aggarwalakshun/public-k3s
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: aggarwalakshun:e8326305399a3bc4f11426813bfa2290c9d19cca
Branches Tags
aggarwalakshun:main
..
compare: aggarwalakshun:1cbd370388c5f45564e8f7acc97e047f565649a7
Branches Tags
aggarwalakshun:main

10 Commits
e832630539 ... 1cbd370388

Author SHA1 Message Date
Renovate Bot
1cbd370388 Update renovate/renovate Docker tag to v41.30.3 2025-07-11 00:04:54 +00:00
aggarwalakshun
dae76ce814 Update successful and failed jobs history limits in renovate job configuration 2025-07-10 06:23:41 +05:30
aggarwalakshun
0ea8af6484 remove ssh config 2025-07-10 05:58:58 +05:30
Flux
dc622830cd Add Flux sync manifests 2025-07-10 05:48:24 +05:30
Flux
d648caec1c Add Flux v2.6.4 component manifests 2025-07-10 05:48:02 +05:30
aggarwalakshun
1381a51702 delete unused ns 2025-07-10 05:45:43 +05:30
Akshun Aggarwal
9c3fd8946b Merge pull request 'Update docker.io/ghostfolio/ghostfolio Docker tag to v2.180.0' (#75) from renovate/docker.io-ghostfolio-ghostfolio-2.x into main 
Reviewed-on: https://gitea.akshun-lab.uk/akshun/public-k3s/pulls/75
 2025-07-10 00:12:42 +00:00
Akshun Aggarwal
73f33b2bb5 Merge pull request 'revert to 4368a36150 with a few changes' (#77) from helm-flux into main 
Reviewed-on: https://gitea.akshun-lab.uk/akshun/public-k3s/pulls/77
 2025-07-10 00:12:23 +00:00
aggarwalakshun
bd5c081cac revert to 4368a36150 with a few changes 2025-07-10 05:40:02 +05:30
Renovate Bot
6582d24667 Update docker.io/ghostfolio/ghostfolio Docker tag to v2.180.0 2025-07-10 00:01:16 +00:00
32 changed files with 13387 additions and 89 deletions
Expand all files Collapse all files

2
cluster/apps/ghostfolio/ghostfolio.yml
View File

@@ -76,7 +76,7 @@ spec:
key: postgres-password
containers:
- name: ghostfolio
image: docker.io/ghostfolio/ghostfolio:2.178.0
image: docker.io/ghostfolio/ghostfolio:2.180.0
securityContext:
capabilities:
drop:

4
cluster/apps/renovate/renovate-job.yml
View File

@@ -7,13 +7,15 @@ metadata:
spec:
schedule: '@daily'
concurrencyPolicy: Forbid
successfulJobsHistoryLimit: 0
failedJobsHistoryLimit: 0
jobTemplate:
spec:
template:
spec:
hostNetwork: true
containers:
- image: renovate/renovate:41.28.2
- image: renovate/renovate:41.30.3
name: renovate-bot
env:
- name: RENOVATE_TOKEN

1
cluster/apps/semaphore/semaphore-configmap.yml
View File

@@ -15,4 +15,3 @@ data:
SEMAPHORE_ADMIN_EMAIL: "aggarwalakshun@gmail.com"
SEMAPHORE_ADMIN: "admin"
SEMAPHORE_LDAP_ACTIVATED: "'no'"
SEMAPHORE_SSH_PATH: /home/semaphore/.ssh/config

4
cluster/apps/semaphore/semaphore.yml
View File

@@ -60,10 +60,6 @@ spec:
secretKeyRef:
name: semaphore-secrets
key: key
volumeMounts:
- name: db
mountPath: /home/semaphore/.ssh/
subPath: ssh
volumes:
- name: db
persistentVolumeClaim:

8
cluster/config/namespaces/namespaces.yml
View File

@@ -6,14 +6,6 @@ metadata:
labels:
name: gpu-operator
---
kind: Namespace
apiVersion: v1
metadata:
name: cattle-system
labels:
name: cattle-system
---
kind: Namespace
apiVersion: v1

13032
cluster/flux-system/gotk-components.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

27
cluster/flux-system/gotk-sync.yaml Normal file
View File

@@ -0,0 +1,27 @@
# This manifest was generated by flux. DO NOT EDIT.
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: flux-system
namespace: flux-system
spec:
interval: 1m0s
ref:
branch: main
secretRef:
name: flux-system
url: ssh://git@gitea.akshun-lab.uk:222/akshun/public-k3s
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: flux-system
namespace: flux-system
spec:
interval: 10m0s
path: ./cluster
prune: true
sourceRef:
kind: GitRepository
name: flux-system

5
cluster/flux-system/kustomization.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- gotk-components.yaml
- gotk-sync.yaml

27
cluster/helm/cert-manager/cert-manager-release.yml Normal file
View File

@@ -0,0 +1,27 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: cert-manager
namespace: cert-manager
spec:
interval: 24h
chart:
spec:
chart: cert-manager
version: "v1.18.2"
sourceRef:
kind: HelmRepository
name: jetstack
namespace: flux-system
interval: 24h
install:
remediation:
retries: 3
upgrade:
remediation:
retries: 3
values:
crds:
enabled: true
keep: true

9
cluster/helm/cert-manager/cert-manager-repo.yml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: jetstack
namespace: flux-system
spec:
interval: 24h
url: https://charts.jetstack.io

5
cluster/helm/cert-manager/values.yml
View File

@@ -1,5 +0,0 @@
# https://charts.jetstack.io
crds:
enabled: true
keep: true

22
cluster/helm/csi-driver-smb/csi-driver-smb-release.yml Normal file
View File

@@ -0,0 +1,22 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: csi-driver-smb
namespace: kube-system
spec:
interval: 24h
chart:
spec:
chart: csi-driver-smb
version: "1.18.0"
sourceRef:
kind: HelmRepository
name: csi-driver-smb
namespace: flux-system
interval: 24h
install:
createNamespace: true
upgrade:
remediation:
remediateLastFailure: true

9
cluster/helm/csi-driver-smb/csi-driver-smb-repo.yml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: csi-driver-smb
namespace: flux-system
spec:
interval: 24h
url: https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts

1
cluster/helm/csi-driver-smb/values.yml
View File

@@ -1 +0,0 @@
# https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts

31
cluster/helm/gpu-operator/gpu-operator-release.yml Normal file
View File

@@ -0,0 +1,31 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: gpu-operator
namespace: gpu-operator
spec:
interval: 24h
chart:
spec:
chart: gpu-operator
version: "v25.3.1"
sourceRef:
kind: HelmRepository
name: nvidia
namespace: flux-system
interval: 24h
install:
createNamespace: true
upgrade:
remediation:
remediateLastFailure: true
values:
driver:
enabled: false
toolkit:
env:
- name: CONTAINERD_SOCKET
value: /run/k3s/containerd/containerd.sock
- name: CONTAINERD_CONFIG
value: /var/lib/rancher/k3s/agent/etc/containerd/config.toml

9
cluster/helm/gpu-operator/gpu-operator-repo.yml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: nvidia
namespace: flux-system
spec:
interval: 24h
url: https://helm.ngc.nvidia.com/nvidia

9
cluster/helm/gpu-operator/values.yml
View File

@@ -1,9 +0,0 @@
# https://helm.ngc.nvidia.com/nvidia
driver:
enabled: false
toolkit:
env:
- name: CONTAINERD_SOCKET
value: /run/k3s/containerd/containerd.sock
- name: CONTAINERD_CONFIG
value: /var/lib/rancher/k3s/agent/etc/containerd/config.toml

11
cluster/helm/longhorn/values.yml
View File

@@ -1,11 +0,0 @@
# https://charts.longhorn.io
persistence:
defaultClass: true
reclaimPolicy: Retain
ingress:
enabled: false
service:
ui:
type: LoadBalancer
port: 85

42
cluster/helm/ollama/ollama-release.yml Normal file
View File

@@ -0,0 +1,42 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: ollama
namespace: default
spec:
interval: 24h
chart:
spec:
chart: ollama
version: "1.22.0"
sourceRef:
kind: HelmRepository
name: ollama
namespace: flux-system
interval: 24h
install:
remediation:
retries: 3
upgrade:
remediation:
retries: 3
values:
ollama:
gpu:
enabled: true
type: nvidia
models:
pull:
- gemma3:4b
run:
- gemma3:4b
nodeSelector:
type: immich
service:
type: LoadBalancer
port: 3210
runtimeClassName: nvidia
persistentVolume:
enabled: true
existingClaim: ollama-pvc

9
cluster/helm/ollama/ollama-repo.yml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: ollama
namespace: flux-system
spec:
interval: 24h
url: https://otwld.github.io/ollama-helm/

20
cluster/helm/ollama/values.yml
View File

@@ -1,20 +0,0 @@
# https://otwld.github.io/ollama-helm/
ollama:
gpu:
enabled: true
type: nvidia
models:
pull:
- gemma3:4b
run:
- gemma3:4b
nodeSelector:
gpu: nvidia
service:
type: LoadBalancer
port: 3210
runtimeClassName: nvidia
persistentVolume:
enabled: true
existingClaim: ollama-pvc

28
cluster/helm/sealed-secrets/sealed-secrets-release.yaml Normal file
View File

@@ -0,0 +1,28 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: sealed-secrets
namespace: flux-system
spec:
chart:
spec:
chart: sealed-secrets
reconcileStrategy: ChartVersion
sourceRef:
kind: HelmRepository
name: sealed-secrets
version: '>=1.15.0-0'
install:
crds: Create
interval: 24h
releaseName: sealed-secrets
targetNamespace: flux-system
upgrade:
crds: CreateReplace
values:
service:
type: LoadBalancer
nodePort: 30081
networkPolicy:
enabled: true

9
cluster/helm/sealed-secrets/sealed-secrets-repo.yml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: sealed-secrets
namespace: flux-system
spec:
interval: 24h
url: https://bitnami-labs.github.io/sealed-secrets

7
cluster/helm/sealed-secrets/values.yml
View File

@@ -1,7 +0,0 @@
# https://bitnami-labs.github.io/sealed-secrets
service:
type: NodePort
nodePort: 30081
networkPolicy:
enabled: true

32
disabled/helm/longhorn/longhorn-release.yml Normal file
View File

@@ -0,0 +1,32 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: longhorn
namespace: longhorn-system
spec:
interval: 24h
chart:
spec:
chart: longhorn
version: "1.9.0"
sourceRef:
kind: HelmRepository
name: longhorn
namespace: flux-system
interval: 24h
install:
createNamespace: true
upgrade:
remediation:
remediateLastFailure: true
values:
persistence:
defaultClass: true
reclaimPolicy: Retain
ingress:
enabled: false
service:
ui:
type: LoadBalancer
port: 85

9
disabled/helm/longhorn/longhorn-repo.yml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: longhorn
namespace: flux-system
spec:
interval: 24h
url: https://charts.longhorn.io

33
disabled/helm/portainer/portainer-release.yml Normal file
View File

@@ -0,0 +1,33 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: portainer
namespace: default
spec:
interval: 24h
chart:
spec:
chart: portainer
version: "1.0.69"
sourceRef:
kind: HelmRepository
name: portainer
namespace: flux-system
interval: 24h
install:
remediation:
retries: 3
upgrade:
remediation:
retries: 3
values:
service:
type: LoadBalancer
httpPort: 9000
persistence:
enabled: true
storageClass: longhorn-static
accessModes:
- ReadWriteMany
size: 500Mi

9
disabled/helm/portainer/portainer-repo.yml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: portainer
namespace: flux-system
spec:
interval: 24h
url: https://portainer.github.io/k8s/

11
disabled/helm/portainer/values.yml
View File

@@ -1,11 +0,0 @@
# https://portainer.github.io/k8s/
service:
type: LoadBalancer
httpPort: 9000
persistence:
enabled: true
storageClass: longhorn-static
accessModes:
- ReadWriteMany
size: 500Mi

32
disabled/helm/rancher/rancher-release.yml Normal file
View File

@@ -0,0 +1,32 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: rancher-stable
namespace: cattle-system
spec:
interval: 24h
chart:
spec:
chart: rancher
version: "2.11.3"
sourceRef:
kind: HelmRepository
name: rancher-stable
namespace: flux-system
interval: 24h
install:
remediation:
retries: 3
upgrade:
remediation:
retries: 3
values:
hostname: rancher.akshun-lab.uk
service:
type: LoadBalancer
valuesFrom:
- kind: Secret
name: rancher-bootstrap-secret
valuesKey: bootstrapPassword
targetPath: bootstrapPassword

9
disabled/helm/rancher/rancher-repo.yml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: rancher-stable
namespace: flux-system
spec:
interval: 24h
url: https://releases.rancher.com/server-charts/latest

10
disabled/helm/rancher/values.yml
View File

@@ -1,10 +0,0 @@
# https://releases.rancher.com/server-charts/latest
hostname: rancher.akshun-lab.uk
service:
type: LoadBalancer
valuesFrom:
- kind: Secret
name: rancher-bootstrap-secret
valuesKey: bootstrapPassword
targetPath: bootstrapPassword