# Changelog ## 0.0.7-alpha - Replace standard Vault with Vault Operator - Automatically initialize and unseal Vault - Declarative secret generation and management - Declarative Gitea configuration with YAML - Automatic OS rolling upgrade - Automatic Kubernetes rolling upgrade - Automatic application updates using Renovate (still require manual token generation) - Add script to wait for essential services after deployment - Add icons and bookmarks to the home page - Deploy Matrix chat - Replace Authentik with Dex for SSO (still require manual token generation) - Switch to Mermaid for diagrams in documentation - Replace Vagrant with k3d for development environment - Use nip.io domain for development environment - Remove Backblaze (S3 Glacier and/or Minio will be added in future version) - Enable monitor for the majority of applications - Many code refactorings and bug fixes ## 0.0.6-alpha - Upgrade to Kubernetes 1.23 - Support external resources: - Cloudflare DNS and Tunnel - Backblaze for backup - Auto inject secrets to required namespaces - Replace self-signed certificates with Let's Encrypt production (with API token injected from the `external` layer) - Add DNS records automatically using external-dns - Easy Cloudflare Tunnel configuration with annotations - Offsite backup to Backblaze B2 bucket using k8up-operator - Add private container registry - Remove Knative to save resources (temporarily) - Enable encryption at rest for Kubernetes Secrets - Add more Tekton tasks and pipelines - Initialize GitOps repository on Gitea automatically after install - Generate MetalLB address pool automatically (default to the last `/27` subnet) - Some bug fixes ## 0.0.5-alpha - Add convenience scripts - Add Loki for logging - Add custom health check for Application and ApplicationSet - Use Vault with dev mode on (temporarily until we hit beta) - Replace Authelia with Authentik - Upgrade to Kubernetes 1.22 - Upgrade most services to the latest version - Set ingress class and storage class explicitly - Initial Linkerd and Knative setup (not working yet) - Set up Hajimari for home page with automatic ingress discovery - Add dev VM for local development or evaluation - Optimize bare metal provisioning performance - Replace Syncthing with Seafile (may use both in the feature) - Enable Gitea SSH cloning via Ingress - Various code clean up - Add more documents ## 0.0.4-alpha - Switch to Rocky Linux - Some optimization for bare metal provisioning - Switch to k3s and combine Kubernetes cluster config in `./infra` layer to `./metal` layer (because k3s is also configured using Ansible) - Split boostrap Helm charts in `./infra` layer to `./bootstrap` layer (with new ArgoCD pattern) and `./system` layer - Add `./platform` layer for some applications like Gitea, Tekton... - User only need to provision `./metal` and `bootstrap` layer, the `./bootstrap` layer will deploy the remaining layers - Provisioning time from empty disk to running services is significantly reduced (thanks to k3s and new bootstrap pattern) - Use [mdBook](https://rust-lang.github.io/mdBook/) for documents - Replace Drone CI with Tekton - Enable TLS on all Ingresses (using [cert-manager](https://cert-manager.io)) - Add some new applications ## 0.0.3-alpha - Generate Terraform backend config automatically - Switch to CoreOS - Better PXE boot setup - Diagrams as code ## 0.0.2-alpha - Ensure idempotency for bare metal provisioning - Extract instead of mounting the OS ISO file - Easy initial controller setup (with only Docker) - Switch to Fedora - Remove LXD - Move etcd (Terraform state backend) back to Docker ## 0.0.1-alpha - Bare metal provisioning with PXE - LXD cluster - Terraform state backend (etcd) - RKE cluster - Core services (Vault, Gitea, ArgoCD,...) - Public services to the internet (via port forwarding or Cloudflare Tunnel)