diff --git a/.image-gitlab-ci.yml b/.image-gitlab-ci.yml index 091ebec6..4cdad22b 100644 --- a/.image-gitlab-ci.yml +++ b/.image-gitlab-ci.yml @@ -4,7 +4,7 @@ variables: IMAGE: {{ IMAGE }} PLATFORMS: linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7 REGISTRY: $REGISTRY_URI/$CI_PROJECT_PATH - TRIVY_VERSION: 0.68.2 + TRIVY_VERSION: 0.70.0 stages: - Static Code Analysis @@ -13,7 +13,7 @@ stages: - Security Scan - Promote Image -image: docker:29.1.5 +image: docker:29.5.2 .registry_template: ®istry_login before_script: diff --git a/README.md b/README.md index ed007c95..e237f2c1 100644 --- a/README.md +++ b/README.md @@ -101,6 +101,7 @@ The cluster-deployment tools here include helm charts and ansible playbooks to s | Service | Version | Notes | | --- | --- | --- | | davite | [![](https://img.shields.io/docker/v/instantlinux/davite?sort=date)](https://hub.docker.com/r/instantlinux/davite "Version badge") | party-invites manager like eVite | +| immich | ** | immich self-hosted photo/video manager | | mythtv-backend | [![](https://img.shields.io/docker/v/instantlinux/mythtv-backend?sort=date)](https://hub.docker.com/r/instantlinux/mythtv-backend "Version badge") | MythTV backend | | OwnTone | ** | iTunes server (formerly forked-daapd) | | weewx | [![](https://img.shields.io/docker/v/instantlinux/weewx?sort=date)](https://hub.docker.com/r/instantlinux/weewx "Version badge") | Weather station software (Davis VantagePro2 etc.) | diff --git a/ansible/roles/kubernetes/templates/kubeadm-config-cplane.j2 b/ansible/roles/kubernetes/templates/kubeadm-config-cplane.j2 index a71a7feb..87009436 100644 --- a/ansible/roles/kubernetes/templates/kubeadm-config-cplane.j2 +++ b/ansible/roles/kubernetes/templates/kubeadm-config-cplane.j2 @@ -55,7 +55,7 @@ apiServer: - name: oidc-groups-prefix value: {{ oidc.group_prefix }} - name: oidc-ca-file - value: {{ oidc.ca-file }} + value: {{ oidc.ca_file }} extraVolumes: - name: local-config hostPath: "/etc/kubernetes/local" diff --git a/ansible/roles/ntp/defaults/main.yml b/ansible/roles/ntp/defaults/main.yml index 28120ba8..33ba78ca 100644 --- a/ansible/roles/ntp/defaults/main.yml +++ b/ansible/roles/ntp/defaults/main.yml @@ -3,6 +3,7 @@ ntp_defaults: driftfile: /var/lib/ntpsec/ntp.drift leapfile: /usr/share/zoneinfo/leap-seconds.list + log_level: warn query_ok: - localhost - ::1 diff --git a/ansible/roles/ntp/templates/ntp.toml.j2 b/ansible/roles/ntp/templates/ntp.toml.j2 index 75ed6b98..d26d5def 100644 --- a/ansible/roles/ntp/templates/ntp.toml.j2 +++ b/ansible/roles/ntp/templates/ntp.toml.j2 @@ -1,6 +1,6 @@ {{ ansible_managed | comment }} [observability] -log-level = "info" +log-level = "{{ ntp.log_level }}" observation-path = "/var/run/ntpd-rs/observe" {% if 'servers' in ntp %} diff --git a/ansible/roles/volumes/defaults/main.yml b/ansible/roles/volumes/defaults/main.yml index 8d2b6330..8d9fd882 100644 --- a/ansible/roles/volumes/defaults/main.yml +++ b/ansible/roles/volumes/defaults/main.yml @@ -5,13 +5,16 @@ fs_type: ext4 # LUKS-encrypted volumes -luks_volumes: {} +luks_volume_defaults: {} # example-volume: # inodes: 100 # path: {{ local_k8s_root }}/backup # size: 5000 # vg: "{{ luks_vg }}" +luks_volume_additions: {} +luks_volumes: "{{ luks_volume_defaults | combine(luks_volume_additions) }}" + # Unencrypted local volumes local_volumes: tmpfs: diff --git a/images/dhcpd-dns-pxe/Dockerfile b/images/dhcpd-dns-pxe/Dockerfile index e1a3b373..daa29bfc 100644 --- a/images/dhcpd-dns-pxe/Dockerfile +++ b/images/dhcpd-dns-pxe/Dockerfile @@ -7,8 +7,8 @@ LABEL org.opencontainers.image.authors="Rich Braun docker@instantlinux.net" \ org.label-schema.name=dhcpd-dns-pxe \ org.label-schema.vcs-ref=$VCS_REF \ org.label-schema.vcs-url=https://github.com/instantlinux/docker-tools -ARG KEA_VERSION=3.0.2-r0 -ARG DNSMASQ_VERSION=2.91-r0 +ARG KEA_VERSION=3.0.3-r0 +ARG DNSMASQ_VERSION=2.91-r1 ENV DB_HOST=db00 \ DB_NAME=kea \ diff --git a/images/dhcpd-dns-pxe/helm/Chart.yaml b/images/dhcpd-dns-pxe/helm/Chart.yaml index e72dd4f9..e15e479d 100644 --- a/images/dhcpd-dns-pxe/helm/Chart.yaml +++ b/images/dhcpd-dns-pxe/helm/Chart.yaml @@ -7,8 +7,8 @@ sources: - https://source.isc.org/git/dhcp.git - http://thekelleys.org.uk/gitweb/?p=dnsmasq.git type: application -version: 0.2.1 -appVersion: "3.0.2-r0-2.91-r0" +version: 0.2.2 +appVersion: "3.0.3-r0-2.91-r1" dependencies: - name: chartlib version: 0.1.8 diff --git a/images/haproxy-keepalived/Dockerfile b/images/haproxy-keepalived/Dockerfile index f9716128..0515ad95 100644 --- a/images/haproxy-keepalived/Dockerfile +++ b/images/haproxy-keepalived/Dockerfile @@ -1,4 +1,4 @@ -FROM haproxy:3.3.6-alpine +FROM haproxy:3.3.10-alpine ARG BUILD_DATE ARG VCS_REF LABEL org.opencontainers.image.authors="Rich Braun docker@instantlinux.net" \ diff --git a/images/haproxy-keepalived/helm/Chart.yaml b/images/haproxy-keepalived/helm/Chart.yaml index 570e9960..11105e93 100644 --- a/images/haproxy-keepalived/helm/Chart.yaml +++ b/images/haproxy-keepalived/helm/Chart.yaml @@ -7,8 +7,8 @@ sources: - https://github.com/haproxy/haproxy - https://github.com/acassen/keepalived type: application -version: 0.1.21 -appVersion: "3.3.6-alpine-2.3.4-r3" +version: 0.1.22 +appVersion: "3.3.10-alpine-2.3.4-r3" dependencies: - name: chartlib version: 0.1.8 diff --git a/images/mysqldump/Dockerfile b/images/mysqldump/Dockerfile index b492d303..8dcb11b3 100644 --- a/images/mysqldump/Dockerfile +++ b/images/mysqldump/Dockerfile @@ -18,7 +18,7 @@ ENV HOUR=3 MINUTE=30 \ TZ=UTC ARG UID=210 ARG BACKUP_GID=34 -ARG CLIENT_VERSION=11.4.10-r0 +ARG CLIENT_VERSION=11.4.11-r0 RUN RMGROUP=$(grep :$BACKUP_GID: /etc/group | cut -d: -f 1) && \ [ -z "$RMGROUP" ] || delgroup $RMGROUP && \ diff --git a/images/mysqldump/helm/Chart.yaml b/images/mysqldump/helm/Chart.yaml index 7b86662c..50bc41ef 100644 --- a/images/mysqldump/helm/Chart.yaml +++ b/images/mysqldump/helm/Chart.yaml @@ -6,8 +6,8 @@ sources: - https://github.com/instantlinux/docker-tools - https://github.com/mariadb/server/tree/10.5/client type: application -version: 0.1.16 -appVersion: "11.4.10-r0" +version: 0.1.17 +appVersion: "11.4.11-r0" dependencies: - name: chartlib version: 0.1.8 diff --git a/images/nut-upsd/Dockerfile b/images/nut-upsd/Dockerfile index 534c6088..f751afb5 100644 --- a/images/nut-upsd/Dockerfile +++ b/images/nut-upsd/Dockerfile @@ -38,8 +38,8 @@ RUN echo '@edge http://dl-cdn.alpinelinux.org/alpine/edge/main' \ >>/etc/apk/repositories && \ apk add --no-cache dash && \ apk add --update --no-cache nut=$NUT_VERSION \ - busybox curl linux-pam \ - libcrypto3 libssl3 \ + busybox curl@edge linux-pam \ + libcrypto3 libexpat@edge libssl3 \ libusb musl@edge net-snmp-libs util-linux \ musl-utils@edge nghttp2-libs@edge diff --git a/images/openldap/Dockerfile b/images/openldap/Dockerfile index 947c841e..70580c27 100644 --- a/images/openldap/Dockerfile +++ b/images/openldap/Dockerfile @@ -8,7 +8,7 @@ LABEL org.opencontainers.image.authors="Rich Braun docker@instantlinux.net" \ org.label-schema.vcs-ref=$VCS_REF \ org.label-schema.vcs-url=https://github.com/instantlinux/docker-tools -ARG OPENLDAP_VERSION=2.6.10-r0 +ARG OPENLDAP_VERSION=2.6.13-r0 ENV SLAPD_DN_ATTR=uid \ SLAPD_FQDN=example.com \ SLAPD_LOG_LEVEL=Config,Stats \ diff --git a/images/openldap/helm/Chart.yaml b/images/openldap/helm/Chart.yaml index c0a6a04f..ff4306a9 100644 --- a/images/openldap/helm/Chart.yaml +++ b/images/openldap/helm/Chart.yaml @@ -6,8 +6,8 @@ sources: - https://github.com/instantlinux/docker-tools - https://git.openldap.org/openldap/openldap type: application -version: 0.1.8 -appVersion: "2.6.10-r0" +version: 0.1.9 +appVersion: "2.6.13-r0" dependencies: - name: chartlib version: 0.1.8 diff --git a/images/proftpd/Dockerfile b/images/proftpd/Dockerfile index 7dd0092f..fd012fce 100644 --- a/images/proftpd/Dockerfile +++ b/images/proftpd/Dockerfile @@ -8,7 +8,7 @@ LABEL org.opencontainers.image.authors="Rich Braun docker@instantlinux.net" \ org.label-schema.vcs-ref=$VCS_REF \ org.label-schema.vcs-url=https://github.com/instantlinux/docker-tools -ARG PROFTPD_VERSION=1.3.9-r1 +ARG PROFTPD_VERSION=1.3.9a-r1 ENV ALLOW_OVERWRITE=on \ ANONYMOUS_DISABLE=off \ diff --git a/images/proftpd/helm/Chart.yaml b/images/proftpd/helm/Chart.yaml index f26dca30..061d2522 100644 --- a/images/proftpd/helm/Chart.yaml +++ b/images/proftpd/helm/Chart.yaml @@ -6,8 +6,8 @@ sources: - https://github.com/instantlinux/docker-tools - https://github.com/proftpd/proftpd type: application -version: 0.1.12 -appVersion: "1.3.9-r1" +version: 0.1.13 +appVersion: "1.3.9a-r1" dependencies: - name: chartlib version: 0.1.8 diff --git a/images/samba-dc/Dockerfile b/images/samba-dc/Dockerfile index 678a09a5..dacc1c98 100644 --- a/images/samba-dc/Dockerfile +++ b/images/samba-dc/Dockerfile @@ -24,7 +24,7 @@ ENV ADMIN_PASSWORD_SECRET=samba-admin-password \ WINBIND_USE_DEFAULT_DOMAIN=yes \ WORKGROUP=AD -ARG SAMBA_VERSION=4.22.8-r0 +ARG SAMBA_VERSION=4.22.10-r0 COPY *.conf.j2 /root/ COPY entrypoint.sh /usr/local/bin/ diff --git a/images/samba-dc/helm/Chart.yaml b/images/samba-dc/helm/Chart.yaml index 67f60a5f..f1b53812 100644 --- a/images/samba-dc/helm/Chart.yaml +++ b/images/samba-dc/helm/Chart.yaml @@ -6,8 +6,8 @@ sources: - https://github.com/instantlinux/docker-tools - ttps://gitlab.com/samba-team/samba type: application -version: 0.1.17 -appVersion: "4.22.8-r0" +version: 0.1.18 +appVersion: "4.22.10-r0" dependencies: - name: chartlib version: 0.1.8 diff --git a/images/samba/Dockerfile b/images/samba/Dockerfile index b76ec16f..e6804c60 100644 --- a/images/samba/Dockerfile +++ b/images/samba/Dockerfile @@ -8,7 +8,7 @@ LABEL org.opencontainers.image.authors="Rich Braun docker@instantlinux.net" \ org.label-schema.vcs-ref=$VCS_REF \ org.label-schema.vcs-url=https://github.com/instantlinux/docker-tools -ARG SAMBA_VERSION=4.22.8-r0 +ARG SAMBA_VERSION=4.22.10-r0 ENV LOGON_DRIVE=H \ NETBIOS_NAME=samba \ SERVER_STRING="Samba Server" \ diff --git a/images/samba/helm/Chart.yaml b/images/samba/helm/Chart.yaml index da948728..06df3da8 100644 --- a/images/samba/helm/Chart.yaml +++ b/images/samba/helm/Chart.yaml @@ -6,8 +6,8 @@ sources: - https://github.com/instantlinux/docker-tools - https://gitlab.com/samba-team/samba type: application -version: 0.1.17 -appVersion: "4.22.8-r0" +version: 0.1.18 +appVersion: "4.22.10-r0" dependencies: - name: chartlib version: 0.1.8 diff --git a/k8s/Makefile.vars b/k8s/Makefile.vars index e6b0bdb6..2f7e3f6b 100644 --- a/k8s/Makefile.vars +++ b/k8s/Makefile.vars @@ -46,5 +46,5 @@ export PORT_DOVECOT_IMAPD ?= 843 export PORT_DOVECOT_IMAPS ?= 993 export PORT_DOVECOT_SMTP ?= 825 export PORT_GIT_SSH ?= 8999 -export PORT_POSTFIX_INTERNAL ?= 3425 +# export PORT_POSTFIX_INTERNAL ?= 3425 export PORT_POSTFIX_EXTERNAL ?= 3525 diff --git a/k8s/README.md b/k8s/README.md index 748d3dc8..916a42e4 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -37,7 +37,7 @@ kubeadm suite: * Local-volume sync * Automatic certificate issuing/renewal with Letsencrypt -Helm has become the standard mechanism for deploying kubernetes resources. This repo provides a library, chartlib, which handles almost all of the logic and tedium of golang templating. Look in the values.yaml file of each of the helm charts published here for parameters that you can override by supplying a helm overrides yaml file. +Helm has become the standard mechanism for deploying kubernetes resources. This repo provides a time-tested library, [chartlib](https://github.com/instantlinux/docker-tools/tree/main/k8s/helm/chartlib), which provides a simple abstraction for almost all of the logic and tedium of golang templating. Look in the values.yaml file of each of the helm charts published here for parameters that you can override by supplying a helm overrides yaml file. Most chart libraries you find online are over-complicated and constantly changing; this library has survived years of changes in Kubernetes releases without needing modification. ### Requirements and cost diff --git a/k8s/helm/gitea/Chart.yaml b/k8s/helm/gitea/Chart.yaml index c6399481..8442d002 100644 --- a/k8s/helm/gitea/Chart.yaml +++ b/k8s/helm/gitea/Chart.yaml @@ -6,8 +6,8 @@ sources: - https://github.com/instantlinux/docker-tools - https://github.com/go-gitea/gitea type: application -version: 0.1.8 -appVersion: 1.25.3-rootless +version: 0.1.9 +appVersion: 1.26.2-rootless dependencies: - name: chartlib version: 0.1.8 diff --git a/k8s/helm/immich/.helmignore b/k8s/helm/immich/.helmignore new file mode 100644 index 00000000..839de881 --- /dev/null +++ b/k8s/helm/immich/.helmignore @@ -0,0 +1,2 @@ +*~ +.git diff --git a/k8s/helm/immich/Chart.yaml b/k8s/helm/immich/Chart.yaml new file mode 100644 index 00000000..8ce36b91 --- /dev/null +++ b/k8s/helm/immich/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: immich +description: Immich media server +home: https://github.com/instantlinux/docker-tools +sources: +- https://github.com/immich-app/immich +- https://github.com/instantlinux/docker-tools +type: application +version: 0.1.0 +# Reminder, update tag for ml instance in values.yaml +appVersion: v2.7.5 +dependencies: +- name: chartlib + version: 0.1.8 + repository: https://instantlinux.github.io/docker-tools +- name: ml + version: 0.1.0 + repository: file://subcharts/ml +- name: postgres + version: 0.1.0 + repository: file://subcharts/postgres +- name: valkey + version: 0.1.0 + repository: file://subcharts/valkey diff --git a/k8s/helm/immich/subcharts/ml/.helmignore b/k8s/helm/immich/subcharts/ml/.helmignore new file mode 100644 index 00000000..839de881 --- /dev/null +++ b/k8s/helm/immich/subcharts/ml/.helmignore @@ -0,0 +1,2 @@ +*~ +.git diff --git a/k8s/helm/immich/subcharts/ml/Chart.yaml b/k8s/helm/immich/subcharts/ml/Chart.yaml new file mode 100644 index 00000000..29a90154 --- /dev/null +++ b/k8s/helm/immich/subcharts/ml/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v2 +name: ml +description: Immich machine-learning +home: https://github.com/instantlinux/docker-tools +sources: +- https://github.com/instantlinux/docker-tools +- ghcr.io/immich-app/immich-machine-learning +type: application +version: 0.1.0 +# specify version tag from hub.docker.com in top-level values.yaml +appVersion: "0.0.1" +dependencies: +- name: chartlib + version: 0.1.8 + repository: https://instantlinux.github.io/docker-tools diff --git a/k8s/helm/immich/subcharts/ml/templates/NOTES.txt b/k8s/helm/immich/subcharts/ml/templates/NOTES.txt new file mode 100644 index 00000000..62ea3f4b --- /dev/null +++ b/k8s/helm/immich/subcharts/ml/templates/NOTES.txt @@ -0,0 +1,28 @@ +{{- if hasKey .Values "service" }} +{{- if or .Values.service.enabled (not (hasKey .Values.service "enabled")) }} +1. Get the application URL by running these commands: +{{- if hasKey .Values "ingress" }} +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "local.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "local.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "local.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "local.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/k8s/helm/immich/subcharts/ml/templates/app.yaml b/k8s/helm/immich/subcharts/ml/templates/app.yaml new file mode 100644 index 00000000..5a01911b --- /dev/null +++ b/k8s/helm/immich/subcharts/ml/templates/app.yaml @@ -0,0 +1,15 @@ +{{- include "chartlib.configmap" . }} +--- +{{- include "chartlib.deployment" . }} +--- +{{- include "chartlib.hpa" . }} +--- +{{- include "chartlib.ingress" . }} +--- +{{- include "chartlib.ingresstotp" . }} +--- +{{- include "chartlib.service" . }} +--- +{{- include "chartlib.serviceaccount" . }} +--- +{{- include "chartlib.statefulset" . }} diff --git a/k8s/helm/immich/subcharts/ml/templates/tests/test-connection.yaml b/k8s/helm/immich/subcharts/ml/templates/tests/test-connection.yaml new file mode 100644 index 00000000..ae159a4f --- /dev/null +++ b/k8s/helm/immich/subcharts/ml/templates/tests/test-connection.yaml @@ -0,0 +1,17 @@ +{{- if hasKey .Values "service" }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "local.fullname" . }}-test-connection" + labels: + {{- include "local.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "local.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never +{{- end }} diff --git a/k8s/helm/immich/subcharts/ml/values.yaml b/k8s/helm/immich/subcharts/ml/values.yaml new file mode 100644 index 00000000..bf76dd1b --- /dev/null +++ b/k8s/helm/immich/subcharts/ml/values.yaml @@ -0,0 +1,62 @@ +# Default values for machine-learning +statefulset: + containerPorts: [ containerPort: 3003 ] + env: + hf_xet_cache: /cache/huggingface-xet + immich_log_level: info + mplconfigdir: /cache/matplotlib-config + transformers_cache: /cache + podSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 + # gids: video, render + supplementalGroups: [ 44, 891 ] + replicas: 1 + resources: + limits: + cpu: 4000m + memory: 4096Mi + requests: + cpu: 1100m + memory: 768Mi +livenessProbe: + httpGet: + path: /ping + port: 3003 +readinessProbe: + httpGet: + path: /ping + port: 3003 +volumeMounts: +- mountPath: /cache + name: cache +- mountPath: /dev/dri + name: dri +volumes: +- name: dri + hostPath: + path: /dev/dri +volumeClaimTemplates: +- metadata: + name: cache + spec: + accessModes: [ ReadWriteOnce ] + resources: + requests: + storage: 8Gi + +image: + repository: ghcr.io/immich-app/immich-machine-learning + pullPolicy: IfNotPresent + # tag: default + +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + enabled: false +service: + ports: [ port: 3003 ] + type: LoadBalancer +autoscaling: + enabled: false diff --git a/k8s/helm/immich/subcharts/postgres/.helmignore b/k8s/helm/immich/subcharts/postgres/.helmignore new file mode 100644 index 00000000..839de881 --- /dev/null +++ b/k8s/helm/immich/subcharts/postgres/.helmignore @@ -0,0 +1,2 @@ +*~ +.git diff --git a/k8s/helm/immich/subcharts/postgres/Chart.yaml b/k8s/helm/immich/subcharts/postgres/Chart.yaml new file mode 100644 index 00000000..5d84c96b --- /dev/null +++ b/k8s/helm/immich/subcharts/postgres/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v2 +name: postgres +description: PostgreSQL database +home: https://github.com/instantlinux/docker-tools +sources: +- https://github.com/instantlinux/docker-tools +- https://hub.docker.com/_/postgres +type: application +version: 0.1.0 +# specify version tag from hub.docker.com in top-level values.yaml +appVersion: "0.0.1" +dependencies: +- name: chartlib + version: 0.1.8 + repository: https://instantlinux.github.io/docker-tools diff --git a/k8s/helm/immich/subcharts/postgres/templates/NOTES.txt b/k8s/helm/immich/subcharts/postgres/templates/NOTES.txt new file mode 100644 index 00000000..62ea3f4b --- /dev/null +++ b/k8s/helm/immich/subcharts/postgres/templates/NOTES.txt @@ -0,0 +1,28 @@ +{{- if hasKey .Values "service" }} +{{- if or .Values.service.enabled (not (hasKey .Values.service "enabled")) }} +1. Get the application URL by running these commands: +{{- if hasKey .Values "ingress" }} +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "local.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "local.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "local.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "local.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/k8s/helm/immich/subcharts/postgres/templates/app.yaml b/k8s/helm/immich/subcharts/postgres/templates/app.yaml new file mode 100644 index 00000000..5a01911b --- /dev/null +++ b/k8s/helm/immich/subcharts/postgres/templates/app.yaml @@ -0,0 +1,15 @@ +{{- include "chartlib.configmap" . }} +--- +{{- include "chartlib.deployment" . }} +--- +{{- include "chartlib.hpa" . }} +--- +{{- include "chartlib.ingress" . }} +--- +{{- include "chartlib.ingresstotp" . }} +--- +{{- include "chartlib.service" . }} +--- +{{- include "chartlib.serviceaccount" . }} +--- +{{- include "chartlib.statefulset" . }} diff --git a/k8s/helm/immich/subcharts/postgres/templates/tests/test-connection.yaml b/k8s/helm/immich/subcharts/postgres/templates/tests/test-connection.yaml new file mode 100644 index 00000000..ae159a4f --- /dev/null +++ b/k8s/helm/immich/subcharts/postgres/templates/tests/test-connection.yaml @@ -0,0 +1,17 @@ +{{- if hasKey .Values "service" }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "local.fullname" . }}-test-connection" + labels: + {{- include "local.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "local.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never +{{- end }} diff --git a/k8s/helm/immich/subcharts/postgres/values.yaml b/k8s/helm/immich/subcharts/postgres/values.yaml new file mode 100644 index 00000000..a36189cd --- /dev/null +++ b/k8s/helm/immich/subcharts/postgres/values.yaml @@ -0,0 +1,53 @@ +# Default values for postgres +backup: + # Min Hour Day Month Weekday + timeZone: America/Los_Angeles + schedule: "0 5 * * *" + +statefulset: + containerPorts: [ containerPort: 5432 ] + # environment variables defined in parent + env: + postgres_user: user + postgres_db: appdb + xenv: + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: database_password + name: postgres + replicas: 1 + resources: + limits: + memory: 2048Mi + requests: + cpu: 300m + memory: 256Mi +volumeMounts: +- mountPath: /var/lib/postgresql/data + name: pgdata +volumeClaimTemplates: +- metadata: + name: pgdata + spec: + accessModes: [ ReadWriteOnce ] + resources: + requests: + storage: 8Gi + +image: + repository: postgres + pullPolicy: IfNotPresent + # tag: default + +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + enabled: false +service: + clusterIP: None + ports: [ port: 5432 ] + type: ClusterIP +autoscaling: + enabled: false diff --git a/k8s/helm/immich/subcharts/valkey/.helmignore b/k8s/helm/immich/subcharts/valkey/.helmignore new file mode 100644 index 00000000..839de881 --- /dev/null +++ b/k8s/helm/immich/subcharts/valkey/.helmignore @@ -0,0 +1,2 @@ +*~ +.git diff --git a/k8s/helm/immich/subcharts/valkey/Chart.yaml b/k8s/helm/immich/subcharts/valkey/Chart.yaml new file mode 100644 index 00000000..ffd54242 --- /dev/null +++ b/k8s/helm/immich/subcharts/valkey/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v2 +name: valkey +description: Valkey kv-store +home: https://github.com/instantlinux/docker-tools +sources: +- https://github.com/instantlinux/docker-tools +- https://hub.docker.com/r/valkey/valkey +type: application +version: 0.1.0 +appVersion: "9.1.0-alpine" +dependencies: +- name: chartlib + version: 0.1.8 + repository: https://instantlinux.github.io/docker-tools diff --git a/k8s/helm/immich/subcharts/valkey/templates/NOTES.txt b/k8s/helm/immich/subcharts/valkey/templates/NOTES.txt new file mode 100644 index 00000000..62ea3f4b --- /dev/null +++ b/k8s/helm/immich/subcharts/valkey/templates/NOTES.txt @@ -0,0 +1,28 @@ +{{- if hasKey .Values "service" }} +{{- if or .Values.service.enabled (not (hasKey .Values.service "enabled")) }} +1. Get the application URL by running these commands: +{{- if hasKey .Values "ingress" }} +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "local.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "local.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "local.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "local.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/k8s/helm/immich/subcharts/valkey/templates/app.yaml b/k8s/helm/immich/subcharts/valkey/templates/app.yaml new file mode 100644 index 00000000..5a01911b --- /dev/null +++ b/k8s/helm/immich/subcharts/valkey/templates/app.yaml @@ -0,0 +1,15 @@ +{{- include "chartlib.configmap" . }} +--- +{{- include "chartlib.deployment" . }} +--- +{{- include "chartlib.hpa" . }} +--- +{{- include "chartlib.ingress" . }} +--- +{{- include "chartlib.ingresstotp" . }} +--- +{{- include "chartlib.service" . }} +--- +{{- include "chartlib.serviceaccount" . }} +--- +{{- include "chartlib.statefulset" . }} diff --git a/k8s/helm/immich/subcharts/valkey/templates/tests/test-connection.yaml b/k8s/helm/immich/subcharts/valkey/templates/tests/test-connection.yaml new file mode 100644 index 00000000..ae159a4f --- /dev/null +++ b/k8s/helm/immich/subcharts/valkey/templates/tests/test-connection.yaml @@ -0,0 +1,17 @@ +{{- if hasKey .Values "service" }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "local.fullname" . }}-test-connection" + labels: + {{- include "local.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "local.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never +{{- end }} diff --git a/k8s/helm/immich/subcharts/valkey/values.yaml b/k8s/helm/immich/subcharts/valkey/values.yaml new file mode 100644 index 00000000..9bd771e0 --- /dev/null +++ b/k8s/helm/immich/subcharts/valkey/values.yaml @@ -0,0 +1,62 @@ +# Default values for valkey. +deployment: + command: ["valkey-server", "/usr/local/etc/valkey/valkey.conf"] + containerPorts: [ containerPort: 6379 ] + env: + valkey_extra_flags: "" + podSecurityContext: + fsGroup: 1000 + runAsUser: 1000 + runAsGroup: 1000 + seccompProfile: + type: RuntimeDefault + +volumeMounts: +- mountPath: /usr/local/etc/valkey/valkey.conf + name: config + subPath: valkey.conf +- mountPath: /data + name: data +volumes: +- name: config + configMap: + name: valkey-config +- name: data + hostPath: + path: /var/lib/docker/k8s-volumes/share/immich/valkey + +livenessProbe: + exec: + command: [ sh, -c, valkey-cli ping | grep PONG ] + initialDelaySeconds: 30 + timeoutSeconds: 5 +readinessProbe: + exec: + command: [ sh, -c, valkey-cli ping | grep PONG ] + timeoutSeconds: 5 + +image: + repository: valkey/valkey + pullPolicy: IfNotPresent + # tag: default + +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + enabled: false +service: + ports: [ port: 6379 ] + type: ClusterIP +autoscaling: + enabled: false +ingress: + enabled: false + +configmap: + name: valkey-config + data: + valkey.conf: | + port 6379 + dir /data + loglevel notice diff --git a/k8s/helm/immich/templates/NOTES.txt b/k8s/helm/immich/templates/NOTES.txt new file mode 100644 index 00000000..f8c53210 --- /dev/null +++ b/k8s/helm/immich/templates/NOTES.txt @@ -0,0 +1,30 @@ +{{- if hasKey .Values "service" }} +{{- if or .Values.service.enabled (not (hasKey .Values.service "enabled")) }} +1. Get the application URL by running these commands: +{{- if hasKey .Values "ingress" }} +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "local.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "local.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "local.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "local.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} +{{- end }} +{{- end }} +{{- end }} +2. Make sure to set the versionPrev value to the version returned in + /var/www/html/config/config.php after most recent upgrade diff --git a/k8s/helm/immich/templates/app.yaml b/k8s/helm/immich/templates/app.yaml new file mode 100644 index 00000000..b925dd1f --- /dev/null +++ b/k8s/helm/immich/templates/app.yaml @@ -0,0 +1,13 @@ +{{- include "chartlib.configmap" . }} +--- +{{- include "chartlib.deployment" . }} +--- +{{- include "chartlib.hpa" . }} +--- +{{- include "chartlib.ingress" . }} +--- +{{- include "chartlib.ingresstotp" . }} +--- +{{- include "chartlib.service" . }} +--- +{{- include "chartlib.serviceaccount" . }} diff --git a/k8s/helm/immich/templates/tests/test-connection.yaml b/k8s/helm/immich/templates/tests/test-connection.yaml new file mode 100644 index 00000000..ae159a4f --- /dev/null +++ b/k8s/helm/immich/templates/tests/test-connection.yaml @@ -0,0 +1,17 @@ +{{- if hasKey .Values "service" }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "local.fullname" . }}-test-connection" + labels: + {{- include "local.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "local.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never +{{- end }} diff --git a/k8s/helm/immich/values.yaml b/k8s/helm/immich/values.yaml new file mode 100644 index 00000000..d6290f69 --- /dev/null +++ b/k8s/helm/immich/values.yaml @@ -0,0 +1,206 @@ +# Default values for immich. + +tlsHostname: photos.example.com + +deployment: + env: + # Note - the documentation of environment variables for immich under docker + # is misleading. (See https://docs.immich.app/guides/custom-locations/ .) + # Do *not* use those variables under kubernetes, see the volume mounts + # below. + db_database_name: immich + db_hostname: immich-postgres + db_username: immich + immich_machine_learning_url: http://immich-ml:3003 + immich_watch_filesystem: "no" + redis_hostname: immich-valkey + redis_port: 6379 + tz: UTC + + # Add this if you want to configure via ConfigMap rather than database: + # immich_config_file: /config/immich-config.yaml + xenv: + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: immich + key: immich-db-password + containerPorts: + - containerPort: 2283 + podSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 + # gid values for video, render + supplementalGroups: [ 44, 891 ] + securityContext: + # GPU access requires privileges. The alternative is somewhat complicated, + # see https://github.com/UntouchedWagons/K3S-Intel + privileged: true + resources: + limits: + cpu: 4000m + memory: 6144Mi + requests: + cpu: 1100m + memory: 768Mi + nodeSelector: + service.immich: allow + strategy: + type: Recreate + +livenessProbe: + httpGet: + path: /api/server/ping + port: 2283 + # Override this with much larger value if "Reindexing XXX_index" on startup + initialDelaySeconds: 300 +readinessProbe: + httpGet: + path: /api/server/ping + port: 2283 +volumeMounts: +# The directory layout for immich is fixed; from the microservice instance, +# there should be six subdirectories mounted under /data: +# +# backups encoded-video library profile thumbs upload +# +# Manually create the subdirectories you want on the NAS, and chown them +# to the immich user (default above is uid 1000). Here, it's assumed that +# four of the above directories will be subdirectories of an immich +# subdirectory of the primary external-library photo storage volume on your +# NAS. Define the top-level NAS volume as an nfs-client PVC 'pictures' before +# applying this helm chart. Override the volumeMounts if you want a different +# layout than the one recommended here. +- name: ssd + mountPath: /data + subPath: html +- name: config + mountPath: /config/immich-config.yaml + subPath: immich-config.yaml +- name: gpu + mountPath: /dev/dri +- name: nas + mountPath: /mnt/photos + readOnly: true +- name: nas + mountPath: /data/backups + subPath: immich/backups + readOnly: false +- name: nas + mountPath: /data/library + subPath: immich/library + readOnly: false +- name: nas + mountPath: /data/profile + subPath: immich/profile + readOnly: false +- name: nas + mountPath: /data/upload + subPath: immich/upload + readOnly: false +# These can be left on ssd for single-instance microservices deployment +# - name: ssd +# mountPath: /data/encoded-video +# subPath: encoded-video +# readOnly: false +# - name: ssd +# mountPath: /data/thumbs +# subPath: thumbs +# readOnly: false + +volumes: +- name: config + configMap: + name: immich + optional: true +- name: gpu + hostPath: + path: /dev/dri +- name: ssd + hostPath: { path: /var/lib/docker/k8s-volumes/immich } +- name: nas + persistentVolumeClaim: + claimName: pictures + +image: + repository: ghcr.io/immich-app/immich-server + pullPolicy: IfNotPresent + # tag: default + +nameOverride: "" +fullnameOverride: "" + +serviceAccount: {} +service: + clusterIP: None + ports: + - { port: 80, targetPort: 2283 } + type: ClusterIP + +ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/client-body-buffer-size: "0" + nginx.ingress.kubernetes.io/enable-access-log: "false" + nginx.ingress.kubernetes.io/proxy-body-size: "0" + nginx.ingress.kubernetes.io/proxy-read-timeout: "600" + nginx.ingress.kubernetes.io/proxy-request-buffering: "off" + nginx.ingress.kubernetes.io/proxy-send-timeout: "600" + nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + nginx.ingress.kubernetes.io/configuration-snippet: | + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_cookie_path: ""; + +autoscaling: + enabled: false + +configmap: + name: immich + enabled: false + data: + immich-config.yaml: | + # Add custom settings here + +# Subchart parameters + +valkey: + enabled: true + image: + tag: 9.1.0-alpine + +postgres: + enabled: true + statefulset: + env: + postgres_user: immich + postgres_db: immich + xenv: + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: immich-db-password + name: immich + resources: + limits: + memory: 4096Mi + requests: + memory: 512Mi + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: pgdata + volumes: + - name: immich-config + configMap: + name: immich + image: + repository: ghcr.io/immich-app/postgres + tag: 17-vectorchord0.5.3-pgvector0.8.1 + +ml: + enabled: true + image: + tag: v2.7.5 + env: + immich_log_level: info diff --git a/k8s/helm/nextcloud/Chart.yaml b/k8s/helm/nextcloud/Chart.yaml index 0418a361..fe07e6cc 100644 --- a/k8s/helm/nextcloud/Chart.yaml +++ b/k8s/helm/nextcloud/Chart.yaml @@ -5,8 +5,8 @@ home: https://github.com/instantlinux/docker-tools sources: - https://github.com/instantlinux/docker-tools type: application -version: 0.1.6 -appVersion: "32.0.5" +version: 0.1.7 +appVersion: "32.0.9" dependencies: - name: chartlib version: 0.1.8 diff --git a/k8s/helm/nextcloud/values.yaml b/k8s/helm/nextcloud/values.yaml index 351d7838..486972e6 100644 --- a/k8s/helm/nextcloud/values.yaml +++ b/k8s/helm/nextcloud/values.yaml @@ -13,8 +13,6 @@ passwordSalt: CkEFy/t4IpPhjJoem3NRdPt/UD8gOS redis: port: 6379 tag: 6.2.4-alpine -# TODO: remove, versionPrev is (finally!) unneeded -versionPrev: 25.0.3.2 deployment: command: [/bin/bash] @@ -51,6 +49,10 @@ deployment: requests: cpu: 100m memory: 768Mi + nodeSelector: + service.nextcloud: allow + strategy: + type: Recreate volumeMounts: - mountPath: /var/www/html diff --git a/k8s/helm/nexus/Chart.yaml b/k8s/helm/nexus/Chart.yaml index 8e361b26..78af1a30 100644 --- a/k8s/helm/nexus/Chart.yaml +++ b/k8s/helm/nexus/Chart.yaml @@ -5,8 +5,8 @@ home: https://github.com/instantlinux/docker-tools sources: - https://github.com/instantlinux/docker-tools type: application -version: 0.1.12 -appVersion: "3.87.1" +version: 0.1.13 +appVersion: "3.92.3" dependencies: - name: chartlib version: 0.1.8 diff --git a/k8s/helm/restic/Chart.yaml b/k8s/helm/restic/Chart.yaml index 7fec5e2e..133ec131 100644 --- a/k8s/helm/restic/Chart.yaml +++ b/k8s/helm/restic/Chart.yaml @@ -6,10 +6,10 @@ sources: - https://github.com/instantlinux/docker-tools - https://github.com/restic/restic type: application -version: 0.1.25 +version: 0.1.26 # Remember to update restic== in values.yaml as releases are published; # the values.yaml file is not able to reference .Chart.appVersion -appVersion: "0.18.1-r6" +appVersion: "0.18.1-r7" dependencies: - name: chartlib version: 0.1.8 diff --git a/k8s/helm/restic/values.yaml b/k8s/helm/restic/values.yaml index 0932f24d..a402bb5e 100644 --- a/k8s/helm/restic/values.yaml +++ b/k8s/helm/restic/values.yaml @@ -17,7 +17,7 @@ deployment: mkdir -p /var/log/week && tail -f -n 0 /var/log/restic.log env: # Edit the version in Chart.yaml to keep consistent - app_version: 0.18.1-r6 + app_version: 0.18.1-r7 env: /etc/profile tz: UTC nodeSelector: diff --git a/k8s/helm/vaultwarden/Chart.yaml b/k8s/helm/vaultwarden/Chart.yaml index 76908f80..91fc43a8 100644 --- a/k8s/helm/vaultwarden/Chart.yaml +++ b/k8s/helm/vaultwarden/Chart.yaml @@ -5,8 +5,8 @@ home: https://github.com/instantlinux/docker-tools sources: - https://github.com/instantlinux/docker-tools type: application -version: 0.1.9 -appVersion: "1.35.2-alpine" +version: 0.1.10 +appVersion: "1.36.0-alpine" dependencies: - name: chartlib version: 0.1.8