Skip to content
GitLab
Explore
Sign in
Commits on Source (198)
c85184e4
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.4-1214.1729773476
Oct 28, 2024
75cf86cd
chore(deps): update helm release hcloud-exporter to v3.1.0
Oct 28, 2024
f82ea191
chore(deps): update ghcr.io/siderolabs/talosctl docker tag to v1.8.2
Oct 29, 2024
46f4e6fd
chore(deps): update ghcr.io/budimanjojo/talhelper docker tag to v3.0.8
Oct 30, 2024
acd2c91c
chore(deps): update helm release tigera-operator to v3.29.0
Oct 30, 2024
af54c862
chore(deps): update helm release node-feature-discovery to v0.16.6
Oct 31, 2024
031d019e
chore(deps): update helm release longhorn to v1.7.2
Nov 01, 2024
60f5d125
chore(deps): update quay.io/shivering-isles/gitlab-hetzner-runner docker tag to v17.5.3
Nov 01, 2024
9085bc79
chore(deps): update helm release gitlab-runner to v0.70.3
Nov 02, 2024
18bf561c
chore(deps): update helm release kured to v5.5.1
Nov 02, 2024
fcaf4a9f
Merge remote-tracking branch 'origin/renovate/gitlab-runner-0.x'
Nov 03, 2024
81a66f8f
Merge remote-tracking branch 'origin/renovate/quay.io-shivering-isles-gitlab-hetzner-runner-17.x'
Nov 03, 2024
53bc2908
Merge remote-tracking branch 'origin/renovate/node-feature-discovery-0.x'
Nov 03, 2024
736c2470
chore(keycloak): Upgrade to version 26.0.5
Nov 03, 2024
b5f8f46a
Merge remote-tracking branch 'origin/renovate/hcloud-exporter-3.x'
Nov 03, 2024
6be91465
feat(k8s01): Add OIDC based logins
Nov 03, 2024
c001d02c
fix(talos): Force MFA reauth and only deploy on control-plane
Nov 03, 2024
de9d6cda
feat(postgres): Add alert for instance stuck in recovery mode
Nov 03, 2024
a244497d
chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.13.3
Nov 03, 2024
35b8b050
Merge remote-tracking branch 'origin/renovate/ghcr.io-paperless-ngx-paperless-ngx-2.x'
Nov 03, 2024
089c3747
chore(deps): update docker.io/nginxinc/nginx-unprivileged:1.27.2-alpine docker digest to add866c
Nov 04, 2024
543d8733
chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.13.4
Nov 04, 2024
6d131c03
chore(deps): update docker.io/jellyfin/jellyfin docker tag to v10.10.1
Nov 04, 2024
8a30e5a7
chore(deps): update ghcr.io/renovatebot/renovate docker tag to v38.142.5
Nov 04, 2024
ce3ad0af
Merge remote-tracking branch 'origin/renovate/longhorn-1.x'
Nov 04, 2024
ab0f8834
feat(longhorn): Drop old hotfix
Nov 04, 2024
7d9331be
feat(immich): Upgrade to version 1.119.1
Nov 04, 2024
7dd7c367
Merge remote-tracking branch 'origin/renovate/ghcr.io-paperless-ngx-paperless-ngx-2.x'
Nov 04, 2024
7bcda4bc
Merge remote-tracking branch 'origin/renovate/docker.io-nginxinc-nginx-unprivileged-1.27.2-alpine'
Nov 04, 2024
bb9a6321
Merge remote-tracking branch 'origin/renovate/docker.io-jellyfin-jellyfin-10.x'
Nov 04, 2024
2c2693ab
feat(bin): Add first collection of custom scripts
Nov 04, 2024
d40d8844
Merge remote-tracking branch 'origin/renovate/registry.access.redhat.com-ubi9-ubi-9.x'
Nov 04, 2024
12bd724b
Merge remote-tracking branch 'origin/renovate/ghcr.io-siderolabs-talosctl-1.x'
Nov 05, 2024
462f33e7
chore(deps): update ghcr.io/opentofu/opentofu docker tag to v1.8.5
Nov 05, 2024
01d6982c
chore(deps): update helm release kube-prometheus-stack to v65.6.0
Nov 05, 2024
612f74b2
chore(deps): update helm release renovate to v38.142.6
Nov 05, 2024
3828b66d
chore(deps): update docker.io/gotenberg/gotenberg docker tag to v8.13.0
Nov 06, 2024
89123524
chore(deps): update quay.io/shivering-isles/blog docker tag to v2024.11.04.1917
Nov 06, 2024
336a1238
chore(deps): update helm release prometheus-smartctl-exporter to v0.11.0
Nov 07, 2024
2b96ca15
Merge remote-tracking branch 'origin/renovate/docker.io-gotenberg-gotenberg-8.x'
Nov 07, 2024
8fa405ef
Merge remote-tracking branch 'origin/renovate/ghcr.io-opentofu-opentofu-1.x'
Nov 07, 2024
3af6e709
chore(deps): update dependency go to v1.23.3
Nov 07, 2024
63b722c2
chore(deps): update docker.io/library/golang docker tag to v1.23.3
Nov 07, 2024
b2520198
chore(deps): update safe-automerge
Nov 07, 2024
0da8146a
chore(deps): update dependency rust-lang/mdbook to v0.4.42
Nov 08, 2024
1b5be05e
chore(deps): update docker.io/jdkato/vale docker tag to v3.9.0
Nov 08, 2024
c4acbd59
chore(deps): update helm release loki to v6.19.0
Nov 08, 2024
93acbc6d
chore(deps): update immich
Nov 08, 2024
fc55a5b3
chore(deps): update terraform hcloud to v1.49.0
Nov 08, 2024
2bf0a3ce
Merge remote-tracking branch 'origin/renovate/immich'
Nov 08, 2024
7c35faef
Merge remote-tracking branch 'origin/renovate/loki-6.x'
Nov 08, 2024
06e25f41
Merge remote-tracking branch 'origin/renovate/rust-lang-mdbook-0.x'
Nov 08, 2024
1d3fc030
Merge remote-tracking branch 'origin/renovate/hcloud-1.x'
Nov 08, 2024
224b3e97
Merge remote-tracking branch 'origin/renovate/go-1.x'
Nov 08, 2024
50f88d2a
chore(deps): update helm release kured to v5.5.2
Nov 09, 2024
c6bbc1d5
chore(deps): update helm release kube-prometheus-stack to v66
Nov 09, 2024
c3db5f49
ci(renovate): Add more automatic merging
Nov 09, 2024
a002772c
Merge remote-tracking branch 'origin/renovate/kube-prometheus-stack-66.x'
Nov 09, 2024
19f1bab0
feat(jellyfin): Increase config volume
Nov 10, 2024
7a3edbcc
Merge remote-tracking branch 'origin/renovate/docker.io-jdkato-vale-3.x'
Nov 10, 2024
d9dc20d6
chore(deps): update helm release kube-prometheus-stack to v66.1.0
Nov 10, 2024
c0aff10e
chore(deps): update docker.io/library/haproxy docker tag to v3.0.6
Nov 10, 2024
eab9f206
Merge remote-tracking branch 'origin/renovate/docker.io-library-golang-1.x'
Nov 10, 2024
cda86a97
Merge remote-tracking branch 'origin/renovate/ghcr.io-budimanjojo-talhelper-3.x'
Nov 10, 2024
c4e4d11c
ci(renovate): Add post-upgrade task for helm charts
Nov 10, 2024
672c0897
feat(renovate): Allow postUpgradeCommands
Nov 10, 2024
32708d50
chore(deps): update quay.io/sheogorath/hcloud-dynfw docker tag to v1.7.0
Nov 10, 2024
06d47d1d
chore(deps): update docker.io/library/nextcloud docker tag to v28.0.12
Nov 10, 2024
75218fd5
Merge remote-tracking branch 'origin/renovate/docker.io-library-nextcloud-28.x'
Nov 10, 2024
0dd8872b
ci(renovate): Group Fedora upgrades
Nov 10, 2024
87a07194
ci(renovate): Add hcloud-dynfw to automatic upgrades
Nov 10, 2024
371f1dea
Merge remote-tracking branch 'origin/renovate/tigera-operator-3.x'
Nov 10, 2024
5651638b
Revert "chore(deps): update helm release tigera-operator to v3.29.0"
Nov 10, 2024
b6bb42d5
feat: Remove global firewall using calico
Nov 10, 2024
e3715c18
feat(calico): Remove global network policy
Nov 10, 2024
a40ddb2c
fix(immich): Make readiness probe less sensitive
Nov 11, 2024
91df0a07
fix(immich): Fix missing timeout for startup probe
Nov 11, 2024
bcc7a798
chore(deps): update docker.io/bitnami/kubectl:1.31 docker digest to 3d3ee32
Nov 11, 2024
9737ece8
chore(deps): update docker.io/nginxinc/nginx-unprivileged:1.27.2-alpine docker digest to 19989d0
Nov 11, 2024
20f98a28
chore(deps): update ghcr.io/paperless-ngx/paperless-ngx docker tag to v2.13.5
Nov 11, 2024
1e86ccf6
chore(deps): update quay.io/prometheuscommunity/postgres-exporter docker tag to v0.16.0
Nov 11, 2024
c12338a3
chore(deps): update fedora to v41
Nov 11, 2024
927c4c57
chore(deps): update ghcr.io/renovatebot/renovate docker tag to v38.142.7
Nov 11, 2024
ace92bc3
chore(deps): update docker.io/bitnami/kubectl:1.31 docker digest to 0eab9ec
Nov 11, 2024
493a3097
feat(bin): Add tools for zalando postgres operator and renovate
Nov 11, 2024
f39201a3
refactor: Simplify secrets handling
Nov 11, 2024
81436e7d
feat(mastodon): Upgrade to 4.3.1
Nov 11, 2024
def7aad1
fix(mastodon): Fix broken upgrade hook
Nov 11, 2024
11991739
fix(mastodon): Create configmap and secret before hook
Nov 11, 2024
71679820
fix(mastodon): Workaround helm quirks regarding hook deletion
Nov 11, 2024
83a453a7
fix(mastodon): Allow sidekiq startup probe to function
Nov 11, 2024
f7903e0c
fix(mastodon): Fix merge for name changes in hooks
Nov 11, 2024
67e3bdf5
fix(mastodon): Use correct order of exec and command in startup probe
Nov 12, 2024
d08be58f
chore(deps): update docker.io/library/alpine:3.20.3 docker digest to 1e42bbe
Nov 12, 2024
52387bfc
chore(deps): update docker.io/library/haproxy:3.0.6 docker digest to 0f3127e
Nov 12, 2024
22525a1e
chore(deps): update ghcr.io/budimanjojo/talhelper docker tag to v3.0.9
Nov 12, 2024
bce59078
chore(deps): update quay.io/shivering-isles/blog docker tag to v2024.11.12.1920
Nov 12, 2024
55b2f20d
chore(deps): update docker.io/library/debian docker tag to v12.8
Nov 12, 2024
56238c10
Merge branch 'renovate/docker.io-library-debian-12.x' into 'main'
Nov 12, 2024
65f62add
Merge remote-tracking branch 'origin/renovate/ghcr.io-budimanjojo-talhelper-3.x'
Nov 12, 2024
Hide whitespace changes
Inline
Side-by-side
.sops.yaml
View file @
ed7cc1ed
...
...
@@ -10,7 +10,7 @@ creation_rules:
286791FB6648539775DB31B8FCB98C2A3EC6F601,
B137EE1549DFAF960DD1E2B15147025FB9F09E07
-
path_regex
:
(clusters|apps|infrastructure)/k8s01/.*.yaml
encrypted_regex
:
^(data|stringData|email|dnsZones?|dnsNames?|.*(H|h)osts?|tang|externalURL|.*-secret|.*Secrets?|.*-domain|password|subjects|node|apiURL|.*(S|s)erverNames?|.*SecretKey|externalName)$
encrypted_regex
:
^(data|stringData|email|dnsZones?|dnsNames?|.*(H|h)osts?|tang|externalURL|.*-secret|.*Secrets?|.*-domain|password|subjects|node|apiURL|.*(S|s)erverNames?|.*SecretKey|externalName
|url|static
)$
pgp
:
>-
286791FB6648539775DB31B8FCB98C2A3EC6F601,
B137EE1549DFAF960DD1E2B15147025FB9F09E07
...
...
Earthfile
View file @
ed7cc1ed
...
...
@@ -8,7 +8,7 @@ images:
BUILD +images-earthly --CONTAINER_REGISTRY=${CONTAINER_REGISTRY} --latest=$latest
images-src:
FROM quay.io/fedora/fedora:4
0
FROM quay.io/fedora/fedora:4
1
COPY images/ ./images
images-earthly:
...
...
apps/base/forecastle/release.yaml
View file @
ed7cc1ed
...
...
@@ -15,7 +15,7 @@ spec:
kind
:
HelmRepository
name
:
stakater
namespace
:
forecastle
version
:
v1.0.1
46
version
:
v1.0.1
50
driftDetection
:
mode
:
enabled
interval
:
5m
...
...
apps/base/gitlab-runner/release.yaml
View file @
ed7cc1ed
...
...
@@ -14,7 +14,7 @@ spec:
kind
:
HelmRepository
name
:
gitlab-runner
namespace
:
gitlab-runner
version
:
0.7
0.2
version
:
0.7
1.0
interval
:
5m
install
:
remediation
:
...
...
apps/base/goharbor/release.yaml
View file @
ed7cc1ed
...
...
@@ -14,7 +14,7 @@ spec:
kind
:
HelmRepository
name
:
goharbor
namespace
:
goharbor
version
:
1.1
5.1
version
:
1.1
6.0
driftDetection
:
mode
:
enabled
interval
:
5m
...
...
apps/base/immich/kustomization.yaml
View file @
ed7cc1ed
...
...
@@ -12,9 +12,9 @@ commonLabels:
images
:
-
name
:
ghcr.io/immich-app/immich-machine-learning
newTag
:
v1.1
18
.2@sha256:
4d89a309fd08a93649f1ae4a7572ae98f09d66b4c1dfb7916b71d31dec7eda38
newTag
:
v1.1
20
.2@sha256:
3cca923bc8eaa3616c48fc6088005e08d574cf1acf6c1253c92393ae11e4788d
-
name
:
ghcr.io/immich-app/immich-server
newTag
:
v1.1
18
.2@sha256:
f158810c90f80162f9b08729bbaec963731f12662960be38ff93093b78a0bbdf
newTag
:
v1.1
20
.2@sha256:
99f97cb61cd1b49c23fbee46a0ed067f171970518d8834c7e8b2dd3ac0d39c63
configMapGenerator
:
-
name
:
immich-env
...
...
apps/base/immich/machine-learning/deployment.yaml
View file @
ed7cc1ed
...
...
@@ -21,7 +21,7 @@ spec:
enableServiceLinks
:
false
containers
:
-
name
:
machine-learning
image
:
ghcr.io/immich-app/immich-machine-learning:release@sha256:
4d89a309fd08a93649f1ae4a7572ae98f09d66b4c1dfb7916b71d31dec7eda38
image
:
ghcr.io/immich-app/immich-machine-learning:release@sha256:
3cca923bc8eaa3616c48fc6088005e08d574cf1acf6c1253c92393ae11e4788d
envFrom
:
-
configMapRef
:
name
:
immich-env
...
...
apps/base/immich/monitoring-integrity/cronjob.yaml
View file @
ed7cc1ed
...
...
@@ -24,7 +24,7 @@ spec:
restartPolicy
:
Never
containers
:
-
name
:
server
image
:
ghcr.io/immich-app/immich-server:release@sha256:
f158810c90f80162f9b08729bbaec963731f12662960be38ff93093b78a0bbdf
image
:
ghcr.io/immich-app/immich-server:release@sha256:
99f97cb61cd1b49c23fbee46a0ed067f171970518d8834c7e8b2dd3ac0d39c63
imagePullPolicy
:
IfNotPresent
env
:
-
name
:
INTEGRITY_FILE_REPOSITORY
...
...
apps/base/immich/prometheus-monitoring/deployment-patch.yaml
View file @
ed7cc1ed
-
op
:
add
path
:
/spec/template/spec/containers/0/env/-
value
:
name
:
IMMICH_METRICS
value
:
"
true"
name
:
IMMICH_TELEMETRY_INCLUDE
value
:
"
all"
-
op
:
add
path
:
/spec/template/spec/containers/0/env/-
value
:
name
:
IMMICH_TELEMETRY_EXCLUDE
value
:
host
-
op
:
add
path
:
/spec/template/spec/containers/0/ports/-
value
:
...
...
apps/base/immich/server/deployment.yaml
View file @
ed7cc1ed
...
...
@@ -18,7 +18,7 @@ spec:
enableServiceLinks
:
false
containers
:
-
name
:
server
image
:
ghcr.io/immich-app/immich-server:release@sha256:
f158810c90f80162f9b08729bbaec963731f12662960be38ff93093b78a0bbdf
image
:
ghcr.io/immich-app/immich-server:release@sha256:
99f97cb61cd1b49c23fbee46a0ed067f171970518d8834c7e8b2dd3ac0d39c63
imagePullPolicy
:
IfNotPresent
env
:
-
name
:
CPU_CORES
...
...
@@ -44,6 +44,7 @@ spec:
-
immich-healthcheck
failureThreshold
:
120
periodSeconds
:
5
timeoutSeconds
:
3
livenessProbe
:
failureThreshold
:
5
exec
:
...
...
@@ -57,7 +58,7 @@ spec:
command
:
-
immich-healthcheck
periodSeconds
:
10
timeoutSeconds
:
1
timeoutSeconds
:
3
securityContext
:
readOnlyRootFilesystem
:
true
capabilities
:
...
...
@@ -80,4 +81,4 @@ spec:
volumes
:
-
name
:
library
persistentVolumeClaim
:
claimName
:
immich-data
\ No newline at end of file
claimName
:
immich-data
apps/base/jellyfin/deployment.yaml
View file @
ed7cc1ed
...
...
@@ -32,7 +32,7 @@ spec:
fieldRef
:
apiVersion
:
v1
fieldPath
:
metadata.namespace
image
:
docker.io/jellyfin/jellyfin:10.
9.11
@sha256:
fc1b51f4be3fba725e42dae2022d9c6a5b069acce01bef04d32fdee025dc511e
image
:
docker.io/jellyfin/jellyfin:10.
10.3
@sha256:
17c3a8d9dddb97789b5f37112840ebf96566442c14d4754193a6c2eb154bc221
imagePullPolicy
:
IfNotPresent
name
:
jellyfin
readinessProbe
:
...
...
apps/base/jellyfin/pvc.yaml
View file @
ed7cc1ed
...
...
@@ -8,7 +8,7 @@ spec:
-
ReadWriteOnce
resources
:
requests
:
storage
:
1
0Gi
storage
:
3
0Gi
---
apiVersion
:
v1
kind
:
PersistentVolumeClaim
...
...
apps/base/loki/loki.yaml
View file @
ed7cc1ed
...
...
@@ -12,7 +12,7 @@ spec:
kind
:
HelmRepository
name
:
grafana
namespace
:
loki
version
:
6.
18
.0
version
:
6.
22
.0
interval
:
5m
upgrade
:
remediation
:
...
...
@@ -79,7 +79,12 @@ data:
ruler:
enabled: false
monitoring:
enabled: true
dashboards:
enabled: true
rules:
enabled: true
serviceMonitor:
enabled: true
selfMonitoring:
grafanaAgent:
installOperator: false
...
...
apps/base/matrix/release.yaml
View file @
ed7cc1ed
...
...
@@ -14,7 +14,7 @@ spec:
kind
:
HelmRepository
name
:
matrix-synapse
namespace
:
matrix
version
:
3.
9.1
2
version
:
3.
10.
2
interval
:
5m
install
:
remediation
:
...
...
apps/base/matrix/synatainer/synatainer.yaml
View file @
ed7cc1ed
...
...
@@ -21,7 +21,7 @@ spec:
serviceAccountName
:
synatainer
containers
:
-
name
:
synatainer
image
:
registry.gitlab.com/mb-saces/synatainer:0.4.
3
image
:
registry.gitlab.com/mb-saces/synatainer:0.4.
4@sha256:b5e1270a0b7d9be6a6bd651332483fedb678b097775d8254fde3188d5525338d
imagePullPolicy
:
IfNotPresent
args
:
-
/usr/local/bin/synatainer-cron.sh
...
...
apps/base/paperless/deployment.yaml
View file @
ed7cc1ed
...
...
@@ -17,6 +17,9 @@ spec:
containers
:
-
name
:
paperless
volumeMounts
:
-
name
:
storage
mountPath
:
/tmp/paperless
subPath
:
tmp
-
name
:
storage
mountPath
:
/usr/src/paperless/data
subPath
:
data
...
...
apps/base/paperless/kustomization.yaml
View file @
ed7cc1ed
...
...
@@ -11,9 +11,9 @@ commonLabels:
images
:
-
name
:
ghcr.io/paperless-ngx/paperless-ngx
newTag
:
2.13.
2
@sha256:
d440c8682b445fff3dccc538ab88c604e389d3221f926
7352f
15e7d1e551a98
d
newTag
:
2.13.
5
@sha256:
199c67ed55bfb9d58bf90db2ee280880ae9ebc63413e54c
7352
2
f
9c4ebdc7ba
d
-
name
:
docker.io/gotenberg/gotenberg
newTag
:
8.1
2.0
@sha256:
b10708db3ccabbee040d0b6d9ec68b6034a066c1d4e27b13fb7a6af4ade012e4
newTag
:
8.1
4.1
@sha256:
c81f625afc869ba10819622f7e7d6d76708b2a32645b3fb74fbee610bf030465
-
name
:
docker.io/apache/tika
newTag
:
2.9.2.1
# Config example, put in your own kustomization
...
...
apps/base/renovate/release.yaml
View file @
ed7cc1ed
...
...
@@ -13,7 +13,7 @@ spec:
sourceRef
:
kind
:
HelmRepository
name
:
renovate
version
:
3
8.135.2
version
:
3
9.28.0
interval
:
5m
valuesFrom
:
-
kind
:
ConfigMap
...
...
apps/k8s01/blog/blog.yaml
View file @
ed7cc1ed
...
...
@@ -13,7 +13,7 @@ spec:
automountServiceAccountToken
:
false
containers
:
-
name
:
blog
image
:
quay.io/shivering-isles/blog:2024.1
0
.2
8
.19
15
image
:
quay.io/shivering-isles/blog:2024.1
1
.2
9
.19
32
ports
:
-
containerPort
:
8080
protocol
:
TCP
...
...
apps/k8s01/dns/dashboards/blocky.json
View file @
ed7cc1ed
...
...
@@ -2026,11 +2026,7 @@
"tags"
:
[],
"templating"
:
{
"list"
:
[{
"current"
:
{
"selected"
:
false
,
"text"
:
"default"
,
"value"
:
"default"
},
"current"
:
{},
"hide"
:
0
,
"includeAll"
:
false
,
"multi"
:
false
,
...
...
@@ -2038,7 +2034,7 @@
"options"
:
[],
"query"
:
"prometheus"
,
"refresh"
:
1
,
"regex"
:
"
default
"
,
"regex"
:
""
,
"skipUrlSync"
:
false
,
"type"
:
"datasource"
}]
...
...
@@ -2066,4 +2062,4 @@
"uid"
:
"JvOqE4gRk"
,
"version"
:
5
,
"weekStart"
:
""
}
\ No newline at end of file
}
Prev
1
2
3
4
5
6
Next