mirrors/khuedoan-homelab
1
0
Fork 0
mirror of https://github.com/khuedoan/homelab.git synced 2025-01-19 00:38:15 +07:00
Code Issues Packages Projects Releases Wiki Activity
1,592 Commits 6 Branches 8 Tags 12 MiB
41211ff638
Commit Graph

237 Commits

Author SHA1 Message Date
Khue Doan
250e6d2712 feat(grafana): add ntfy integration 2024-01-21 16:14:37 +07:00
Khue Doan
169f24fed3 chore: update kube-prometheus-stack and grafana 2024-01-21 15:50:02 +07:00
Khue Doan
bed4134ef0 feat: add ntfy relay for Grafana alerts 2024-01-21 14:43:27 +07:00
Khue Doan
11e407e880 refactor(paperless)!: switch to app-template 
Explicitly define PAPERLESS_PORT due to environment variable conflict.

https://docs.paperless-ngx.com/troubleshooting/#gunicorn-fails-to-start-with-is-not-a-valid-port-number
 2024-01-19 02:43:58 +07:00
Khue Doan
1af664d6c0 refactor!: replace Hajimari with Homepage 
More eye candies.
 2024-01-17 21:15:16 +07:00
Khue Doan
f51d3f95a9 feat(gitea): automatically setup Dex as authentication source 
It's very ugly but it works ¯\_(ツ)_/¯
 2024-01-17 01:51:43 +07:00
Khue Doan
86221b920c feat(dex): add Gitea SSO client 2024-01-17 00:15:59 +07:00
Khue Doan
b98060294d refactor!: remove Tekton 
Replaced by Woodpecker CI. It turns out I don't need that much power
from Tekton's flexibility, so it's not worth the maintenance overhead
for my specific use case at home.
 2024-01-15 10:55:29 +07:00
Khue Doan
7f933a0355 refactor(gitea): disable unused features 
Keep Gitea minimal.
 2024-01-08 21:16:29 +07:00
Khue Doan
172c7c7c2b chore(gitea)!: ugrade Helm chart to v10 
This is a breaking change, see https://gitea.com/gitea/helm-chart#upgrading
before upgrading to avoid losing data. Personally I have my repos saved
in many Git hosting providers so I just nuke it and reinstall.

Fixes changed files detection in pull_request event in Woodpecker.
 2024-01-08 21:16:29 +07:00
Khue Doan
5bf9c03cf8 feat: install Woodpecker CI 2024-01-06 03:03:35 +07:00
Khue Doan
4673f91558 refactor(dex): remove Gitea connector 
Use Kanidm instead.
 2024-01-06 03:03:29 +07:00
Khue Doan
50220aaf6a feat(dex): add Kanidm connector 2024-01-06 00:44:45 +07:00
Khue Doan
1d1ebb9fc2 feat: install Kanidm for identity management 2024-01-04 10:40:43 +07:00
Khue Doan
bb27f0a607 perf(gitea): only run config job when config files changed 2023-11-27 00:41:38 +07:00
Khue Doan
002e725e6b perf(secret-generator): only run job when config changed 2023-11-27 00:36:03 +07:00
Khue Doan
5e76122a04 refactor(global-secrets): move secret store to the same namespace 
Otherwise RBAC will be much more complicated.
 2023-11-26 17:39:49 +07:00
Khue Doan
dc16d94071 fix(external-secrets): fix incorrect service account name 2023-11-26 17:26:22 +07:00
Khue Doan
97d3fbc0eb refactor!: make secret generator write to k8s Secrets instead of Vault 2023-11-26 16:11:50 +07:00
Khue Doan
37a324f71a refactor!: replace Vault with in-cluster global secrets 2023-11-26 03:11:08 +07:00
Khue Doan
e28bada08e refactor: remove explicit StorageClass selection 
Previously PVCs need to define storage class explicitly because if
a PVC was created before Longhorn is ready, it will stay pending forever
until we delete and recreate it (ArgoCD didn't have sync wave for
ApplicationSet back then).

Kubernetes 1.28 has retroactive assignment of a default StorageClass for
existing unbound persistent volume claims without any storage class assigned.

https://kubernetes.io/blog/2023/08/15/kubernetes-v1-28-release/#automatic-retroactive-assignment-of-a-default-storageclass-graduates-to-stable
 2023-11-19 12:04:10 +07:00
Khue Doan
4b69ec2dfc refactor(platform)!: replace Harbor with a simple Docker Regisry 
https://github.com/distribution/distribution

Docker Registry is stateless and easier to automate.
The tiny footprint is an added bonus.
 2023-05-21 14:08:42 +07:00
Khue Doan
b517985272 refactor(harbor): remove unnecessary components 
Don't need them at least for now.
 2023-05-19 13:59:42 +07:00
Khue Doan
c2d1263cbd fix(grafana): enable side car for dashboards and datasources 
Copied config from kube-prometheus-stack
 2023-05-19 13:11:02 +07:00
Khue Doan
b1a716dae9 refactor!: move Grafana to platform 
Grafana depends on secret created by ExternalSecret, with the values
pulled from Vault, causing circular dependency problem: system requires
platform components but platform requires system components.
 2023-05-19 01:36:47 +07:00
Khue Doan
96a968bc9f fix(harbor): fix Ingress cert and class 2023-02-22 18:34:21 +07:00
Khue Doan
75aaf731c9 refactor: switch back to Harbor 2023-02-22 18:33:57 +07:00
Khue Doan
bc8beffb73 fix(tekton): fix incorrect pull request revision 2023-01-26 15:31:22 +07:00
Khue Doan
220e5c5480 feat(tekton): add pull request workflow 2023-01-26 10:44:50 +07:00
Khue Doan
22a3ccd331 feat: auto create Gitea webhook for Tekton 2023-01-26 01:26:52 +07:00
Khue Doan
d5eb6d9a76 fix(tekton): update new Dashboard install link 2023-01-25 22:10:42 +07:00
Khue Doan
a7016de626 refactor(tekton): use common workflows that create pipelines 2023-01-25 22:01:31 +07:00
Khue Doan
8df13c3ef4 refactor(tekton): use remote tasks from Tekton Hub 2023-01-25 17:26:16 +07:00
Khue Doan
330393080a feat(tekton): install experimental Workflow 2023-01-25 14:49:50 +07:00
Khue Doan
3718f99096 refactor(tekton): move common tasks back to platform 2023-01-25 14:25:27 +07:00
Khue Doan
39e79fc0e8 fix(gitea): allow webhook in private network 
Default is external https://docs.gitea.io/en-us/config-cheat-sheet/#webhook-webhook
 2023-01-24 22:29:20 +07:00
Khue Doan
3b7e8f1688 chore: upgrade Go version of config jobs to 1.19 2022-12-29 23:22:47 +07:00
Khue Doan
5cb5f822aa chore(external-secrets): upgrade to latest version 2022-12-24 14:22:45 +07:00
Khue Doan
ddeb169f7b refactor(renovate): change schedule to daily 2022-08-29 14:23:51 +07:00
Khue Doan
8447502d54 feat: add ZeroTier for remote access 
- Fully open source
- Has free hosted version (my.zerotier.com)
- Can be automated with Terraform
- Pretty good performance with UDP hole punching
 2022-08-29 14:01:25 +07:00
Khue Doan
65c33f886c docs: add more secrets management details 2022-07-24 00:14:12 +07:00
Khue Doan
d06470c3ea fix: skip new config job run if previous job run hasn't finished yet 2022-07-20 23:12:01 +07:00
Khue Doan
868f53c7d0 Revert "feat: install Keycloak Operator" 
This reverts commit 405b3a7eee.
 2022-07-06 13:07:05 +07:00
Khue Doan
952db7cbde fix(keycloak): set replica count 2022-06-18 01:48:44 +07:00
Khue Doan
0d405ddbb6 feat(keycloak): deploy Keycloak cluster 2022-06-18 00:49:25 +07:00
Khue Doan
9743cd4ada refactor(keycloak): use release channel 2022-06-18 00:28:53 +07:00
Khue Doan
405b3a7eee feat: install Keycloak Operator 2022-06-18 00:04:23 +07:00
Elliot Blackburn
a22829a060
chore(external-secrets): upgrade to 0.5.6 (#66) 
0.5.2 had an issue where if the value was not found in vault there would be a panic from a nil pointer reference. This was fixed in 0.5.3 but the latest is 0.5.6 so I tested that and all seems to work well.
 2022-06-08 20:23:26 +07:00
Khue Doan
7b744b5e92 ci: get pipeline secrets from Vault 2022-05-14 20:59:15 +07:00
Khue Doan
0e351eb81b fix(tekton): remove Terraform service account 2022-05-14 17:50:58 +07:00