chore(deps): update helm release postgres to v1.6.1

docker/paperless/docker-compose.yml

@@ -14,7 +14,7 @@ services:
 
   webserver:
 
-    image: ghcr.io/paperless-ngx/paperless-ngx:2.19.5
+    image: ghcr.io/paperless-ngx/paperless-ngx:2.20.0
     restart: unless-stopped
     ports:
       - 8002:8000

docker/rustical/docker-compose.yml

@@ -0,0 +1,17 @@
+---
+services:
+  rustical:
+    image: ghcr.io/lennart-k/rustical:0.10.5
+    ports:
+      - '4000:4000'
+    volumes:
+      - "${RUSTICAL_DATA_VOLUME:-/mnt/nas1/shared/rustical/:/var/lib/rustical/}"
+    environment:
+      RUSTICAL_OIDC__NAME: ${RUSTICAL_OIDC_NAME:-Authentik}
+      RUSTICAL_OIDC__ISSUER: ${RUSTICAL_OIDC_ISSUER:-https://auth.fukurokuju.dev/application/o/rustical/}
+      RUSTICAL_OIDC__CLIENT_ID: ${RUSTICAL_OIDC_CLIENT_ID}
+      RUSTICAL_OIDC__CLIENT_SECRET: ${RUSTICAL_OIDC_CLIENT_SECRET}
+      RUSTICAL_OIDC__CLAIM_USERID: ${RUSTICAL_OIDC_CLAIM_USERID:-preferred_username}
+      RUSTICAL_OIDC__SCOPES: '["openid", "profile", "groups"]'
+      RUSTICAL_OIDC__ALLOW_SIGN_UP: "true"
+      RUSTICAL_FRONTEND__ALLOW_PASSWORD_LOGIN: ${RUSTICAL_FRONTED_ALLOW_PASSWORD_LOGIN:-false}

k8s/argo-apps/forgejo.yaml

@@ -14,7 +14,7 @@ spec:
   sources:
     - chart: forgejo
       repoURL: code.forgejo.org/forgejo-helm
-      targetRevision: 15.0.2
+      targetRevision: 15.0.3
       helm:
         valuesObject:
           replicaCount: 2

k8s/argo-apps/kubetail.yaml

@@ -12,7 +12,7 @@ spec:
   sources:
     - chart: kubetail
       repoURL: https://kubetail-org.github.io/helm-charts/
-      targetRevision: 0.16.1
+      targetRevision: 0.16.3
       helm:
         valuesObject:
           kubetail:

k8s/argo-apps/psql.yaml

@@ -10,7 +10,7 @@ spec:
     server: 'https://kubernetes.default.svc'
   sources:
     - chart: postgres
-      targetRevision: 1.3.6
+      targetRevision: 1.6.1
       repoURL: https://groundhog2k.github.io/helm-charts/
       helm:
         valuesObject:

k8s/argo-apps/renovate.yaml

@@ -13,7 +13,7 @@ spec:
   sources:
     - chart: renovate
       repoURL: https://docs.renovatebot.com/helm-charts
-      targetRevision: 45.1.*
+      targetRevision: 45.21.*
       helm:
         valuesObject:
           renovate:

tofu/authentik/main.tf

@@ -42,6 +42,7 @@ resource "authentik_group" "ftp" {
   is_superuser = false
 }
 
+
 module "gitea" {
   source              = "../modules/authentik-oidc"
   app_name            = "Gitea"
@@ -199,7 +200,6 @@ module "netbird" {
   app_name            = "netbird"
   app_slug            = "netbird"
   client_id           = var.netbird_client_id
-  client_secret       = var.netbird_client_secret
   client_type         = "public"
   app_access_group_id = authentik_group.vpn.id
   redirect_uris = [
@@ -223,4 +223,15 @@ module "netbird" {
   ]
   app_icon              = "https://vpn.fukurokuju.dev/apple-icon.png"
   access_token_validity = "days=10"
+  client_secret         = ""
+}
+
+module "rustical" {
+  source              = "../modules/authentik-oidc"
+  app_name            = "rustical"
+  app_slug            = "rustical"
+  client_id           = var.rustical_client_id
+  client_secret       = var.rustical_client_secret
+  redirect_uris       = [{ matching_mode = "strict", url = "https://cal.roboces.dev/frontend/login/oidc/callback" }]
+  app_access_group_id = ""
 }

tofu/authentik/vars.tf

@@ -44,10 +44,6 @@ variable "netbird_client_id" {
   type        = string
 }
 
-variable "netbird_client_secret" {
-  description = "Netbird client secret"
-  type        = string
-}
 
 variable "sftpgo_client_id" {
   description = "SFTPGo client ID"
@@ -58,3 +54,13 @@ variable "sftpgo_client_secret" {
   description = "SFTPGo client secret"
   type        = string
 }
+
+variable "rustical_client_id" {
+  description = "Radicale client ID"
+  type        = string
+}
+
+variable "rustical_client_secret" {
+  description = "Radicale client secret"
+  type        = string
+}