diff --git a/charts/alloy/README.md b/charts/alloy/README.md index da32cdf6..52d9c2cb 100644 --- a/charts/alloy/README.md +++ b/charts/alloy/README.md @@ -8,7 +8,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| -| https://grafana.github.io/helm-charts | alloy | 0.10.0 | +| https://grafana.github.io/helm-charts | alloy | 0.10.1 | ## Values @@ -45,4 +45,12 @@ A Helm chart for Kubernetes | alloy.controller.volumes.extra[1].hostPath.path | string | `"/sys"` | | | alloy.controller.volumes.extra[1].hostPath.type | string | `""` | | | alloy.controller.volumes.extra[1].name | string | `"sys"` | | +| environment.baseDomain | string | `"deepcypher.me"` | | +| environment.contact.email | string | `"noreply@deepcypher.me"` | | +| environment.contact.name | string | `"George Onoufriou"` | | +| environment.hardware | string | `"metal"` | | +| environment.location.name | string | `"unknown"` | | +| environment.mode | string | `"production"` | | +| environment.name | string | `"unknown"` | | +| environment.revision | string | `"main"` | | diff --git a/charts/argocd/README.md b/charts/argocd/README.md index 141ae8fb..604e48b9 100644 --- a/charts/argocd/README.md +++ b/charts/argocd/README.md @@ -8,7 +8,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| -| https://argoproj.github.io/argo-helm/ | argo-cd | 7.7.5 | +| https://argoproj.github.io/argo-helm/ | argo-cd | 7.7.7 | ## Values diff --git a/charts/auth/README.md b/charts/auth/README.md index b1d0ec6f..25ecf541 100644 --- a/charts/auth/README.md +++ b/charts/auth/README.md @@ -8,7 +8,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| -| oci://registry-1.docker.io/bitnamicharts | keycloak | 24.2.2 | +| oci://registry-1.docker.io/bitnamicharts | keycloak | 24.2.3 | ## Values diff --git a/charts/bitwarden/README.md b/charts/bitwarden/README.md index 1d60ee94..0c1ca4fd 100644 --- a/charts/bitwarden/README.md +++ b/charts/bitwarden/README.md @@ -9,7 +9,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| | https://charts.bitwarden.com/ | bitwarden(self-host) | 2024.11.1 | -| oci://registry-1.docker.io/bitnamicharts | postgresql-ha | 14.2.33 | +| oci://registry-1.docker.io/bitnamicharts | postgresql-ha | 14.3.10 | ## Values diff --git a/charts/crossplane-late/README.md b/charts/crossplane-late/README.md index 7308ce9c..56930004 100644 --- a/charts/crossplane-late/README.md +++ b/charts/crossplane-late/README.md @@ -4,3 +4,16 @@ A Helm chart for Kubernetes +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| environment.baseDomain | string | `"deepcypher.me"` | | +| environment.contact.email | string | `"noreply@deepcypher.me"` | | +| environment.contact.name | string | `"George Onoufriou"` | | +| environment.hardware | string | `"metal"` | | +| environment.location.name | string | `"unknown"` | | +| environment.mode | string | `"production"` | | +| environment.name | string | `"unknown"` | | +| environment.revision | string | `"main"` | | + diff --git a/charts/crossplane-provider/README.md b/charts/crossplane-provider/README.md index 7308ce9c..90b5ea32 100644 --- a/charts/crossplane-provider/README.md +++ b/charts/crossplane-provider/README.md @@ -1,4 +1,4 @@ -# crossplane-late +# crossplane-provider ![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4](https://img.shields.io/badge/AppVersion-4-informational?style=flat-square) diff --git a/charts/gitea/README.md b/charts/gitea/README.md index bf8cf407..9e40c192 100644 --- a/charts/gitea/README.md +++ b/charts/gitea/README.md @@ -11,7 +11,7 @@ A Helm chart for Kubernetes | https://dl.gitea.com/charts/ | gitea | 10.6.0 | | https://gitlab.com/api/v4/projects/55284972/packages/helm/stable | gitea-bkp(backupd) | 0.6.1 | | https://gitlab.com/api/v4/projects/55284972/packages/helm/stable | postgresql-bkp(backupd) | 0.6.1 | -| oci://registry-1.docker.io/bitnamicharts | postgresql-ha | 14.2.33 | +| oci://registry-1.docker.io/bitnamicharts | postgresql-ha | 14.3.10 | ## Values diff --git a/charts/grafana-operator/README.md b/charts/grafana-operator/README.md index 9fc6b0b6..d9845411 100644 --- a/charts/grafana-operator/README.md +++ b/charts/grafana-operator/README.md @@ -8,7 +8,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| -| oci://registry-1.docker.io/bitnamicharts | grafana-operator | 4.7.4 | +| oci://registry-1.docker.io/bitnamicharts | grafana-operator | 4.8.1 | ## Values diff --git a/charts/home-assistant/README.md b/charts/home-assistant/README.md index c080248b..df8f391f 100644 --- a/charts/home-assistant/README.md +++ b/charts/home-assistant/README.md @@ -45,6 +45,6 @@ A Helm chart for Kubernetes | ha.persistence.labels | object | `{}` | | | ha.persistence.size | string | `"100Gi"` | | | ha.persistence.storageClass | string | `""` | | -| resources.limits.memory | string | `"500Mi"` | | -| resources.requests.cpu | string | `"100m"` | | +| ha.resources.limits.memory | string | `"800Mi"` | | +| ha.resources.requests.cpu | string | `"100m"` | | diff --git a/charts/infrastructure/README.md b/charts/infrastructure/README.md index 88499033..8252f037 100644 --- a/charts/infrastructure/README.md +++ b/charts/infrastructure/README.md @@ -15,7 +15,7 @@ A Helm chart for ArgoCD towards Kubernetes automation | environment.hardware | string | `"metal"` | | | environment.location.name | string | `"unknown"` | | | environment.mode | string | `"production"` | | -| environment.name | string | `"unknown"` | | +| environment.name | string | `"talos"` | | | environment.revision | string | `"main"` | | | global.repo | string | `"https://gitlab.com/deepcypher/dc-kc.git"` | | | global.revision | string | `"HEAD"` | | diff --git a/charts/infrastructure/templates/keycloak-late.yaml b/charts/infrastructure/templates/keycloak-late.yaml new file mode 100644 index 00000000..af41347b --- /dev/null +++ b/charts/infrastructure/templates/keycloak-late.yaml @@ -0,0 +1,31 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: keycloak-late + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + destination: + name: '' + namespace: auth + server: 'https://kubernetes.default.svc' + source: + path: charts/keycloak-late + repoURL: 'https://gitlab.com/deepcypher/dc-kc.git' + targetRevision: HEAD + helm: + values: | + {{- include "defaultEnvironment" . | indent 8 }} + {{- if eq .Values.environment.mode "staging" }} + {{- else if eq .Values.environment.mode "production" }} + {{- end }} + #project: auth + project: default + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true + - ApplyOutOfSyncOnly=true diff --git a/charts/jupyterhub/README.md b/charts/jupyterhub/README.md index 92f4cfc8..52455fe9 100644 --- a/charts/jupyterhub/README.md +++ b/charts/jupyterhub/README.md @@ -9,7 +9,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| | https://hub.jupyter.org/helm-chart/ | jupyterhub | 3.3.8 | -| oci://registry-1.docker.io/bitnamicharts | postgresql-ha | 14.2.33 | +| oci://registry-1.docker.io/bitnamicharts | postgresql-ha | 14.3.10 | ## Values diff --git a/charts/keycloak-late/.helmignore b/charts/keycloak-late/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/keycloak-late/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/keycloak-late/Chart.yaml b/charts/keycloak-late/Chart.yaml new file mode 100644 index 00000000..5b29860c --- /dev/null +++ b/charts/keycloak-late/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: keycloak-late +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "4" diff --git a/charts/keycloak-late/README.md b/charts/keycloak-late/README.md new file mode 100644 index 00000000..1c597ac5 --- /dev/null +++ b/charts/keycloak-late/README.md @@ -0,0 +1,19 @@ +# keycloak-late + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4](https://img.shields.io/badge/AppVersion-4-informational?style=flat-square) + +A Helm chart for Kubernetes + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| environment.baseDomain | string | `"deepcypher.me"` | | +| environment.contact.email | string | `"noreply@deepcypher.me"` | | +| environment.contact.name | string | `"George Onoufriou"` | | +| environment.hardware | string | `"metal"` | | +| environment.location.name | string | `"unknown"` | | +| environment.mode | string | `"production"` | | +| environment.name | string | `"unknown"` | | +| environment.revision | string | `"main"` | | + diff --git a/charts/keycloak-late/templates/groups/admin.yaml b/charts/keycloak-late/templates/groups/admin.yaml new file mode 100644 index 00000000..2e0eabef --- /dev/null +++ b/charts/keycloak-late/templates/groups/admin.yaml @@ -0,0 +1,24 @@ +apiVersion: group.keycloak.crossplane.io/v1alpha1 +kind: Group +metadata: + name: admin +spec: + deletionPolicy: Delete + forProvider: + realmId: deepcypher + name: admin +--- +apiVersion: group.keycloak.crossplane.io/v1alpha1 +kind: Roles +metadata: + name: admin +spec: + forProvider: + realmId: deepcypher + groupIdRef: + name: admin + roleIdsRefs: + - name: admin + providerConfigRef: + name: default + diff --git a/charts/crossplane-late/templates/keycloak/realm-deepcypher.yaml b/charts/keycloak-late/templates/realms/realm-deepcypher.yaml similarity index 96% rename from charts/crossplane-late/templates/keycloak/realm-deepcypher.yaml rename to charts/keycloak-late/templates/realms/realm-deepcypher.yaml index 79b2474c..77d08b85 100644 --- a/charts/crossplane-late/templates/keycloak/realm-deepcypher.yaml +++ b/charts/keycloak-late/templates/realms/realm-deepcypher.yaml @@ -20,7 +20,7 @@ spec: - username: "bf3439d38ac0407e26b6d150c0dc31b0" passwordSecretRef: name: smtp - namespace: crossplane + namespace: auth key: password securityDefenses: - bruteForceDetection: diff --git a/charts/crossplane-late/templates/keycloak/smtp.sealed.yaml b/charts/keycloak-late/templates/realms/smtp.sealed.yaml similarity index 100% rename from charts/crossplane-late/templates/keycloak/smtp.sealed.yaml rename to charts/keycloak-late/templates/realms/smtp.sealed.yaml diff --git a/charts/keycloak-late/templates/roles/admin.yaml b/charts/keycloak-late/templates/roles/admin.yaml new file mode 100644 index 00000000..35159f89 --- /dev/null +++ b/charts/keycloak-late/templates/roles/admin.yaml @@ -0,0 +1,11 @@ +apiVersion: role.keycloak.crossplane.io/v1alpha1 +kind: Role +metadata: + name: admin +spec: + forProvider: + realmId: deepcypher + name: admin + description: Administrator for all deepcypher applications. + providerConfigRef: + name: default diff --git a/charts/crossplane-late/templates/keycloak/george.sealed.yaml b/charts/keycloak-late/templates/users/george.sealed.yaml similarity index 100% rename from charts/crossplane-late/templates/keycloak/george.sealed.yaml rename to charts/keycloak-late/templates/users/george.sealed.yaml diff --git a/charts/crossplane-late/templates/keycloak/user-george.yaml b/charts/keycloak-late/templates/users/user-george.yaml similarity index 56% rename from charts/crossplane-late/templates/keycloak/user-george.yaml rename to charts/keycloak-late/templates/users/user-george.yaml index b55bd752..a8a1d0e5 100644 --- a/charts/crossplane-late/templates/keycloak/user-george.yaml +++ b/charts/keycloak-late/templates/users/user-george.yaml @@ -13,7 +13,20 @@ spec: valueSecretRef: key: password name: george - namespace: crossplane + namespace: auth + providerConfigRef: + name: default +--- +apiVersion: user.keycloak.crossplane.io/v1alpha1 +kind: Groups +metadata: + name: george +spec: + forProvider: + realmId: deepcypher + groupIdsRefs: + - name: admin + userIdRef: + name: george providerConfigRef: name: default - diff --git a/charts/keycloak-late/values.yaml b/charts/keycloak-late/values.yaml new file mode 100644 index 00000000..c85e766e --- /dev/null +++ b/charts/keycloak-late/values.yaml @@ -0,0 +1,11 @@ +environment: + name: unknown # not to be used for hard checks but to display to user + hardware: metal # to be used to enable on-prem specific features like ceph, cilium, etc + mode: production # to be used to configure backup movement and additional debugging features + revision: main # to be used to pull from different git branches + baseDomain: deepcypher.me # to be used to override default chart domains to configure environments + location: + name: unknown # not to be used for hard checks purely informational + contact: + name: George Onoufriou + email: noreply@deepcypher.me diff --git a/charts/loki/README.md b/charts/loki/README.md index b476823c..ed4ff9e2 100644 --- a/charts/loki/README.md +++ b/charts/loki/README.md @@ -9,7 +9,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| | https://grafana.github.io/helm-charts | loki-distributed | 0.80.0 | -| oci://registry-1.docker.io/bitnamicharts | minio | 14.7.15 | +| oci://registry-1.docker.io/bitnamicharts | minio | 14.8.6 | ## Values diff --git a/charts/mimir/README.md b/charts/mimir/README.md index 91c72409..5adf4600 100644 --- a/charts/mimir/README.md +++ b/charts/mimir/README.md @@ -9,7 +9,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| | https://grafana.github.io/helm-charts | mimir-distributed | 5.5.1 | -| oci://registry-1.docker.io/bitnamicharts | minio | 14.7.15 | +| oci://registry-1.docker.io/bitnamicharts | minio | 14.8.6 | ## Values diff --git a/charts/prometheus/README.md b/charts/prometheus/README.md index 94bd9aa4..87704f4d 100644 --- a/charts/prometheus/README.md +++ b/charts/prometheus/README.md @@ -26,6 +26,6 @@ A Helm chart for Kubernetes | kube-prometheus.prometheus.persistence.enabled | bool | `true` | | | kube-prometheus.prometheus.persistence.size | string | `"20Gi"` | | | kube-prometheus.prometheus.resources.limits.ephemeral-storage | string | `"1Gi"` | | -| kube-prometheus.prometheus.resources.limits.memory | string | `"2Gi"` | | +| kube-prometheus.prometheus.resources.limits.memory | string | `"5Gi"` | | | kube-prometheus.prometheus.resources.requests.cpu | string | `"750m"` | | diff --git a/charts/renovate/README.md b/charts/renovate/README.md index 31ad6236..beddd9fd 100644 --- a/charts/renovate/README.md +++ b/charts/renovate/README.md @@ -10,5 +10,5 @@ A Helm chart for Kubernetes |-----|------|---------|-------------| | image.registry | string | `"docker.io"` | | | image.repository | string | `"renovate/renovate"` | | -| image.tag | string | `"38-full"` | | +| image.tag | string | `"39-full"` | | diff --git a/charts/sealed-secrets/README.md b/charts/sealed-secrets/README.md index 823153d3..8a06c055 100644 --- a/charts/sealed-secrets/README.md +++ b/charts/sealed-secrets/README.md @@ -8,7 +8,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| -| https://charts.bitnami.com/bitnami | sealed-secrets | 2.4.11 | +| https://charts.bitnami.com/bitnami | sealed-secrets | 2.4.14 | ## Values diff --git a/charts/teleport/README.md b/charts/teleport/README.md index 2b5976d7..da3bcec1 100644 --- a/charts/teleport/README.md +++ b/charts/teleport/README.md @@ -8,7 +8,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| -| https://charts.releases.teleport.dev | teleport-cluster | 17.0.1 | +| https://charts.releases.teleport.dev | teleport-cluster | 17.0.4 | | https://gitlab.com/api/v4/projects/55284972/packages/helm/stable | teleport-bkp(backupd) | 0.7.0 | ## Values