Move all helmrepositories next to release #230
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- kubernetes/apps/kube-system/csi-driver-nfs/app Kustomization: kube-system/csi-driver-nfs HelmRelease: kube-system/csi-driver-nfs
+++ kubernetes/apps/kube-system/csi-driver-nfs/app Kustomization: kube-system/csi-driver-nfs HelmRelease: kube-system/csi-driver-nfs
@@ -6,20 +6,15 @@
app.kubernetes.io/name: csi-driver-nfs
kustomize.toolkit.fluxcd.io/name: csi-driver-nfs
kustomize.toolkit.fluxcd.io/namespace: kube-system
name: csi-driver-nfs
namespace: kube-system
spec:
- chart:
- spec:
- chart: csi-driver-nfs
- sourceRef:
- kind: HelmRepository
- name: csi-driver-nfs
- namespace: flux-system
- version: 4.11.0
+ chartRef:
+ kind: OCIRepository
+ name: csi-driver-nfs
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/kube-system/csi-driver-nfs/app Kustomization: kube-system/csi-driver-nfs OCIRepository: kube-system/csi-driver-nfs
+++ kubernetes/apps/kube-system/csi-driver-nfs/app Kustomization: kube-system/csi-driver-nfs OCIRepository: kube-system/csi-driver-nfs
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: csi-driver-nfs
+ kustomize.toolkit.fluxcd.io/name: csi-driver-nfs
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: csi-driver-nfs
+ namespace: kube-system
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 4.11.0
+ url: oci://ghcr.io/home-operations/charts-mirror/csi-driver-nfs
+
--- kubernetes/apps/dragonfly-operator-system/dragonfly/app Kustomization: dragonfly-operator-system/dragonfly-operator HelmRelease: dragonfly-operator-system/dragonfly-operator
+++ kubernetes/apps/dragonfly-operator-system/dragonfly/app Kustomization: dragonfly-operator-system/dragonfly-operator HelmRelease: dragonfly-operator-system/dragonfly-operator
@@ -6,20 +6,15 @@
app.kubernetes.io/name: dragonfly-operator
kustomize.toolkit.fluxcd.io/name: dragonfly-operator
kustomize.toolkit.fluxcd.io/namespace: dragonfly-operator-system
name: dragonfly-operator
namespace: dragonfly-operator-system
spec:
- chart:
- spec:
- chart: dragonfly-operator
- sourceRef:
- kind: HelmRepository
- name: dragonfly
- namespace: flux-system
- version: v1.1.10
+ chartRef:
+ kind: OCIRepository
+ name: dragonfly-operator
install:
crds: CreateReplace
interval: 30m
maxHistory: 3
uninstall:
keepHistory: false
--- kubernetes/apps/dragonfly-operator-system/dragonfly/app Kustomization: dragonfly-operator-system/dragonfly-operator OCIRepository: dragonfly-operator-system/dragonfly-operator
+++ kubernetes/apps/dragonfly-operator-system/dragonfly/app Kustomization: dragonfly-operator-system/dragonfly-operator OCIRepository: dragonfly-operator-system/dragonfly-operator
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: dragonfly-operator
+ kustomize.toolkit.fluxcd.io/name: dragonfly-operator
+ kustomize.toolkit.fluxcd.io/namespace: dragonfly-operator-system
+ name: dragonfly-operator
+ namespace: dragonfly-operator-system
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: v1.1.10
+ url: oci://ghcr.io/dragonflydb/dragonfly-operator/helm/dragonfly-operator
+
--- kubernetes/apps/kube-system/intel-device-plugin/gpu Kustomization: kube-system/intel-device-plugin-gpu HelmRelease: kube-system/intel-device-plugin-gpu
+++ kubernetes/apps/kube-system/intel-device-plugin/gpu Kustomization: kube-system/intel-device-plugin-gpu HelmRelease: kube-system/intel-device-plugin-gpu
@@ -6,31 +6,22 @@
app.kubernetes.io/name: intel-device-plugin-gpu
kustomize.toolkit.fluxcd.io/name: intel-device-plugin-gpu
kustomize.toolkit.fluxcd.io/namespace: kube-system
name: intel-device-plugin-gpu
namespace: kube-system
spec:
- chart:
- spec:
- chart: intel-device-plugins-gpu
- sourceRef:
- kind: HelmRepository
- name: intel
- namespace: flux-system
- version: 0.32.0
- dependsOn:
- - name: intel-device-plugin-operator
- namespace: kube-system
+ chartRef:
+ kind: OCIRepository
+ name: intel-device-plugins-gpu
install:
remediation:
- retries: 3
- interval: 30m
+ retries: -1
+ interval: 1h
upgrade:
cleanupOnFail: true
remediation:
retries: 3
- strategy: rollback
values:
- name: intel-gpu-plugin
+ name: i915
nodeFeatureRule: false
- sharedDevNum: 3
+ sharedDevNum: 99
--- kubernetes/apps/kube-system/intel-device-plugin/gpu Kustomization: kube-system/intel-device-plugin-gpu OCIRepository: kube-system/intel-device-plugins-gpu
+++ kubernetes/apps/kube-system/intel-device-plugin/gpu Kustomization: kube-system/intel-device-plugin-gpu OCIRepository: kube-system/intel-device-plugins-gpu
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: intel-device-plugin-gpu
+ kustomize.toolkit.fluxcd.io/name: intel-device-plugin-gpu
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: intel-device-plugins-gpu
+ namespace: kube-system
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 0.32.0
+ url: oci://ghcr.io/home-operations/charts-mirror/intel-device-plugins-gpu
+
--- kubernetes/apps/network/multus/app Kustomization: network/multus HelmRelease: network/multus
+++ kubernetes/apps/network/multus/app Kustomization: network/multus HelmRelease: network/multus
@@ -6,21 +6,15 @@
app.kubernetes.io/name: multus
kustomize.toolkit.fluxcd.io/name: multus
kustomize.toolkit.fluxcd.io/namespace: network
name: multus
namespace: network
spec:
- chart:
- spec:
- chart: app-template
- interval: 30m
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
interval: 30m
values:
controllers:
multus:
containers:
multus:
--- kubernetes/apps/cert-manager/cert-manager/app Kustomization: cert-manager/cert-manager HelmRelease: cert-manager/cert-manager
+++ kubernetes/apps/cert-manager/cert-manager/app Kustomization: cert-manager/cert-manager HelmRelease: cert-manager/cert-manager
@@ -6,27 +6,21 @@
app.kubernetes.io/name: cert-manager
kustomize.toolkit.fluxcd.io/name: cert-manager
kustomize.toolkit.fluxcd.io/namespace: cert-manager
name: cert-manager
namespace: cert-manager
spec:
- chart:
- spec:
- chart: cert-manager
- sourceRef:
- kind: HelmRepository
- name: jetstack
- namespace: flux-system
- version: v1.17.1
+ chartRef:
+ kind: OCIRepository
+ name: cert-manager
install:
remediation:
- retries: 3
- interval: 30m
+ retries: -1
+ interval: 1h
upgrade:
cleanupOnFail: true
remediation:
retries: 3
- strategy: rollback
valuesFrom:
- kind: ConfigMap
- name: cert-manager-helm-values-c7h224g7dd
+ name: cert-manager-values-c7h224g7dd
--- kubernetes/apps/cert-manager/cert-manager/app Kustomization: cert-manager/cert-manager ConfigMap: cert-manager/cert-manager-helm-values-c7h224g7dd
+++ kubernetes/apps/cert-manager/cert-manager/app Kustomization: cert-manager/cert-manager ConfigMap: cert-manager/cert-manager-helm-values-c7h224g7dd
@@ -1,23 +0,0 @@
----
-apiVersion: v1
-data:
- values.yaml: |
- ---
- crds:
- enabled: true
- replicaCount: 1
- dns01RecursiveNameservers: 8.8.8.8:53,1.1.1.1:53
- dns01RecursiveNameserversOnly: true
- prometheus:
- enabled: true
- servicemonitor:
- enabled: true
-kind: ConfigMap
-metadata:
- labels:
- app.kubernetes.io/name: cert-manager
- kustomize.toolkit.fluxcd.io/name: cert-manager
- kustomize.toolkit.fluxcd.io/namespace: cert-manager
- name: cert-manager-helm-values-c7h224g7dd
- namespace: cert-manager
-
--- kubernetes/apps/cert-manager/cert-manager/app Kustomization: cert-manager/cert-manager OCIRepository: cert-manager/cert-manager
+++ kubernetes/apps/cert-manager/cert-manager/app Kustomization: cert-manager/cert-manager OCIRepository: cert-manager/cert-manager
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: cert-manager
+ kustomize.toolkit.fluxcd.io/name: cert-manager
+ kustomize.toolkit.fluxcd.io/namespace: cert-manager
+ name: cert-manager
+ namespace: cert-manager
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: v1.17.1
+ url: oci://quay.io/jetstack/charts/cert-manager
+
--- kubernetes/apps/cert-manager/cert-manager/app Kustomization: cert-manager/cert-manager PrometheusRule: cert-manager/cert-manager-rules
+++ kubernetes/apps/cert-manager/cert-manager/app Kustomization: cert-manager/cert-manager PrometheusRule: cert-manager/cert-manager-rules
@@ -0,0 +1,50 @@
+---
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+ labels:
+ app.kubernetes.io/name: cert-manager
+ kustomize.toolkit.fluxcd.io/name: cert-manager
+ kustomize.toolkit.fluxcd.io/namespace: cert-manager
+ name: cert-manager-rules
+ namespace: cert-manager
+spec:
+ groups:
+ - name: cert-manager.rules
+ rules:
+ - alert: CertManagerAbsent
+ annotations:
+ summary: Cert Manager has dissapeared from Prometheus service discovery
+ expr: |
+ absent(up{job="cert-manager"})
+ for: 5m
+ labels:
+ severity: critical
+ - name: certificates
+ rules:
+ - alert: CertManagerCertExpirySoon
+ annotations:
+ summary: The cert {{ $labels.name }} is {{ $value | humanizeDuration }} from
+ expiry, it should have renewed over a week ago
+ expr: |
+ avg by (exported_namespace, namespace, name) (certmanager_certificate_expiration_timestamp_seconds - time()) < (21 * 24 * 3600)
+ for: 5m
+ labels:
+ severity: critical
+ - alert: CertManagerCertNotReady
+ annotations:
+ summary: The cert {{ $labels.name }} is not ready to serve traffic
+ expr: |
+ max by (name, exported_namespace, namespace, condition) (certmanager_certificate_ready_status{condition!="True"} == 1)
+ for: 5m
+ labels:
+ severity: critical
+ - alert: CertManagerHittingRateLimits
+ annotations:
+ summary: Cert manager hitting LetsEncrypt rate limits
+ expr: |
+ sum by (host) (rate(certmanager_http_acme_client_request_count{status="429"}[5m])) > 0
+ for: 5m
+ labels:
+ severity: critical
+
--- kubernetes/apps/cert-manager/cert-manager/app Kustomization: cert-manager/cert-manager ConfigMap: cert-manager/cert-manager-values-c7h224g7dd
+++ kubernetes/apps/cert-manager/cert-manager/app Kustomization: cert-manager/cert-manager ConfigMap: cert-manager/cert-manager-values-c7h224g7dd
@@ -0,0 +1,23 @@
+---
+apiVersion: v1
+data:
+ values.yaml: |
+ ---
+ crds:
+ enabled: true
+ replicaCount: 1
+ dns01RecursiveNameservers: 8.8.8.8:53,1.1.1.1:53
+ dns01RecursiveNameserversOnly: true
+ prometheus:
+ enabled: true
+ servicemonitor:
+ enabled: true
+kind: ConfigMap
+metadata:
+ labels:
+ app.kubernetes.io/name: cert-manager
+ kustomize.toolkit.fluxcd.io/name: cert-manager
+ kustomize.toolkit.fluxcd.io/namespace: cert-manager
+ name: cert-manager-values-c7h224g7dd
+ namespace: cert-manager
+
--- kubernetes/apps/kube-system/coredns/app Kustomization: kube-system/coredns HelmRelease: kube-system/coredns
+++ kubernetes/apps/kube-system/coredns/app Kustomization: kube-system/coredns HelmRelease: kube-system/coredns
@@ -6,27 +6,21 @@
app.kubernetes.io/name: coredns
kustomize.toolkit.fluxcd.io/name: coredns
kustomize.toolkit.fluxcd.io/namespace: kube-system
name: coredns
namespace: kube-system
spec:
- chart:
- spec:
- chart: coredns
- sourceRef:
- kind: HelmRepository
- name: coredns
- namespace: flux-system
- version: 1.39.2
+ chartRef:
+ kind: OCIRepository
+ name: coredns
install:
remediation:
- retries: 3
- interval: 30m
+ retries: -1
+ interval: 1h
upgrade:
cleanupOnFail: true
remediation:
retries: 3
- strategy: rollback
valuesFrom:
- kind: ConfigMap
- name: coredns-helm-values-626d68t4bb
+ name: coredns-values-626d68t4bb
--- kubernetes/apps/kube-system/coredns/app Kustomization: kube-system/coredns ConfigMap: kube-system/coredns-helm-values-626d68t4bb
+++ kubernetes/apps/kube-system/coredns/app Kustomization: kube-system/coredns ConfigMap: kube-system/coredns-helm-values-626d68t4bb
@@ -1,65 +0,0 @@
----
-apiVersion: v1
-data:
- values.yaml: |+
- ---
- fullnameOverride: coredns
- replicaCount: 2
- k8sAppLabelOverride: kube-dns
- serviceAccount:
- create: true
- service:
- name: kube-dns
- clusterIP: 10.96.0.10
- servers:
- - zones:
- - zone: .
- scheme: dns://
- use_tcp: true
- port: 53
- plugins:
- - name: errors
- - name: health
- configBlock: |-
- lameduck 5s
- - name: ready
- - name: log
- configBlock: |-
- class error
- - name: prometheus
- parameters: 0.0.0.0:9153
- - name: kubernetes
- parameters: cluster.local in-addr.arpa ip6.arpa
- configBlock: |-
- pods insecure
- fallthrough in-addr.arpa ip6.arpa
- - name: forward
- parameters: . /etc/resolv.conf
- - name: cache
- parameters: 30
- - name: loop
- - name: reload
- - name: loadbalance
- affinity:
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: node-role.kubernetes.io/control-plane
- operator: Exists
- tolerations:
- - key: CriticalAddonsOnly
- operator: Exists
- - key: node-role.kubernetes.io/control-plane
- operator: Exists
- effect: NoSchedule
-
-kind: ConfigMap
-metadata:
- labels:
- app.kubernetes.io/name: coredns
- kustomize.toolkit.fluxcd.io/name: coredns
- kustomize.toolkit.fluxcd.io/namespace: kube-system
- name: coredns-helm-values-626d68t4bb
- namespace: kube-system
-
--- kubernetes/apps/kube-system/coredns/app Kustomization: kube-system/coredns OCIRepository: kube-system/coredns
+++ kubernetes/apps/kube-system/coredns/app Kustomization: kube-system/coredns OCIRepository: kube-system/coredns
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: coredns
+ kustomize.toolkit.fluxcd.io/name: coredns
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: coredns
+ namespace: kube-system
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 1.39.2
+ url: oci://ghcr.io/coredns/charts/coredns
+
--- kubernetes/apps/kube-system/coredns/app Kustomization: kube-system/coredns ConfigMap: kube-system/coredns-values-626d68t4bb
+++ kubernetes/apps/kube-system/coredns/app Kustomization: kube-system/coredns ConfigMap: kube-system/coredns-values-626d68t4bb
@@ -0,0 +1,65 @@
+---
+apiVersion: v1
+data:
+ values.yaml: |+
+ ---
+ fullnameOverride: coredns
+ replicaCount: 2
+ k8sAppLabelOverride: kube-dns
+ serviceAccount:
+ create: true
+ service:
+ name: kube-dns
+ clusterIP: 10.96.0.10
+ servers:
+ - zones:
+ - zone: .
+ scheme: dns://
+ use_tcp: true
+ port: 53
+ plugins:
+ - name: errors
+ - name: health
+ configBlock: |-
+ lameduck 5s
+ - name: ready
+ - name: log
+ configBlock: |-
+ class error
+ - name: prometheus
+ parameters: 0.0.0.0:9153
+ - name: kubernetes
+ parameters: cluster.local in-addr.arpa ip6.arpa
+ configBlock: |-
+ pods insecure
+ fallthrough in-addr.arpa ip6.arpa
+ - name: forward
+ parameters: . /etc/resolv.conf
+ - name: cache
+ parameters: 30
+ - name: loop
+ - name: reload
+ - name: loadbalance
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: node-role.kubernetes.io/control-plane
+ operator: Exists
+ tolerations:
+ - key: CriticalAddonsOnly
+ operator: Exists
+ - key: node-role.kubernetes.io/control-plane
+ operator: Exists
+ effect: NoSchedule
+
+kind: ConfigMap
+metadata:
+ labels:
+ app.kubernetes.io/name: coredns
+ kustomize.toolkit.fluxcd.io/name: coredns
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: coredns-values-626d68t4bb
+ namespace: kube-system
+
--- kubernetes/apps/kube-system/metrics-server/app Kustomization: kube-system/metrics-server HelmRelease: kube-system/metrics-server
+++ kubernetes/apps/kube-system/metrics-server/app Kustomization: kube-system/metrics-server HelmRelease: kube-system/metrics-server
@@ -6,20 +6,15 @@
app.kubernetes.io/name: metrics-server
kustomize.toolkit.fluxcd.io/name: metrics-server
kustomize.toolkit.fluxcd.io/namespace: kube-system
name: metrics-server
namespace: kube-system
spec:
- chart:
- spec:
- chart: metrics-server
- sourceRef:
- kind: HelmRepository
- name: metrics-server
- namespace: flux-system
- version: 3.12.2
+ chartRef:
+ kind: OCIRepository
+ name: metrics-server
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/kube-system/metrics-server/app Kustomization: kube-system/metrics-server OCIRepository: kube-system/metrics-server
+++ kubernetes/apps/kube-system/metrics-server/app Kustomization: kube-system/metrics-server OCIRepository: kube-system/metrics-server
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: metrics-server
+ kustomize.toolkit.fluxcd.io/name: metrics-server
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: metrics-server
+ namespace: kube-system
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 3.12.2
+ url: oci://ghcr.io/home-operations/charts-mirror/metrics-server
+
--- kubernetes/apps/kube-system/cilium/app Kustomization: kube-system/cilium HelmRelease: kube-system/cilium
+++ kubernetes/apps/kube-system/cilium/app Kustomization: kube-system/cilium HelmRelease: kube-system/cilium
@@ -6,26 +6,48 @@
app.kubernetes.io/name: cilium
kustomize.toolkit.fluxcd.io/name: cilium
kustomize.toolkit.fluxcd.io/namespace: kube-system
name: cilium
namespace: kube-system
spec:
- chart:
- spec:
- chart: cilium
- sourceRef:
- kind: HelmRepository
- name: cilium
- namespace: flux-system
- version: 1.17.2
+ chartRef:
+ kind: OCIRepository
+ name: cilium
install:
remediation:
- retries: 3
- interval: 30m
+ retries: -1
+ interval: 1h
upgrade:
cleanupOnFail: true
remediation:
retries: 3
+ values:
+ hubble:
+ enabled: true
+ metrics:
+ dashboards:
+ enabled: true
+ enabled:
+ - dns:query
+ - drop
+ - tcp
+ - flow
+ - port-distribution
+ - icmp
+ - http
+ serviceMonitor:
+ enabled: true
+ relay:
+ enabled: true
+ prometheus:
+ serviceMonitor:
+ enabled: true
+ rollOutPods: true
+ ui:
+ enabled: true
+ rollOutPods: true
+ operator:
+ tolerations: []
valuesFrom:
- kind: ConfigMap
- name: cilium-helm-values-mkctccktbb
+ name: cilium-values-mkctccktbb
--- kubernetes/apps/kube-system/cilium/app Kustomization: kube-system/cilium ConfigMap: kube-system/cilium-helm-values-mkctccktbb
+++ kubernetes/apps/kube-system/cilium/app Kustomization: kube-system/cilium ConfigMap: kube-system/cilium-helm-values-mkctccktbb
@@ -1,85 +0,0 @@
----
-apiVersion: v1
-data:
- values.yaml: |
- ---
- autoDirectNodeRoutes: true
- bpf:
- masquerade: true
- # Ref: https://github.com/siderolabs/talos/issues/10002
- hostLegacyRouting: true
- cni:
- # Required for pairing with Multus CNI
- exclusive: false
- cgroup:
- automount:
- enabled: false
- hostRoot: /sys/fs/cgroup
- endpointRoutes:
- enabled: true
- envoy:
- enabled: false
- dashboards:
- enabled: true
- hubble:
- enabled: false
- ipam:
- mode: kubernetes
- ipv4NativeRoutingCIDR: "10.69.0.0/16"
- k8sServiceHost: 127.0.0.1
- k8sServicePort: 7445
- kubeProxyReplacement: true
- kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
- l2announcements:
- enabled: true
- loadBalancer:
- algorithm: maglev
- mode: "dsr"
- localRedirectPolicy: true
- operator:
- replicas: 1
- rollOutPods: true
- prometheus:
- enabled: true
- serviceMonitor:
- enabled: true
- dashboards:
- enabled: true
- prometheus:
- enabled: true
- serviceMonitor:
- enabled: true
- trustCRDsExist: true
- rollOutCiliumPods: true
- routingMode: native
- securityContext:
- capabilities:
- ciliumAgent:
- - CHOWN
- - KILL
- - NET_ADMIN
- - NET_RAW
- - IPC_LOCK
- - SYS_ADMIN
- - SYS_RESOURCE
- - PERFMON
- - BPF
- - DAC_OVERRIDE
- - FOWNER
- - SETGID
- - SETUID
- cleanCiliumState:
- - NET_ADMIN
- - SYS_ADMIN
- - SYS_RESOURCE
- socketLB:
- hostNamespaceOnly: true
-kind: ConfigMap
-metadata:
- labels:
- app.kubernetes.io/name: cilium
- kustomize.toolkit.fluxcd.io/name: cilium
- kustomize.toolkit.fluxcd.io/namespace: kube-system
- name: cilium-helm-values-mkctccktbb
- namespace: kube-system
-
--- kubernetes/apps/kube-system/cilium/app Kustomization: kube-system/cilium OCIRepository: kube-system/cilium
+++ kubernetes/apps/kube-system/cilium/app Kustomization: kube-system/cilium OCIRepository: kube-system/cilium
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: cilium
+ kustomize.toolkit.fluxcd.io/name: cilium
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: cilium
+ namespace: kube-system
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 1.17.2
+ url: oci://ghcr.io/home-operations/charts-mirror/cilium
+
--- kubernetes/apps/kube-system/cilium/app Kustomization: kube-system/cilium ConfigMap: kube-system/cilium-values-mkctccktbb
+++ kubernetes/apps/kube-system/cilium/app Kustomization: kube-system/cilium ConfigMap: kube-system/cilium-values-mkctccktbb
@@ -0,0 +1,85 @@
+---
+apiVersion: v1
+data:
+ values.yaml: |
+ ---
+ autoDirectNodeRoutes: true
+ bpf:
+ masquerade: true
+ # Ref: https://github.com/siderolabs/talos/issues/10002
+ hostLegacyRouting: true
+ cni:
+ # Required for pairing with Multus CNI
+ exclusive: false
+ cgroup:
+ automount:
+ enabled: false
+ hostRoot: /sys/fs/cgroup
+ endpointRoutes:
+ enabled: true
+ envoy:
+ enabled: false
+ dashboards:
+ enabled: true
+ hubble:
+ enabled: false
+ ipam:
+ mode: kubernetes
+ ipv4NativeRoutingCIDR: "10.69.0.0/16"
+ k8sServiceHost: 127.0.0.1
+ k8sServicePort: 7445
+ kubeProxyReplacement: true
+ kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
+ l2announcements:
+ enabled: true
+ loadBalancer:
+ algorithm: maglev
+ mode: "dsr"
+ localRedirectPolicy: true
+ operator:
+ replicas: 1
+ rollOutPods: true
+ prometheus:
+ enabled: true
+ serviceMonitor:
+ enabled: true
+ dashboards:
+ enabled: true
+ prometheus:
+ enabled: true
+ serviceMonitor:
+ enabled: true
+ trustCRDsExist: true
+ rollOutCiliumPods: true
+ routingMode: native
+ securityContext:
+ capabilities:
+ ciliumAgent:
+ - CHOWN
+ - KILL
+ - NET_ADMIN
+ - NET_RAW
+ - IPC_LOCK
+ - SYS_ADMIN
+ - SYS_RESOURCE
+ - PERFMON
+ - BPF
+ - DAC_OVERRIDE
+ - FOWNER
+ - SETGID
+ - SETUID
+ cleanCiliumState:
+ - NET_ADMIN
+ - SYS_ADMIN
+ - SYS_RESOURCE
+ socketLB:
+ hostNamespaceOnly: true
+kind: ConfigMap
+metadata:
+ labels:
+ app.kubernetes.io/name: cilium
+ kustomize.toolkit.fluxcd.io/name: cilium
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: cilium-values-mkctccktbb
+ namespace: kube-system
+
--- kubernetes/apps/kube-system/spegel/app Kustomization: kube-system/spegel HelmRelease: kube-system/spegel
+++ kubernetes/apps/kube-system/spegel/app Kustomization: kube-system/spegel HelmRelease: kube-system/spegel
@@ -6,34 +6,21 @@
app.kubernetes.io/name: spegel
kustomize.toolkit.fluxcd.io/name: spegel
kustomize.toolkit.fluxcd.io/namespace: kube-system
name: spegel
namespace: kube-system
spec:
- chart:
- spec:
- chart: spegel
- sourceRef:
- kind: HelmRepository
- name: spegel
- namespace: flux-system
- version: 0.1.1
+ chartRef:
+ kind: OCIRepository
+ name: spegel
install:
remediation:
- retries: 3
- interval: 30m
+ retries: -1
+ interval: 1h
upgrade:
cleanupOnFail: true
remediation:
retries: 3
- values:
- grafanaDashboard:
- enabled: true
- service:
- registry:
- hostPort: 29999
- serviceMonitor:
- enabled: true
- spegel:
- containerdRegistryConfigPath: /etc/cri/conf.d/hosts
- containerdSock: /run/containerd/containerd.sock
+ valuesFrom:
+ - kind: ConfigMap
+ name: spegel-values-6fc949fg8k
--- kubernetes/apps/kube-system/spegel/app Kustomization: kube-system/spegel OCIRepository: kube-system/spegel
+++ kubernetes/apps/kube-system/spegel/app Kustomization: kube-system/spegel OCIRepository: kube-system/spegel
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: spegel
+ kustomize.toolkit.fluxcd.io/name: spegel
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: spegel
+ namespace: kube-system
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 0.1.1
+ url: oci://ghcr.io/spegel-org/helm-charts/spegel
+
--- kubernetes/apps/kube-system/spegel/app Kustomization: kube-system/spegel ConfigMap: kube-system/spegel-values-6fc949fg8k
+++ kubernetes/apps/kube-system/spegel/app Kustomization: kube-system/spegel ConfigMap: kube-system/spegel-values-6fc949fg8k
@@ -0,0 +1,25 @@
+---
+apiVersion: v1
+data:
+ values.yaml: |
+ ---
+ spegel:
+ appendMirrors: true
+ containerdSock: /run/containerd/containerd.sock
+ containerdRegistryConfigPath: /etc/cri/conf.d/hosts
+ service:
+ registry:
+ hostPort: 29999
+ serviceMonitor:
+ enabled: true
+ grafanaDashboard:
+ enabled: true
+kind: ConfigMap
+metadata:
+ labels:
+ app.kubernetes.io/name: spegel
+ kustomize.toolkit.fluxcd.io/name: spegel
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: spegel-values-6fc949fg8k
+ namespace: kube-system
+
--- kubernetes/apps/kube-system/reloader/app Kustomization: kube-system/reloader HelmRelease: kube-system/reloader
+++ kubernetes/apps/kube-system/reloader/app Kustomization: kube-system/reloader HelmRelease: kube-system/reloader
@@ -6,30 +6,28 @@
app.kubernetes.io/name: reloader
kustomize.toolkit.fluxcd.io/name: reloader
kustomize.toolkit.fluxcd.io/namespace: kube-system
name: reloader
namespace: kube-system
spec:
- chart:
- spec:
- chart: reloader
- sourceRef:
- kind: HelmRepository
- name: stakater
- namespace: flux-system
- version: 2.0.0
+ chartRef:
+ kind: OCIRepository
+ name: reloader
install:
remediation:
- retries: 3
- interval: 30m
+ retries: -1
+ interval: 1h
upgrade:
cleanupOnFail: true
remediation:
retries: 3
values:
fullnameOverride: reloader
reloader:
+ deployment:
+ replicas: 1
+ enableHA: true
podMonitor:
enabled: true
namespace: '{{ .Release.Namespace }}'
readOnlyRootFileSystem: true
--- kubernetes/apps/kube-system/reloader/app Kustomization: kube-system/reloader OCIRepository: kube-system/reloader
+++ kubernetes/apps/kube-system/reloader/app Kustomization: kube-system/reloader OCIRepository: kube-system/reloader
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: reloader
+ kustomize.toolkit.fluxcd.io/name: reloader
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: reloader
+ namespace: kube-system
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 2.0.0
+ url: oci://ghcr.io/stakater/charts/reloader
+
--- kubernetes/apps/external-secrets/onepassword/app Kustomization: external-secrets/onepassword HelmRelease: external-secrets/onepassword
+++ kubernetes/apps/external-secrets/onepassword/app Kustomization: external-secrets/onepassword HelmRelease: external-secrets/onepassword
@@ -6,20 +6,15 @@
app.kubernetes.io/name: onepassword
kustomize.toolkit.fluxcd.io/name: onepassword
kustomize.toolkit.fluxcd.io/namespace: external-secrets
name: onepassword
namespace: external-secrets
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/cnpg-system/cloudnative-pg/app Kustomization: cnpg-system/cloudnative-pg HelmRelease: cnpg-system/cloudnative-pg
+++ kubernetes/apps/cnpg-system/cloudnative-pg/app Kustomization: cnpg-system/cloudnative-pg HelmRelease: cnpg-system/cloudnative-pg
@@ -6,20 +6,15 @@
app.kubernetes.io/name: cloudnative-pg
kustomize.toolkit.fluxcd.io/name: cloudnative-pg
kustomize.toolkit.fluxcd.io/namespace: cnpg-system
name: cloudnative-pg
namespace: cnpg-system
spec:
- chart:
- spec:
- chart: cloudnative-pg
- sourceRef:
- kind: HelmRepository
- name: cnpg
- namespace: flux-system
- version: 0.23.2
+ chartRef:
+ kind: OCIRepository
+ name: cloudnative-pg
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/cnpg-system/cloudnative-pg/app Kustomization: cnpg-system/cloudnative-pg OCIRepository: cnpg-system/cloudnative-pg
+++ kubernetes/apps/cnpg-system/cloudnative-pg/app Kustomization: cnpg-system/cloudnative-pg OCIRepository: cnpg-system/cloudnative-pg
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: cloudnative-pg
+ kustomize.toolkit.fluxcd.io/name: cloudnative-pg
+ kustomize.toolkit.fluxcd.io/namespace: cnpg-system
+ name: cloudnative-pg
+ namespace: cnpg-system
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 0.23.2
+ url: oci://ghcr.io/cloudnative-pg/charts/cloudnative-pg
+
--- kubernetes/apps/kube-system/intel-device-plugin/app Kustomization: kube-system/intel-device-plugin HelmRelease: kube-system/intel-device-plugin-operator
+++ kubernetes/apps/kube-system/intel-device-plugin/app Kustomization: kube-system/intel-device-plugin HelmRelease: kube-system/intel-device-plugin-operator
@@ -6,32 +6,24 @@
app.kubernetes.io/name: intel-device-plugin
kustomize.toolkit.fluxcd.io/name: intel-device-plugin
kustomize.toolkit.fluxcd.io/namespace: kube-system
name: intel-device-plugin-operator
namespace: kube-system
spec:
- chart:
- spec:
- chart: intel-device-plugins-operator
- sourceRef:
- kind: HelmRepository
- name: intel
- namespace: flux-system
- version: 0.32.0
- dependsOn:
- - name: node-feature-discovery
- namespace: kube-system
+ chartRef:
+ kind: OCIRepository
+ name: intel-device-plugins-operator
install:
crds: CreateReplace
remediation:
- retries: 3
- interval: 30m
+ retries: -1
+ interval: 1h
upgrade:
cleanupOnFail: true
crds: CreateReplace
remediation:
retries: 3
- strategy: rollback
values:
- controllerExtraArgs: |
- - --devices=gpu
+ manager:
+ devices:
+ gpu: true
--- kubernetes/apps/kube-system/intel-device-plugin/app Kustomization: kube-system/intel-device-plugin OCIRepository: kube-system/intel-device-plugins-operator
+++ kubernetes/apps/kube-system/intel-device-plugin/app Kustomization: kube-system/intel-device-plugin OCIRepository: kube-system/intel-device-plugins-operator
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: intel-device-plugin
+ kustomize.toolkit.fluxcd.io/name: intel-device-plugin
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: intel-device-plugins-operator
+ namespace: kube-system
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 0.32.0
+ url: oci://ghcr.io/home-operations/charts-mirror/intel-device-plugins-operator
+
--- kubernetes/apps/default/peanut/app Kustomization: default/peanut HelmRelease: default/peanut
+++ kubernetes/apps/default/peanut/app Kustomization: default/peanut HelmRelease: default/peanut
@@ -6,20 +6,15 @@
app.kubernetes.io/name: peanut
kustomize.toolkit.fluxcd.io/name: peanut
kustomize.toolkit.fluxcd.io/namespace: default
name: peanut
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/flux-system/flux-operator/app Kustomization: flux-system/flux-operator OCIRepository: flux-system/flux-operator
+++ kubernetes/apps/flux-system/flux-operator/app Kustomization: flux-system/flux-operator OCIRepository: flux-system/flux-operator
@@ -13,12 +13,7 @@
layerSelector:
mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
operation: copy
ref:
tag: 0.18.0
url: oci://ghcr.io/controlplaneio-fluxcd/charts/flux-operator
- verify:
- matchOIDCIdentity:
- - issuer: ^https://token.actions.githubusercontent.com$
- subject: ^https://github.com/controlplaneio-fluxcd/charts.*$
- provider: cosign
--- kubernetes/apps/external-secrets/external-secrets/app Kustomization: external-secrets/external-secrets HelmRelease: external-secrets/external-secrets
+++ kubernetes/apps/external-secrets/external-secrets/app Kustomization: external-secrets/external-secrets HelmRelease: external-secrets/external-secrets
@@ -6,27 +6,21 @@
app.kubernetes.io/name: external-secrets
kustomize.toolkit.fluxcd.io/name: external-secrets
kustomize.toolkit.fluxcd.io/namespace: external-secrets
name: external-secrets
namespace: external-secrets
spec:
- chart:
- spec:
- chart: external-secrets
- sourceRef:
- kind: HelmRepository
- name: external-secrets
- namespace: flux-system
- version: 0.15.1
+ chartRef:
+ kind: OCIRepository
+ name: external-secrets
install:
remediation:
- retries: 3
- interval: 30m
+ retries: -1
+ interval: 1h
upgrade:
cleanupOnFail: true
remediation:
retries: 3
- strategy: rollback
valuesFrom:
- kind: ConfigMap
- name: external-secrets-helm-values-h9g78hg67k
+ name: external-secrets-values-h9g78hg67k
--- kubernetes/apps/external-secrets/external-secrets/app Kustomization: external-secrets/external-secrets ConfigMap: external-secrets/external-secrets-helm-values-h9g78hg67k
+++ kubernetes/apps/external-secrets/external-secrets/app Kustomization: external-secrets/external-secrets ConfigMap: external-secrets/external-secrets-helm-values-h9g78hg67k
@@ -1,34 +0,0 @@
----
-apiVersion: v1
-data:
- values.yaml: |
- ---
- installCRDs: true
- replicaCount: 1
- leaderElect: true
- image:
- repository: ghcr.io/external-secrets/external-secrets
- webhook:
- image:
- repository: ghcr.io/external-secrets/external-secrets
- serviceMonitor:
- enabled: true
- interval: 1m
- certController:
- image:
- repository: ghcr.io/external-secrets/external-secrets
- serviceMonitor:
- enabled: true
- interval: 1m
- serviceMonitor:
- enabled: true
- interval: 1m
-kind: ConfigMap
-metadata:
- labels:
- app.kubernetes.io/name: external-secrets
- kustomize.toolkit.fluxcd.io/name: external-secrets
- kustomize.toolkit.fluxcd.io/namespace: external-secrets
- name: external-secrets-helm-values-h9g78hg67k
- namespace: external-secrets
-
--- kubernetes/apps/external-secrets/external-secrets/app Kustomization: external-secrets/external-secrets OCIRepository: external-secrets/external-secrets
+++ kubernetes/apps/external-secrets/external-secrets/app Kustomization: external-secrets/external-secrets OCIRepository: external-secrets/external-secrets
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: external-secrets
+ kustomize.toolkit.fluxcd.io/name: external-secrets
+ kustomize.toolkit.fluxcd.io/namespace: external-secrets
+ name: external-secrets
+ namespace: external-secrets
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 0.15.1
+ url: oci://ghcr.io/external-secrets/charts/external-secrets
+
--- kubernetes/apps/external-secrets/external-secrets/app Kustomization: external-secrets/external-secrets ConfigMap: external-secrets/external-secrets-values-h9g78hg67k
+++ kubernetes/apps/external-secrets/external-secrets/app Kustomization: external-secrets/external-secrets ConfigMap: external-secrets/external-secrets-values-h9g78hg67k
@@ -0,0 +1,34 @@
+---
+apiVersion: v1
+data:
+ values.yaml: |
+ ---
+ installCRDs: true
+ replicaCount: 1
+ leaderElect: true
+ image:
+ repository: ghcr.io/external-secrets/external-secrets
+ webhook:
+ image:
+ repository: ghcr.io/external-secrets/external-secrets
+ serviceMonitor:
+ enabled: true
+ interval: 1m
+ certController:
+ image:
+ repository: ghcr.io/external-secrets/external-secrets
+ serviceMonitor:
+ enabled: true
+ interval: 1m
+ serviceMonitor:
+ enabled: true
+ interval: 1m
+kind: ConfigMap
+metadata:
+ labels:
+ app.kubernetes.io/name: external-secrets
+ kustomize.toolkit.fluxcd.io/name: external-secrets
+ kustomize.toolkit.fluxcd.io/namespace: external-secrets
+ name: external-secrets-values-h9g78hg67k
+ namespace: external-secrets
+
--- kubernetes/apps/kube-system/node-feature-discovery/app Kustomization: kube-system/node-feature-discovery HelmRelease: kube-system/node-feature-discovery
+++ kubernetes/apps/kube-system/node-feature-discovery/app Kustomization: kube-system/node-feature-discovery HelmRelease: kube-system/node-feature-discovery
@@ -6,20 +6,15 @@
app.kubernetes.io/name: node-feature-discovery
kustomize.toolkit.fluxcd.io/name: node-feature-discovery
kustomize.toolkit.fluxcd.io/namespace: kube-system
name: node-feature-discovery
namespace: kube-system
spec:
- chart:
- spec:
- chart: node-feature-discovery
- sourceRef:
- kind: HelmRepository
- name: node-feature-discovery
- namespace: flux-system
- version: 0.17.2
+ chartRef:
+ kind: OCIRepository
+ name: node-feature-discovery
install:
crds: CreateReplace
remediation:
retries: 3
interval: 30m
upgrade:
--- kubernetes/apps/kube-system/node-feature-discovery/app Kustomization: kube-system/node-feature-discovery OCIRepository: kube-system/node-feature-discovery
+++ kubernetes/apps/kube-system/node-feature-discovery/app Kustomization: kube-system/node-feature-discovery OCIRepository: kube-system/node-feature-discovery
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: node-feature-discovery
+ kustomize.toolkit.fluxcd.io/name: node-feature-discovery
+ kustomize.toolkit.fluxcd.io/namespace: kube-system
+ name: node-feature-discovery
+ namespace: kube-system
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 0.17.2
+ url: oci://ghcr.io/home-operations/charts-mirror/node-feature-discovery
+
--- kubernetes/apps/observability/alloy/app Kustomization: observability/alloy HelmRelease: observability/alloy
+++ kubernetes/apps/observability/alloy/app Kustomization: observability/alloy HelmRelease: observability/alloy
@@ -6,20 +6,15 @@
app.kubernetes.io/name: alloy
kustomize.toolkit.fluxcd.io/name: alloy
kustomize.toolkit.fluxcd.io/namespace: observability
name: alloy
namespace: observability
spec:
- chart:
- spec:
- chart: alloy
- sourceRef:
- kind: HelmRepository
- name: grafana
- namespace: flux-system
- version: 0.12.6
+ chartRef:
+ kind: OCIRepository
+ name: alloy
install:
remediation:
retries: 3
interval: 1h
upgrade:
cleanupOnFail: true
--- kubernetes/apps/observability/alloy/app Kustomization: observability/alloy OCIRepository: observability/alloy
+++ kubernetes/apps/observability/alloy/app Kustomization: observability/alloy OCIRepository: observability/alloy
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: alloy
+ kustomize.toolkit.fluxcd.io/name: alloy
+ kustomize.toolkit.fluxcd.io/namespace: observability
+ name: alloy
+ namespace: observability
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 0.12.6
+ url: oci://ghcr.io/home-operations/charts-mirror/alloy
+
--- kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: external-secrets/external-secrets
+++ kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: external-secrets/external-secrets
@@ -12,17 +12,27 @@
labels:
app.kubernetes.io/name: external-secrets
decryption:
provider: sops
secretRef:
name: sops-age
- interval: 30m
+ healthCheckExprs:
+ - apiVersion: external-secrets.io/v1beta1
+ current: status.conditions.filter(e, e.type == 'Ready').all(e, e.status == 'True')
+ failed: status.conditions.filter(e, e.type == 'Ready').all(e, e.status == 'False')
+ kind: ClusterSecretStore
+ healthChecks:
+ - apiVersion: helm.toolkit.fluxcd.io/v2
+ kind: HelmRelease
+ name: external-secrets
+ namespace: external-secrets
+ interval: 1h
path: ./kubernetes/apps/external-secrets/external-secrets/app
prune: true
+ retryInterval: 2m
sourceRef:
kind: GitRepository
name: flux-system
namespace: flux-system
targetNamespace: external-secrets
- timeout: 5m
- wait: false
+ timeout: 15m
--- kubernetes/apps Kustomization: flux-system/cluster-apps OCIRepository: default/app-template
+++ kubernetes/apps Kustomization: flux-system/cluster-apps OCIRepository: default/app-template
@@ -0,0 +1,18 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ kustomize.toolkit.fluxcd.io/name: cluster-apps
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: app-template
+ namespace: default
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 3.7.3
+ url: oci://ghcr.io/bjw-s/helm/app-template
+
--- kubernetes/apps Kustomization: flux-system/cluster-apps OCIRepository: external-secrets/app-template
+++ kubernetes/apps Kustomization: flux-system/cluster-apps OCIRepository: external-secrets/app-template
@@ -0,0 +1,18 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ kustomize.toolkit.fluxcd.io/name: cluster-apps
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: app-template
+ namespace: external-secrets
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 3.7.3
+ url: oci://ghcr.io/bjw-s/helm/app-template
+
--- kubernetes/apps Kustomization: flux-system/cluster-apps OCIRepository: network/app-template
+++ kubernetes/apps Kustomization: flux-system/cluster-apps OCIRepository: network/app-template
@@ -0,0 +1,18 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ kustomize.toolkit.fluxcd.io/name: cluster-apps
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: app-template
+ namespace: network
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 3.7.3
+ url: oci://ghcr.io/bjw-s/helm/app-template
+
--- kubernetes/apps Kustomization: flux-system/cluster-apps OCIRepository: observability/app-template
+++ kubernetes/apps Kustomization: flux-system/cluster-apps OCIRepository: observability/app-template
@@ -0,0 +1,18 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ kustomize.toolkit.fluxcd.io/name: cluster-apps
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: app-template
+ namespace: observability
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 3.7.3
+ url: oci://ghcr.io/bjw-s/helm/app-template
+
--- kubernetes/apps/observability/blackbox-exporter/app Kustomization: observability/blackbox-exporter OCIRepository: observability/blackbox-exporter
+++ kubernetes/apps/observability/blackbox-exporter/app Kustomization: observability/blackbox-exporter OCIRepository: observability/blackbox-exporter
@@ -6,13 +6,13 @@
app.kubernetes.io/name: blackbox-exporter
kustomize.toolkit.fluxcd.io/name: blackbox-exporter
kustomize.toolkit.fluxcd.io/namespace: observability
name: blackbox-exporter
namespace: observability
spec:
- interval: 1h
+ interval: 5m
layerSelector:
mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
operation: copy
ref:
tag: 9.4.0
url: oci://ghcr.io/prometheus-community/charts/prometheus-blackbox-exporter
--- kubernetes/apps/observability/unpoller/app Kustomization: observability/unpoller HelmRelease: observability/unpoller
+++ kubernetes/apps/observability/unpoller/app Kustomization: observability/unpoller HelmRelease: observability/unpoller
@@ -6,20 +6,15 @@
app.kubernetes.io/name: unpoller
kustomize.toolkit.fluxcd.io/name: unpoller
kustomize.toolkit.fluxcd.io/namespace: observability
name: unpoller
namespace: observability
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 1h
upgrade:
cleanupOnFail: true
--- kubernetes/apps/observability/smartctl-exporter/app Kustomization: observability/smartctl-exporter OCIRepository: observability/smartctl-exporter
+++ kubernetes/apps/observability/smartctl-exporter/app Kustomization: observability/smartctl-exporter OCIRepository: observability/smartctl-exporter
@@ -6,13 +6,13 @@
app.kubernetes.io/name: smartctl-exporter
kustomize.toolkit.fluxcd.io/name: smartctl-exporter
kustomize.toolkit.fluxcd.io/namespace: observability
name: smartctl-exporter
namespace: observability
spec:
- interval: 1h
+ interval: 5m
layerSelector:
mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
operation: copy
ref:
tag: 0.13.0
url: oci://ghcr.io/prometheus-community/charts/prometheus-smartctl-exporter
--- kubernetes/apps/flux-system/flux-instance/app Kustomization: flux-system/flux-instance OCIRepository: flux-system/flux-instance
+++ kubernetes/apps/flux-system/flux-instance/app Kustomization: flux-system/flux-instance OCIRepository: flux-system/flux-instance
@@ -13,12 +13,7 @@
layerSelector:
mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
operation: copy
ref:
tag: 0.18.0
url: oci://ghcr.io/controlplaneio-fluxcd/charts/flux-instance
- verify:
- matchOIDCIdentity:
- - issuer: ^https://token.actions.githubusercontent.com$
- subject: ^https://github.com/controlplaneio-fluxcd/charts.*$
- provider: cosign
--- kubernetes/apps/volsync-system/volsync/app Kustomization: volsync-system/volsync OCIRepository: volsync-system/volsync
+++ kubernetes/apps/volsync-system/volsync/app Kustomization: volsync-system/volsync OCIRepository: volsync-system/volsync
@@ -13,12 +13,7 @@
layerSelector:
mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
operation: copy
ref:
tag: 0.12.1
url: oci://ghcr.io/home-operations/charts-mirror/volsync
- verify:
- matchOIDCIdentity:
- - issuer: ^https://token.actions.githubusercontent.com$
- subject: ^https://github.com/home-operations/charts-mirror.*$
- provider: cosign
--- kubernetes/apps/network/adguard-dns/app Kustomization: network/adguard-dns OCIRepository: network/adguard-dns
+++ kubernetes/apps/network/adguard-dns/app Kustomization: network/adguard-dns OCIRepository: network/adguard-dns
@@ -13,12 +13,7 @@
layerSelector:
mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
operation: copy
ref:
tag: 1.16.0
url: oci://ghcr.io/home-operations/charts-mirror/external-dns
- verify:
- matchOIDCIdentity:
- - issuer: ^https://token.actions.githubusercontent.com$
- subject: ^https://github.com/home-operations/charts-mirror.*$
- provider: cosign
--- kubernetes/apps/default/epicgames-freegames/app Kustomization: default/epicgames-freegames HelmRelease: default/epicgames-freegames
+++ kubernetes/apps/default/epicgames-freegames/app Kustomization: default/epicgames-freegames HelmRelease: default/epicgames-freegames
@@ -6,20 +6,15 @@
app.kubernetes.io/name: epicgames-freegames
kustomize.toolkit.fluxcd.io/name: epicgames-freegames
kustomize.toolkit.fluxcd.io/namespace: default
name: epicgames-freegames
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
interval: 1h
values:
controllers:
epicgames:
annotations:
reloader.stakater.com/auto: 'true'
--- kubernetes/apps/network/external/cloudflared Kustomization: network/cloudflared HelmRelease: network/cloudflared
+++ kubernetes/apps/network/external/cloudflared Kustomization: network/cloudflared HelmRelease: network/cloudflared
@@ -6,20 +6,15 @@
app.kubernetes.io/name: cloudflared
kustomize.toolkit.fluxcd.io/name: cloudflared
kustomize.toolkit.fluxcd.io/namespace: network
name: cloudflared
namespace: network
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/csi-proxmox/proxmox-csi/app Kustomization: csi-proxmox/proxmox-csi HelmRelease: csi-proxmox/proxmox-csi
+++ kubernetes/apps/csi-proxmox/proxmox-csi/app Kustomization: csi-proxmox/proxmox-csi HelmRelease: csi-proxmox/proxmox-csi
@@ -6,20 +6,15 @@
app.kubernetes.io/name: proxmox-csi
kustomize.toolkit.fluxcd.io/name: proxmox-csi
kustomize.toolkit.fluxcd.io/namespace: csi-proxmox
name: proxmox-csi
namespace: csi-proxmox
spec:
- chart:
- spec:
- chart: proxmox-csi-plugin
- sourceRef:
- kind: HelmRepository
- name: csi-proxmox
- namespace: flux-system
- version: 0.3.5
+ chartRef:
+ kind: OCIRepository
+ name: proxmox-csi-plugin
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/csi-proxmox/proxmox-csi/app Kustomization: csi-proxmox/proxmox-csi OCIRepository: csi-proxmox/proxmox-csi-plugin
+++ kubernetes/apps/csi-proxmox/proxmox-csi/app Kustomization: csi-proxmox/proxmox-csi OCIRepository: csi-proxmox/proxmox-csi-plugin
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: proxmox-csi
+ kustomize.toolkit.fluxcd.io/name: proxmox-csi
+ kustomize.toolkit.fluxcd.io/namespace: csi-proxmox
+ name: proxmox-csi-plugin
+ namespace: csi-proxmox
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 0.3.5
+ url: oci://ghcr.io/sergelogvinov/charts/proxmox-csi-plugin
+
--- kubernetes/apps/default/plex-auto-languages/app Kustomization: default/plex-auto-languages HelmRelease: default/plex-auto-languages
+++ kubernetes/apps/default/plex-auto-languages/app Kustomization: default/plex-auto-languages HelmRelease: default/plex-auto-languages
@@ -6,20 +6,15 @@
app.kubernetes.io/name: plex-auto-languages
kustomize.toolkit.fluxcd.io/name: plex-auto-languages
kustomize.toolkit.fluxcd.io/namespace: default
name: plex-auto-languages
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/default/homepage/app Kustomization: default/homepage HelmRelease: default/homepage
+++ kubernetes/apps/default/homepage/app Kustomization: default/homepage HelmRelease: default/homepage
@@ -6,20 +6,15 @@
app.kubernetes.io/name: homepage
kustomize.toolkit.fluxcd.io/name: homepage
kustomize.toolkit.fluxcd.io/namespace: default
name: homepage
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/default/emqx/app Kustomization: default/emqx HelmRelease: default/emqx
+++ kubernetes/apps/default/emqx/app Kustomization: default/emqx HelmRelease: default/emqx
@@ -6,20 +6,15 @@
app.kubernetes.io/name: emqx
kustomize.toolkit.fluxcd.io/name: emqx
kustomize.toolkit.fluxcd.io/namespace: default
name: emqx
namespace: default
spec:
- chart:
- spec:
- chart: emqx-operator
- sourceRef:
- kind: HelmRepository
- name: emqx
- namespace: flux-system
- version: 2.2.28
+ chartRef:
+ kind: OCIRepository
+ name: emqx-operator
dependsOn:
- name: cert-manager
namespace: cert-manager
install:
remediation:
retries: 3
--- kubernetes/apps/default/emqx/app Kustomization: default/emqx OCIRepository: default/emqx-operator
+++ kubernetes/apps/default/emqx/app Kustomization: default/emqx OCIRepository: default/emqx-operator
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: emqx
+ kustomize.toolkit.fluxcd.io/name: emqx
+ kustomize.toolkit.fluxcd.io/namespace: default
+ name: emqx-operator
+ namespace: default
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 2.2.28
+ url: oci://ghcr.io/home-operations/charts-mirror/emqx-operator
+
--- kubernetes/apps/default/authentik/app Kustomization: default/authentik HelmRelease: default/authentik
+++ kubernetes/apps/default/authentik/app Kustomization: default/authentik HelmRelease: default/authentik
@@ -6,20 +6,15 @@
app.kubernetes.io/name: authentik
kustomize.toolkit.fluxcd.io/name: authentik
kustomize.toolkit.fluxcd.io/namespace: default
name: authentik
namespace: default
spec:
- chart:
- spec:
- chart: authentik
- sourceRef:
- kind: HelmRepository
- name: authentik
- namespace: flux-system
- version: 2025.2.3
+ chartRef:
+ kind: OCIRepository
+ name: authentik
dependsOn:
- name: cert-manager
namespace: cert-manager
install:
remediation:
retries: 3
--- kubernetes/apps/default/authentik/app Kustomization: default/authentik OCIRepository: default/authentik
+++ kubernetes/apps/default/authentik/app Kustomization: default/authentik OCIRepository: default/authentik
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: authentik
+ kustomize.toolkit.fluxcd.io/name: authentik
+ kustomize.toolkit.fluxcd.io/namespace: default
+ name: authentik
+ namespace: default
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 2025.2.3
+ url: oci://ghcr.io/goauthentik/helm-charts/authentik
+
--- kubernetes/apps/default/overseerr/app Kustomization: default/overseerr HelmRelease: default/overseerr
+++ kubernetes/apps/default/overseerr/app Kustomization: default/overseerr HelmRelease: default/overseerr
@@ -6,20 +6,15 @@
app.kubernetes.io/name: overseerr
kustomize.toolkit.fluxcd.io/name: overseerr
kustomize.toolkit.fluxcd.io/namespace: default
name: overseerr
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
interval: 1h
values:
controllers:
overseerr:
annotations:
reloader.stakater.com/auto: 'true'
--- kubernetes/apps/observability/grafana/app Kustomization: observability/grafana OCIRepository: observability/grafana
+++ kubernetes/apps/observability/grafana/app Kustomization: observability/grafana OCIRepository: observability/grafana
@@ -6,13 +6,13 @@
app.kubernetes.io/name: grafana
kustomize.toolkit.fluxcd.io/name: grafana
kustomize.toolkit.fluxcd.io/namespace: observability
name: grafana
namespace: observability
spec:
- interval: 1h
+ interval: 5m
layerSelector:
mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
operation: copy
ref:
tag: 8.11.3
url: oci://ghcr.io/grafana/helm-charts/grafana
--- kubernetes/apps/default/homebox/app Kustomization: default/homebox HelmRelease: default/homebox
+++ kubernetes/apps/default/homebox/app Kustomization: default/homebox HelmRelease: default/homebox
@@ -6,20 +6,15 @@
app.kubernetes.io/name: homebox
kustomize.toolkit.fluxcd.io/name: homebox
kustomize.toolkit.fluxcd.io/namespace: default
name: homebox
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/default/recyclarr/app Kustomization: default/recyclarr HelmRelease: default/recyclarr
+++ kubernetes/apps/default/recyclarr/app Kustomization: default/recyclarr HelmRelease: default/recyclarr
@@ -6,20 +6,15 @@
app.kubernetes.io/name: recyclarr
kustomize.toolkit.fluxcd.io/name: recyclarr
kustomize.toolkit.fluxcd.io/namespace: default
name: recyclarr
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 1h
upgrade:
cleanupOnFail: true
--- kubernetes/apps/default/unifi/app Kustomization: default/unifi HelmRelease: default/unifi
+++ kubernetes/apps/default/unifi/app Kustomization: default/unifi HelmRelease: default/unifi
@@ -6,20 +6,15 @@
app.kubernetes.io/name: unifi
kustomize.toolkit.fluxcd.io/name: unifi
kustomize.toolkit.fluxcd.io/namespace: default
name: unifi
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
dependsOn:
- name: proxmox-csi
namespace: csi-proxmox
install:
remediation:
retries: 3
--- kubernetes/apps/default/prowlarr/app Kustomization: default/prowlarr HelmRelease: default/prowlarr
+++ kubernetes/apps/default/prowlarr/app Kustomization: default/prowlarr HelmRelease: default/prowlarr
@@ -6,20 +6,15 @@
app.kubernetes.io/name: prowlarr
kustomize.toolkit.fluxcd.io/name: prowlarr
kustomize.toolkit.fluxcd.io/namespace: default
name: prowlarr
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
interval: 1h
values:
controllers:
prowlarr:
annotations:
reloader.stakater.com/auto: 'true'
--- kubernetes/apps/default/tautulli/app Kustomization: default/tautulli HelmRelease: default/tautulli
+++ kubernetes/apps/default/tautulli/app Kustomization: default/tautulli HelmRelease: default/tautulli
@@ -6,20 +6,15 @@
app.kubernetes.io/name: tautulli
kustomize.toolkit.fluxcd.io/name: tautulli
kustomize.toolkit.fluxcd.io/namespace: default
name: tautulli
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 1h
upgrade:
cleanupOnFail: true
--- kubernetes/apps/default/autobrr/app Kustomization: default/autobrr HelmRelease: default/autobrr
+++ kubernetes/apps/default/autobrr/app Kustomization: default/autobrr HelmRelease: default/autobrr
@@ -6,20 +6,15 @@
app.kubernetes.io/name: autobrr
kustomize.toolkit.fluxcd.io/name: autobrr
kustomize.toolkit.fluxcd.io/namespace: default
name: autobrr
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/default/sonarr/app Kustomization: default/sonarr HelmRelease: default/sonarr
+++ kubernetes/apps/default/sonarr/app Kustomization: default/sonarr HelmRelease: default/sonarr
@@ -6,20 +6,15 @@
app.kubernetes.io/name: sonarr
kustomize.toolkit.fluxcd.io/name: sonarr
kustomize.toolkit.fluxcd.io/namespace: default
name: sonarr
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 1h
upgrade:
cleanupOnFail: true
--- kubernetes/apps/default/esphome/app Kustomization: default/esphome HelmRelease: default/esphome
+++ kubernetes/apps/default/esphome/app Kustomization: default/esphome HelmRelease: default/esphome
@@ -6,20 +6,15 @@
app.kubernetes.io/name: esphome
kustomize.toolkit.fluxcd.io/name: esphome
kustomize.toolkit.fluxcd.io/namespace: default
name: esphome
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
interval: 30m
values:
controllers:
esphome:
annotations:
secret.reloader.stakater.com/reload: esphome-secrets
--- kubernetes/apps/default/scrypted/app Kustomization: default/scrypted HelmRelease: default/scrypted
+++ kubernetes/apps/default/scrypted/app Kustomization: default/scrypted HelmRelease: default/scrypted
@@ -6,21 +6,15 @@
app.kubernetes.io/name: scrypted
kustomize.toolkit.fluxcd.io/name: scrypted
kustomize.toolkit.fluxcd.io/namespace: default
name: scrypted
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- interval: 30m
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
dependsOn:
- name: proxmox-csi
namespace: csi-proxmox
interval: 30m
values:
controllers:
--- kubernetes/apps/cert-manager/cert-manager/tls Kustomization: cert-manager/cert-manager-tls Certificate: cert-manager/martinbjeldbak-com-production
+++ kubernetes/apps/cert-manager/cert-manager/tls Kustomization: cert-manager/cert-manager-tls Certificate: cert-manager/martinbjeldbak-com-production
@@ -9,13 +9,12 @@
name: martinbjeldbak-com-production
namespace: cert-manager
spec:
commonName: martinbjeldbak.com
dnsNames:
- martinbjeldbak.com
- - '*.kube.local.martinbjeldbak.com'
- '*.local.martinbjeldbak.com'
- '*.martinbjeldbak.com'
issuerRef:
kind: ClusterIssuer
name: letsencrypt-production
secretName: martinbjeldbak-com-production-tls
--- kubernetes/apps/default/bazarr/app Kustomization: default/bazarr HelmRelease: default/bazarr
+++ kubernetes/apps/default/bazarr/app Kustomization: default/bazarr HelmRelease: default/bazarr
@@ -6,20 +6,15 @@
app.kubernetes.io/name: bazarr
kustomize.toolkit.fluxcd.io/name: bazarr
kustomize.toolkit.fluxcd.io/namespace: default
name: bazarr
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 1h
upgrade:
cleanupOnFail: true
--- kubernetes/apps/default/plex/app Kustomization: default/plex HelmRelease: default/plex
+++ kubernetes/apps/default/plex/app Kustomization: default/plex HelmRelease: default/plex
@@ -6,20 +6,15 @@
app.kubernetes.io/name: plex
kustomize.toolkit.fluxcd.io/name: plex
kustomize.toolkit.fluxcd.io/namespace: default
name: plex
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
dependsOn:
- name: intel-device-plugin-gpu
namespace: kube-system
install:
remediation:
retries: 3
--- kubernetes/apps/default/transmission/app Kustomization: default/transmission HelmRelease: default/transmission
+++ kubernetes/apps/default/transmission/app Kustomization: default/transmission HelmRelease: default/transmission
@@ -6,20 +6,15 @@
app.kubernetes.io/name: transmission
kustomize.toolkit.fluxcd.io/name: transmission
kustomize.toolkit.fluxcd.io/namespace: default
name: transmission
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
interval: 1h
values:
controllers:
transmission:
annotations:
reloader.stakater.com/auto: 'true'
--- kubernetes/apps/default/radarr/app Kustomization: default/radarr HelmRelease: default/radarr
+++ kubernetes/apps/default/radarr/app Kustomization: default/radarr HelmRelease: default/radarr
@@ -6,20 +6,15 @@
app.kubernetes.io/name: radarr
kustomize.toolkit.fluxcd.io/name: radarr
kustomize.toolkit.fluxcd.io/namespace: default
name: radarr
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 1h
upgrade:
cleanupOnFail: true
--- kubernetes/apps/observability/kube-prometheus-stack/app Kustomization: observability/kube-prometheus-stack OCIRepository: observability/kube-prometheus-stack
+++ kubernetes/apps/observability/kube-prometheus-stack/app Kustomization: observability/kube-prometheus-stack OCIRepository: observability/kube-prometheus-stack
@@ -6,14 +6,14 @@
app.kubernetes.io/name: kube-prometheus-stack
kustomize.toolkit.fluxcd.io/name: kube-prometheus-stack
kustomize.toolkit.fluxcd.io/namespace: observability
name: kube-prometheus-stack
namespace: observability
spec:
- interval: 1h
+ interval: 5m
layerSelector:
mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
operation: copy
ref:
- tag: 70.4.1
+ tag: 70.4.2
url: oci://ghcr.io/prometheus-community/charts/kube-prometheus-stack
--- kubernetes/apps/observability/loki/app Kustomization: observability/loki HelmRelease: observability/loki
+++ kubernetes/apps/observability/loki/app Kustomization: observability/loki HelmRelease: observability/loki
@@ -6,20 +6,15 @@
app.kubernetes.io/name: loki
kustomize.toolkit.fluxcd.io/name: loki
kustomize.toolkit.fluxcd.io/namespace: observability
name: loki
namespace: observability
spec:
- chart:
- spec:
- chart: loki
- sourceRef:
- kind: HelmRepository
- name: grafana
- namespace: flux-system
- version: 6.29.0
+ chartRef:
+ kind: OCIRepository
+ name: loki
install:
crds: Skip
remediation:
retries: 3
interval: 1h
upgrade:
--- kubernetes/apps/observability/loki/app Kustomization: observability/loki OCIRepository: observability/loki
+++ kubernetes/apps/observability/loki/app Kustomization: observability/loki OCIRepository: observability/loki
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: loki
+ kustomize.toolkit.fluxcd.io/name: loki
+ kustomize.toolkit.fluxcd.io/namespace: observability
+ name: loki
+ namespace: observability
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 6.29.0
+ url: oci://ghcr.io/home-operations/charts-mirror/loki
+
--- kubernetes/apps/default/kometa/app Kustomization: default/kometa HelmRelease: default/kometa
+++ kubernetes/apps/default/kometa/app Kustomization: default/kometa HelmRelease: default/kometa
@@ -6,20 +6,15 @@
app.kubernetes.io/name: kometa
kustomize.toolkit.fluxcd.io/name: kometa
kustomize.toolkit.fluxcd.io/namespace: default
name: kometa
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
dependsOn:
- name: proxmox-csi
namespace: csi-proxmox
install:
remediation:
retries: 3
--- kubernetes/apps/network/internal/ingress-nginx Kustomization: network/internal-ingress-nginx HelmRelease: network/internal-ingress-nginx
+++ kubernetes/apps/network/internal/ingress-nginx Kustomization: network/internal-ingress-nginx HelmRelease: network/internal-ingress-nginx
@@ -6,20 +6,15 @@
app.kubernetes.io/name: internal-ingress-nginx
kustomize.toolkit.fluxcd.io/name: internal-ingress-nginx
kustomize.toolkit.fluxcd.io/namespace: network
name: internal-ingress-nginx
namespace: network
spec:
- chart:
- spec:
- chart: ingress-nginx
- sourceRef:
- kind: HelmRepository
- name: ingress-nginx
- namespace: flux-system
- version: 4.12.1
+ chartRef:
+ kind: OCIRepository
+ name: internal-ingress-nginx
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/network/internal/ingress-nginx Kustomization: network/internal-ingress-nginx OCIRepository: network/internal-ingress-nginx
+++ kubernetes/apps/network/internal/ingress-nginx Kustomization: network/internal-ingress-nginx OCIRepository: network/internal-ingress-nginx
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: internal-ingress-nginx
+ kustomize.toolkit.fluxcd.io/name: internal-ingress-nginx
+ kustomize.toolkit.fluxcd.io/namespace: network
+ name: internal-ingress-nginx
+ namespace: network
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 4.12.1
+ url: oci://ghcr.io/home-operations/charts-mirror/ingress-nginx
+
--- kubernetes/apps/network/external/ingress-nginx Kustomization: network/external-ingress-nginx HelmRelease: network/external-ingress-nginx
+++ kubernetes/apps/network/external/ingress-nginx Kustomization: network/external-ingress-nginx HelmRelease: network/external-ingress-nginx
@@ -6,20 +6,15 @@
app.kubernetes.io/name: external-ingress-nginx
kustomize.toolkit.fluxcd.io/name: external-ingress-nginx
kustomize.toolkit.fluxcd.io/namespace: network
name: external-ingress-nginx
namespace: network
spec:
- chart:
- spec:
- chart: ingress-nginx
- sourceRef:
- kind: HelmRepository
- name: ingress-nginx
- namespace: flux-system
- version: 4.12.1
+ chartRef:
+ kind: OCIRepository
+ name: external-ingress-nginx
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/network/external/ingress-nginx Kustomization: network/external-ingress-nginx OCIRepository: network/external-ingress-nginx
+++ kubernetes/apps/network/external/ingress-nginx Kustomization: network/external-ingress-nginx OCIRepository: network/external-ingress-nginx
@@ -0,0 +1,19 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+ labels:
+ app.kubernetes.io/name: external-ingress-nginx
+ kustomize.toolkit.fluxcd.io/name: external-ingress-nginx
+ kustomize.toolkit.fluxcd.io/namespace: network
+ name: external-ingress-nginx
+ namespace: network
+spec:
+ interval: 5m
+ layerSelector:
+ mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
+ operation: copy
+ ref:
+ tag: 4.12.1
+ url: oci://ghcr.io/home-operations/charts-mirror/ingress-nginx
+
--- kubernetes/apps/default/paperless/app Kustomization: default/paperless HelmRelease: default/paperless
+++ kubernetes/apps/default/paperless/app Kustomization: default/paperless HelmRelease: default/paperless
@@ -6,20 +6,15 @@
app.kubernetes.io/name: paperless
kustomize.toolkit.fluxcd.io/name: paperless
kustomize.toolkit.fluxcd.io/namespace: default
name: paperless
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
--- kubernetes/apps/default/speedtest-tracker/app Kustomization: default/speedtest-tracker HelmRelease: default/speedtest-tracker
+++ kubernetes/apps/default/speedtest-tracker/app Kustomization: default/speedtest-tracker HelmRelease: default/speedtest-tracker
@@ -6,20 +6,15 @@
app.kubernetes.io/name: speedtest-tracker
kustomize.toolkit.fluxcd.io/name: speedtest-tracker
kustomize.toolkit.fluxcd.io/namespace: default
name: speedtest-tracker
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
install:
remediation:
retries: 3
interval: 30m
upgrade:
cleanupOnFail: true
@@ -31,13 +26,13 @@
speedtest-tracker:
annotations:
reloader.stakater.com/auto: 'true'
containers:
app:
env:
- APP_URL: https://speedtest.kube.local.martinbjeldbak.com
+ APP_URL: https://speedtest-tracker.local.martinbjeldbak.com
DB_CONNECTION: pgsql
DB_DATABASE: speedtest-tracker
DB_HOST: speedtest-tracker-database-rw
DB_PORT: 5432
DISPLAY_TIMEZONE: Australia/Melbourne
MAIL_FROM_ADDRESS: Speedtest Tracker <[email protected]>
--- kubernetes/apps/default/home-assistant/app Kustomization: default/home-assistant HelmRelease: default/home-assistant
+++ kubernetes/apps/default/home-assistant/app Kustomization: default/home-assistant HelmRelease: default/home-assistant
@@ -6,20 +6,15 @@
app.kubernetes.io/name: home-assistant
kustomize.toolkit.fluxcd.io/name: home-assistant
kustomize.toolkit.fluxcd.io/namespace: default
name: home-assistant
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
dependsOn:
- name: proxmox-csi
namespace: csi-proxmox
install:
remediation:
retries: 3
--- kubernetes/apps/default/plex-trakt-sync/app Kustomization: default/plex-trakt-sync HelmRelease: default/plex-trakt-sync
+++ kubernetes/apps/default/plex-trakt-sync/app Kustomization: default/plex-trakt-sync HelmRelease: default/plex-trakt-sync
@@ -6,21 +6,15 @@
app.kubernetes.io/name: plex-trakt-sync
kustomize.toolkit.fluxcd.io/name: plex-trakt-sync
kustomize.toolkit.fluxcd.io/namespace: default
name: plex-trakt-sync
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- interval: 30m
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
dependsOn:
- name: plex
interval: 30m
values:
controllers:
plex-trakt-sync:
--- kubernetes/apps/default/zigbee2mqtt/app Kustomization: default/zigbee2mqtt HelmRelease: default/zigbee2mqtt
+++ kubernetes/apps/default/zigbee2mqtt/app Kustomization: default/zigbee2mqtt HelmRelease: default/zigbee2mqtt
@@ -6,20 +6,15 @@
app.kubernetes.io/name: zigbee2mqtt
kustomize.toolkit.fluxcd.io/name: zigbee2mqtt
kustomize.toolkit.fluxcd.io/namespace: default
name: zigbee2mqtt
namespace: default
spec:
- chart:
- spec:
- chart: app-template
- sourceRef:
- kind: HelmRepository
- name: bjw-s
- namespace: flux-system
- version: 3.7.3
+ chartRef:
+ kind: OCIRepository
+ name: app-template
dependsOn:
- name: proxmox-csi
namespace: csi-proxmox
install:
remediation:
retries: 3 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Copying onedr0p/home-ops#8919