infrastructure/apps
1
0
Fork 0
Code Issues Pull requests7 Projects Releases Packages Wiki Activity Actions

Compare commits

..

123 commits
6e580d3ea4 ... 9de688ac1f

Author SHA1 Message Date
Peter
9de688ac1f chore(deps): update registry.k8s.io/sig-storage/csi-provisioner docker tag to v5 2024-08-06 18:07:19 +00:00
Peter Kurfer
07f672d265
chore(ente): update museum 2024-08-06 20:06:17 +02:00
Peter
ab9f71c2d9 chore(deps): update helm release argo-cd to v7.4.1 2024-08-06 11:27:37 +00:00
Peter
98196251ec chore(deps): update code.icb4dc0.de/infrastructure/images/argocd docker tag to v2.12.0 2024-08-06 11:27:19 +00:00
Peter
b3d51f3d6b chore(deps): update helm release kube-prometheus-stack to v61.7.1 2024-08-06 09:26:54 +00:00
Peter
b82f232ee2 chore(deps): update helm release coder to v2.13.3 2024-08-06 09:25:47 +00:00
Peter
64d879bf34 chore(deps): update ghcr.io/projectcontour/contour docker tag to v1.30.0 2024-08-01 18:23:06 +00:00
Peter
857ef08c0f chore(deps): update code.icb4dc0.de/infrastructure/images/ente/cast docker tag to v0.9.16 2024-08-01 18:22:03 +00:00
Peter
c51fcdaffc chore(deps): update code.icb4dc0.de/infrastructure/images/ente/photos docker tag to v0.9.16 2024-08-01 03:34:08 +00:00
Peter
03ae24ed3d chore(deps): update forgejo docker tag to v8 2024-07-31 17:41:08 +00:00
Peter
3ae221fc3e chore(deps): update helm release cloudnative-pg to v0.21.6 2024-07-31 17:38:28 +00:00
Peter
b638d81aed chore(deps): update helm release cert-manager to v1.15.2 2024-07-31 17:38:01 +00:00
Peter
9a4e43eabd chore(deps): update forgejo docker tag to v7.0.4 2024-07-31 08:05:29 +00:00
Peter
db9b38cdcc chore(deps): update helm release kube-prometheus-stack to v61.6.0 2024-07-31 08:04:42 +00:00
Peter
19f26e35ee chore(deps): update helm release nextcloud to v5.5.2 2024-07-30 03:34:39 +00:00
Peter
2978e0db10 chore(deps): update helm release kube-prometheus-stack to v61.5.0 2024-07-29 06:05:53 +00:00
Peter
bddb553116 chore(deps): update helm release coder to v2.13.2 2024-07-28 08:53:35 +00:00
Peter
d832dc2847 chore(deps): update helm release kube-prometheus-stack to v61.4.0 2024-07-28 08:52:46 +00:00
Peter
745e4e87f2 chore(deps): update forgejo docker tag to v7.0.3 2024-07-27 11:46:44 +00:00
Peter
15774d2eb4 chore(deps): update ghcr.io/linkwarden/linkwarden docker tag to v2.6.2 2024-07-27 11:42:58 +00:00
Peter
6c0368e7d2 chore(deps): update docker docker tag to v27.1.1 2024-07-27 11:42:38 +00:00
Peter
0345869411 chore(deps): update docker.io/nocodb/nocodb docker tag to v0.251.3 2024-07-27 11:41:22 +00:00
Peter
0377fc26ad chore(deps): update code.icb4dc0.de/infrastructure/images/ente/photos docker tag to v0.9.14 2024-07-27 11:40:49 +00:00
Peter
1ee073ffc9 chore(deps): update helm release nextcloud to v5.4.0 2024-07-27 03:34:33 +00:00
Peter
b37958ff22 chore(deps): update helm release argo-cd to v7.3.11 2024-07-25 20:27:11 +00:00
Peter
1d53b9d3bd chore(deps): update code.icb4dc0.de/infrastructure/images/argocd docker tag to v2.11.7 2024-07-25 03:34:15 +00:00
Peter
08596bbe24 chore(deps): update code.icb4dc0.de/infrastructure/images/ente/cast docker tag to v0.9.14 2024-07-23 09:16:36 +00:00
Peter
581fb13495 chore(deps): update docker.dragonflydb.io/dragonflydb/operator docker tag to v1.1.6 2024-07-23 07:16:45 +00:00
Peter
ede6c907a5 chore(deps): update helm release argo-cd to v7.3.10 2024-07-23 06:13:53 +00:00
Peter
8de15c8df1 chore(deps): update code.icb4dc0.de/infrastructure/images/argocd docker tag to v2.11.6 2024-07-23 06:13:35 +00:00
Peter
58ffa443be chore(deps): update docker docker tag to v27.1.0 2024-07-23 06:11:02 +00:00
Peter
88f5482bd9 chore(deps): update helm release kube-prometheus-stack to v61.3.2 2024-07-23 06:09:58 +00:00
Peter
e3fdc51433 chore(deps): update helm release nextcloud to v5.2.2 2024-07-23 06:09:44 +00:00
Peter
b0e9f9afa5 chore(deps): update helm release coder to v2.13.1 2024-07-23 06:08:55 +00:00
Peter
8ba017fcd8 chore(deps): update ghcr.io/linkwarden/linkwarden docker tag to v2.6.0 2024-07-20 03:35:39 +00:00
Peter
0daf711e03 chore(deps): update helm release kube-prometheus-stack to v61.3.1 2024-07-12 21:26:30 +00:00
Peter
4edc95a8cd chore(deps): update code.icb4dc0.de/infrastructure/images/ente/cast docker tag to v0.9.7 2024-07-12 21:24:36 +00:00
Peter
f6737daf8e chore(deps): update code.icb4dc0.de/infrastructure/images/ente/photos docker tag to v0.9.7 2024-07-12 21:24:26 +00:00
Peter
64c0ef0889 chore(deps): update helm release argo-cd to v7.3.6 2024-07-12 03:33:51 +00:00
Peter
c0fb883e67 chore(deps): update helm release kube-prometheus-stack to v61.3.0 2024-07-09 18:39:28 +00:00
Peter
2e77129aac chore(deps): update helm release hcloud-cloud-controller-manager to v1.20.0 2024-07-09 18:34:47 +00:00
Peter Kurfer
e30f0602e4
chore: update vaultwarden settings 2024-07-09 20:25:00 +02:00
Peter
177d67309a chore(deps): update ghcr.io/dani-garcia/vaultwarden docker tag to v1.31.0 2024-07-09 18:24:17 +00:00
Peter
771f30f3ca chore(deps): update code.icb4dc0.de/infrastructure/images/ente/cast docker tag to v0.9.5 2024-07-09 18:11:53 +00:00
Peter
6d99186387 chore(deps): update code.icb4dc0.de/infrastructure/images/ente/photos docker tag to v0.9.5 2024-07-08 03:33:51 +00:00
Peter
712994d83b chore(deps): update helm release kube-prometheus-stack to v61.2.0 2024-07-06 09:48:31 +00:00
Peter
8302720911 chore(deps): update code.icb4dc0.de/infrastructure/images/argocd docker tag to v2.11.4 2024-07-05 03:33:48 +00:00
Peter
e1cca49aa2 chore(deps): update helm release argo-cd to v7.3.4 2024-07-04 06:33:38 +00:00
Peter
2cd44d2a2c chore(deps): update forgejo docker tag to v7.0.2 2024-07-04 05:54:40 +00:00
Peter
4fb25cd486 chore(deps): update ghcr.io/robherley/snips.sh docker tag to v0.4.0 2024-07-04 05:46:30 +00:00
Peter
04ba911b5b chore(deps): update docker.io/nocodb/nocodb docker tag to v0.251.1 2024-07-04 03:34:15 +00:00
Peter Kurfer
73f51f4094
feat(cnpg): new cluster 2024-07-02 22:04:09 +02:00
Peter Kurfer
5d8e1f5517
fix(cnpg): set release name 2024-07-02 21:23:03 +02:00
Peter Kurfer
e00a5ec22c
feat(cnpg): initial config 2024-07-02 21:20:18 +02:00
Peter Kurfer
6f34bbb620
feat: configure gogs secret 2024-07-02 20:54:49 +02:00
Peter
ceac7579c3 chore(deps): update helm release coder to v2.13.0 2024-07-02 18:33:07 +00:00
Peter
3306b744dd chore(deps): update helm release kube-prometheus-stack to v61.1.1 2024-07-02 18:32:36 +00:00
Peter Kurfer
ccfd994e19
chore: update meilisearch credentials 2024-07-02 20:29:21 +02:00
Peter
fe2010442a chore(deps): update helm release meilisearch to v0.8.0 2024-07-02 18:06:00 +00:00
Peter
cf1a6bec14 chore(deps): update docker docker tag to v27.0.3 2024-07-02 18:04:58 +00:00
Peter
365001ef5c chore(deps): update helm release nextcloud to v5.2.0 2024-07-02 03:34:24 +00:00
Peter Kurfer
65d861c7a7
chore(garage): increase CPU resources 2024-06-30 10:40:48 +02:00
Peter Kurfer
ae08254ab6
feat(garage): add probes 2024-06-30 10:35:29 +02:00
Peter Kurfer
451af1d2a1
chore: upgrade Umami 2024-06-30 10:23:24 +02:00
Peter
0e184223aa chore(deps): update helm release argo-cd to v7.3.3 2024-06-30 08:19:00 +00:00
Peter
adb2db590c chore(deps): update helm release kube-prometheus-stack to v61 2024-06-30 08:12:29 +00:00
Peter Kurfer
5398a15d0e
chore: PGO CRD upgrades 2024-06-29 10:18:58 +02:00
Peter Kurfer
d7c49ac804
chore: upgrade pgo 2024-06-29 09:59:09 +02:00
Peter Kurfer
bfee6b0754
chore(vaultwarden): allow signup 2024-06-29 09:57:20 +02:00
Peter
09b250b2df chore(deps): update helm release nextcloud to v5.0.2 2024-06-27 10:35:23 +00:00
Peter
2f6344f4f8 chore(deps): update docker docker tag to v27.0.2 2024-06-27 03:33:42 +00:00
Peter Kurfer
82e7d9dad5
chore(prometheus): update resources 2024-06-26 20:52:37 +02:00
Peter
ce10557419 chore(deps): update helm release kube-prometheus-stack to v60.4.0 2024-06-26 18:48:38 +00:00
Peter
82a169ef33 chore(deps): update helm release hcloud-csi to v2.8.0 2024-06-26 18:47:34 +00:00
Peter
cbbc3a912f chore(deps): update helm release cert-manager to v1.15.1 2024-06-26 18:46:38 +00:00
Peter Kurfer
7e3db993f9
chore: update Dragonfly operator 2024-06-26 20:43:06 +02:00
Peter Kurfer
ef0897ed49
feat: pin Dragonfly instances to arm64 nodes 2024-06-26 20:40:25 +02:00
Peter Kurfer
db45279352
fix(prometheus): limit prometheus to arm nodes 2024-06-26 20:32:39 +02:00
Peter
fb0c45c3cb chore(deps): update helm release argo-cd to v7.3.2 2024-06-26 12:04:17 +00:00
Peter
e6f18781a2 chore(deps): update helm release argo-cd to v7.3.1 2024-06-26 12:03:42 +00:00
Peter
0dccacca8a chore(deps): update docker docker tag to v27 2024-06-26 12:03:25 +00:00
Peter Kurfer
cb39b80946
fix(nocodb): mount emptyDir at /tmp 2024-06-26 08:15:10 +02:00
Peter Kurfer
ea36bc6d4a
fix(nocodb): remove obsolete emptyDir mounts 2024-06-25 21:17:07 +02:00
Peter Kurfer
bb47e18360
chore(deps): update docker.io/nocodb/nocodb docker tag to v0.251.0 2024-06-25 20:30:51 +02:00
Peter Kurfer
9053590443
chore(deps): update helm release coder to v2.12.3 2024-06-25 20:30:16 +02:00
Peter Kurfer
438337539b
feat(ente): add readiness probe 2024-06-25 20:28:31 +02:00
Peter
ef96e01b56 chore(deps): update helm release nextcloud to v5.0.1 2024-06-25 18:10:17 +00:00
Peter
4375149bbf chore(deps): update code.icb4dc0.de/infrastructure/images/ente/cast docker tag to v0.9.2 2024-06-25 18:09:59 +00:00
Peter
24fb2b19e2 chore(deps): update code.icb4dc0.de/infrastructure/images/ente/photos docker tag to v0.9.2 2024-06-25 03:33:50 +00:00
Peter
871a89f41f chore(deps): update helm release argo-cd to v7.2.1 2024-06-22 10:26:40 +00:00
Peter
6d3a23363f chore(deps): update helm release coder to v2.12.2 2024-06-22 03:34:28 +00:00
Peter
54770957e6 chore(deps): update helm release kube-prometheus-stack to v60.3.0 2024-06-20 20:12:02 +00:00
Peter
6e7966b93d chore(deps): update helm release argo-cd to v7.2.0 2024-06-20 15:06:49 +00:00
Peter
97b310c333 chore(deps): update docker.io/nocodb/nocodb docker tag to v0.250.2 2024-06-19 19:20:00 +00:00
Peter
f3acae2a59 chore(deps): update helm release argo-cd to v7.1.5 2024-06-19 18:42:32 +00:00
Peter Kurfer
d7015a9936
chore: update ente server version 2024-06-18 20:19:16 +02:00
Peter
db23e1c378 chore(deps): update helm release argo-cd to v7.1.4 2024-06-18 18:05:21 +00:00
Peter
43bfaaa7ea chore(deps): update code.icb4dc0.de/infrastructure/images/ente/photos docker tag to v0.9.0 2024-06-18 18:03:50 +00:00
Peter
5a2ea01d3d chore(deps): update helm release kube-prometheus-stack to v60.2.0 2024-06-18 18:03:10 +00:00
Peter
3bc6d22a00 chore(deps): update code.icb4dc0.de/infrastructure/images/ente/cast docker tag to v0.9.0 2024-06-18 03:34:48 +00:00
Peter Kurfer
aa482b61b4
chore(ente): update SMTP credentials 2024-06-16 14:30:58 +02:00
Peter
852324015a chore(deps): update helm release hcloud-csi to v2.7.1 2024-06-15 16:41:40 +00:00
Peter
7d62785ac9 chore(deps): update forgejo docker tag to v7.0.1 2024-06-15 16:37:41 +00:00
Peter
763f7fa1c7 chore(deps): update rclone/rclone docker tag to v1.67 2024-06-15 03:34:00 +00:00
Peter
af24a5835d chore(deps): update ghcr.io/projectcontour/contour docker tag to v1.29.1 2024-06-13 03:33:48 +00:00
Peter
35af43925e chore(deps): update helm release kube-prometheus-stack to v60.1.0 2024-06-12 16:49:13 +00:00
Peter
8639fe2c10 chore(deps): update docker.dragonflydb.io/dragonflydb/operator docker tag to v1.1.3 2024-06-12 16:46:00 +00:00
Peter
02d425b369 chore(deps): update helm release argo-cd to v7.1.3 2024-06-09 09:07:21 +00:00
Peter
bdc2ea4d09 chore(deps): update helm release kube-prometheus-stack to v60.0.2 2024-06-09 09:05:40 +00:00
Peter
462ee44e1c chore(deps): update helm release hcloud-csi to v2.7.0 2024-06-09 09:05:00 +00:00
Peter
6f1a52488e chore(deps): update helm release mariadb-operator to v0.29.0 2024-06-09 09:04:34 +00:00
Peter
3dc1aa26e8 chore(deps): update helm release nextcloud to v5 2024-06-09 09:01:52 +00:00
Peter Kurfer
246ab6245d
chore: update ente tags 2024-06-09 11:00:10 +02:00
Peter Kurfer
ff366e6748
chore: upgrade Ente images 2024-06-09 10:54:49 +02:00
Peter
9fecfd8efa chore(deps): update code.forgejo.org/forgejo/runner docker tag to v3.5.0 2024-06-08 09:45:40 +00:00
Peter
1d338c9ce6 chore(deps): update helm release kube-prometheus-stack to v60.0.1 2024-06-08 03:34:14 +00:00
Peter
92bf1f8c38 chore(deps): update code.icb4dc0.de/infrastructure/images/argocd docker tag to v2.11.3 2024-06-07 06:45:48 +00:00
Peter
dc41f48168 chore(deps): update helm release kube-prometheus-stack to v60 2024-06-06 20:15:22 +00:00
Peter
f3afa15237 chore(deps): update helm release argo-cd to v7.1.2 2024-06-06 20:05:39 +00:00
Peter
c10332de94 chore(deps): update helm release coder to v2.12.1 2024-06-06 03:33:28 +00:00
Peter
f1483f59ce chore(deps): update docker docker tag to v26.1.4 2024-06-05 20:56:43 +00:00
Peter
b4008cfcb7 chore(deps): update helm release cert-manager to v1.15.0 2024-06-05 20:54:33 +00:00
Peter
1b0930fae6 chore(deps): update helm release coder to v2.12.0 2024-06-04 21:18:02 +00:00
44 changed files with 631 additions and 126 deletions

BIN
argocd/config/values.argo-cd.yaml
View file

Binary file not shown.

4
argocd/kustomization.yaml
View file

@ -13,7 +13,7 @@ resources:
images:
- name: argocd
newName: code.icb4dc0.de/infrastructure/images/argocd
newTag: v2.11.2
newTag: v2.12.0
labels:
- includeSelectors: true
@ -26,7 +26,7 @@ helmCharts:
repo: https://argoproj.github.io/argo-helm
releaseName: argo-cd
namespace: argo-system
version: "7.1.1"
version: "7.4.1"
valuesFile: config/values.argo-cd.yaml
apiVersions:
- monitoring.coreos.com/v1

2
argocd/resources/dragonfly.yml
View file

@ -9,6 +9,8 @@ metadata:
app.kubernetes.io/part-of: argo-cd
spec:
replicas: 2
nodeSelector:
kubernetes.io/arch: arm64
resources:
requests:
cpu: 50m

2
cert-manager/kustomization.yaml
View file

@ -12,7 +12,7 @@ resources:
helmCharts:
- name: cert-manager
repo: https://charts.jetstack.io
version: "v1.14.5"
version: "v1.15.2"
releaseName: cert-manager
namespace: kube-system
valuesFile: config/values.cert-manager.yaml

1
cnpg/.gitattributes vendored Normal file
View file

@ -0,0 +1 @@
**/secrets/*.y*ml filter=age diff=age merge=age -text

7
cnpg/config/values.cnpg.yaml Normal file
View file

@ -0,0 +1,7 @@
replicaCount: 2
monitoring:
podMonitorEnabled: true
grafanaDashboard:
create: true
namespace: observability-system

3
cnpg/config/values.ext-pgo.yaml Normal file
View file

@ -0,0 +1,3 @@
replicaCount: 2
existingSecret: ext-postgres-operator

23
cnpg/kustomization.yaml Normal file
View file

@ -0,0 +1,23 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- resources/secrets/ext-pgo-creds.yaml
- resources/secrets/ext-pgo-admin.yaml
- resources/secrets/cnpg-backup-creds.yaml
- resources/cluster.yaml
helmCharts:
- releaseName: cnpg
name: cloudnative-pg
repo: https://cloudnative-pg.github.io/charts
version: 0.21.6
valuesFile: config/values.cnpg.yaml
namespace: postgres-system
- releaseName: ext-pgo
name: ext-postgres-operator
repo: https://movetokube.github.io/postgres-operator/
version: 1.2.6
valuesFile: config/values.ext-pgo.yaml
namespace: postgres

48
cnpg/resources/cluster.yaml Normal file
View file

@ -0,0 +1,48 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: app-cluster
namespace: postgres
spec:
instances: 2
managed:
roles:
- name: ext_pgo_admin
ensure: present
superuser: true
createrole: true
createdb: true
storage:
size: 10Gi
storageClass: hcloud-volumes
backup:
barmanObjectStore:
destinationPath: cnpg
s3Credentials:
accessKeyId:
name: cnpg-backup-creds
key: ACCESS_KEY_ID
secretAccessKey:
name: cnpg-backup-creds
key: ACCESS_SECRET_KEY
retentionPolicy: "30d"
resources:
requests:
cpu: 100m
memory: 400Mi
limits:
cpu: 500m
memory: 800Mi
affinity:
enablePodAntiAffinity: true
topologyKey: kubernetes.io/hostname
podAntiAffinityType: preferred
enablePDB: true
monitoring:
enablePodMonitor: true

BIN
cnpg/resources/secrets/cnpg-backup-creds.yaml Normal file
View file

Binary file not shown.

8
cnpg/resources/secrets/ext-pgo-admin.yaml Normal file
View file

@ -0,0 +1,8 @@
age-encryption.org/v1
-> X25519 SQkKLcgCsGBZ6FM800HldDftkLV/u53xliCGnGU6Gz0
TvQkvxIdoIydgUshJXYai2pJjo/GsEklyGfba/zj31Y
-> X25519 V60zpoLahYcT/dGVnixvv471qCE8xAOP+LoAdq04ryM
q7iTcIfP6xgpJaQZJuW0kpY9dEwbwsleyyorsFK4atA
--- W40yHxyT9ZMPvnQ0WYg7K1sG0qd4loHmyW6HYZL5zBM
#Wøü5+D`éHUŠdNSÆ<53>f.vC]uÎö•ù"¼ègÙÝüfp:¬<C2AC>ϬNB”æ<E2809D>vúõè¢ O%3cÖòQü9m (ÓEäùØK µ×4ÞÌùgÜžo&€vztëPÞˆþñ2 ºª <02>æð>&Z{Î'<27>§QôÉj<C389>Ä:ƒ¡ø܈‡ ƒæ"Céœk¤£ÚÄ)Þ‰V1åÎÏV]
¥å·õñÄ'°s¨w±~ÊoEƒûæ•F¾hÍS }'&[ÞlÍÝÖUM×îÃ=ÿwŽ

BIN
cnpg/resources/secrets/ext-pgo-creds.yaml Normal file
View file

Binary file not shown.

2
coder/kustomization.yaml
View file

@ -13,6 +13,6 @@ helmCharts:
repo: https://helm.coder.com/v2
releaseName: coder
namespace: coder
version: "2.11.2"
version: "2.13.3"
valuesFile: config/values.coder.yml
skipTests: true

2
contour/kustomization.yaml
View file

@ -6,7 +6,7 @@ namespace: projectcontour
images:
- name: contour
newName: ghcr.io/projectcontour/contour
newTag: v1.29.0
newTag: v1.30.0
resources:
- crds/contour.yaml

2
dragonfly-operator/kustomization.yaml
View file

@ -9,7 +9,7 @@ images:
newTag: v0.16.0
- name: dragonfly-operator
newName: docker.dragonflydb.io/dragonflydb/operator
newTag: v1.1.2
newTag: v1.1.6
resources:

219
dragonfly-operator/resources/crd/dragonfly.yaml
View file

@ -1,4 +1,3 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
@ -35,6 +34,24 @@ spec:
spec:
description: DragonflySpec defines the desired state of Dragonfly
properties:
aclFromSecret:
description: (Optional) Acl file Secret to pass to the container
properties:
key:
description: The key of the secret to select from. Must be a
valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
affinity:
description: (Optional) Dragonfly pod affinity
properties:
@ -1031,6 +1048,23 @@ spec:
image:
description: Image is the Dragonfly image to use
type: string
labels:
additionalProperties:
type: string
description: (Optional) Labels to add to the Dragonfly pods.
type: object
memcachedPort:
description: (Optional) Dragonfly memcached port
format: int32
type: integer
nodeSelector:
additionalProperties:
type: string
description: (Optional) Dragonfly pod node selector
type: object
priorityClassName:
description: (Optional) Dragonfly pod priority class name
type: string
replicas:
description: Replicas is the total number of Dragonfly instances including
the master
@ -1095,10 +1129,23 @@ spec:
type: string
description: (Optional) Dragonfly Service Annotations
type: object
labels:
additionalProperties:
type: string
description: (Optional) Dragonfly Service Labels
type: object
name:
description: (Optional) Dragonfly Service name
type: string
type:
description: (Optional) Dragonfly Service type
type: string
type: object
skipFSGroup:
description: (Optional) Skip Assigning FileSystem Group. Required
for platforms such as Openshift that require IDs to not be set,
as it injects a fixed randomized ID per namespace into all pods.
type: boolean
snapshot:
description: (Optional) Dragonfly Snapshot configuration
properties:
@ -1374,6 +1421,174 @@ spec:
type: string
type: object
type: array
topologySpreadConstraints:
description: (Optional) Dragonfly pod topologySpreadConstraints
items:
description: TopologySpreadConstraint specifies how to spread matching
pods among the given topology.
properties:
labelSelector:
description: LabelSelector is used to find matching pods. Pods
that match this label selector are counted to determine the
number of pods in their corresponding topology domain.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists or
DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
matchLabelKeys:
description: MatchLabelKeys is a set of pod label keys to select
the pods over which spreading will be calculated. The keys
are used to lookup values from the incoming pod labels, those
key-value labels are ANDed with labelSelector to select the
group of existing pods over which spreading will be calculated
for the incoming pod. Keys that don't exist in the incoming
pod labels will be ignored. A null or empty list means only
match against labelSelector.
items:
type: string
type: array
x-kubernetes-list-type: atomic
maxSkew:
description: 'MaxSkew describes the degree to which pods may
be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`,
it is the maximum permitted difference between the number
of matching pods in the target topology and the global minimum.
The global minimum is the minimum number of matching pods
in an eligible domain or zero if the number of eligible domains
is less than MinDomains. For example, in a 3-zone cluster,
MaxSkew is set to 1, and pods with the same labelSelector
spread as 2/2/1: In this case, the global minimum is 1. |
zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew
is 1, incoming pod can only be scheduled to zone3 to become
2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1)
on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming
pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`,
it is used to give higher precedence to topologies that satisfy
it. It''s a required field. Default value is 1 and 0 is not
allowed.'
format: int32
type: integer
minDomains:
description: "MinDomains indicates a minimum number of eligible
domains. When the number of eligible domains with matching
topology keys is less than minDomains, Pod Topology Spread
treats \"global minimum\" as 0, and then the calculation of
Skew is performed. And when the number of eligible domains
with matching topology keys equals or greater than minDomains,
this value has no effect on scheduling. As a result, when
the number of eligible domains is less than minDomains, scheduler
won't schedule more than maxSkew Pods to those domains. If
value is nil, the constraint behaves as if MinDomains is equal
to 1. Valid values are integers greater than 0. When value
is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For
example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains
is set to 5 and pods with the same labelSelector spread as
2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P |
The number of domains is less than 5(MinDomains), so \"global
minimum\" is treated as 0. In this situation, new pod with
the same labelSelector cannot be scheduled, because computed
skew will be 3(3 - 0) if new Pod is scheduled to any of the
three zones, it will violate MaxSkew. \n This is a beta field
and requires the MinDomainsInPodTopologySpread feature gate
to be enabled (enabled by default)."
format: int32
type: integer
nodeAffinityPolicy:
description: "NodeAffinityPolicy indicates how we will treat
Pod's nodeAffinity/nodeSelector when calculating pod topology
spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector
are included in the calculations. - Ignore: nodeAffinity/nodeSelector
are ignored. All nodes are included in the calculations. \n
If this value is nil, the behavior is equivalent to the Honor
policy. This is a beta-level feature default enabled by the
NodeInclusionPolicyInPodTopologySpread feature flag."
type: string
nodeTaintsPolicy:
description: "NodeTaintsPolicy indicates how we will treat node
taints when calculating pod topology spread skew. Options
are: - Honor: nodes without taints, along with tainted nodes
for which the incoming pod has a toleration, are included.
- Ignore: node taints are ignored. All nodes are included.
\n If this value is nil, the behavior is equivalent to the
Ignore policy. This is a beta-level feature default enabled
by the NodeInclusionPolicyInPodTopologySpread feature flag."
type: string
topologyKey:
description: TopologyKey is the key of node labels. Nodes that
have a label with this key and identical values are considered
to be in the same topology. We consider each <key, value>
as a "bucket", and try to put balanced number of pods into
each bucket. We define a domain as a particular instance of
a topology. Also, we define an eligible domain as a domain
whose nodes meet the requirements of nodeAffinityPolicy and
nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname",
each Node is a domain of that topology. And, if TopologyKey
is "topology.kubernetes.io/zone", each zone is a domain of
that topology. It's a required field.
type: string
whenUnsatisfiable:
description: 'WhenUnsatisfiable indicates how to deal with a
pod if it doesn''t satisfy the spread constraint. - DoNotSchedule
(default) tells the scheduler not to schedule it. - ScheduleAnyway
tells the scheduler to schedule the pod in any location, but
giving higher precedence to topologies that would help reduce
the skew. A constraint is considered "Unsatisfiable" for an
incoming pod if and only if every possible node assignment
for that pod would violate "MaxSkew" on some topology. For
example, in a 3-zone cluster, MaxSkew is set to 1, and pods
with the same labelSelector spread as 3/1/1: | zone1 | zone2
| zone3 | | P P P | P | P | If WhenUnsatisfiable is
set to DoNotSchedule, incoming pod can only be scheduled to
zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on
zone2(zone3) satisfies MaxSkew(1). In other words, the cluster
can still be imbalanced, but scheduler won''t make it *more*
imbalanced. It''s a required field.'
type: string
required:
- maxSkew
- topologyKey
- whenUnsatisfiable
type: object
type: array
type: object
status:
description: DragonflyStatus defines the observed state of Dragonfly
@ -1394,4 +1609,4 @@ spec:
served: true
storage: true
subresources:
status: {}
status: {}

BIN
ente/config/credentials.yaml
View file

Binary file not shown.

8
ente/kustomization.yaml
View file

@ -7,13 +7,13 @@ namePrefix: ente-
images:
- name: museum
newName: ghcr.io/ente-io/server
newTag: 26e17d8464736acc747c1b35c65af194172a245c
newTag: cdbf8c5f0971cb383df03c6b2f72ffb85387beef
- name: photos
newName: code.icb4dc0.de/infrastructure/images/ente/photos
newTag: photos-v0.8.94
newTag: v0.9.16
- name: cast
newName: code.icb4dc0.de/infrastructure/images/ente/cast
newTag: photos-v0.8.94
newTag: v0.9.16
labels:
- includeSelectors: true
@ -39,4 +39,4 @@ configMapGenerator:
secretGenerator:
- name: museum-credentials
files:
- config/credentials.yaml
- config/credentials.yaml

6
ente/resources/cast/deployment.yaml
View file

@ -1,3 +1,4 @@
# yaml-language-server: $scheme=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.30.2-standalone-strict/deployment-apps-v1.json
apiVersion: apps/v1
kind: Deployment
metadata:
@ -33,5 +34,10 @@ spec:
ports:
- name: http
containerPort: 3000
readinessProbe:
httpGet:
port: 3000
path: /
scheme: HTTP
nodeSelector:
kubernetes.io/arch: arm64

6
ente/resources/photos/deployment.yaml
View file

@ -1,3 +1,4 @@
# yaml-language-server: $scheme=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.30.2-standalone-strict/deployment-apps-v1.json
apiVersion: apps/v1
kind: Deployment
metadata:
@ -33,5 +34,10 @@ spec:
ports:
- name: http
containerPort: 3000
readinessProbe:
httpGet:
port: 3000
path: /
scheme: HTTP
nodeSelector:
kubernetes.io/arch: arm64

8
forgejo/kustomization.yaml
View file

@ -12,10 +12,10 @@ labels:
images:
- name: act_runner
newName: code.forgejo.org/forgejo/runner
newTag: "3.4.1"
newTag: "3.5.0"
- name: dind
newName: docker
newTag: 26.1.3-dind
newTag: 27.1.1-dind
resources:
- resources/secrets/admin-credentials.yaml
@ -46,7 +46,7 @@ helmCharts:
repo: oci://codeberg.org/forgejo-contrib
releaseName: forgejo
namespace: forgejo
version: "7.0.0"
version: "8.1.0"
valuesFile: config/values.forgejo.yaml
skipTests: true
apiVersions:
@ -55,6 +55,6 @@ helmCharts:
repo: https://meilisearch.github.io/meilisearch-kubernetes
releaseName: forgejo-indexer
namespace: forgejo
version: "0.7.0"
version: "0.8.0"
valuesFile: config/values.meilisearch.yaml
skipTests: true

2
forgejo/resources/dragonfly.yml
View file

@ -9,6 +9,8 @@ metadata:
app.kubernetes.io/part-of: forgejo
spec:
replicas: 2
nodeSelector:
kubernetes.io/arch: arm64
resources:
requests:
cpu: 100m

BIN
forgejo/resources/secrets/infra-credentials.yaml
View file

Binary file not shown.

2
garage/backup/kustomization.yaml
View file

@ -6,7 +6,7 @@ namespace: garage
images:
- name: rclone
newName: rclone/rclone
newTag: "1.66"
newTag: "1.67"
resources:
- resources/cronjob.yaml

10
garage/resources/workload.yaml
View file

@ -48,8 +48,16 @@ spec:
cpu: 300m
memory: 280Mi
limits:
cpu: 300m
cpu: 750m
memory: 500Mi
readinessProbe:
httpGet:
port: 3903
path: /health
livenessProbe:
httpGet:
port: 3903
path: /health
securityContext:
capabilities:
drop:

4
hcloud/kustomization.yaml
View file

@ -12,12 +12,12 @@ helmCharts:
repo: https://charts.hetzner.cloud
releaseName: hccm
namespace: kube-system
version: "1.19.0"
version: "1.20.0"
valuesFile: config/values.ccm.yaml
- name: hcloud-csi
repo: https://charts.hetzner.cloud
releaseName: hcloud-csi-driver
namespace: kube-system
version: "2.6.0"
version: "2.8.0"
valuesFile: config/values.csi.yaml

36
kube-prometheus/config/values.prometheus.yaml
View file

@ -13,6 +13,8 @@ defaultRules:
prometheus:
prometheusSpec:
retention: 7d
nodeSelector:
kubernetes.io/arch: arm64
serviceMonitorNamespaceSelector:
matchLabels:
prometheus: default
@ -33,11 +35,11 @@ prometheus:
prometheus: default
resources:
requests:
memory: 3Gi
memory: 1500Mi
cpu: 500m
limits:
memory: 4Gi
cpu: 800m
memory: 2200Mi
cpu: 800m
storageSpec:
volumeClaimTemplate:
spec:
@ -54,7 +56,7 @@ kubeEtcd:
kubeControllerManager:
enabled: true
endpoints: ['172.23.2.10']
endpoints: ["172.23.2.10"]
service:
enabled: true
port: 10257
@ -65,7 +67,7 @@ kubeControllerManager:
kubeScheduler:
enabled: false
endpoints: ['172.23.2.10']
endpoints: ["172.23.2.10"]
service:
enabled: true
port: 10259
@ -76,7 +78,7 @@ kubeScheduler:
kubeProxy:
enabled: false
endpoints: ['172.23.2.10']
endpoints: ["172.23.2.10"]
service:
enabled: true
port: 10249
@ -102,16 +104,16 @@ grafana:
auth:
disable_login_form: true
auth.generic_oauth:
name: Forgejo
icon: signin
enabled: "true"
client_id: "${GF_OAUTH_CLIENT_ID}"
client_secret: "${GF_OAUTH_CLIENT_SECRET}"
empty_scopes: true
auth_url: https://code.icb4dc0.de/login/oauth/authorize
token_url: https://code.icb4dc0.de/login/oauth/access_token
api_url: https://code.icb4dc0.de/login/oauth/userinfo
skip_org_role_sync: true
name: Forgejo
icon: signin
enabled: "true"
client_id: "${GF_OAUTH_CLIENT_ID}"
client_secret: "${GF_OAUTH_CLIENT_SECRET}"
empty_scopes: true
auth_url: https://code.icb4dc0.de/login/oauth/authorize
token_url: https://code.icb4dc0.de/login/oauth/access_token
api_url: https://code.icb4dc0.de/login/oauth/userinfo
skip_org_role_sync: true
persistence:
enabled: false
storageClassName: hcloud-volumes
@ -128,4 +130,4 @@ kube-state-metrics:
prometheus:
monitor:
additionalLabels:
prometheus: default
prometheus: default

2
kube-prometheus/kustomization.yaml
View file

@ -15,5 +15,5 @@ helmCharts:
includeCRDs: true
namespace: observability-system
releaseName: prometheus
version: "59.1.0"
version: "61.7.1"
valuesFile: config/values.prometheus.yaml

2
linkwarden/kustomization.yaml
View file

@ -11,7 +11,7 @@ labels:
images:
- name: linkwarden
newName: ghcr.io/linkwarden/linkwarden
newTag: "v2.5.3"
newTag: "v2.6.2"
resources:
- "resources/namespace.yaml"

2
mariadb-operator/kustomization.yaml
View file

@ -11,7 +11,7 @@ helmCharts:
releaseName: mariadb-operator
repo: https://mariadb-operator.github.io/mariadb-operator
namespace: mariadb-system
version: "0.28.1"
version: "0.29.0"
valuesFile: config/mariadb-operator.values.yaml
includeCRDs: true
skipTests: true

2
nextcloud/kustomization.yaml
View file

@ -21,7 +21,7 @@ helmCharts:
repo: https://nextcloud.github.io/helm/
releaseName: nextcloud
namespace: nextcloud
version: "4.6.10"
version: "5.5.2"
valuesFile: config/values.nextcloud.yaml
skipTests: true

2
nocodb/kustomization.yaml
View file

@ -6,7 +6,7 @@ namespace: nocodb
images:
- name: nocodb
newName: docker.io/nocodb/nocodb
newTag: 0.207.3
newTag: 0.251.3
labels:
- includeSelectors: true

106
nocodb/resources/deployment.yaml
View file

@ -1,3 +1,4 @@
# yaml-language-server: $scheme=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.30.2-standalone-strict/deployment-apps-v1.json
---
apiVersion: apps/v1
kind: Deployment
@ -16,55 +17,53 @@ spec:
app.kubernetes.io/name: nocodb
spec:
containers:
- name: nocodb
image: nocodb
envFrom:
- secretRef:
name: nocodb-config
ports:
- containerPort: 8080
protocol: TCP
name: web
volumeMounts:
- mountPath: /usr/app/data
name: nocodb-metadata
- mountPath: /usr/src/app/
name: app-volume
- mountPath: /tmp
name: app-tmp
livenessProbe:
httpGet:
path: /api/v1/health
port: web
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 3
periodSeconds: 5
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /api/v1/health
port: web
scheme: HTTP
initialDelaySeconds: 5
timeoutSeconds: 3
periodSeconds: 5
successThreshold: 1
failureThreshold: 3
resources:
requests:
memory: "168Mi"
cpu: "50m"
limits:
memory: "256Mi"
cpu: "500m"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
- name: nocodb
image: nocodb
envFrom:
- secretRef:
name: nocodb-config
ports:
- containerPort: 8080
protocol: TCP
name: web
volumeMounts:
- name: nocodb-metadata
mountPath: /usr/app/data
- name: tmp
mountPath: /tmp
livenessProbe:
httpGet:
path: /api/v1/health
port: web
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 3
periodSeconds: 5
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /api/v1/health
port: web
scheme: HTTP
initialDelaySeconds: 5
timeoutSeconds: 3
periodSeconds: 5
successThreshold: 1
failureThreshold: 3
resources:
requests:
memory: "168Mi"
cpu: "50m"
limits:
memory: "256Mi"
cpu: "500m"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
@ -79,14 +78,11 @@ spec:
- name: nocodb-metadata
persistentVolumeClaim:
claimName: nocodb-metadata
- name: app-volume
- name: tmp
emptyDir:
sizeLimit: 1500Mi
- name: app-tmp
emptyDir:
sizeLimit: 500Mi
sizeLimit: 50Mi
securityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
runAsNonRoot: true
runAsNonRoot: true

2
nocodb/resources/dragonfly.yaml
View file

@ -9,6 +9,8 @@ metadata:
app.kubernetes.io/part-of: nocodb
spec:
replicas: 2
nodeSelector:
kubernetes.io/arch: arm64
resources:
requests:
cpu: 100m

4
postgres-operator/kustomization.yaml
View file

@ -6,13 +6,13 @@ labels:
pairs:
app.kubernetes.io/name: pgo
# The version below should match the version on the PostgresCluster CRD
app.kubernetes.io/version: 5.5.0
app.kubernetes.io/version: 5.6.0
postgres-operator.crunchydata.com/control-plane: postgres-operator
images:
- name: postgres-operator
newName: registry.developers.crunchydata.com/crunchydata/postgres-operator
newTag: ubi8-5.5.0-0
newTag: ubi8-5.6.0-0
resources:
- resources/namespace.yaml

100
postgres-operator/resources/crd/pgadmins.yaml
View file

@ -2,11 +2,11 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
labels:
app.kubernetes.io/name: pgo
app.kubernetes.io/version: 5.5.0
app.kubernetes.io/version: 5.6.0
name: pgadmins.postgres-operator.crunchydata.com
spec:
group: postgres-operator.crunchydata.com
@ -20,7 +20,7 @@ spec:
- name: v1beta1
schema:
openAPIV3Schema:
description: PGAdmin is the Schema for the pgadmins API
description: PGAdmin is the Schema for the PGAdmin API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
@ -860,6 +860,24 @@ spec:
to any of these values will be loaded without validation. Be careful,
as you may put pgAdmin into an unusable state.
properties:
configDatabaseURI:
description: 'A Secret containing the value for the CONFIG_DATABASE_URI
setting. More info: https://www.pgadmin.org/docs/pgadmin4/latest/external_database.html'
properties:
key:
description: The key of the secret to select from. Must be
a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
optional:
description: Specify whether the Secret or its key must be
defined
type: boolean
required:
- key
type: object
files:
description: Files allows the user to mount projected volumes
into the pgAdmin container so that files can be referenced by
@ -1082,6 +1100,10 @@ spec:
type: object
type: object
type: array
gunicorn:
description: 'Settings for the gunicorn server. More info: https://docs.gunicorn.org/en/latest/settings.html'
type: object
x-kubernetes-preserve-unknown-fields: true
ldapBindPassword:
description: 'A Secret containing the value for the LDAP_BIND_PASSWORD
setting. More info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html'
@ -1347,6 +1369,10 @@ spec:
unique in the pgAdmin's ServerGroups since it becomes the
ServerGroup name in pgAdmin.
type: string
postgresClusterName:
description: PostgresClusterName selects one cluster to add
to pgAdmin by name.
type: string
postgresClusterSelector:
description: PostgresClusterSelector selects clusters to dynamically
add to pgAdmin by matching labels. An empty selector like
@ -1395,9 +1421,18 @@ spec:
type: object
required:
- name
- postgresClusterSelector
type: object
x-kubernetes-validations:
- message: exactly one of "postgresClusterName" or "postgresClusterSelector"
is required
rule: '[has(self.postgresClusterName),has(self.postgresClusterSelector)].exists_one(x,x)'
type: array
serviceName:
description: ServiceName will be used as the name of a ClusterIP service
pointing to the pgAdmin pod and port. If the service already exists,
PGO will update the service. For more information about services
reference the Kubernetes and CrunchyData documentation. https://kubernetes.io/docs/concepts/services-networking/service/
type: string
tolerations:
description: 'Tolerations of the PGAdmin pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration'
items:
@ -1438,6 +1473,50 @@ spec:
type: string
type: object
type: array
users:
description: pgAdmin users that are managed via the PGAdmin spec.
Users can still be added via the pgAdmin GUI, but those users will
not show up here.
items:
properties:
passwordRef:
description: A reference to the secret that holds the user's
password.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
role:
description: Role determines whether the user has admin privileges
or not. Defaults to User. Valid options are Administrator
and User.
enum:
- Administrator
- User
type: string
username:
description: The username for User in pgAdmin. Must be unique
in the pgAdmin's users list.
type: string
required:
- passwordRef
- username
type: object
type: array
x-kubernetes-list-map-keys:
- username
x-kubernetes-list-type: map
required:
- dataVolumeClaimSpec
type: object
@ -1445,9 +1524,8 @@ spec:
description: PGAdminStatus defines the observed state of PGAdmin
properties:
conditions:
description: 'conditions represent the observations of pgadmin''s
current state. Known .status.conditions.type are: "PersistentVolumeResizing",
"Progressing", "ProxyAvailable"'
description: 'conditions represent the observations of pgAdmin''s
current state. Known .status.conditions.type is: "PersistentVolumeResizing"'
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
@ -1518,6 +1596,14 @@ spec:
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
imageSHA:
description: ImageSHA represents the image SHA for the container running
pgAdmin.
type: string
majorVersion:
description: MajorVersion represents the major version of the running
pgAdmin.
type: integer
observedGeneration:
description: observedGeneration represents the .metadata.generation
on which the status was based.

4
postgres-operator/resources/crd/pgupgrades.yaml
View file

@ -2,11 +2,11 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
labels:
app.kubernetes.io/name: pgo
app.kubernetes.io/version: 5.5.0
app.kubernetes.io/version: 5.6.0
name: pgupgrades.postgres-operator.crunchydata.com
spec:
group: postgres-operator.crunchydata.com

116
postgres-operator/resources/crd/postgresclusters.yaml
View file

@ -2,11 +2,11 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
labels:
app.kubernetes.io/name: pgo
app.kubernetes.io/version: 5.5.0
app.kubernetes.io/version: 5.6.0
name: postgresclusters.postgres-operator.crunchydata.com
spec:
group: postgres-operator.crunchydata.com
@ -2695,7 +2695,7 @@ spec:
- bucket
type: object
name:
description: The name of the the repository
description: The name of the repository
pattern: ^repo[1-4]
type: string
s3:
@ -4438,10 +4438,10 @@ spec:
properties:
pgbackrest:
description: 'Defines a pgBackRest cloud-based data source that
can be used to pre-populate the the PostgreSQL data directory
for a new PostgreSQL cluster using a pgBackRest restore. The
PGBackRest field is incompatible with the PostgresCluster field:
only one data source can be used for pre-populating a new PostgreSQL
can be used to pre-populate the PostgreSQL data directory for
a new PostgreSQL cluster using a pgBackRest restore. The PGBackRest
field is incompatible with the PostgresCluster field: only one
data source can be used for pre-populating a new PostgreSQL
cluster'
properties:
affinity:
@ -5615,7 +5615,7 @@ spec:
- bucket
type: object
name:
description: The name of the the repository
description: The name of the repository
pattern: ^repo[1-4]
type: string
s3:
@ -10396,7 +10396,7 @@ spec:
description: 'Patroni dynamic configuration settings. Changes
to this value will be automatically reloaded without validation.
Changes to certain PostgreSQL parameters cause PostgreSQL to
restart. More info: https://patroni.readthedocs.io/en/latest/SETTINGS.html'
restart. More info: https://patroni.readthedocs.io/en/latest/dynamic_configuration.html'
type: object
x-kubernetes-preserve-unknown-fields: true
leaderLeaseDurationSeconds:
@ -13060,6 +13060,18 @@ spec:
service:
description: Specification of the service that exposes PgBouncer.
properties:
externalTrafficPolicy:
description: 'More info: https://kubernetes.io/docs/concepts/services-networking/service/#traffic-policies'
enum:
- Cluster
- Local
type: string
internalTrafficPolicy:
description: 'More info: https://kubernetes.io/docs/concepts/services-networking/service/#traffic-policies'
enum:
- Cluster
- Local
type: string
metadata:
description: Metadata contains metadata for custom resources
properties:
@ -13319,10 +13331,66 @@ spec:
required:
- pgBouncer
type: object
replicaService:
description: Specification of the service that exposes PostgreSQL
replica instances
properties:
externalTrafficPolicy:
description: 'More info: https://kubernetes.io/docs/concepts/services-networking/service/#traffic-policies'
enum:
- Cluster
- Local
type: string
internalTrafficPolicy:
description: 'More info: https://kubernetes.io/docs/concepts/services-networking/service/#traffic-policies'
enum:
- Cluster
- Local
type: string
metadata:
description: Metadata contains metadata for custom resources
properties:
annotations:
additionalProperties:
type: string
type: object
labels:
additionalProperties:
type: string
type: object
type: object
nodePort:
description: The port on which this service is exposed when type
is NodePort or LoadBalancer. Value must be in-range and not
in use or the operation will fail. If unspecified, a port will
be allocated if this Service requires one. - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
format: int32
type: integer
type:
default: ClusterIP
description: 'More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types'
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
service:
description: Specification of the service that exposes the PostgreSQL
primary instance.
properties:
externalTrafficPolicy:
description: 'More info: https://kubernetes.io/docs/concepts/services-networking/service/#traffic-policies'
enum:
- Cluster
- Local
type: string
internalTrafficPolicy:
description: 'More info: https://kubernetes.io/docs/concepts/services-networking/service/#traffic-policies'
enum:
- Cluster
- Local
type: string
metadata:
description: Metadata contains metadata for custom resources
properties:
@ -14793,6 +14861,18 @@ spec:
service:
description: Specification of the service that exposes pgAdmin.
properties:
externalTrafficPolicy:
description: 'More info: https://kubernetes.io/docs/concepts/services-networking/service/#traffic-policies'
enum:
- Cluster
- Local
type: string
internalTrafficPolicy:
description: 'More info: https://kubernetes.io/docs/concepts/services-networking/service/#traffic-policies'
enum:
- Cluster
- Local
type: string
metadata:
description: Metadata contains metadata for custom resources
properties:
@ -15048,8 +15128,14 @@ spec:
options:
description: 'ALTER ROLE options except for PASSWORD. This field
is ignored for the "postgres" user. More info: https://www.postgresql.org/docs/current/role-attributes.html'
maxLength: 200
pattern: ^[^;]*$
type: string
x-kubernetes-validations:
- message: cannot assign password
rule: '!self.matches("(?i:PASSWORD)")'
- message: cannot contain comments
rule: '!self.matches("(?:--|/[*]|[*]/)")'
password:
description: Properties of the password generated for this user.
properties:
@ -15070,6 +15156,7 @@ spec:
required:
- name
type: object
maxItems: 64
type: array
x-kubernetes-list-map-keys:
- name
@ -15157,6 +15244,11 @@ spec:
description: Current state of PostgreSQL instances.
items:
properties:
desiredPGDataVolume:
additionalProperties:
type: string
description: Desired Size of the pgData volume
type: object
name:
type: string
readyReplicas:
@ -15291,7 +15383,7 @@ spec:
type: boolean
repoOptionsHash:
description: A hash of the required fields in the spec for
defining an Azure, GCS or S3 repository, Utilizd to detect
defining an Azure, GCS or S3 repository, Utilized to detect
changes to these fields and then execute pgBackRest stanza-create
commands accordingly.
type: string
@ -15425,8 +15517,6 @@ spec:
type: object
type: object
registrationRequired:
description: Version information for installations with a registration
requirement.
properties:
pgoVersion:
type: string
@ -15439,8 +15529,6 @@ spec:
description: The instance set associated with the startupInstance
type: string
tokenRequired:
description: Signals the need for a token to be applied when registration
is required.
type: string
userInterface:
description: Current state of the PostgreSQL user interface.

2
s3-csi/kustomization.yaml
View file

@ -13,7 +13,7 @@ images:
newTag: v2.10.1
- name: provisioner
newName: registry.k8s.io/sig-storage/csi-provisioner
newTag: v5.0.1
newTag: v5.0.2
- name: csi
newName: code.icb4dc0.de/infrastructure/csi-s3
newTag: 0.38.3

2
snips/kustomization.yaml
View file

@ -6,7 +6,7 @@ namespace: snips
images:
- name: snips
newName: ghcr.io/robherley/snips.sh
newTag: v0.3.2
newTag: v0.4.0
- name: litestream
newName: code.icb4dc0.de/infrastructure/litestream
newTag: "0.3.14-rc1"

2
umami/kustomization.yaml
View file

@ -6,7 +6,7 @@ namespace: umami
images:
- name: umami
newName: ghcr.io/umami-software/umami
newTag: postgresql-v2.11.3
newTag: postgresql-v2.12.1
labels:
- includeSelectors: true

BIN
vaultwarden/config/vaultwarden.env
View file

Binary file not shown.

2
vaultwarden/kustomization.yaml
View file

@ -12,7 +12,7 @@ labels:
images:
- name: vaultwarden
newName: ghcr.io/dani-garcia/vaultwarden
newTag: "1.30.5-alpine"
newTag: "1.31.0-alpine"
resources:
- "resources/namespace.yaml"

2
vikunja/resources/api/dragonfly.yaml
View file

@ -9,6 +9,8 @@ metadata:
app.kubernetes.io/part-of: vikunja
spec:
replicas: 2
nodeSelector:
kubernetes.io/arch: arm64
resources:
requests:
cpu: 50m