diff --git a/.forgejo/workflows/deploy-kaniko.yaml b/.forgejo/workflows/deploy-kaniko.yaml new file mode 100644 index 0000000..1c7b1e6 --- /dev/null +++ b/.forgejo/workflows/deploy-kaniko.yaml @@ -0,0 +1,24 @@ +--- +name: Kaniko deployments + +on: # yamllint disable-line rule:truthy + push: + branches: + - 'main' + - 'ci/debug' + +jobs: + nextcloud: + runs-on: ubuntu-22.04 + steps: + - uses: https://code.forgejo.org/actions/checkout@v4 + - name: Kaniko build + uses: aevea/action-kaniko@v0.13.0 + with: + image: catalin/fukuops + username: kaniko + password: ${{ secrets.REGISTRY_PASSWORD }} + cache: true + registry: git.roboces.dev + tag: nextcloud-30.0.1 + path: docker/nextcloud diff --git a/.forgejo/workflows/deploy-tofu.yaml b/.forgejo/workflows/deploy-tofu.yaml index 211d8db..85808a7 100644 --- a/.forgejo/workflows/deploy-tofu.yaml +++ b/.forgejo/workflows/deploy-tofu.yaml @@ -5,7 +5,6 @@ on: # yamllint disable-line rule:truthy push: branches: - 'main' - - 'ci/debug' jobs: authentik: @@ -28,7 +27,9 @@ jobs: TF_VAR_portainer_client_id: ${{ secrets.TF_VAR_portainer_client_id }} TF_VAR_portainer_client_secret: ${{ secrets.TF_VAR_portainer_client_secret }} TF_VAR_paperless_client_id: ${{ secrets.TF_VAR_paperless_client_id }} - TF_VAR_paperless_client_secret: ${{ secrets.TF_VAR_paperless_client_secret }} + TF_VAR_paperless_client_secret: ${{ secrets.TF_VAR_paperless_secret }} + TF_VAR_netbird_client_id: ${{ secrets.TF_VAR_netbird_client_id }} + TF_VAR_netbird_client_secret: ${{ secrets.TF_VAR_netbird_client_secret }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} run: | diff --git a/Makefile b/Makefile index 95f8fbe..737fe9b 100644 --- a/Makefile +++ b/Makefile @@ -4,16 +4,10 @@ lint--pre-commit: lint--kubeconform: kubeconform -strict -ignore-missing-schemas k8s/ -SHELl=/bin/bash -lint--kubescore: - kube-score score $$(find k8s -type f -print -name "*.yaml") - lint--tflint: tflint --recursive - lint: make lint--pre-commit make lint--kubeconform - make lint--kube make lint--tflint diff --git a/README.md b/README.md index 4706caa..0ac9c44 100644 --- a/README.md +++ b/README.md @@ -2,3 +2,4 @@ [![Last build status](https://git.roboces.dev/catalin/fukuops/badges/workflows/ci.yaml/badge.svg)](https://git.roboces.dev/catalin/fukuops/actions) [![Tofu deployments](https://git.roboces.dev/catalin/fukuops/badges/workflows/deploy-tofu.yaml/badge.svg)](https://git.roboces.dev/catalin/fukuops/actions) +[![Kaniko deployments](https://git.roboces.dev/catalin/fukuops/badges/workflows/deploy-kaniko.yaml/badge.svg)](https://git.roboces.dev/catalin/fukuops/actions) diff --git a/docker/forgejo-runner/docker-compose.yml b/docker/forgejo-runner/docker-compose.yml index 45761fd..c77daa8 100644 --- a/docker/forgejo-runner/docker-compose.yml +++ b/docker/forgejo-runner/docker-compose.yml @@ -1,6 +1,6 @@ --- x-runner-common: &runner-common - image: code.forgejo.org/forgejo/runner:3.5.1 + image: code.forgejo.org/forgejo/runner:4.0.0 links: - docker-in-docker depends_on: diff --git a/docker/netbird/docker-compose.yml b/docker/netbird/docker-compose.yml index 61127d5..32a7699 100644 --- a/docker/netbird/docker-compose.yml +++ b/docker/netbird/docker-compose.yml @@ -1,7 +1,7 @@ --- services: dashboard: - image: netbirdio/dashboard:latest + image: netbirdio/dashboard:v2.6.2 restart: unless-stopped ports: - 8005:80 @@ -23,7 +23,7 @@ services: max-size: "500m" max-file: "2" signal: - image: netbirdio/signal:latest + image: netbirdio/signal:0.30.3 restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird @@ -35,7 +35,7 @@ services: max-size: "500m" max-file: "2" relay: - image: netbirdio/relay:latest + image: netbirdio/relay:0.30.3 restart: unless-stopped environment: NB_LOG_LEVEL: ${NB_LOG_LEVEL:-info} @@ -50,7 +50,7 @@ services: max-size: "500m" max-file: "2" management: - image: netbirdio/management:latest + image: netbirdio/management:0.30.3 restart: unless-stopped depends_on: - dashboard @@ -74,8 +74,9 @@ services: max-file: "2" environment: - NETBIRD_STORE_ENGINE_POSTGRES_DSN= + coturn: - image: coturn/coturn:latest + image: coturn/coturn:4.6 restart: unless-stopped domainname: vpn.fukurokuju.dev volumes: @@ -90,7 +91,7 @@ services: max-file: "2" peer-1: - image: netbirdio/netbird:0.29.4 + image: netbirdio/netbird:0.30.3 restart: unless-stopped volumes: - ${NETBIRD_PEER_VOLUME:-/mnt/nas1/shared/netbird/peer-1}/data:/etc/netbird diff --git a/docker/nextcloud/Dockerfile b/docker/nextcloud/Dockerfile index 551a7b8..16edcab 100644 --- a/docker/nextcloud/Dockerfile +++ b/docker/nextcloud/Dockerfile @@ -1,4 +1,4 @@ -FROM nextcloud:30.0.0-apache +FROM nextcloud:30.0.1-apache RUN set -ex; \ \ diff --git a/docker/nextcloud/docker-compose.yml b/docker/nextcloud/docker-compose.yml index dc45f15..b85a715 100644 --- a/docker/nextcloud/docker-compose.yml +++ b/docker/nextcloud/docker-compose.yml @@ -14,7 +14,7 @@ services: - nextcloud nextcloud: - image: git.roboces.dev/catalin/fukuops:nextcloud-30.0.0 + image: git.roboces.dev/catalin/fukuops:nextcloud-30.0.1 volumes: - /mnt/nas1/legacy-storage/cloud/cloud/data:/var/www/html/data - /mnt/nas1/legacy-storage/cloud/cloud/config:/var/www/html/config diff --git a/docker/paperless/docker-compose.yml b/docker/paperless/docker-compose.yml index 6b00607..7cdb8d7 100644 --- a/docker/paperless/docker-compose.yml +++ b/docker/paperless/docker-compose.yml @@ -14,7 +14,7 @@ services: webserver: - image: ghcr.io/paperless-ngx/paperless-ngx:2.12.1 + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.2 restart: unless-stopped ports: - 8002:8000 diff --git a/docker/vaultwarden/docker-compose.yml b/docker/vaultwarden/docker-compose.yml index fb08453..4d5e7e7 100644 --- a/docker/vaultwarden/docker-compose.yml +++ b/docker/vaultwarden/docker-compose.yml @@ -1,7 +1,7 @@ --- services: vaultwarden: - image: vaultwarden/server:1.32.0-alpine + image: vaultwarden/server:1.32.3-alpine restart: unless-stopped environment: DATABASE_URL: ${DATABASE_URL} diff --git a/k8s/argo-apps/elastic.yaml b/k8s/argo-apps/elastic.yaml index cba79d5..6eb6dcb 100644 --- a/k8s/argo-apps/elastic.yaml +++ b/k8s/argo-apps/elastic.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: elasticsearch repoURL: registry-1.docker.io/bitnamicharts - targetRevision: 21.3.18 + targetRevision: 21.3.22 helm: valuesObject: service: diff --git a/k8s/argo-apps/factorio.yaml b/k8s/argo-apps/factorio.yaml index e9517ef..461643c 100644 --- a/k8s/argo-apps/factorio.yaml +++ b/k8s/argo-apps/factorio.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: factorio-server-charts repoURL: https://sqljames.github.io/factorio-server-charts/ - targetRevision: 1.2.* + targetRevision: 2.0.* helm: valuesObject: rcon: @@ -20,9 +20,9 @@ spec: nodeSelector: kubernetes.io/hostname: agent1 image: - tag: 1.1.101 + tag: latest factorioServer: - save_name: fukurokuju + save_name: fukurokuju-space admin_list: - Phireh account: diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index f03f17c..2cd0fa7 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -12,7 +12,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 8.2.3 + targetRevision: 10.0.1 helm: valuesObject: replicaCount: 2 diff --git a/k8s/argo-apps/renovate.yaml b/k8s/argo-apps/renovate.yaml index 35c7f29..19d1549 100644 --- a/k8s/argo-apps/renovate.yaml +++ b/k8s/argo-apps/renovate.yaml @@ -13,7 +13,7 @@ spec: sources: - chart: renovate repoURL: https://docs.renovatebot.com/helm-charts - targetRevision: 38.95.* + targetRevision: 38.132.* helm: valuesObject: renovate: diff --git a/k8s/services/miniflux/deployment.yaml b/k8s/services/miniflux/deployment.yaml index 3ca2690..c2e8186 100644 --- a/k8s/services/miniflux/deployment.yaml +++ b/k8s/services/miniflux/deployment.yaml @@ -28,7 +28,7 @@ spec: spec: containers: - name: miniflux - image: miniflux/miniflux:2.2.1 + image: miniflux/miniflux:2.2.2 imagePullPolicy: Always securityContext: allowPrivilegeEscalation: false