICLOUD_OIDC_REDIRECT_URI: ${OXICLOUD_OIDC_REDIRECT_URI:-https://cloud.roboces.dev/api/auth/oidc/callback} - OXICLOUD_OIDC_FRONTEND_URL: ${OXICLOUD_OIDC_FRONTEND_URL:-https://cloud.roboces.dev} - OXICLOUD_OIDC_ADMIN_GROUPS: ${OXICLOUD_OIDC_ADMIN_GROUPS:-""} - OXICLOUD_OIDC_SCOPES: ${OXICLOUD_OIDC_SCOPES:-offline_access openid profile email} - OXICLOUD_OIDC_PROVIDER_NAME: ${OXICLOUD_OIDC_PROVIDER_NAME:-Authentik} - OXICLOUD_OIDC_AUTO_PROVISION: ${OXICLOUD_OIDC_AUTO_PROVISION:-true} - RUST_LOG: debug - volumes: - - ${OXICLOUD_DATA_VOLUME:-/mnt/zeruel/nas1/shared/storage/data}:/app/storage diff --git a/docker/oxicloud/sample.env b/docker/oxicloud/sample.env deleted file mode 100644 index 032e2f8..0000000 --- a/docker/oxicloud/sample.env +++ /dev/null @@ -1,10 +0,0 @@ -OXICLOUD_DB_CONNECTION_STRING= -OXICLOUD_OIDC_ENABLED= -OXICLOUD_OIDC_ISSUER_URL= -OXICLOUD_OIDC_CLIENT_ID= -OXICLOUD_OIDC_CLIENT_SECRET= -OXICLOUD_OIDC_REDIRECT_URI= -OXICLOUD_OIDC_FRONTEND_URL= -OXICLOUD_OIDC_ADMIN_GROUPS="" -OXICLOUD_OIDC_PROVIDER_NAME= -OXICLOUD_OIDC_SCOPES=offline_access openid profile email From e7eee7c8940ad986646275ce5244c25b485a24fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Thu, 2 Apr 2026 00:56:40 +0200 Subject: [PATCH 333/377] feat: add oxicloud charts and argo app --- k8s/argo-apps/oxicloud.yaml | 54 ++++++++++++++ k8s/charts/oxicloud/.helmignore | 23 ++++++ k8s/charts/oxicloud/Chart.yaml | 8 +++ k8s/charts/oxicloud/templates/_helpers.tpl | 32 +++++++++ k8s/charts/oxicloud/templates/configmap.yaml | 22 ++++++ k8s/charts/oxicloud/templates/ingress.yaml | 64 +++++++++++++++++ k8s/charts/oxicloud/templates/secret.yaml | 19 +++++ k8s/charts/oxicloud/templates/service.yaml | 32 +++++++++ .../oxicloud/templates/statefulset.yaml | 53 ++++++++++++++ .../oxicloud/templates/wopi-deployment.yaml | 58 +++++++++++++++ .../oxicloud/templates/wopi-service.yaml | 20 ++++++ k8s/charts/oxicloud/values.yaml | 72 +++++++++++++++++++ tofu/authentik/main.tf | 30 ++------ tofu/authentik/sample.env | 6 -- tofu/authentik/vars.tf | 28 -------- 15 files changed, 463 insertions(+), 58 deletions(-) create mode 100644 k8s/argo-apps/oxicloud.yaml create mode 100644 k8s/charts/oxicloud/.helmignore create mode 100644 k8s/charts/oxicloud/Chart.yaml create mode 100644 k8s/charts/oxicloud/templates/_helpers.tpl create mode 100644 k8s/charts/oxicloud/templates/configmap.yaml create mode 100644 k8s/charts/oxicloud/templates/ingress.yaml create mode 100644 k8s/charts/oxicloud/templates/secret.yaml create mode 100644 k8s/charts/oxicloud/templates/service.yaml create mode 100644 k8s/charts/oxicloud/templates/statefulset.yaml create mode 100644 k8s/charts/oxicloud/templates/wopi-deployment.yaml create mode 100644 k8s/charts/oxicloud/templates/wopi-service.yaml create mode 100644 k8s/charts/oxicloud/values.yaml diff --git a/k8s/argo-apps/oxicloud.yaml b/k8s/argo-apps/oxicloud.yaml new file mode 100644 index 0000000..7f44ff5 --- /dev/null +++ b/k8s/argo-apps/oxicloud.yaml @@ -0,0 +1,54 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: oxicloud + namespace: argocd +spec: + destination: + name: '' + namespace: apps-roboces + server: https://kubernetes.default.svc + sources: + - path: k8s/charts/oxicloud + repoURL: https://git.roboces.dev/catalin/fukuops.git + targetRevision: main + helm: + valuesObject: + image: + repository: git.roboces.dev/catalin/fukuops + pullPolicy: Always + tag: "oxicloud-0.5.3" + persistence: + enabled: true + storageClass: "truenas-nfs-csi" + accessMode: ReadWriteMany + size: 50Gi + service: + type: LoadBalancer + config: + server: + port: 8086 + host: "0.0.0.0" + baseUrl: "https://cloud.roboces.dev" + features: + enableAuth: "true" + enableSharing: "true" + mimalloc: + purgeDelay: "0" + allowLargeOsPages: "0" + secrets: + existingSecret: oxicloud + wopi: + enabled: false + ingress: + className: "traefik" + hosts: + - host: cloud.roboces.dev + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + project: roboces + syncPolicy: + automated: {} diff --git a/k8s/charts/oxicloud/.helmignore b/k8s/charts/oxicloud/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/k8s/charts/oxicloud/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s/charts/oxicloud/Chart.yaml b/k8s/charts/oxicloud/Chart.yaml new file mode 100644 index 0000000..50069e2 --- /dev/null +++ b/k8s/charts/oxicloud/Chart.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: v2 +name: oxicloud +description: | + Ultra-fast, secure & lightweight self-hosted cloud storage — your files, photos, calendars & contacts, all in one place. Built in Rust. +type: application +version: 0.1.0 +appVersion: "0.5.2" diff --git a/k8s/charts/oxicloud/templates/_helpers.tpl b/k8s/charts/oxicloud/templates/_helpers.tpl new file mode 100644 index 0000000..0e1d40b --- /dev/null +++ b/k8s/charts/oxicloud/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* Expand the name of the chart. */}} +{{- define "oxicloud.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* Create a default fully qualified app name. */}} +{{- define "oxicloud.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* Common labels */}} +{{- define "oxicloud.labels" -}} +helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{ include "oxicloud.selectorLabels" . }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* Selector labels */}} +{{- define "oxicloud.selectorLabels" -}} +app.kubernetes.io/name: {{ include "oxicloud.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} diff --git a/k8s/charts/oxicloud/templates/configmap.yaml b/k8s/charts/oxicloud/templates/configmap.yaml new file mode 100644 index 0000000..edd8d27 --- /dev/null +++ b/k8s/charts/oxicloud/templates/configmap.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "oxicloud.fullname" . }}-config +data: + OXICLOUD_SERVER_PORT: {{ .Values.config.server.port | quote }} + OXICLOUD_SERVER_HOST: {{ .Values.config.server.host | quote }} + {{- if .Values.config.server.baseUrl }} + OXICLOUD_BASE_URL: {{ .Values.config.server.baseUrl | quote }} + {{- end }} + OXICLOUD_ENABLE_AUTH: {{ .Values.config.features.enableAuth | quote }} + OXICLOUD_ENABLE_FILE_SHARING: {{ .Values.config.features.enableSharing | quote }} + MIMALLOC_PURGE_DELAY: {{ .Values.config.mimalloc.purgeDelay | quote }} + MIMALLOC_ALLOW_LARGE_OS_PAGES: {{ .Values.config.mimalloc.allowLargeOsPages | quote }} + + {{- if .Values.wopi.enabled }} + OXICLOUD_WOPI_ENABLED: "true" + OXICLOUD_WOPI_DISCOVERY_URL: "{{ .Values.config.server.baseUrl }}/hosting/discovery" + {{- else }} + OXICLOUD_WOPI_ENABLED: "false" + {{- end }} diff --git a/k8s/charts/oxicloud/templates/ingress.yaml b/k8s/charts/oxicloud/templates/ingress.yaml new file mode 100644 index 0000000..ab3a14b --- /dev/null +++ b/k8s/charts/oxicloud/templates/ingress.yaml @@ -0,0 +1,64 @@ +--- +{{- if .Values.ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "oxicloud.fullname" . }} + labels: + {{- include "oxicloud.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.className }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + - host: {{ (index .Values.ingress.hosts 0).host | quote }} + http: + paths: + {{- if .Values.wopi.enabled }} + # Route Collabora traffic to the WOPI pod + - path: /browser + pathType: Prefix + backend: + service: + name: {{ include "oxicloud.fullname" $ }}-wopi + port: + number: {{ .Values.wopi.collabora.service.port }} + - path: /hosting + pathType: Prefix + backend: + service: + name: {{ include "oxicloud.fullname" $ }}-wopi + port: + number: {{ .Values.wopi.collabora.service.port }} + - path: /cool + pathType: Prefix + backend: + service: + name: {{ include "oxicloud.fullname" $ }}-wopi + port: + number: {{ .Values.wopi.collabora.service.port }} + {{- end }} + + # Default Catch-All: Route everything else to OxiCloud + - path: / + pathType: Prefix + backend: + service: + name: {{ include "oxicloud.fullname" $ }} + port: + number: {{ $.Values.service.port }} +{{- end }} diff --git a/k8s/charts/oxicloud/templates/secret.yaml b/k8s/charts/oxicloud/templates/secret.yaml new file mode 100644 index 0000000..d5aac3c --- /dev/null +++ b/k8s/charts/oxicloud/templates/secret.yaml @@ -0,0 +1,19 @@ +--- +{{- if not .Values.secrets.existingSecret }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "oxicloud.fullname" . }}-secret + labels: + {{- include "oxicloud.labels" . | nindent 4 }} +type: Opaque +data: + {{- if .Values.secrets.jwtSecret }} + OXICLOUD_JWT_SECRET: {{ .Values.secrets.jwtSecret | b64enc | quote }} + {{- end }} + DB_PASSWORD: {{ .Values.database.password | b64enc | quote }} + {{- if .Values.wopi.enabled }} + WOPI_ADMIN_USERNAME: {{ .Values.wopi.collabora.admin.username | b64enc | quote }} + WOPI_ADMIN_PASSWORD: {{ .Values.wopi.collabora.admin.password | b64enc | quote }} + {{- end }} +{{- end }} diff --git a/k8s/charts/oxicloud/templates/service.yaml b/k8s/charts/oxicloud/templates/service.yaml new file mode 100644 index 0000000..b0a4bc8 --- /dev/null +++ b/k8s/charts/oxicloud/templates/service.yaml @@ -0,0 +1,32 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "oxicloud.fullname" . }} + labels: + {{- include "oxicloud.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "oxicloud.selectorLabels" . | nindent 4 }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "oxicloud.fullname" . }}-headless + labels: + {{- include "oxicloud.labels" . | nindent 4 }} +spec: + clusterIP: None + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "oxicloud.selectorLabels" . | nindent 4 }} diff --git a/k8s/charts/oxicloud/templates/statefulset.yaml b/k8s/charts/oxicloud/templates/statefulset.yaml new file mode 100644 index 0000000..2a6d68e --- /dev/null +++ b/k8s/charts/oxicloud/templates/statefulset.yaml @@ -0,0 +1,53 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "oxicloud.fullname" . }} + labels: + {{- include "oxicloud.labels" . | nindent 4 }} +spec: + serviceName: {{ include "oxicloud.fullname" . }}-headless + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "oxicloud.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "oxicloud.selectorLabels" . | nindent 8 }} + spec: + containers: + - name: oxicloud + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 8086 + protocol: TCP + envFrom: + - configMapRef: + name: {{ include "oxicloud.fullname" . }}-config + - secretRef: + name: {{ if .Values.secrets.existingSecret }}{{ .Values.secrets.existingSecret }}{{ else }}{{ include "oxicloud.fullname" . }}-secret{{ end }} + volumeMounts: + - name: storage-data + mountPath: /app/storage + {{- if not .Values.persistence.enabled }} + volumes: + - name: storage-data + emptyDir: {} + {{- end }} + + {{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: storage-data + spec: + accessModes: + - {{ .Values.persistence.accessMode }} + {{- if .Values.persistence.storageClass }} + storageClassName: {{ .Values.persistence.storageClass }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size }} + {{- end }} diff --git a/k8s/charts/oxicloud/templates/wopi-deployment.yaml b/k8s/charts/oxicloud/templates/wopi-deployment.yaml new file mode 100644 index 0000000..0cdc0d4 --- /dev/null +++ b/k8s/charts/oxicloud/templates/wopi-deployment.yaml @@ -0,0 +1,58 @@ +--- +{{- if .Values.wopi.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "oxicloud.fullname" . }}-wopi + labels: + {{- include "oxicloud.labels" . | nindent 4 }} + app.kubernetes.io/component: wopi +spec: + replicas: 1 + selector: + matchLabels: + {{- include "oxicloud.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: wopi + template: + metadata: + labels: + {{- include "oxicloud.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: wopi + spec: + containers: + - name: collabora + image: "{{ .Values.wopi.collabora.image.repository }}:{{ .Values.wopi.collabora.image.tag }}" + imagePullPolicy: {{ .Values.wopi.collabora.image.pullPolicy }} + # Required for Collabora to build chroot jails + securityContext: + capabilities: + add: + - MKNOD + ports: + - name: wopi + containerPort: 9980 + protocol: TCP + env: + - name: aliasgroup1 + value: "http://{{ .Values.wopi.collabora.domain }}" + - name: server_name + value: {{ .Values.wopi.collabora.domain | quote }} + - name: extra_params + value: {{ .Values.wopi.collabora.extraParams | quote }} + - name: username + valueFrom: + secretKeyRef: + name: {{ if .Values.secrets.existingSecret }}{{ .Values.secrets.existingSecret }}{{ else }}{{ include "oxicloud.fullname" . }}-secret{{ end }} + key: WOPI_ADMIN_USERNAME + - name: password + valueFrom: + secretKeyRef: + name: {{ if .Values.secrets.existingSecret }}{{ .Values.secrets.existingSecret }}{{ else }}{{ include "oxicloud.fullname" . }}-secret{{ end }} + key: WOPI_ADMIN_PASSWORD + readinessProbe: + httpGet: + path: /hosting/discovery + port: wopi + initialDelaySeconds: 10 + periodSeconds: 10 +{{- end }} diff --git a/k8s/charts/oxicloud/templates/wopi-service.yaml b/k8s/charts/oxicloud/templates/wopi-service.yaml new file mode 100644 index 0000000..6b27207 --- /dev/null +++ b/k8s/charts/oxicloud/templates/wopi-service.yaml @@ -0,0 +1,20 @@ +--- +{{- if .Values.wopi.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "oxicloud.fullname" . }}-wopi + labels: + {{- include "oxicloud.labels" . | nindent 4 }} + app.kubernetes.io/component: wopi +spec: + type: ClusterIP + ports: + - port: {{ .Values.wopi.collabora.service.port }} + targetPort: wopi + protocol: TCP + name: wopi + selector: + {{- include "oxicloud.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: wopi +{{- end }} diff --git a/k8s/charts/oxicloud/values.yaml b/k8s/charts/oxicloud/values.yaml new file mode 100644 index 0000000..96ab6a9 --- /dev/null +++ b/k8s/charts/oxicloud/values.yaml @@ -0,0 +1,72 @@ +--- +replicaCount: 1 + +image: + repository: oxicloud + pullPolicy: IfNotPresent + tag: "latest" + +database: + host: "postgres.example.com" + port: 5432 + username: "postgres" + password: "change_me_in_production" + name: "oxicloud" + +config: + server: + port: 8086 + host: "0.0.0.0" + baseUrl: "http://cloud.example.com" + features: + enableAuth: "true" + enableSharing: "true" + mimalloc: + purgeDelay: "0" + allowLargeOsPages: "0" + +persistence: + enabled: true + storageClass: "" + accessMode: ReadWriteOnce + size: 50Gi + +wopi: + enabled: true + collabora: + url: "cloud.example.com" + image: + repository: collabora/code + tag: latest + pullPolicy: IfNotPresent + service: + port: 9980 + admin: + username: admin + password: "wopi_admin_password" + # In production behind an ingress, you'd likely enable SSL termination. + extraParams: "--o:ssl.enable=false --o:ssl.termination=false --o:net.frame_ancestors=http://* https://*" + +secrets: + # If existingSecret is set, the chart will NOT create a Secret and will use this one instead. + existingSecret: "" + jwtSecret: "" + oidcClientSecret: "" + +service: + type: ClusterIP + port: 8086 + +ingress: + enabled: true + className: "nginx" # Adjust to your ingress controller (e.g., traefik) + annotations: {} + hosts: + - host: cloud.example.com + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: oxicloud-tls + # hosts: + # - cloud.example.com diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index a941542..2219ff9 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -37,6 +37,11 @@ resource "authentik_group" "arrs" { is_superuser = false } +resource "authentik_group" "cloud" { + name = "cloud" + is_superuser = false +} + module "gitea" { source = "../modules/authentik-oidc" app_name = "Gitea" @@ -187,17 +192,6 @@ module "jellyfin" { app_access_group_id = authentik_group.arrs.id } -module "tandoor" { - source = "../modules/authentik-oidc" - app_name = "Tandoor" - app_slug = "tandoor" - app_access_group_id = "" - app_url = "https://recipes.roboces.dev" - redirect_uris = [{ matching_mode = "strict", url = "https://recipes.roboces.dev/accounts/oidc/authentik/login/callback/" }] - app_icon = "https://recipes.roboces.dev/static/assets/logo_color_192.c9b9177ff941.png" - client_id = var.tandoor_client_id - client_secret = var.tandoor_client_secret -} module "ganymede" { source = "../modules/authentik-oidc" @@ -221,18 +215,6 @@ module "jellyseerr" { app_access_group_id = authentik_group.arrs.id } -module "pulse" { - source = "../modules/authentik-oidc" - app_name = "Pulse" - app_slug = "pulse" - app_url = "https://pulse.fukurokuju.dev" - client_id = var.pulse_client_id - client_secret = var.pulse_client_secret - app_icon = "https://pulse.fukurokuju.dev/logo.svg" - redirect_uris = [{ matching_mode = "strict", url = "https://pulse.fukurokuju.dev/api/oidc/callback" }] - app_access_group_id = authentik_group.admins.id -} - module "cloud" { source = "../modules/authentik-oidc" app_name = "Cloud" @@ -244,5 +226,5 @@ module "cloud" { redirect_uris = [{ matching_mode = "strict", url = "https://cloud.roboces.dev/api/auth/oidc/callback" }] - app_access_group_id = "" + app_access_group_id = authentik_group.cloud.id } diff --git a/tofu/authentik/sample.env b/tofu/authentik/sample.env index 7230d1f..224c37a 100644 --- a/tofu/authentik/sample.env +++ b/tofu/authentik/sample.env @@ -8,15 +8,9 @@ TF_VAR_portainer_client_id= TF_VAR_portainer_client_secret= TF_VAR_paperless_client_id= TF_VAR_paperless_client_secret= -TF_VAR_sftpgo_client_id= -TF_VAR_sftpgo_client_secret= TF_VAR_rustical_client_id= TF_VAR_rustical_client_secret= -TF_VAR_tandoor_client_id= -TF_VAR_tandoor_client_secret= TF_VAR_ganymede_client_id= TF_VAR_ganymede_client_secret= -TF_VAR_pulse_client_id= -TF_VAR_pulse_client_secret= TF_VAR_oxicloud_client_id=aef61f77326b813cf8d8ba71d1ac994b5642685ca37e4710ab0079e91d87702d55fd9775d473b05aff45603bf08e78dba26850af3a815f3c3ac171d163368aa0 TF_VAR_oxicloud_client_secret=a4038df17c9fd06f86372aeaaae8f3fd1374d8978983af7b398d948ef15d1efe522a1faa2fc7652bc410c516d96cd2e4211dad4e05ba6297bdd8d9090460d5fc diff --git a/tofu/authentik/vars.tf b/tofu/authentik/vars.tf index 920d995..028ae95 100644 --- a/tofu/authentik/vars.tf +++ b/tofu/authentik/vars.tf @@ -39,15 +39,6 @@ variable "paperless_client_secret" { type = string } -variable "sftpgo_client_id" { - description = "SFTPGo client ID" - type = string -} - -variable "sftpgo_client_secret" { - description = "SFTPGo client secret" - type = string -} variable "rustical_client_id" { description = "Rustical client ID" @@ -59,15 +50,6 @@ variable "rustical_client_secret" { type = string } -variable "tandoor_client_id" { - description = "Tandoor client ID" - type = string -} - -variable "tandoor_client_secret" { - description = "Tandoor client secret" - type = string -} variable "ganymede_client_id" { description = "Ganymede client ID" @@ -79,16 +61,6 @@ variable "ganymede_client_secret" { type = string } -variable "pulse_client_id" { - description = "Pulse client ID" - type = string -} - -variable "pulse_client_secret" { - description = "Pulse client secret" - type = string -} - variable "oxicloud_client_id" { description = "Oxicloud client ID" type = string From f8a965756cf9a1376c804a536351201259b27538 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Thu, 2 Apr 2026 00:58:55 +0200 Subject: [PATCH 334/377] feat: update miniflux chart's appVersion to 2.2.18 --- k8s/charts/miniflux/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/charts/miniflux/Chart.yaml b/k8s/charts/miniflux/Chart.yaml index af89594..385a887 100644 --- a/k8s/charts/miniflux/Chart.yaml +++ b/k8s/charts/miniflux/Chart.yaml @@ -3,4 +3,4 @@ name: miniflux description: A Helm chart for Miniflux RSS reader type: application version: 0.1.0 -appVersion: "2.2.17" +appVersion: "2.2.18" From 6f9f930e040b245be4f576cc43d651533734593e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Thu, 2 Apr 2026 01:07:20 +0200 Subject: [PATCH 335/377] feat: remove nextcloud --- docker/nextcloud/Dockerfile | 61 ----------------------------- docker/nextcloud/docker-compose.yml | 40 ------------------- docker/nextcloud/supervisord.conf | 22 ----------- 3 files changed, 123 deletions(-) delete mode 100644 docker/nextcloud/Dockerfile delete mode 100644 docker/nextcloud/docker-compose.yml delete mode 100644 docker/nextcloud/supervisord.conf diff --git a/docker/nextcloud/Dockerfile b/docker/nextcloud/Dockerfile deleted file mode 100644 index acfa490..0000000 --- a/docker/nextcloud/Dockerfile +++ /dev/null @@ -1,61 +0,0 @@ -FROM nextcloud:32.0.3-apache - - -RUN set -ex; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - ffmpeg \ - ghostscript \ - libmagickcore-7.q16-10-extra \ - procps \ - smbclient \ - supervisor \ - libreoffice \ - ; \ - rm -rf /var/lib/apt/lists/* - -RUN set -ex; \ - \ - savedAptMark="$(apt-mark showmanual)"; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - libbz2-dev \ - #libc-client-dev \ - libkrb5-dev \ - libsmbclient-dev \ - ; \ - \ - #docker-php-ext-configure imap --with-kerberos --with-imap-ssl; \ - docker-php-ext-install \ - bz2 \ - # imap \ - ; \ - pecl install smbclient; \ - docker-php-ext-enable smbclient; \ - \ -# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies - apt-mark auto '.*' > /dev/null; \ - apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ - | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \ - | sort -u \ - | xargs -r dpkg-query --search \ - | cut -d: -f1 \ - | sort -u \ - | xargs -rt apt-mark manual; \ - \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* - -RUN mkdir -p \ - /var/log/supervisord \ - /var/run/supervisord \ -; - -COPY supervisord.conf / - -ENV NEXTCLOUD_UPDATE=1 - -CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"] diff --git a/docker/nextcloud/docker-compose.yml b/docker/nextcloud/docker-compose.yml deleted file mode 100644 index 7599f20..0000000 --- a/docker/nextcloud/docker-compose.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -services: - imaginary: - image: nextcloud/aio-imaginary:latest - cap_add: - - SYS_NICE - volumes: - - type: tmpfs - target: /tmp:exec - environment: - - TZ=Europe/Madrid - restart: unless-stopped - networks: - - nextcloud - - nextcloud: - image: git.roboces.dev/catalin/fukuops:nextcloud-32.0.3 - volumes: - - /mnt/nas1/legacy-storage/cloud/cloud/data:/var/www/html/data - - /mnt/nas1/legacy-storage/cloud/cloud/config:/var/www/html/config - - /mnt/nas1/legacy-storage/cloud/cloud/custom_apps:/var/www/html/custom_apps - - /mnt/nas1/legacy-storage/cloud/cloud/apps:/var/www/html/apps - - type: tmpfs - target: /tmp:exec - - supervisorlog:/var/log/supervisor:z - - supervisorpid:/var/run/supervisord/:z - environment: - PHP_MEMORY_LIMIT: ${PHP_MEMORY_LIMIT:-2048M} - NEXTCLOUD_INIT_HTACCESS: ${NEXTCLOUD_INIT_HTACCESS:-1} - restart: unless-stopped - ports: - - '8080:80' - networks: - - nextcloud - -networks: - nextcloud: {} -volumes: - supervisorlog: {} - supervisorpid: {} diff --git a/docker/nextcloud/supervisord.conf b/docker/nextcloud/supervisord.conf deleted file mode 100644 index 836a08a..0000000 --- a/docker/nextcloud/supervisord.conf +++ /dev/null @@ -1,22 +0,0 @@ -[supervisord] -nodaemon=true -logfile=/var/log/supervisord/supervisord.log -pidfile=/var/run/supervisord/supervisord.pid -childlogdir=/var/log/supervisord/ -logfile_maxbytes=50MB ; maximum size of logfile before rotation -logfile_backups=10 ; number of backed up logfiles -loglevel=error - -[program:apache2] -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command=apache2-foreground - -[program:cron] -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command=/cron.sh From 1fa6ee30280748b474271192e41a6fa6f74fb74c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Thu, 2 Apr 2026 01:09:47 +0200 Subject: [PATCH 336/377] feat: remove forgejo-runner --- docker/forgejo-runner/docker-compose.yml | 41 ------------------------ k8s/charts/oxicloud/values.yaml | 9 ++---- 2 files changed, 2 insertions(+), 48 deletions(-) delete mode 100644 docker/forgejo-runner/docker-compose.yml diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml deleted file mode 100644 index 3cc2359..0000000 --- a/docker/forgejo-runner/docker-compose.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:12.7.3 - links: - - docker-in-docker - depends_on: - docker-in-docker: - condition: service_started - user: 1001:1001 - restart: unless-stopped - command: '/bin/sh -c "sleep 5; forgejo-runner daemon"' - environment: - DOCKER_HOST: tcp://docker-in-docker:2375 - -networks: - forgejo: - external: false - -services: - docker-in-docker: - image: docker:dind - container_name: 'docker_dind' - privileged: true - command: ['dockerd', '-H', 'tcp://0.0.0.0:2375', '--tls=false'] - restart: 'unless-stopped' - - runner: - <<: *runner-common - container_name: 'runner' - volumes: - - ${FORGEJO_RUNNER_DATA:-/mnt/nas1/shared/forgejo-runner/data}:/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - - runner-2: - <<: *runner-common - container_name: 'runner2' - volumes: - - ${FORGEJO_RUNNER_DATA:-/mnt/nas1/shared/forgejo-runner/data2}:/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro diff --git a/k8s/charts/oxicloud/values.yaml b/k8s/charts/oxicloud/values.yaml index 96ab6a9..3bbd384 100644 --- a/k8s/charts/oxicloud/values.yaml +++ b/k8s/charts/oxicloud/values.yaml @@ -17,7 +17,7 @@ config: server: port: 8086 host: "0.0.0.0" - baseUrl: "http://cloud.example.com" + baseUrl: "https://cloud.example.com" features: enableAuth: "true" enableSharing: "true" @@ -44,11 +44,9 @@ wopi: admin: username: admin password: "wopi_admin_password" - # In production behind an ingress, you'd likely enable SSL termination. extraParams: "--o:ssl.enable=false --o:ssl.termination=false --o:net.frame_ancestors=http://* https://*" secrets: - # If existingSecret is set, the chart will NOT create a Secret and will use this one instead. existingSecret: "" jwtSecret: "" oidcClientSecret: "" @@ -59,7 +57,7 @@ service: ingress: enabled: true - className: "nginx" # Adjust to your ingress controller (e.g., traefik) + className: "traefik" annotations: {} hosts: - host: cloud.example.com @@ -67,6 +65,3 @@ ingress: - path: / pathType: ImplementationSpecific tls: [] - # - secretName: oxicloud-tls - # hosts: - # - cloud.example.com From af25a4e809a565ccb6d1bbdc1d4975ed84e10bb1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Thu, 2 Apr 2026 12:16:42 +0200 Subject: [PATCH 337/377] feat: add k8s/woodpecker --- k8s/argo-apps/woodpecker.yaml | 57 ++++++++++++++++++++++++++ k8s/services/argo/project-roboces.yaml | 3 ++ 2 files changed, 60 insertions(+) create mode 100644 k8s/argo-apps/woodpecker.yaml diff --git a/k8s/argo-apps/woodpecker.yaml b/k8s/argo-apps/woodpecker.yaml new file mode 100644 index 0000000..1068d21 --- /dev/null +++ b/k8s/argo-apps/woodpecker.yaml @@ -0,0 +1,57 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: woodpecker + namespace: argocd + annotations: + argocd.argoproj.io/sync-options: Force=true,Replace=true +spec: + destination: + name: '' + namespace: apps-roboces + server: https://kubernetes.default.svc + sources: + - chart: woodpecker + repoURL: ghcr.io/woodpecker-ci/helm + targetRevision: 3.5.1 + helm: + valuesObject: + agent: + persistence: + storageClass: truenas-nfs-csi + accessModes: + - ReadWriteMany + server: + env: + WOODPECKER_ADMIN: 'woodpecker,admin,catalin' + WOODPECKER_HOST: 'https://ci.roboces.dev' + WOODPECKER_FORGEJO: "true" + WOODPECKER_FORGEJO_URL: "https://git.roboces.dev" + WOODPECKER_FORGEJO_CLIENT: + valueFrom: + secretKeyRef: + name: woodpecker + key: WOODPECKER_FORGEJO_CLIENT + WOODPECKER_FORGEJO_SECRET: + valueFrom: + secretKeyRef: + name: woodpecker + key: WOODPECKER_FORGEJO_SECRET + persistentVolume: + storageClass: truenas-nfs-csi + accessModes: + - ReadWriteMany + service: + type: LoadBalancer + ingress: + enabled: true + ingressClassName: traefik + hosts: + - host: ci.roboces.dev + paths: + - path: / + tls: [] + project: roboces + syncPolicy: + automated: {} diff --git a/k8s/services/argo/project-roboces.yaml b/k8s/services/argo/project-roboces.yaml index 9f05403..9b6f364 100644 --- a/k8s/services/argo/project-roboces.yaml +++ b/k8s/services/argo/project-roboces.yaml @@ -8,8 +8,11 @@ spec: destinations: - namespace: apps-roboces server: https://kubernetes.default.svc + - namespace: woodpecker + server: https://kubernetes.default.svc sourceRepos: - https://git.roboces.dev/catalin/fukuops.git - code.forgejo.org/forgejo-helm - https://git.roboces.dev/catalin/huesoporro.git - https://gitlab.com/api/v4/projects/64552889/packages/helm/release + - ghcr.io/woodpecker-ci/helm From 9fa9866ce250232061b11ad70db8caa2c3e3d887 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Apr 2026 04:30:46 +0000 Subject: [PATCH 338/377] chore(deps): update helm release renovate to 46.98.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 7353296..17c6a27 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.97.* + targetRevision: 46.98.* helm: valuesObject: renovate: From 0d8127037da6a324ddec49e901d8c55a8adfbe34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Thu, 2 Apr 2026 17:50:03 +0200 Subject: [PATCH 339/377] feat: rename vaultwarden-secrets-manager to vault-sm --- ...rden-secrets-manager.yaml => vault-sm.yaml} | 2 +- k8s/services/factorio/sealedsecrets.yaml | 18 ------------------ 2 files changed, 1 insertion(+), 19 deletions(-) rename k8s/argo-apps/{vaultwarden-secrets-manager.yaml => vault-sm.yaml} (98%) delete mode 100644 k8s/services/factorio/sealedsecrets.yaml diff --git a/k8s/argo-apps/vaultwarden-secrets-manager.yaml b/k8s/argo-apps/vault-sm.yaml similarity index 98% rename from k8s/argo-apps/vaultwarden-secrets-manager.yaml rename to k8s/argo-apps/vault-sm.yaml index 1f09c24..0f4d677 100644 --- a/k8s/argo-apps/vaultwarden-secrets-manager.yaml +++ b/k8s/argo-apps/vault-sm.yaml @@ -2,7 +2,7 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: vaultwarden-secrets-manager + name: vault-sm namespace: argocd spec: destination: diff --git a/k8s/services/factorio/sealedsecrets.yaml b/k8s/services/factorio/sealedsecrets.yaml deleted file mode 100644 index 5b36966..0000000 --- a/k8s/services/factorio/sealedsecrets.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: - name: secrets-factorio - namespace: apps-fuku -spec: - encryptedData: - game_password: AgCmUZilQTlqof5so2DyvjbCh3J8OAkz4lSQv++z+9XUz4/+KjwgEjP5SI9nf2WVfIHt7WiJN8oaPlYnm2XIdbBUrvKlTEuMAy2XeI8DE2+wKHXdbmLg7t3oZR/8kw3py9W3o4dlXp5XY2G4S3cG8TX0fkN58ni61mYv+zSvc6stcT/iveJqO5E+hXPcDSexzxQ/8DybS4D5g8W3N2OMhRoU0wwhYfXAuxN90BzFKgD6X/9Xy1c7pPQQkEidpA6l1uP5qIG/vChmIpqsOmQWbibGQn53el5ulPvaybx1wRu33eJJcSPRS+XthZv9dtwduFlboMT6QPWcVL5gSQ0ceCBidQIHGLRLxcHYPZz83miCeVYFY1xFegrwPBsXYEdfar5mufxgSQGtSHGzwEV0Ry+tcmjz9JqWpQBQVg10Bs0GYwvy/XGHi1BLCouAXXL//eVbGp1s9cl4uyN9Ymzt5zNrf/SvUweFsaCYrC6xVFA2CCsLbsyu/YbmKkO+cd1IwAle4luGmJHnZgrXKMwQFYoMTGsgEGYt87Itz7eOSmHEm/ZJwZ3oL6n0LGgHpJu1gb4Op0ZA9p44DKeg2fy5Go9rWeMOP0RIw8/SApE6QmT0Bw8QccddnTHhwuCLet2PoiUodKhFffTfGN6PGPeIcyQJpiEDxUI7nquWSNGTcMJDsR3LbzU6A8MpDQrrg5Az6YzyZOo7NLEMbitKLrqt9lfH5g7g # yamllint disable rule:line-length - password: AgCTY4hn/wTGipH9oX7SgS44PE6wEe34AB2Pz9IeB5KcISZVGgWAUMtcffexV31jcNwz5TrztNam22Ys7qYbsZZVNOWm27/KZP3U04Jrq1cIPhY+xE1xF3vMqCd54r+kaeMO4hlDhBlE7Hs6BHdURTpPz8ocqihT2bft+Q8p2Myf3vPHXcDwoUyQj/AFYJdJJhyVfD5NDdacFhOmPTB/tUE4AW1Rz9oND6sy0x7NaP44vswVbhREpMA9wkltJRugRKUwXdfC6kOrfKa1R88aNOwkqc22F1U1PhcqUSAMYQxOA+zz3xMjrP8o70V1/FBKxnTBYVIpdHuwl2RpvC/TewJYVEu1xzp3texfgkTn6XXMp9InxfA6y1wpSVpMPYK5zPRCnmuyPTdSd+DrD6C6y2rstrHvvHxnLPtqo5REVjkfTGkEilmQ1+SllPMPk/6hKivahdmORixoI2MtOz4k4d+7rdPrrsRscMHAheyJTNdKC3wGoKFqbm+0zFV3GFaxM65K0USlYhPwyKG3FlHGj0t8HmXOr+M2cQKd4vqIrq8betRp08YPGMOT0Ea1KIvoP3z4yiJg2Z64d8d0Brof/h4fFd4kKgfMYm/CvkNh5zjFzEYi+K/6G/G99RBxwl7kK3eMB6CiuOnLITCw/Ok/LiRcdnIcAe7yobHG6FWHas4KPL5t4dPTxo12catoWtuJG7L20AIl3171+gO3jS0e4zAvZ+7S # yamllint disable rule:line-length - token: AgByS4w6xSn0/FzWkgNazh7hyZjKTTmg9WtQ3oyKQUVF6FYg+qvPYYLuNu7rTwQOa4LGw3Cvf/yYT0+WU93BjfNCSVMfes1lE2dQzukK4+zEeDhZ4MSpBOBgYYwHJkrFyHpvVSAQkaPi40T0M8iJmFv+Oq1s8zRWmx84LMllaJuRGH/t9jMfmR3rF6JBcSmEmkmB7N8cD+ytPPtZKXGJXaWE0qvuNKNveqirLRt7E+B7z7yvhroaEHahHEseOQnJ6dKY83KzH1riHBTUNOVcI62hSkiYEbbZXAzxznxMKDs04w/BpOksTeg3OWD/RzwuRdX5M2zb3wrrqbF9r9yoLUbWBMS2bdUbUyLiqvfzKUWKAd8eZsS4+P8N5fbPrLgXmB+xRz5xiCQ+r/ZL4Nj9pfuSZMDKytIglldB6BT5gtnodiaCgAPrtLz2OMtBvvojpWOaaBbYWxbrnMhCG2YYU7Kd4UFXEttL/MVs7YkZow12AIngKqzz7vXo3K2iwRYoi2CjOwv3NeXSWk9LdTrTxs00iO8RT55wbAcg9HiNkYZFtrI+6sygvnHhDmNhYG0z7yHCpx13KIjoFEtVEcx2F9bbMftxBmZoOFaGtBhFSgH323CLGoFecdhv41cH9F5HHzpc13Pc5dShm6ZPgWrWG88w0Q4WIT6hiXlriSnd9xw0At4kl7wRBqusZgwDVTBCFbtKS6Gg9msBZnZzADI/aeljY3QXGg2YT/2Ra2c3quY= # yamllint disable rule:line-length - template: # yamllint disable rule:line-length - metadata: - creationTimestamp: - name: secrets-factorio - namespace: apps-fuku - type: Opaque From 62ed1889c70f250c0bb0769a42679001166423f3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Apr 2026 04:19:38 +0000 Subject: [PATCH 340/377] chore(deps): update helm release renovate to 46.100.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 17c6a27..29fefe9 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.98.* + targetRevision: 46.100.* helm: valuesObject: renovate: From b31a170b16398f4ad7e2a91bb0b0c72fb0a4be58 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Apr 2026 03:56:43 +0000 Subject: [PATCH 341/377] chore(deps): update ghcr.io/antoniolago/charts/vaultwarden-kubernetes-secrets docker tag to v1.3.01 --- k8s/argo-apps/vault-sm.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/vault-sm.yaml b/k8s/argo-apps/vault-sm.yaml index 0f4d677..ba61191 100644 --- a/k8s/argo-apps/vault-sm.yaml +++ b/k8s/argo-apps/vault-sm.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: vaultwarden-kubernetes-secrets repoURL: ghcr.io/antoniolago/charts - targetRevision: 1.3.0 + targetRevision: 1.3.01 helm: valuesObject: api: From e0eddb137a5881aa071acc3877058aa5046a64fc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Apr 2026 05:08:18 +0000 Subject: [PATCH 342/377] chore(deps): update helm release renovate to 46.105.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 29fefe9..b3221ca 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.100.* + targetRevision: 46.105.* helm: valuesObject: renovate: From 1984c78dcdd9cf72816182ed569f0d1e17a7458f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Apr 2026 05:09:15 +0000 Subject: [PATCH 343/377] chore(deps): update tailscale/tailscale docker tag to v1.96.5 --- docker/tailscale/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/tailscale/docker-compose.yml b/docker/tailscale/docker-compose.yml index e139f18..aea1233 100644 --- a/docker/tailscale/docker-compose.yml +++ b/docker/tailscale/docker-compose.yml @@ -1,7 +1,7 @@ --- services: tailscale: - image: tailscale/tailscale:v1.94.2 + image: tailscale/tailscale:v1.96.5 hostname: tailscale environment: TS_AUTHKEY: ${TS_AUTHKEY} From 75e2172e9d730e869a5c2fd0a4a64f2004021264 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 8 Apr 2026 09:23:17 +0200 Subject: [PATCH 344/377] feat: use the official diocrafts/oxicloud image --- k8s/argo-apps/oxicloud.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/k8s/argo-apps/oxicloud.yaml b/k8s/argo-apps/oxicloud.yaml index 7f44ff5..b1c1eb5 100644 --- a/k8s/argo-apps/oxicloud.yaml +++ b/k8s/argo-apps/oxicloud.yaml @@ -16,9 +16,9 @@ spec: helm: valuesObject: image: - repository: git.roboces.dev/catalin/fukuops + repository: diocrafts/oxicloud pullPolicy: Always - tag: "oxicloud-0.5.3" + tag: "0.5.4" persistence: enabled: true storageClass: "truenas-nfs-csi" From 961c9db8a3e99df1b22fab82eb7a865ad3759461 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Apr 2026 04:12:44 +0000 Subject: [PATCH 345/377] chore(deps): update ghcr.io/zibbp/ganymede docker tag to v4.15.0 --- docker/ganymede/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/ganymede/docker-compose.yml b/docker/ganymede/docker-compose.yml index dffcb71..ea274ec 100644 --- a/docker/ganymede/docker-compose.yml +++ b/docker/ganymede/docker-compose.yml @@ -2,7 +2,7 @@ services: ganymede: container_name: ganymede - image: ghcr.io/zibbp/ganymede:4.14.1 + image: ghcr.io/zibbp/ganymede:4.15.0 restart: unless-stopped environment: DEBUG: ${GANYMEDE_DEBUG:-false} From e74eadbbcc649d4bbcd3997de44290fe245772b8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Apr 2026 04:27:17 +0000 Subject: [PATCH 346/377] chore(deps): update helm release renovate to 46.106.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index b3221ca..499f071 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.105.* + targetRevision: 46.106.* helm: valuesObject: renovate: From 4d7494ec7b2716d3ffbad2f1fbd5bd963c7b58e1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Apr 2026 04:23:28 +0000 Subject: [PATCH 347/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v16.2.2 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 1c55a69..1905123 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 16.2.1 + targetRevision: 16.2.2 helm: valuesObject: replicaCount: 2 From 3c9110c459f7b6aa6f0f9df83d1532a0d0166ef7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Apr 2026 04:23:41 +0000 Subject: [PATCH 348/377] chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.12.11 --- docker/rustical/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index bdc0d01..0ee3c9a 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -1,7 +1,7 @@ --- services: rustical: - image: ghcr.io/lennart-k/rustical:0.12.10 + image: ghcr.io/lennart-k/rustical:0.12.11 restart: unless-stopped ports: - '4000:4000' From 49a0d53122974c5b1a37167c68c550511e7b18e7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Apr 2026 05:45:03 +0000 Subject: [PATCH 349/377] chore(deps): update ghcr.io/zibbp/ganymede docker tag to v4.15.1 --- docker/ganymede/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/ganymede/docker-compose.yml b/docker/ganymede/docker-compose.yml index ea274ec..5e2dec2 100644 --- a/docker/ganymede/docker-compose.yml +++ b/docker/ganymede/docker-compose.yml @@ -2,7 +2,7 @@ services: ganymede: container_name: ganymede - image: ghcr.io/zibbp/ganymede:4.15.0 + image: ghcr.io/zibbp/ganymede:4.15.1 restart: unless-stopped environment: DEBUG: ${GANYMEDE_DEBUG:-false} From b3ede2398429411ba5c20f95432f957abe498dec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Mon, 13 Apr 2026 02:23:52 +0200 Subject: [PATCH 350/377] feat: update oxicloud to 0.5.5 --- 1 | 54 +++++++++++++++++++++++++++++++++++++ k8s/argo-apps/oxicloud.yaml | 2 +- 2 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 1 diff --git a/1 b/1 new file mode 100644 index 0000000..8e23128 --- /dev/null +++ b/1 @@ -0,0 +1,54 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: oxicloud + namespace: argocd +spec: + destination: + name: '' + namespace: apps-roboces + server: https://kubernetes.default.svc + sources: + - path: k8s/charts/oxicloud + repoURL: https://git.roboces.dev/catalin/fukuops.git + targetRevision: main + helm: + valuesObject: + image: + repository: diocrafts/oxicloud + pullPolicy: Always + tag: "0.5.5" + persistence: + enabled: true + storageClass: "truenas-nfs-csi" + accessMode: ReadWriteMany + size: 50Gi + service: + type: LoadBalancer + config: + server: + port: 8086 + host: "0.0.0.0" + baseUrl: "https://cloud.roboces.dev" + features: + enableAuth: "true" + enableSharing: "true" + mimalloc: + purgeDelay: "0" + allowLargeOsPages: "0" + secrets: + existingSecret: oxicloud + wopi: + enabled: false + ingress: + className: "traefik" + hosts: + - host: cloud.roboces.dev + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + project: roboces + syncPolicy: + automated: {} diff --git a/k8s/argo-apps/oxicloud.yaml b/k8s/argo-apps/oxicloud.yaml index b1c1eb5..8e23128 100644 --- a/k8s/argo-apps/oxicloud.yaml +++ b/k8s/argo-apps/oxicloud.yaml @@ -18,7 +18,7 @@ spec: image: repository: diocrafts/oxicloud pullPolicy: Always - tag: "0.5.4" + tag: "0.5.5" persistence: enabled: true storageClass: "truenas-nfs-csi" From b5a1d35a70b39a7ffba5cf90d8c6d1c2fb2ea5ba Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Apr 2026 04:12:54 +0000 Subject: [PATCH 351/377] chore(deps): update ghcr.io/antoniolago/charts/vaultwarden-kubernetes-secrets docker tag to v1.4.01 --- k8s/argo-apps/vault-sm.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/vault-sm.yaml b/k8s/argo-apps/vault-sm.yaml index ba61191..5b844ac 100644 --- a/k8s/argo-apps/vault-sm.yaml +++ b/k8s/argo-apps/vault-sm.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: vaultwarden-kubernetes-secrets repoURL: ghcr.io/antoniolago/charts - targetRevision: 1.3.01 + targetRevision: 1.4.01 helm: valuesObject: api: From 833e85690342ea03964df760ab1a76ad2e1cb3a3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Apr 2026 04:13:12 +0000 Subject: [PATCH 352/377] chore(deps): update helm release renovate to 46.107.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 499f071..ebd5e9a 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.106.* + targetRevision: 46.107.* helm: valuesObject: renovate: From e4b19d9e996467cb8c981bb332cef81095c5d5ba Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Apr 2026 08:33:11 +0000 Subject: [PATCH 353/377] chore(deps): update vaultwarden/server docker tag to v1.35.7 --- docker/vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/vaultwarden/docker-compose.yml b/docker/vaultwarden/docker-compose.yml index 3970c77..84c24df 100644 --- a/docker/vaultwarden/docker-compose.yml +++ b/docker/vaultwarden/docker-compose.yml @@ -1,7 +1,7 @@ --- services: vaultwarden: - image: vaultwarden/server:1.35.4-alpine + image: vaultwarden/server:1.35.7-alpine restart: unless-stopped environment: DATABASE_URL: ${DATABASE_URL} From 87d94bcc70581f4c7be32db3098450164740513a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Apr 2026 08:33:27 +0000 Subject: [PATCH 354/377] chore(deps): update helm release renovate to 46.109.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index ebd5e9a..60f7d06 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.107.* + targetRevision: 46.109.* helm: valuesObject: renovate: From 8b7746bb1ef392fa354d281ee06a50920a2044c3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Apr 2026 04:10:17 +0000 Subject: [PATCH 355/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.20.14 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 9980275..98e1b43 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.20.13 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.14 restart: unless-stopped ports: - 8002:8000 From 8375b972c957d750c738f02c851d5296695bd58a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Apr 2026 05:03:33 +0000 Subject: [PATCH 356/377] chore(deps): update terraform adguard to v1.7.0 --- tofu/adguard/.terraform.lock.hcl | 58 +++++++++++++++----------------- tofu/adguard/main.tf | 2 +- 2 files changed, 29 insertions(+), 31 deletions(-) diff --git a/tofu/adguard/.terraform.lock.hcl b/tofu/adguard/.terraform.lock.hcl index 754c9d0..6361897 100644 --- a/tofu/adguard/.terraform.lock.hcl +++ b/tofu/adguard/.terraform.lock.hcl @@ -2,37 +2,35 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/gmichels/adguard" { - version = "1.6.2" - constraints = "1.6.2" + version = "1.7.0" + constraints = "1.7.0" hashes = [ - "h1:4rfmv0e8MoRPw+CTZBxTlPZbOSvPnIIt8kwVIIRIqbc=", - "h1:FUOYxkRfDHxiAlTKpvfZpNpRdCkq7Gs9JcZjLWo+guM=", - "h1:FewdC+pt/Z8XC1M5M49D74MYnMzVjwVoAcnonmbxhwA=", - "h1:RAXQ/T7oF42hDSuXH7hH85uj8QmHRS+ArP5pO4ILslc=", - "h1:a5SEI5KSX0cENGjd+IrxMj4l0Cr5GWvTP8Ng3cJaLTg=", - "h1:gNdYW6qM5jJTA2M9BHzVtuCTSmY2Fi/r08A/duZR8Yg=", - "h1:gnBusJUhlOSxn2JG5V0N3aHWAcTtMLcSjRSMKm8+6S4=", - "h1:hwB3SSfBITtOIggACNkdTnA8hG2AzYaFgG3WJny3290=", - "h1:iGjswHan6q6vYBTxR+WFBCUwCN7jmg7mAvFnv4P3/m8=", - "h1:mBxI5srrplxBHZLuXfEVZzwph3mCl9SQv0e9nR2GhQ4=", - "h1:o3CYF1B/kMBktAn1cWJuqW84VqZkM5K3A1BPw6v5fnA=", - "h1:sX4l50R6dzuHdQJFBfGDY6lZc4bCGKjxkKRtoKmx/1g=", - "h1:shVeqrDxxOvnsD//ryu7IoxwPsGb+6FeLmum3szd/mU=", - "h1:wY3pI9C3lEZ9nZRIqky5cqfwLm+u7Wi/9HBVCo4o9/M=", - "zh:0337224a2b6418ba38cedf7f2cef9b154f51db4791b03d6b5745cb26f60614d2", - "zh:09addda402962c46cd236ae1703ba9632f377897e8d321678cf0e4428a5071f7", - "zh:1f7b511933d6ca8fbdcd5bb50bba910e88b73fee57ae2922e01f18470350929e", - "zh:2bd2a45c4cddd19b2a55d6d658184df25f002e0b7a929da48b5086922ae846d6", - "zh:30ed44fd468132273029302fc16de4e76a1f10b816862e2e5dfca545e5b67f70", - "zh:3f73e37f6410509f7811db77b53f6e332c24344ad800a1d56bcf6af2a706d998", - "zh:5215dbeb6edbe0e7fae238580bb649745824d3744cc0d3b407244383ddeefd96", - "zh:543a6b4d814607884791306ae661a1d3475af90785712fb6c94e2b616f75afba", - "zh:8402d7a2d501ff0c9fe2216bf80f6bc133f0277cc3f184d3d37f4628b778f18b", - "zh:894ac1fce4fd92c66684d64d41356d5d02ebcf3a68e4ae1150314732f9ac384f", - "zh:ad547c8c8413de6886cf563129b117a0aab79b9841e7486e58a639c74eeacc12", - "zh:b9d69a6f99256cbd741ddc881f8665eec6e51ee1a4b99918ae8e9bdcf73cf31d", - "zh:d254d2dae145dbe5435be32b821198d9d5dca81fb67e06499eb8a8bd78a34ba5", - "zh:df327c22ba4437fa5e879ae70ce8330363a4e6f320711e7bd2ac249db3a3a551", + "h1:1vvJ6KcLUR8U2BHNtj7tMsgEsGXzTKMIFsHfcZYEVyc=", + "h1:5BDrsrU/Sdain/+KkhbNzxVL81rh69wG4iKOIBf9qys=", + "h1:70gWtux/jVZQgsDjr8+j0aRHKkGZqRWCmzoX9ddC7f4=", + "h1:Qdqipgukxph9vqXiEKVzFSgXfEmGiGw1JrrQvwJOtco=", + "h1:QveIrziFNxu+Go7pl7qjH5tqPOb8pgzfTdunVgsJ3vg=", + "h1:UrJdOlCLAWC7/I2Co02RtOKT3tSGb8TwOgJ7s0sOtCo=", + "h1:W6nZfQzWb3Ds1JRytBqzsZoNBa6x4OOe9J87f1nyCRA=", + "h1:c3RK8fSEr2yfPySC0WemOC/CR3608Ra4vFwGhvdrswg=", + "h1:jizPinVWDQUN6rKwiBgRm7PcgUJe4AWlCWghgH0v7xI=", + "h1:lb9gv3IiUZDA4P/kpuvOqZmidWMIbpG+sUecM1QclNo=", + "h1:sRIMccvZq71/CxTknprnRozCChEZSq4Nmt+M+DOjTq8=", + "h1:uOdtIfvNVEHheucpt51bSCYtX2W1LKELlOkBTbjBm6o=", + "h1:woGvhSgZDFj5+yH5uHonXSIn6AaeZekb3t9oXMZB/DQ=", + "zh:0b83aa1ade1a6f7c9b1af0488dad43bf00e733d1517463d4bee51c17612546da", + "zh:15d784c16545efaf6c368b642995bb0d0ef61b6961e67b072430d445ef6c02fc", + "zh:1c4da4d20c98795fee1ac0cd9ffd880a68f06992d6fe849342c4b19f79c8aff9", + "zh:41afcdcc5236fa40a0b7ec614cb830ef03d45f8f1b8988d24d80ec999ef34b9b", + "zh:4c8e832a5a842420b5163eb5eb2bd7d460ece524efc618bdba64e4f4a2d403b5", + "zh:58e19d2f9e4bd9f2a13b631c3213157ea80ef3aa7b3b8edcd8fb341f9c06c5e5", + "zh:7380ca4d053255f787ded10c26b19ebd23d3563ddbb36d0be66bb2cef293d27d", + "zh:7b21589bb31084bb68b2deb96bd4130b8b13c1c71614704d13d4cbdfc583f3c7", + "zh:82aee49172286676cdccbc97b809b84acf3edeb164ae77cafa837118ee3769a6", + "zh:95431a266520cce112474616c27c80f0017625ef7d80aaf69118360222d7974b", + "zh:a6dc4b60beafc471d049b856df4bf793838b1e8b2079efe4a12ebf6fbd482098", + "zh:d9c5c35be3ae54a52fb444b61e442445e74df6a4ab5bc4884b0f5d55eacc4ced", + "zh:f6bd2db5d9a178c9b5b020e505affc245a0ceaa8e662f37ad9743d65e1153322", "zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32", ] } diff --git a/tofu/adguard/main.tf b/tofu/adguard/main.tf index 894cfea..fe0c505 100644 --- a/tofu/adguard/main.tf +++ b/tofu/adguard/main.tf @@ -9,7 +9,7 @@ terraform { required_providers { adguard = { source = "gmichels/adguard" - version = "1.6.2" + version = "1.7.0" } } } From 6e250324680c25cb40baaf3472f175127b5311e8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Apr 2026 05:02:25 +0000 Subject: [PATCH 357/377] chore(deps): update helm release renovate to 46.112.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 60f7d06..173064b 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.109.* + targetRevision: 46.112.* helm: valuesObject: renovate: From 98c3bbee281a99c5cc0e0df1c2bac53d0643c1d9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Apr 2026 04:10:35 +0000 Subject: [PATCH 358/377] chore(deps): update helm release meilisearch to 0.31.* --- k8s/argo-apps/meili.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index 1f51360..ec170e4 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -18,7 +18,7 @@ spec: targetRevision: main - chart: meilisearch repoURL: https://meilisearch.github.io/meilisearch-kubernetes - targetRevision: 0.30.* + targetRevision: 0.31.* helm: valuesObject: environment: From ebfdfcc6da086c7d9a2c0384ddb707437fe30ff6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Thu, 16 Apr 2026 20:19:48 +0200 Subject: [PATCH 359/377] feat: remove useless file --- 1 | 54 ------------------------------------------------------ 1 file changed, 54 deletions(-) delete mode 100644 1 diff --git a/1 b/1 deleted file mode 100644 index 8e23128..0000000 --- a/1 +++ /dev/null @@ -1,54 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: oxicloud - namespace: argocd -spec: - destination: - name: '' - namespace: apps-roboces - server: https://kubernetes.default.svc - sources: - - path: k8s/charts/oxicloud - repoURL: https://git.roboces.dev/catalin/fukuops.git - targetRevision: main - helm: - valuesObject: - image: - repository: diocrafts/oxicloud - pullPolicy: Always - tag: "0.5.5" - persistence: - enabled: true - storageClass: "truenas-nfs-csi" - accessMode: ReadWriteMany - size: 50Gi - service: - type: LoadBalancer - config: - server: - port: 8086 - host: "0.0.0.0" - baseUrl: "https://cloud.roboces.dev" - features: - enableAuth: "true" - enableSharing: "true" - mimalloc: - purgeDelay: "0" - allowLargeOsPages: "0" - secrets: - existingSecret: oxicloud - wopi: - enabled: false - ingress: - className: "traefik" - hosts: - - host: cloud.roboces.dev - paths: - - path: / - pathType: ImplementationSpecific - tls: [] - project: roboces - syncPolicy: - automated: {} From 4a61991f4b11770eadf4e66c558291638b8d43d4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Apr 2026 04:45:52 +0000 Subject: [PATCH 360/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v17 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 1905123..36d29c5 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 16.2.2 + targetRevision: 17.0.0 helm: valuesObject: replicaCount: 2 From 9aba22b0b15ded211593e924d879ef40dda6b6a7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Apr 2026 04:12:57 +0000 Subject: [PATCH 361/377] chore(deps): update helm release meilisearch to 0.32.* --- k8s/argo-apps/meili.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index ec170e4..dfd5cf8 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -18,7 +18,7 @@ spec: targetRevision: main - chart: meilisearch repoURL: https://meilisearch.github.io/meilisearch-kubernetes - targetRevision: 0.31.* + targetRevision: 0.32.* helm: valuesObject: environment: From 7e6430640cee15c7bf48ef7f499e9c6a0999bd4c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Apr 2026 04:45:22 +0000 Subject: [PATCH 362/377] chore(deps): update helm release renovate to 46.118.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 173064b..ed63a5c 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.112.* + targetRevision: 46.118.* helm: valuesObject: renovate: From 542dae20453408aa86ef9713935ac793d9b7cce7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Mon, 20 Apr 2026 10:25:34 +0200 Subject: [PATCH 363/377] feat: add scripts/k3scale.sh --- scripts/k3scale.sh | 162 +++++++++++++++++++++++++++++++++++++++ scripts/proxmox-power.sh | 0 2 files changed, 162 insertions(+) create mode 100755 scripts/k3scale.sh mode change 100644 => 100755 scripts/proxmox-power.sh diff --git a/scripts/k3scale.sh b/scripts/k3scale.sh new file mode 100755 index 0000000..945990f --- /dev/null +++ b/scripts/k3scale.sh @@ -0,0 +1,162 @@ +#!/usr/bin/env bash + + +usage() { + cat <&2 + usage >&2 + exit 1 + ;; + *) + if [[ -z "$REPLICAS" ]]; then + REPLICAS="$1" + else + RESOURCES+=("$1") + fi + shift + ;; + esac +done + +if [[ -z "$REPLICAS" ]]; then + echo "Error: REPLICAS is required" >&2 + usage >&2 + exit 1 +fi + +if [[ "$ALL" == false && "$ALL_NAMESPACES" == false && ${#RESOURCES[@]} -eq 0 ]]; then + echo "Error: Must specify --all, --all-namespaces, or at least one RESOURCE" >&2 + usage >&2 + exit 1 +fi + +NAMESPACE_ARG=() +if [[ -n "$NAMESPACE" ]]; then + NAMESPACE_ARG=("-n" "$NAMESPACE") +fi + +DRY_RUN_ARG=() +if [[ "$DRY_RUN" == true ]]; then + DRY_RUN_ARG=("--dry-run=client") +fi + +KUBECTL_BASE=(kubectl) +if [[ -n "$KUBECTL_V" ]]; then + KUBECTL_BASE+=( "$KUBECTL_V" ) +fi +KUBECTL_BASE+=( "${NAMESPACE_ARG[@]}" ) +KUBECTL_BASE+=( "${DRY_RUN_ARG[@]}" ) + +scale_resource() { + local resource="$1" + local ns name + + if [[ "$resource" == */* ]]; then + ns="${resource%%/*}" + name="${resource#*/}" + else + ns="${NAMESPACE:-$(kubectl "${NAMESPACE_ARG[@]}" config view --minify --output jsonpath='{.contexts[0].context.namespace}' 2>/dev/null || echo "default")}" + name="$resource" + fi + + for kind in deployment statefulset; do + if "${KUBECTL_BASE[@]}" get "$kind" "$name" -n "$ns" &>/dev/null; then + echo "Scaling $kind/$ns/$name to $REPLICAS replicas${DRY_RUN:+ (dry-run)}" + "${KUBECTL_BASE[@]}" scale "$kind" "$name" -n "$ns" --replicas="$REPLICAS" + return 0 + fi + done + + echo "Error: Resource '$resource' not found as deployment or statefulset" >&2 + return 1 +} + +get_resources() { + local ns_flag=() + if [[ "$ALL_NAMESPACES" == true ]]; then + ns_flag=("--all-namespaces") + elif [[ -n "$NAMESPACE" ]]; then + ns_flag=("-n" "$NAMESPACE") + fi + + "${KUBECTL_BASE[@]}" get "${ns_flag[@]}" deployment,statefulset -o jsonpath='{range .items[*]}{.metadata.namespace}/{.kind}/{.metadata.name}{"\n"}{end}' 2>/dev/null | while IFS=/ read -r ns kind name; do + echo "$ns/$name" + done +} + +if [[ "$ALL" == true || "$ALL_NAMESPACES" == true ]]; then + while IFS= read -r resource; do + [[ -n "$resource" ]] && scale_resource "$resource" + done < <(get_resources) +else + for resource in "${RESOURCES[@]}"; do + scale_resource "$resource" + done +fi diff --git a/scripts/proxmox-power.sh b/scripts/proxmox-power.sh old mode 100644 new mode 100755 From c8cc8e3f20b854519e21abee39506a92d3ab3a67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 22 Apr 2026 13:27:37 +0200 Subject: [PATCH 364/377] feat: add scripts/update-argo.sh --- .pre-commit-config.yaml | 8 +-- scripts/update-argo.sh | 129 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 133 insertions(+), 4 deletions(-) create mode 100755 scripts/update-argo.sh diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index c2bed7c..fc7cc6a 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,7 +1,7 @@ --- repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v5.0.0 + rev: v6.0.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer @@ -15,18 +15,18 @@ repos: - id: trailing-whitespace - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.92.1 + rev: v1.105.0 hooks: - id: terraform_fmt - repo: https://github.com/adrienverge/yamllint.git - rev: v1.35.1 + rev: v1.38.0 hooks: - id: yamllint args: [--format, parsable, --strict] - repo: https://github.com/shellcheck-py/shellcheck-py - rev: v0.10.0.1 + rev: v0.11.0.1 hooks: - id: shellcheck files: \.sh diff --git a/scripts/update-argo.sh b/scripts/update-argo.sh new file mode 100755 index 0000000..fbdd1da --- /dev/null +++ b/scripts/update-argo.sh @@ -0,0 +1,129 @@ +#!/usr/bin/env bash + +check_kubectl() { + if ! command -v kubectl &>/dev/null; then + echo "Error: kubectl is not installed or not in PATH" >&2 + exit 1 + fi + log_info "kubectl found at $(command -v kubectl)" +} + +VERBOSE=0 + +log_debug() { [[ $VERBOSE -ge 3 ]] && echo "[DEBUG] $*" || true; } +log_verbose() { [[ $VERBOSE -ge 2 ]] && echo "[VERBOSE] $*" || true; } +log_info() { [[ $VERBOSE -ge 1 ]] && echo "[INFO] $*" || true; } +log_error() { echo "[ERROR] $*" >&2; } + +usage() { + cat <&2 + usage >&2 + exit 1 + ;; + *) + TARGET_VERSION="$1" + shift + ;; + esac +done + +log_debug "Script started with target version: ${TARGET_VERSION:-auto}" + +check_kubectl + +log_info "Checking current kubectl context" +CURRENT_CONTEXT=$(kubectl config current-context 2>/dev/null) +log_verbose "Current context: $CURRENT_CONTEXT" + +log_info "Checking for ArgoCD installation" +if ! kubectl get ns argocd &>/dev/null; then + log_error "ArgoCD namespace not found. This script only upgrades existing installations." + exit 1 +fi +log_verbose "ArgoCD namespace found" + +log_info "Checking current ArgoCD version" +CURRENT_VERSION=$(kubectl get deployment argocd-server -n argocd -o jsonpath='{.spec.template.spec.containers[0].image}' 2>/dev/null) +if [[ -n "$CURRENT_VERSION" ]]; then + CURRENT_VERSION=$(echo "$CURRENT_VERSION" | sed 's/.*argocd:v\?//' | tr -d ' \n') + if [[ -n "$CURRENT_VERSION" ]]; then + CURRENT_VERSION="${CURRENT_VERSION#v}" + log_verbose "Current ArgoCD version: $CURRENT_VERSION" + else + log_error "Could not extract ArgoCD version from image: $CURRENT_VERSION" + exit 1 + fi +fi + +if [[ -z "$TARGET_VERSION" ]]; then + log_info "No target version specified, querying for latest version" + log_verbose "Fetching latest release from GitHub" + LATEST_VERSION=$(curl -s https://api.github.com/repos/argoproj/argo-cd/releases/latest | grep -oP '"tag_name":\s*"\K[^"]+' | sed 's/^v//') + if [[ -n "$LATEST_VERSION" ]]; then + log_verbose "Latest version available: $LATEST_VERSION" + TARGET_VERSION="$LATEST_VERSION" + else + echo "Error: Could not fetch latest version" >&2 + exit 1 + fi +fi + +log_info "Target version: $TARGET_VERSION" + +log_debug "Determining update path from $CURRENT_VERSION to $TARGET_VERSION" + +log_info "Applying ArgoCD manifests" +log_verbose "Downloading manifest from https://raw.githubusercontent.com/argoproj/argo-cd/v${TARGET_VERSION}/manifests/install.yaml" +curl -sLO "https://raw.githubusercontent.com/argoproj/argo-cd/v${TARGET_VERSION}/manifests/install.yaml" + +log_debug "Applying manifest with kubectl" +if [[ "$DRY_RUN" == true ]]; then + log_verbose "Dry-run mode: would apply manifest" + kubectl apply -n argocd -f install.yaml --dry-run=client +else + kubectl apply -n argocd -f install.yaml +fi + +log_verbose "Cleaning up downloaded manifest" +rm -f install.yaml + +log_info "Update to ArgoCD $TARGET_VERSION initiated" From 375113b7c813507e909e7064353d8a8415fe5a7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 22 Apr 2026 13:28:10 +0200 Subject: [PATCH 365/377] feat: update oxicloud to 0.5.6 --- k8s/argo-apps/oxicloud.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/oxicloud.yaml b/k8s/argo-apps/oxicloud.yaml index 8e23128..2e2ba46 100644 --- a/k8s/argo-apps/oxicloud.yaml +++ b/k8s/argo-apps/oxicloud.yaml @@ -18,7 +18,7 @@ spec: image: repository: diocrafts/oxicloud pullPolicy: Always - tag: "0.5.5" + tag: "0.5.6" persistence: enabled: true storageClass: "truenas-nfs-csi" From 5a2698196535b6be0b43f8a03a28ad38015142c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Thu, 23 Apr 2026 09:18:37 +0200 Subject: [PATCH 366/377] feat: remove elastic --- k8s/argo-apps/elastic.yaml | 46 --------------------------- k8s/argo-apps/forgejo.yaml | 14 ++------ k8s/argo-apps/meili.yaml | 2 +- k8s/services/argo/project-fuku.yaml | 2 +- k8s/services/meili/sealedsecrets.yaml | 16 ---------- 5 files changed, 4 insertions(+), 76 deletions(-) delete mode 100644 k8s/argo-apps/elastic.yaml delete mode 100644 k8s/services/meili/sealedsecrets.yaml diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml deleted file mode 100644 index b65a53b..0000000 --- a/k8s/argo-apps/elastic.yaml +++ /dev/null @@ -1,46 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: elastic - namespace: argocd -spec: - destination: - name: '' - namespace: apps-fuku - server: https://kubernetes.default.svc - sources: - - chart: elasticsearch - repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 22.1.6 - helm: - valuesObject: - service: - type: LoadBalancer - master: - persistence: - enabled: true - storageClass: truenas-nfs-csi - accessModes: - - ReadWriteMany - size: 50Gi - ingress: - enabled: true - hostname: elastic.fuku - tls: true - selfSigned: true - ingressClassName: traefik - data: - persistence: - enabled: true - storageClass: truenas-nfs-csi - accessModes: - - ReadWriteMany - size: 50Gi - autoscaling: - enabled: true - maxReplicas: 3 - minReplicas: 1 - project: fuku - syncPolicy: - automated: {} diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 36d29c5..6f61ce5 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -17,7 +17,7 @@ spec: targetRevision: 17.0.0 helm: valuesObject: - replicaCount: 2 + replicaCount: 1 service: http: type: LoadBalancer @@ -49,15 +49,8 @@ spec: serviceMonitor: enabled: true config: - indexer: - ISSUE_INDEXER_CONN_STR: http://elastic-elasticsearch.apps-fuku.svc.cluster.local:9200 - ISSUE_INDEXER_ENABLED: true - ISSUE_INDEXER_TYPE: elasticsearch - REPO_INDEXER_ENABLED: false - REPO_INDEXER_TYPE: elasticsearch actions: - ENABLED: true - DEFAULT_ACTIONS_URL: https://github.com + ENABLED: false picture: DISABLE_GRAVATAR: false ENABLE_FEDERATED_AVATAR: true @@ -106,9 +99,6 @@ spec: enabled: false redis-cluster: enabled: false - - path: k8s/services/forgejo - repoURL: https://git.roboces.dev/catalin/fukuops.git - targetRevision: main project: roboces syncPolicy: automated: {} diff --git a/k8s/argo-apps/meili.yaml b/k8s/argo-apps/meili.yaml index dfd5cf8..9303052 100644 --- a/k8s/argo-apps/meili.yaml +++ b/k8s/argo-apps/meili.yaml @@ -24,7 +24,7 @@ spec: environment: MEILI_ENV: production auth: - existingMasterKeySecret: meilisearch-master-key + existingMasterKeySecret: meili service: type: NodePort port: 7700 diff --git a/k8s/services/argo/project-fuku.yaml b/k8s/services/argo/project-fuku.yaml index 6f03737..46076fd 100644 --- a/k8s/services/argo/project-fuku.yaml +++ b/k8s/services/argo/project-fuku.yaml @@ -25,7 +25,6 @@ spec: - https://charts.crystalnet.org - https://portainer.github.io/k8s/ - https://docs.renovatebot.com/helm-charts - - registry-1.docker.io/bitnamicharts - https://meilisearch.github.io/meilisearch-kubernetes - https://kubetail-org.github.io/helm-charts/ - https://groundhog2k.github.io/helm-charts/ @@ -34,3 +33,4 @@ spec: - https://helm.runix.net - https://rcourtman.github.io/Pulse - ghcr.io/antoniolago/charts + - https://helm.elastic.co diff --git a/k8s/services/meili/sealedsecrets.yaml b/k8s/services/meili/sealedsecrets.yaml deleted file mode 100644 index 98dd5cb..0000000 --- a/k8s/services/meili/sealedsecrets.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# yamllint disable rule:line-length ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: meilisearch-master-key - namespace: apps-fuku -spec: - encryptedData: - MEILI_MASTER_KEY: AgBcQDv79lsUJF09YTd+zsuC9Ufhgs74mk5sxIrgaAQW/5yBupPgIsZw+g33qDqejuG+hfdhvkTOFHYetNuEDjnPWEpySjMLiB6N/HXMSuPimbOSjhHP3d7jgnWnIluUPs3RsvxDzaHCygVsS2a5ul7+qJGbiQTlmcV/rMVkqiw95mxwswkZhWi1Da1QYPgjRkazbCV0JAVhYYoo7VBnxceyGOS7Um5BsdyDMmXCn0qegU2FDlXTcBBur48hlyRqie/DxyZi3Yx/yiOnVH7g7H41H6hLJpKhQTMQbnohAqUC2UZZJlwrc8b/3kisFw/pxBP7S47hn9iseQcw18mXs6SzlXbhWm+CyNsKEvuXJAMVlaCrOCqs8Kf8ZlraCJYYq8mx+zoA7yAHnRdC4uByR5SGwnXJgq4WJD3wx90NuVbTcJfpQ+bNMPpRS8W+66S9j+rBVk6YcqCqL62JPSf0I9ZKCrNJrtbx5WyxbcVAgZdd2oxxXq6fG4I/wvqn/LN7nAqDwaCjU0395R+vM89o24h8pMTNOUhY1Dqxh0rKQOnTACc12kmhwQucdtjwkFzM7PJxW8d8GGdvgPoIxe27sguUMvn6IFo8h0JmGrbAyDEeR113s/gwQm9ozM9KJXXyImfiRJCcDSlny0rTNWZaGonXuSezFuhcSazepd0v85ofHgIflQQjMfLUNz1b9+ci4SbnpoJwzlrY2d6SyJSIA7Bz223j9UcRgDvRvIz3 - template: - metadata: - creationTimestamp: null - name: meilisearch-master-key - namespace: apps-fuku From 85d1589f3e5fdaea792156e47bbdf8e41ed341a4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Apr 2026 08:44:04 +0000 Subject: [PATCH 367/377] chore(deps): update terraform authentik to v2026 --- tofu/authentik/.terraform.lock.hcl | 58 +++++++++---------- tofu/authentik/main.tf | 2 +- tofu/modules/authentik-app/main.tf | 2 +- .../authentik-ldap/.terraform.lock.hcl | 58 +++++++++---------- tofu/modules/authentik-ldap/main.tf | 2 +- tofu/modules/authentik-oidc/main.tf | 2 +- tofu/modules/authentik-proxy/main.tf | 2 +- 7 files changed, 61 insertions(+), 65 deletions(-) diff --git a/tofu/authentik/.terraform.lock.hcl b/tofu/authentik/.terraform.lock.hcl index fe7616b..71b1759 100644 --- a/tofu/authentik/.terraform.lock.hcl +++ b/tofu/authentik/.terraform.lock.hcl @@ -2,36 +2,34 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.12.1" - constraints = "2025.12.1" + version = "2026.2.0" + constraints = "2026.2.0" hashes = [ - "h1:+R2MRgaXvmR1l+nYxYJqMSuvA4VBzfBoh2Er6TnDRPE=", - "h1:1y5I173i8qvxp8GQHBBI/bxkr6YOqY4IqOiJWIUSeeM=", - "h1:XHaltkhuTgyFCCZgpay2orOgc0TyZf0KqrFHNfUgY20=", - "h1:XvFByv5e6fKSlayYaXpFD/JbTYZN1ybujVJJjny1Q18=", - "h1:ZU9d05CLVYBbmdB0IGiG9MueY4/fVo4D6FeyQtbeujA=", - "h1:doHtDOiEIgIUWlUUc9jC7Uqdhj1hsy3etvdYmegcUZM=", - "h1:hUgMx2B40ByfaMA4Al0h7xotp/pZxJJxZZa/HJb6NDc=", - "h1:kG5J46qkCdUWJp/1p8CLifqc7Fy54IDZEjYhpmWcars=", - "h1:lNx+bJr11tPJxpkL5aTdOkGwB41O2Kv8fvKuiMl/LLs=", - "h1:mSOL+FqSLNkWeXopegyK/MoCkMD/VmW9V3PHLaIePjU=", - "h1:oCKzPBsyaD1ENda7qbREG3DYV3Opu09ub+msk3vRCkw=", - "h1:p9AGeRqK50wTHEIp7z7O4MUP83cs+lt7wPajZ9m9TB8=", - "h1:tBoVWDOhByI7cg9TYAAw6LDdMmWLpa2LYwJzzcukdiA=", - "h1:zHQHXKmlGNYBaWLJ9SuXsJ7dbpsvhDJl5pJi+PFU+2w=", - "zh:0e856d3b13614bc32346a236a8e84ba55ecd17238c2008d4b3e71aa8cb49f515", - "zh:2dcc44cd499c18ebbc4f763eff97a7b725763c8ac8fbb5d69c935413ccdc4962", - "zh:434100fc75ec7cd6b64cc9497e8273e79325fa8d285e9fd9d341c1a67421643b", - "zh:483484f66d2e8ce6fa4bfd91e824ceebf07d10acb5df5f366397c55227c4ae91", - "zh:596743a6f1c77a6f103b06ef8d932fe8f2376793b92478853dc84571d17c429f", - "zh:5ed2d5eb7db13229baaf042c725d5c64b58ffdcc641370175e0a88900af94bf1", - "zh:8aecd4cf782c82bee01098f72fe4ffff83707516007b32a01c7fcb19a9260338", - "zh:928c05ecac309287ff7d73ed6e478350fe3003557658ae5dc2be817a4268dba7", - "zh:9b9fd36dfb3e75da8b4478485272505ae9a3c67b10db173e1d2d76cfe2b637b8", - "zh:ab7cd8c61ab67a045854e32f0be1940a92746770dbf3c17bbe923e0259c4f897", - "zh:bb1360ec19a4fc1095d0ef1b7b6c5c3c1a91daac7cd1957d43a4cdbb7356a2e3", - "zh:d2186f4063aa1a547b52a53745d472e43f5343bc1674f2bbb91421c61b0fab50", - "zh:d74bbb67a77951b18ffd7b2863954e70ac03450ad2023cc305c66a5ff25d8d18", - "zh:f5970569ea0a479bbfbf2d452f5962e1c9bd472b82756db822d0e951363daa25", + "h1:/y7//ItB3vYvtDzSgrd7eY4QHGQ7b2G/rF/rtXdvUiY=", + "h1:2MTCDpaUJ9AAckFf+lfhq5VNkl4/e1is7XIHfjFX20U=", + "h1:EECfgcbT6h+ppgQ3x06iQZSheZ4vJ6NVwXGYGzyuQQ4=", + "h1:Hg5gBZc/mPbMwH3r5AVbDycUFoeh1LlHtAvVKsnruTY=", + "h1:J9+XlKbvc8x99ZV779XH0swZhsJo+Zcrh7UCK5pKQKY=", + "h1:On3/Zzv3W72aGsJ4AhW/tnpi4hvq9cxwgf7tF6Tg+a4=", + "h1:imSeB1o2GiuyBKsK6prOkOT7dQVDK42TaxGWAb+wEvg=", + "h1:jpOkyfrzbb/LBCdW/0R2Ag+X9bRw6X1/2BRMoImfgQ8=", + "h1:pT8YP3VDxKxhT1X+UXmjN78C+8NNb3fIANWNjR0xRX4=", + "h1:pum2uBRNDUjPeP9aYszm+6GU+K7tZIpbbLrsN39l8iw=", + "h1:qYcmNSTHIU6XefHE11SmywKqgp84B6n2Fzwdj/8dRN8=", + "h1:zH1hHNBUvxXZBzxyQa6OPjDAlZyr3rA7LqwTVVZDW9s=", + "h1:zacZCsqLyCstv+qE+VhFvwCIGLQEdNBsMIM7r9umUSQ=", + "zh:00c44e8ee842e75de9cc4fd6193b10258d1dc840e5be4aaaf118ffc180dceee0", + "zh:13057f08bce3b63613e1be3997dd454ff9568c569dd983987b1550280fbe3d01", + "zh:410a1ff2ae4647cc0ab37894f81e4d474b588a0a7f005d05d55e8c3a40978dd2", + "zh:43830834d12b3c0eeabe397842f82ca3a6b58a5bc8dd837d55b821419b55ed61", + "zh:56eaedd196ed7c4003cee0434b891b38242b4fde2031978d0ddcfdf6e16ee5ad", + "zh:5b3c10bb63c3c215ed9e0918e5808b240e3f2ee8248d10cd4d824a4998a213c5", + "zh:99c14891bcb92a6b21ef4c0e60f6c0df23e3452808f3eefd67cde78d132c80d9", + "zh:9a32cdda9f939f8484e27d4200d004c44f016fe97579a111201083f4beea78e8", + "zh:ae5086816144f68de9a0002e7696321169a71473f9d161793f4ae996388f56de", + "zh:bd09409dd34608a4ef3ea80cfc5e397268e7872f2e84c1ccdc9b5698e36ddad5", + "zh:be7af8b9eb61b0eb5053f14360e5a68caeb32c115efe8e1b583f2e7c91352a2a", + "zh:e11726812a1b2caf6b6784a3d074d1f50e3d406e9629c02096a001e5a5979331", + "zh:e39183d10d8158ccab51208f4f727c7419b1b1e596f4feb23dc42aebb36d01e3", ] } diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 2219ff9..ba31337 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.12.1" + version = "2026.2.0" } } } diff --git a/tofu/modules/authentik-app/main.tf b/tofu/modules/authentik-app/main.tf index 1b65990..cb0f8fc 100644 --- a/tofu/modules/authentik-app/main.tf +++ b/tofu/modules/authentik-app/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.12.1" + version = "2026.2.0" } } } diff --git a/tofu/modules/authentik-ldap/.terraform.lock.hcl b/tofu/modules/authentik-ldap/.terraform.lock.hcl index fe7616b..71b1759 100644 --- a/tofu/modules/authentik-ldap/.terraform.lock.hcl +++ b/tofu/modules/authentik-ldap/.terraform.lock.hcl @@ -2,36 +2,34 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.12.1" - constraints = "2025.12.1" + version = "2026.2.0" + constraints = "2026.2.0" hashes = [ - "h1:+R2MRgaXvmR1l+nYxYJqMSuvA4VBzfBoh2Er6TnDRPE=", - "h1:1y5I173i8qvxp8GQHBBI/bxkr6YOqY4IqOiJWIUSeeM=", - "h1:XHaltkhuTgyFCCZgpay2orOgc0TyZf0KqrFHNfUgY20=", - "h1:XvFByv5e6fKSlayYaXpFD/JbTYZN1ybujVJJjny1Q18=", - "h1:ZU9d05CLVYBbmdB0IGiG9MueY4/fVo4D6FeyQtbeujA=", - "h1:doHtDOiEIgIUWlUUc9jC7Uqdhj1hsy3etvdYmegcUZM=", - "h1:hUgMx2B40ByfaMA4Al0h7xotp/pZxJJxZZa/HJb6NDc=", - "h1:kG5J46qkCdUWJp/1p8CLifqc7Fy54IDZEjYhpmWcars=", - "h1:lNx+bJr11tPJxpkL5aTdOkGwB41O2Kv8fvKuiMl/LLs=", - "h1:mSOL+FqSLNkWeXopegyK/MoCkMD/VmW9V3PHLaIePjU=", - "h1:oCKzPBsyaD1ENda7qbREG3DYV3Opu09ub+msk3vRCkw=", - "h1:p9AGeRqK50wTHEIp7z7O4MUP83cs+lt7wPajZ9m9TB8=", - "h1:tBoVWDOhByI7cg9TYAAw6LDdMmWLpa2LYwJzzcukdiA=", - "h1:zHQHXKmlGNYBaWLJ9SuXsJ7dbpsvhDJl5pJi+PFU+2w=", - "zh:0e856d3b13614bc32346a236a8e84ba55ecd17238c2008d4b3e71aa8cb49f515", - "zh:2dcc44cd499c18ebbc4f763eff97a7b725763c8ac8fbb5d69c935413ccdc4962", - "zh:434100fc75ec7cd6b64cc9497e8273e79325fa8d285e9fd9d341c1a67421643b", - "zh:483484f66d2e8ce6fa4bfd91e824ceebf07d10acb5df5f366397c55227c4ae91", - "zh:596743a6f1c77a6f103b06ef8d932fe8f2376793b92478853dc84571d17c429f", - "zh:5ed2d5eb7db13229baaf042c725d5c64b58ffdcc641370175e0a88900af94bf1", - "zh:8aecd4cf782c82bee01098f72fe4ffff83707516007b32a01c7fcb19a9260338", - "zh:928c05ecac309287ff7d73ed6e478350fe3003557658ae5dc2be817a4268dba7", - "zh:9b9fd36dfb3e75da8b4478485272505ae9a3c67b10db173e1d2d76cfe2b637b8", - "zh:ab7cd8c61ab67a045854e32f0be1940a92746770dbf3c17bbe923e0259c4f897", - "zh:bb1360ec19a4fc1095d0ef1b7b6c5c3c1a91daac7cd1957d43a4cdbb7356a2e3", - "zh:d2186f4063aa1a547b52a53745d472e43f5343bc1674f2bbb91421c61b0fab50", - "zh:d74bbb67a77951b18ffd7b2863954e70ac03450ad2023cc305c66a5ff25d8d18", - "zh:f5970569ea0a479bbfbf2d452f5962e1c9bd472b82756db822d0e951363daa25", + "h1:/y7//ItB3vYvtDzSgrd7eY4QHGQ7b2G/rF/rtXdvUiY=", + "h1:2MTCDpaUJ9AAckFf+lfhq5VNkl4/e1is7XIHfjFX20U=", + "h1:EECfgcbT6h+ppgQ3x06iQZSheZ4vJ6NVwXGYGzyuQQ4=", + "h1:Hg5gBZc/mPbMwH3r5AVbDycUFoeh1LlHtAvVKsnruTY=", + "h1:J9+XlKbvc8x99ZV779XH0swZhsJo+Zcrh7UCK5pKQKY=", + "h1:On3/Zzv3W72aGsJ4AhW/tnpi4hvq9cxwgf7tF6Tg+a4=", + "h1:imSeB1o2GiuyBKsK6prOkOT7dQVDK42TaxGWAb+wEvg=", + "h1:jpOkyfrzbb/LBCdW/0R2Ag+X9bRw6X1/2BRMoImfgQ8=", + "h1:pT8YP3VDxKxhT1X+UXmjN78C+8NNb3fIANWNjR0xRX4=", + "h1:pum2uBRNDUjPeP9aYszm+6GU+K7tZIpbbLrsN39l8iw=", + "h1:qYcmNSTHIU6XefHE11SmywKqgp84B6n2Fzwdj/8dRN8=", + "h1:zH1hHNBUvxXZBzxyQa6OPjDAlZyr3rA7LqwTVVZDW9s=", + "h1:zacZCsqLyCstv+qE+VhFvwCIGLQEdNBsMIM7r9umUSQ=", + "zh:00c44e8ee842e75de9cc4fd6193b10258d1dc840e5be4aaaf118ffc180dceee0", + "zh:13057f08bce3b63613e1be3997dd454ff9568c569dd983987b1550280fbe3d01", + "zh:410a1ff2ae4647cc0ab37894f81e4d474b588a0a7f005d05d55e8c3a40978dd2", + "zh:43830834d12b3c0eeabe397842f82ca3a6b58a5bc8dd837d55b821419b55ed61", + "zh:56eaedd196ed7c4003cee0434b891b38242b4fde2031978d0ddcfdf6e16ee5ad", + "zh:5b3c10bb63c3c215ed9e0918e5808b240e3f2ee8248d10cd4d824a4998a213c5", + "zh:99c14891bcb92a6b21ef4c0e60f6c0df23e3452808f3eefd67cde78d132c80d9", + "zh:9a32cdda9f939f8484e27d4200d004c44f016fe97579a111201083f4beea78e8", + "zh:ae5086816144f68de9a0002e7696321169a71473f9d161793f4ae996388f56de", + "zh:bd09409dd34608a4ef3ea80cfc5e397268e7872f2e84c1ccdc9b5698e36ddad5", + "zh:be7af8b9eb61b0eb5053f14360e5a68caeb32c115efe8e1b583f2e7c91352a2a", + "zh:e11726812a1b2caf6b6784a3d074d1f50e3d406e9629c02096a001e5a5979331", + "zh:e39183d10d8158ccab51208f4f727c7419b1b1e596f4feb23dc42aebb36d01e3", ] } diff --git a/tofu/modules/authentik-ldap/main.tf b/tofu/modules/authentik-ldap/main.tf index b0fc742..76bf980 100644 --- a/tofu/modules/authentik-ldap/main.tf +++ b/tofu/modules/authentik-ldap/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.12.1" + version = "2026.2.0" } } } diff --git a/tofu/modules/authentik-oidc/main.tf b/tofu/modules/authentik-oidc/main.tf index aea24f7..6082b7f 100644 --- a/tofu/modules/authentik-oidc/main.tf +++ b/tofu/modules/authentik-oidc/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.12.1" + version = "2026.2.0" } } } diff --git a/tofu/modules/authentik-proxy/main.tf b/tofu/modules/authentik-proxy/main.tf index 86e4baa..cdb97c5 100644 --- a/tofu/modules/authentik-proxy/main.tf +++ b/tofu/modules/authentik-proxy/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.12.1" + version = "2026.2.0" } } } From 7263ecc20a8b37c20961e66806fe4b6f280e8c59 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Apr 2026 04:55:55 +0000 Subject: [PATCH 368/377] chore(deps): update helm release renovate to 46.128.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index ed63a5c..c7258d8 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.118.* + targetRevision: 46.128.* helm: valuesObject: renovate: From dcdee1b9c445287f7a93a4ff46bc51f9007a3ca2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Apr 2026 02:55:16 +0000 Subject: [PATCH 369/377] chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.20.15 --- docker/paperless/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 98e1b43..14d962c 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.20.14 + image: ghcr.io/paperless-ngx/paperless-ngx:2.20.15 restart: unless-stopped ports: - 8002:8000 From 8c773bac1f2d42e470a342a939b147403854a0b1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Apr 2026 02:50:47 +0000 Subject: [PATCH 370/377] chore(deps): update vaultwarden/server docker tag to v1.35.8 --- docker/vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/vaultwarden/docker-compose.yml b/docker/vaultwarden/docker-compose.yml index 84c24df..8204159 100644 --- a/docker/vaultwarden/docker-compose.yml +++ b/docker/vaultwarden/docker-compose.yml @@ -1,7 +1,7 @@ --- services: vaultwarden: - image: vaultwarden/server:1.35.7-alpine + image: vaultwarden/server:1.35.8-alpine restart: unless-stopped environment: DATABASE_URL: ${DATABASE_URL} From 926f40daaf9cf79a8c72493e3ada261ee6acf14c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Apr 2026 02:50:19 +0000 Subject: [PATCH 371/377] chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.12.12 --- docker/rustical/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index 0ee3c9a..b2dc9a8 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -1,7 +1,7 @@ --- services: rustical: - image: ghcr.io/lennart-k/rustical:0.12.11 + image: ghcr.io/lennart-k/rustical:0.12.12 restart: unless-stopped ports: - '4000:4000' From c1555ba9a3318b306dc6ffde02269769b121d08c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Apr 2026 02:38:48 +0000 Subject: [PATCH 372/377] chore(deps): update helm release renovate to 46.130.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index c7258d8..113823e 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.128.* + targetRevision: 46.130.* helm: valuesObject: renovate: From dc44158b7d2988e533f8fe78bd4bc0bcb79f64f5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 30 Apr 2026 02:41:05 +0000 Subject: [PATCH 373/377] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v17.0.1 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 6f61ce5..70875d8 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 17.0.0 + targetRevision: 17.0.1 helm: valuesObject: replicaCount: 1 From 81fd00b32d8bbb2e24c0599a544158abe0a1afcd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 29 Apr 2026 03:12:30 +0000 Subject: [PATCH 374/377] chore(deps): update helm release renovate to 46.138.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 113823e..9b84870 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.130.* + targetRevision: 46.138.* helm: valuesObject: renovate: From 7f8bd9c31d7e8e74a856c6529507e639dd6e1e94 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 4 May 2026 02:20:17 +0000 Subject: [PATCH 375/377] chore(deps): update vaultwarden/server docker tag to v1.36.0 --- docker/vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/vaultwarden/docker-compose.yml b/docker/vaultwarden/docker-compose.yml index 8204159..bbc3594 100644 --- a/docker/vaultwarden/docker-compose.yml +++ b/docker/vaultwarden/docker-compose.yml @@ -1,7 +1,7 @@ --- services: vaultwarden: - image: vaultwarden/server:1.35.8-alpine + image: vaultwarden/server:1.36.0-alpine restart: unless-stopped environment: DATABASE_URL: ${DATABASE_URL} From 9dd539c49c3127404c5fc6cd58a7d4d76db6890e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 3 May 2026 03:09:01 +0000 Subject: [PATCH 376/377] chore(deps): update ghcr.io/zibbp/ganymede docker tag to v4.16.0 --- docker/ganymede/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/ganymede/docker-compose.yml b/docker/ganymede/docker-compose.yml index 5e2dec2..ebc6836 100644 --- a/docker/ganymede/docker-compose.yml +++ b/docker/ganymede/docker-compose.yml @@ -2,7 +2,7 @@ services: ganymede: container_name: ganymede - image: ghcr.io/zibbp/ganymede:4.15.1 + image: ghcr.io/zibbp/ganymede:4.16.0 restart: unless-stopped environment: DEBUG: ${GANYMEDE_DEBUG:-false} From 4525ba5078e2f6ee90ab59858f471dfb4108ceaf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 5 May 2026 02:23:33 +0000 Subject: [PATCH 377/377] chore(deps): update helm release renovate to 46.142.* --- k8s/argo-apps/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 9b84870..505b9af 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 46.138.* + targetRevision: 46.142.* helm: valuesObject: renovate: