mafyuh/iac
Archived
1
0
Fork 0
Code Issues6 Pull requests9 Projects1 Wiki Activity Actions

Compare commits

..

13 commits
ecb91c9f61 ... e69690229b

Author SHA1 Message Date
Renovate Bot
e69690229b ⬆️ Update ghcr.io/linuxserver/syncthing Docker digest to 297efc3 2025-02-25 03:01:57 +00:00
mafyuh
3ca894db3a Update docker/arm/docker-compose.yml 2025-02-24 21:38:11 -05:00
Renovate Bot
fbd31b20d1 ⬆️ Update ghcr.io/onedr0p/prowlarr Docker tag to v1.31.2.4975 2025-02-24 03:08:00 -05:00
Renovate Bot
2697d7d08a ⬆️ Update Helm release reflector to v9 2025-02-23 13:02:07 +00:00
Matt Reeves
7805223c56 update readme and apt playbook 2025-02-23 05:38:31 -05:00
Renovate Bot
2641461dec ⬆️ Update ollama/ollama Docker tag to v0.5.12 2025-02-23 05:28:13 -05:00
Renovate Bot
f55d01154b ⬆️ Update Helm release reloader to v1.3.0 2025-02-23 05:27:48 -05:00
Matt Reeves
4792f475fd update bazarr to HelmRelease 2025-02-23 05:12:34 -05:00
Renovate Bot
a40cfe4ee1 ⬆️ Update ghcr.io/open-webui/open-webui Docker tag to v0.5.16 2025-02-23 05:00:28 -05:00
Matt Reeves
730f54ddd4 Add ignorePaths to Renovate configuration for Flux components 2025-02-23 04:03:20 -05:00
Flux
25616bb8e4 Update Flux manifests 2025-02-23 03:54:37 -05:00
Matt Reeves
9814f35403 Update Flux version to v2.5.0 2025-02-23 03:46:39 -05:00
Renovate Bot
7de8557229 ⬆️ Update Terraform flux to v1.5.0 2025-02-23 08:32:16 +00:00
18 changed files with 262 additions and 171 deletions

3
.github/renovate.json vendored
View file

@ -3,6 +3,9 @@
"extends": [
"config:recommended"
],
"ignorePaths": [
"kubernetes/cluster/production/flux-system/gotk-components.yaml"
],
"flux": {
"fileMatch": [
"(^|/)kubernetes/.+\\.ya?ml$"

18
README.md
View file

@ -1,7 +1,7 @@
[![Yamllint](https://git.mafyuh.dev/mafyuh/iac/badges/workflows/yamllint.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/iac/actions)
[![CD](https://git.mafyuh.dev/mafyuh/iac/badges/workflows/CD.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/iac/actions)
[![Ansible](https://git.mafyuh.dev/mafyuh/iac/badges/workflows/ansible-playbooks.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/iac/actions)
[![Tofu](https://git.mafyuh.dev/mafyuh/iac/badges/workflows/tofu.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/iac/actions)
[![Yamllint](https://git.mafyuh.dev/mafyuh/iac/badges/workflows/yamllint.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/iac/actions?workflow=yamllint.yml)
[![CD](https://git.mafyuh.dev/mafyuh/iac/badges/workflows/CD.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/iac/actions?workflow=CD.yml)
[![Ansible](https://git.mafyuh.dev/mafyuh/iac/badges/workflows/ansible-playbooks.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/iac/actions?workflow=ansible-playbooks.yml)
[![Tofu](https://git.mafyuh.dev/mafyuh/iac/badges/workflows/tofu.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/iac/actions?workflow=tofu.yml)
[![Renovate](https://git.mafyuh.dev/renovatebot/renovate/badges/workflows/renovate.yml/badge.svg)](https://git.mafyuh.dev/renovatebot/renovate/actions)
[![Pulls](https://git.mafyuh.dev/mafyuh/iac/badges/pulls.svg)](https://git.mafyuh.dev/mafyuh/iac/pulls)
![Header Image](https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/header_.png)
@ -72,11 +72,11 @@ Some good references for how I learned this stuff (other than RTM)
## 🖥️ **Hardware**
| Name | Device | CPU | RAM | Storage | Purpose |
|------------|--------------|----------------|-------------|--------------------------------|--------------------------------|
| Arc-Ripper | Optiplex 3050 | Intel i5-6500 | 32 GB DDR4 | 1TB NVMe | Jellyfin Server, Blu-ray Ripper |
| PVE Node 1 | Custom | Intel i7-9700K | 64 GB DDR4 | NVMe for boot and VMs, 4x4TB HDD RaidZ10 | Main node with most VMs, NAS |
| PVE Node 2 | Custom | Intel i7-8700K | 64 GB DDR4 | 1x2TB NVMe | More VMs |
| Name | Device | CPU | RAM | Storage | GPU | Purpose |
|-------------|----------------|-----------------|--------------|----------------------------------------------|-----------|----------------------------------|
| Arc-Ripper | Optiplex 3050 | Intel i5-6500 | 32 GB DDR4 | 1TB NVMe | Arc A310 | Jellyfin Server, Blu-ray Ripper |
| PVE Node 1 | Custom | Intel i7-9700K | 64 GB DDR4 | NVMe for boot and VMs, 4x4TB HDD RaidZ10 | Nvidia 1660 6GB | Main node with most VMs, NAS |
| PVE Node 2 | Custom | Intel i7-8700K | 64 GB DDR4 | 1x2TB NVMe | Nvidia 1060 GB | More VMs |
## 📌 **To-Do**

2
ansible/playbooks/weekly/apt.yml
View file

@ -9,7 +9,7 @@
- name: Upgrade all packages
apt:
upgrade: dist
upgrade: yes
- name: Remove unnecessary packages
apt:

4
docker/AI/docker-compose.yml
View file

@ -1,6 +1,6 @@
services:
ollama:
image: ollama/ollama:0.5.11
image: ollama/ollama:0.5.12
container_name: ollama
restart: unless-stopped
networks:
@ -18,7 +18,7 @@ services:
capabilities: [gpu]
open-webui:
image: ghcr.io/open-webui/open-webui:0.5.12
image: ghcr.io/open-webui/open-webui:0.5.16
container_name: open-webui
restart: unless-stopped
networks:

19
docker/arm/docker-compose.yml
View file

@ -186,25 +186,6 @@ services:
depends_on:
- postgres
syncthing:
image: ghcr.io/linuxserver/syncthing@sha256:297efc3dc44b2cd55b9dc9702112cfe9cc7e2efecac2f1e7a18c1cbb6aaddbfe
container_name: syncthing
hostname: ARM
environment:
- PUID=0
- PGID=0
- TZ=Etc/UTC
volumes:
- /home/ubuntu/syncthing/config:/config
- /docker/appdata/:/docker/appdata/
- /home/ubuntu/:/home/ubuntu/
ports:
- 8384:8384
- 22000:22000/tcp
- 22000:22000/udp
- 21027:21027/udp
restart: unless-stopped
wiki-db:
image: postgres:15-alpine
environment:

52
kubernetes/apps/production/arr/bazarr/deployment.yaml
View file

@ -1,52 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: bazarr
namespace: arr
labels:
app: bazarr
spec:
replicas: 1
selector:
matchLabels:
app: bazarr
template:
metadata:
labels:
app: bazarr
spec:
securityContext:
runAsUser: 65534
runAsGroup: 65534
fsGroup: 65534
fsGroupChangePolicy: OnRootMismatch
containers:
- name: bazarr
image: ghcr.io/onedr0p/bazarr:rolling@sha256:1c88830f3c51fc2f1230ad7040bcbe30f197449ae93f835448cf516d8b7e5e82
resources:
requests:
memory: 512Mi
cpu: 75m
limits:
memory: 535Mi
cpu: 100m
volumeMounts:
- mountPath: /config
name: bazarr-config
volumes:
- name: bazarr-config
persistentVolumeClaim:
claimName: bazarr-config
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: bazarr-config
namespace: arr
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: longhorn

123
kubernetes/apps/production/arr/bazarr/helmrelease.yaml Normal file
View file

@ -0,0 +1,123 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: &app bazarr
namespace: arr
spec:
interval: 15m
chart:
spec:
chart: app-template
version: 3.7.1
interval: 30m
sourceRef:
kind: HelmRepository
name: bjw-s
namespace: flux-system
install:
remediation:
retries: 3
upgrade:
remediation:
retries: 3
values:
global:
fullnameOverride: *app
namespace: arr
controllers:
bazarr:
enabled: true
type: statefulset
annotations:
reloader.stakater.com/auto: "true"
replicas: 1
statefulset:
volumeClaimTemplates:
- name: bazarr-config
accessMode: ReadWriteOnce
size: 1Gi
storageClass: longhorn
globalMounts:
- path: /config
pod:
securityContext:
runAsUser: 1000
runAsGroup: &group 1000
fsGroup: *group
fsGroupChangePolicy: "OnRootMismatch"
dnsPolicy: None
dnsConfig:
nameservers:
- 10.43.0.10
- 1.1.1.1
- 8.8.8.8
containers:
app:
image:
repository: ghcr.io/onedr0p/bazarr
tag: 1.5.1
pullPolicy: IfNotPresent
env:
TZ: "${TZ}"
BAZARR__INSTANCE_NAME: *app
BAZARR__PORT: &port 6767
BAZARR__APPLICATION_URL: "https://bazarr.${LOCAL_DOMAIN}"
BAZARR__LOG_LEVEL: info
probes:
liveness:
enabled: false
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
resources:
requests:
cpu: 100m
memory: 150Mi
limits:
memory: 256Mi
service:
app:
primary: true
controller: bazarr
ports:
http:
port: *port
ingress:
internal:
enabled: true
className: nginx
hosts:
- host: "bazarr.${LOCAL_DOMAIN}"
paths:
- path: /
pathType: Prefix
service:
identifier: app
port: http
tls:
- hosts:
- "bazarr.${LOCAL_DOMAIN}"
secretName: local-mafyuh-dev-production-tls
persistence:
data:
enabled: true
type: nfs
server: "${NAS_IP}"
path: /mnt/thePool/thePoolShare
globalMounts:
- path: /data

22
kubernetes/apps/production/arr/bazarr/ingress.yaml
View file

@ -1,22 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: bazarr
namespace: arr
spec:
ingressClassName: nginx
rules:
- host: "bazarr.local.mafyuh.dev"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: headless-bazarr
port:
number: 6767
tls:
- hosts:
- "bazarr.local.mafyuh.dev"
secretName: local-mafyuh-dev-production-tls

4
kubernetes/apps/production/arr/bazarr/kustomization.yaml
View file

@ -1,6 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deployment.yaml
- service.yaml
- ingress.yaml
- helmrelease.yaml

13
kubernetes/apps/production/arr/bazarr/service.yaml
View file

@ -1,13 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: headless-bazarr
namespace: arr
spec:
selector:
app: bazarr
ports:
- port: 6767
targetPort: 6767
protocol: TCP
type: ClusterIP

2
kubernetes/apps/production/arr/prowlarr/helmrelease.yaml
View file

@ -62,7 +62,7 @@ spec:
app:
image:
repository: ghcr.io/onedr0p/prowlarr
tag: 1.30.2.4939
tag: 1.31.2.4975
pullPolicy: IfNotPresent
env:
TZ: "${TZ}"

2
kubernetes/apps/production/reflector/helmrelease.yaml
View file

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: reflector
version: 7.1.288
version: 9.0.313
sourceRef:
kind: HelmRepository
name: reflector-repo

2
kubernetes/apps/production/reloader/helmrelease.yaml
View file

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: reloader
version: 1.2.1
version: 1.3.0
interval: 30m
sourceRef:
kind: HelmRepository

155
kubernetes/cluster/production/flux-system/gotk-components.yaml
View file

@ -1,6 +1,6 @@
---
# This manifest was generated by flux. DO NOT EDIT.
# Flux Version: v2.4.0
# Flux Version: v2.5.0
# Components: helm-controller,kustomize-controller,notification-controller,source-controller
apiVersion: v1
kind: Namespace
@ -8,7 +8,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
pod-security.kubernetes.io/warn: restricted
pod-security.kubernetes.io/warn-version: latest
name: flux-system
@ -19,7 +19,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: allow-egress
namespace: flux-system
spec:
@ -39,7 +39,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: allow-scraping
namespace: flux-system
spec:
@ -59,7 +59,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: allow-webhooks
namespace: flux-system
spec:
@ -78,7 +78,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: critical-pods-flux-system
namespace: flux-system
spec:
@ -98,7 +98,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: crd-controller-flux-system
rules:
- apiGroups:
@ -192,7 +192,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
name: flux-edit-flux-system
@ -218,7 +218,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-view: "true"
@ -243,7 +243,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: cluster-reconciler-flux-system
roleRef:
apiGroup: rbac.authorization.k8s.io
@ -263,7 +263,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: crd-controller-flux-system
roleRef:
apiGroup: rbac.authorization.k8s.io
@ -298,7 +298,7 @@ metadata:
app.kubernetes.io/component: helm-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: helmreleases.helm.toolkit.fluxcd.io
spec:
group: helm.toolkit.fluxcd.io
@ -665,6 +665,11 @@ spec:
DisableSchemaValidation prevents the Helm install action from validating
the values against the JSON Schema.
type: boolean
disableTakeOwnership:
description: |-
DisableTakeOwnership disables taking ownership of existing resources
during the Helm install action. Defaults to false.
type: boolean
disableWait:
description: |-
DisableWait disables the waiting for resources to be ready after a Helm
@ -1079,6 +1084,11 @@ spec:
DisableSchemaValidation prevents the Helm upgrade action from validating
the values against the JSON Schema.
type: boolean
disableTakeOwnership:
description: |-
DisableTakeOwnership disables taking ownership of existing resources
during the Helm upgrade action. Defaults to false.
type: boolean
disableWait:
description: |-
DisableWait disables the waiting for resources to be ready after a Helm
@ -3983,7 +3993,7 @@ metadata:
app.kubernetes.io/component: helm-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: helm-controller
namespace: flux-system
---
@ -3994,7 +4004,7 @@ metadata:
app.kubernetes.io/component: helm-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
control-plane: controller
name: helm-controller
namespace: flux-system
@ -4033,7 +4043,7 @@ spec:
resourceFieldRef:
containerName: manager
resource: limits.memory
image: ghcr.io/fluxcd/helm-controller:v1.1.0
image: ghcr.io/fluxcd/helm-controller:v1.2.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
@ -4090,7 +4100,7 @@ metadata:
app.kubernetes.io/component: kustomize-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: kustomizations.kustomize.toolkit.fluxcd.io
spec:
group: kustomize.toolkit.fluxcd.io
@ -4185,6 +4195,17 @@ spec:
required:
- provider
type: object
deletionPolicy:
description: |-
DeletionPolicy can be used to control garbage collection when this
Kustomization is deleted. Valid values are ('MirrorPrune', 'Delete',
'Orphan'). 'MirrorPrune' mirrors the Prune field (orphan if false,
delete if true). Defaults to 'MirrorPrune'.
enum:
- MirrorPrune
- Delete
- Orphan
type: string
dependsOn:
description: |-
DependsOn may contain a meta.NamespacedObjectReference slice
@ -4212,6 +4233,42 @@ spec:
Force instructs the controller to recreate resources
when patching fails due to an immutable field change.
type: boolean
healthCheckExprs:
description: |-
HealthCheckExprs is a list of healthcheck expressions for evaluating the
health of custom resources using Common Expression Language (CEL).
The expressions are evaluated only when Wait or HealthChecks are specified.
items:
description: CustomHealthCheck defines the health check for custom
resources.
properties:
apiVersion:
description: APIVersion of the custom resource under evaluation.
type: string
current:
description: |-
Current is the CEL expression that determines if the status
of the custom resource has reached the desired state.
type: string
failed:
description: |-
Failed is the CEL expression that determines if the status
of the custom resource has failed to reach the desired state.
type: string
inProgress:
description: |-
InProgress is the CEL expression that determines if the status
of the custom resource has not yet reached the desired state.
type: string
kind:
description: Kind of the custom resource under evaluation.
type: string
required:
- apiVersion
- current
- kind
type: object
type: array
healthChecks:
description: A list of resources to be included in the health assessment.
items:
@ -4596,6 +4653,14 @@ spec:
required:
- entries
type: object
lastAppliedOriginRevision:
description: |-
The last successfully applied origin revision.
Equals the origin revision of the applied Artifact from the referenced Source.
Usually present on the Metadata of the applied Artifact and depends on the
Source type, e.g. for OCI it's the value associated with the key
"org.opencontainers.image.revision".
type: string
lastAppliedRevision:
description: |-
The last successfully applied revision.
@ -5810,7 +5875,7 @@ metadata:
app.kubernetes.io/component: kustomize-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: kustomize-controller
namespace: flux-system
---
@ -5821,7 +5886,7 @@ metadata:
app.kubernetes.io/component: kustomize-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
control-plane: controller
name: kustomize-controller
namespace: flux-system
@ -5860,7 +5925,7 @@ spec:
resourceFieldRef:
containerName: manager
resource: limits.memory
image: ghcr.io/fluxcd/kustomize-controller:v1.4.0
image: ghcr.io/fluxcd/kustomize-controller:v1.5.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
@ -5917,7 +5982,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: alerts.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
@ -6471,8 +6536,9 @@ spec:
- name
type: object
summary:
description: Summary holds a short description of the impact and affected
cluster.
description: |-
Summary holds a short description of the impact and affected cluster.
Deprecated: Use EventMetadata instead.
maxLength: 255
type: string
suspend:
@ -6498,7 +6564,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: providers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
@ -7038,7 +7104,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: receivers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
@ -7097,6 +7163,16 @@ spec:
Secret references.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
resourceFilter:
description: |-
ResourceFilter is a CEL expression expected to return a boolean that is
evaluated for each resource referenced in the Resources field when a
webhook is received. If the expression returns false then the controller
will not request a reconciliation for the resource.
When the expression is specified the controller will parse it and mark
the object as terminally failed if the expression is invalid or does not
return a boolean.
type: string
resources:
description: A list of resources to be notified about changes.
items:
@ -7710,7 +7786,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: notification-controller
namespace: flux-system
---
@ -7721,7 +7797,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
control-plane: controller
name: notification-controller
namespace: flux-system
@ -7742,7 +7818,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
control-plane: controller
name: webhook-receiver
namespace: flux-system
@ -7763,7 +7839,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
control-plane: controller
name: notification-controller
namespace: flux-system
@ -7801,7 +7877,7 @@ spec:
resourceFieldRef:
containerName: manager
resource: limits.memory
image: ghcr.io/fluxcd/notification-controller:v1.4.0
image: ghcr.io/fluxcd/notification-controller:v1.5.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
@ -7863,7 +7939,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: buckets.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
@ -8852,7 +8928,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: gitrepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
@ -8954,11 +9030,12 @@ spec:
type: string
provider:
description: |-
Provider used for authentication, can be 'azure', 'generic'.
Provider used for authentication, can be 'azure', 'github', 'generic'.
When not specified, defaults to 'generic'.
enum:
- generic
- azure
- github
type: string
proxySecretRef:
description: |-
@ -10114,7 +10191,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: helmcharts.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
@ -11095,7 +11172,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: helmrepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
@ -11944,7 +12021,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: ocirepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
@ -12374,7 +12451,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
name: source-controller
namespace: flux-system
---
@ -12385,7 +12462,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
control-plane: controller
name: source-controller
namespace: flux-system
@ -12406,7 +12483,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
app.kubernetes.io/version: v2.5.0
control-plane: controller
name: source-controller
namespace: flux-system
@ -12451,7 +12528,7 @@ spec:
resourceFieldRef:
containerName: manager
resource: limits.memory
image: ghcr.io/fluxcd/source-controller:v1.4.1
image: ghcr.io/fluxcd/source-controller:v1.5.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:

6
terraform/flux/main.tf
View file

@ -17,9 +17,5 @@ provider "flux" {
resource "flux_bootstrap_git" "flux" {
path = "kubernetes/cluster/production"
version = "v2.4.0"
lifecycle {
ignore_changes = all
}
version = "v2.5.0"
}

2
terraform/flux/provider.tf
View file

@ -2,7 +2,7 @@ terraform {
required_providers {
flux = {
source = "fluxcd/flux"
version = "1.4.0"
version = "1.5.0"
}
bitwarden-secrets = {
source = "sebastiaan-dev/bitwarden-secrets"

2
terraform/main.tf
View file

@ -30,7 +30,7 @@ terraform {
}
flux = {
source = "fluxcd/flux"
version = "1.4.0"
version = "1.5.0"
}
}
}

2
terraform/proxmox/windows.tf
View file

@ -3,7 +3,7 @@ resource "proxmox_virtual_environment_vm" "Windows11" {
node_name = "pve2"
vm_id = 250
tags = ["tofu"]
started = false
started = true
bios = "ovmf"
machine = "pc-q35-9.0"