fixup! refactor: components

2025-09-17 18:24:14 +02:00 · 2025-04-16 01:43:20 +02:00
parent 2f3f781494
commit 2a0e3d44c6
39 changed files with 46 additions and 37 deletions
--- a/kubernetes/apps/actions-runner-system/actions-runner-controller/ks.yaml
+++ b/kubernetes/apps/actions-runner-system/actions-runner-controller/ks.yaml
@@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
  path: ./kubernetes/apps/actions-runner-system/actions-runner-controller/app
  prune: true
  sourceRef:
--- a/kubernetes/apps/database/crunchy-postgres-operator/ks.yaml
+++ b/kubernetes/apps/database/crunchy-postgres-operator/ks.yaml
@@ -41,6 +41,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator
    - name: external-secrets-stores
      namespace: external-secrets
 ---
 # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
@@ -64,6 +65,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets
      namespace: external-secrets
 ---
 # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
--- a/kubernetes/apps/database/dragonfly/ks.yaml
+++ b/kubernetes/apps/database/dragonfly/ks.yaml
@@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
  path: ./kubernetes/apps/database/dragonfly/app
  prune: true
  sourceRef:
--- a/kubernetes/apps/database/emqx/ks.yaml
+++ b/kubernetes/apps/database/emqx/ks.yaml
@@ -13,6 +13,7 @@ spec:
  dependsOn:
    - name: rook-ceph-cluster
    - name: external-secrets-stores
      namespace: external-secrets
  path: ./kubernetes/apps/database/emqx/app
  prune: true
  sourceRef:
--- a/kubernetes/apps/database/influx/ks.yaml
+++ b/kubernetes/apps/database/influx/ks.yaml
@@ -17,6 +17,7 @@ spec:
    name: home-ops-kubernetes
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
    - name: volsync
  wait: true
  interval: 30m
--- a/kubernetes/apps/default/authelia/ks.yaml
+++ b/kubernetes/apps/default/authelia/ks.yaml
@@ -14,6 +14,7 @@ spec:
    - name: crunchy-postgres-operator-cluster
    - name: dragonfly-cluster
    - name: external-secrets-stores
      namespace: external-secrets
  path: ./kubernetes/apps/default/authelia/app
  prune: true
  sourceRef:
--- a/kubernetes/apps/default/bazarr/ks.yaml
+++ b/kubernetes/apps/default/bazarr/ks.yaml
@@ -13,6 +13,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  path: ./kubernetes/apps/default/bazarr/app
--- a/kubernetes/apps/default/calibre/ks.yaml
+++ b/kubernetes/apps/default/calibre/ks.yaml
@@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  path: ./kubernetes/apps/default/calibre/app
--- a/kubernetes/apps/default/flood/ks.yaml
+++ b/kubernetes/apps/default/flood/ks.yaml
@@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
    - name: qbittorrent
    - name: volsync
  path: ./kubernetes/apps/default/flood/app
--- a/kubernetes/apps/default/freshrss/ks.yaml
+++ b/kubernetes/apps/default/freshrss/ks.yaml
@@ -17,6 +17,7 @@ spec:
    name: home-ops-kubernetes
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
    - name: volsync
  wait: false
  interval: 30m
--- a/kubernetes/apps/default/frigate/ks.yaml
+++ b/kubernetes/apps/default/frigate/ks.yaml
@@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
    - name: node-feature-discovery-rules
  path: ./kubernetes/apps/default/frigate/app
  prune: true
--- a/kubernetes/apps/default/ghostfolio/ks.yaml
+++ b/kubernetes/apps/default/ghostfolio/ks.yaml
@@ -18,6 +18,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: dragonfly-cluster
  wait: false
  interval: 30m
--- a/kubernetes/apps/default/home-assistant/ks.yaml
+++ b/kubernetes/apps/default/home-assistant/ks.yaml
@@ -13,6 +13,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: volsync
  path: ./kubernetes/apps/default/home-assistant/app
  prune: true
--- a/kubernetes/apps/default/jellyfin/ks.yaml
+++ b/kubernetes/apps/default/jellyfin/ks.yaml
@@ -13,6 +13,7 @@ spec:
  dependsOn:
    - name: rook-ceph-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: volsync
  path: ./kubernetes/apps/default/jellyfin/app
  prune: true
--- a/kubernetes/apps/default/jellyseerr/ks.yaml
+++ b/kubernetes/apps/default/jellyseerr/ks.yaml
@@ -13,6 +13,7 @@ spec:
  dependsOn:
    - name: rook-ceph-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: volsync
  path: ./kubernetes/apps/default/jellyseerr/app
  prune: true
--- a/kubernetes/apps/default/joplin/ks.yaml
+++ b/kubernetes/apps/default/joplin/ks.yaml
@@ -18,6 +18,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets-stores
      namespace: external-secrets
  wait: false
  interval: 30m
  retryInterval: 1m
--- a/kubernetes/apps/default/komf/ks.yaml
+++ b/kubernetes/apps/default/komf/ks.yaml
@@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  path: ./kubernetes/apps/default/komf/app
--- a/kubernetes/apps/default/komga/ks.yaml
+++ b/kubernetes/apps/default/komga/ks.yaml
@@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  path: ./kubernetes/apps/default/komga/app
--- a/kubernetes/apps/default/libmedium/ks.yaml
+++ b/kubernetes/apps/default/libmedium/ks.yaml
@@ -14,6 +14,7 @@ spec:
  path: ./kubernetes/apps/default/libmedium/app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
  prune: true
  sourceRef:
    kind: GitRepository
--- a/kubernetes/apps/default/lidarr/ks.yaml
+++ b/kubernetes/apps/default/lidarr/ks.yaml
@@ -14,6 +14,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  path: ./kubernetes/apps/default/lidarr/app
--- a/kubernetes/apps/default/linkding/ks.yaml
+++ b/kubernetes/apps/default/linkding/ks.yaml
@@ -17,6 +17,7 @@ spec:
    name: home-ops-kubernetes
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
  wait: false
  interval: 30m
  retryInterval: 1m
--- a/kubernetes/apps/default/lychee/ks.yaml
+++ b/kubernetes/apps/default/lychee/ks.yaml
@@ -19,6 +19,7 @@ spec:
    - name: crunchy-postgres-operator-cluster
    - name: dragonfly-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  wait: false
--- a/kubernetes/apps/default/navidrome/ks.yaml
+++ b/kubernetes/apps/default/navidrome/ks.yaml
@@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  path: ./kubernetes/apps/default/navidrome/app
--- a/kubernetes/apps/default/outline/ks.yaml
+++ b/kubernetes/apps/default/outline/ks.yaml
@@ -19,6 +19,7 @@ spec:
    - name: crunchy-postgres-operator-cluster
    - name: dragonfly-cluster
    - name: external-secrets-stores
      namespace: external-secrets
  wait: false
  interval: 30m
  retryInterval: 1m
--- a/kubernetes/apps/default/paperless/ks.yaml
+++ b/kubernetes/apps/default/paperless/ks.yaml
@@ -19,6 +19,7 @@ spec:
    - name: crunchy-postgres-operator-cluster
    - name: dragonfly-cluster
    - name: external-secrets-stores
      namespace: external-secrets
  wait: false
  interval: 30m
  retryInterval: 1m
--- a/kubernetes/apps/default/prowlarr/ks.yaml
+++ b/kubernetes/apps/default/prowlarr/ks.yaml
@@ -13,6 +13,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets-stores
      namespace: external-secrets
  path: ./kubernetes/apps/default/prowlarr/app
  prune: true
  sourceRef:
--- a/kubernetes/apps/default/radarr/ks.yaml
+++ b/kubernetes/apps/default/radarr/ks.yaml
@@ -13,6 +13,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  path: ./kubernetes/apps/default/radarr/app
--- a/kubernetes/apps/default/sabnzbd/ks.yaml
+++ b/kubernetes/apps/default/sabnzbd/ks.yaml
@@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  path: ./kubernetes/apps/default/sabnzbd/app
--- a/kubernetes/apps/default/smtp-relay/ks.yaml
+++ b/kubernetes/apps/default/smtp-relay/ks.yaml
@@ -14,6 +14,7 @@ spec:
  prune: true
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
  sourceRef:
    kind: GitRepository
    name: home-ops-kubernetes
--- a/kubernetes/apps/default/sonarr/ks.yaml
+++ b/kubernetes/apps/default/sonarr/ks.yaml
@@ -13,6 +13,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  path: ./kubernetes/apps/default/sonarr/app
--- a/kubernetes/apps/default/tandoor/ks.yaml
+++ b/kubernetes/apps/default/tandoor/ks.yaml
@@ -18,6 +18,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  wait: false
--- a/kubernetes/apps/default/vaultwarden/ks.yaml
+++ b/kubernetes/apps/default/vaultwarden/ks.yaml
@@ -18,6 +18,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  wait: false
--- a/kubernetes/apps/default/vikunja/ks.yaml
+++ b/kubernetes/apps/default/vikunja/ks.yaml
@@ -18,6 +18,7 @@ spec:
  dependsOn:
    - name: crunchy-postgres-operator-cluster
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  wait: false
--- a/kubernetes/apps/external-secrets/external-secrets/app/helmrelease.yaml
+++ b/kubernetes/apps/external-secrets/external-secrets/app/helmrelease.yaml
@@ -10,13 +10,8 @@ spec:
    mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
    operation: copy
  ref:
-    tag: 0.16.0@sha256:73d56ac13a838ae4d6025e0f5e021dca4e48f833b5b0aa1e2f81a51d5e33f6d1
+    tag: 0.16.0
  url: oci://ghcr.io/external-secrets/charts/external-secrets
  verify:
    provider: cosign
    matchOIDCIdentity:
      - issuer: ^https://token.actions.githubusercontent.com$
        subject: ^https://github.com/external-secrets/external-secrets.*$
 ---
 # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json
 apiVersion: helm.toolkit.fluxcd.io/v2
--- a/kubernetes/apps/external-secrets/external-secrets/ks.yaml
+++ b/kubernetes/apps/external-secrets/external-secrets/ks.yaml
@@ -4,7 +4,7 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: &app external-secrets
-  namespace: &namespace flux-system
+  namespace: &namespace external-secrets
 spec:
  commonMetadata:
    labels:
@@ -13,7 +13,7 @@ spec:
    - apiVersion: helm.toolkit.fluxcd.io/v2
      kind: HelmRelease
      name: *app
-      namespace: external-secrets
+      namespace: *namespace
  interval: 1h
  path: ./kubernetes/apps/external-secrets/external-secrets/app
  prune: true
@@ -21,28 +21,16 @@ spec:
  sourceRef:
    kind: GitRepository
    name: home-ops-kubernetes
-    namespace: *namespace
+    namespace: flux-system
-  targetNamespace: external-secrets
+  targetNamespace: *namespace
  timeout: 15m
  decryption:
    provider: sops
    secretRef:
      name: sops-age
  postBuild:
    substituteFrom:
      - kind: ConfigMap
        name: cluster-settings
        optional: false
      - kind: Secret
        name: cluster-secrets
        optional: false
 ---
 # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: &app external-secrets-stores
-  namespace: &namespace flux-system
+  namespace: &namespace external-secrets
 spec:
  commonMetadata:
    labels:
@@ -59,18 +47,6 @@ spec:
  sourceRef:
    kind: GitRepository
    name: home-ops-kubernetes
-    namespace: *namespace
+    namespace: flux-system
-  targetNamespace: external-secrets
+  targetNamespace: *namespace
  timeout: 15m
  decryption:
    provider: sops
    secretRef:
      name: sops-age
  postBuild:
    substituteFrom:
      - kind: ConfigMap
        name: cluster-settings
        optional: false
      - kind: Secret
        name: cluster-secrets
        optional: false
--- a/kubernetes/apps/network/cloudflared/ks.yaml
+++ b/kubernetes/apps/network/cloudflared/ks.yaml
@@ -13,6 +13,7 @@ spec:
  dependsOn:
    - name: external-dns-cloudflare
    - name: external-secrets-stores
      namespace: external-secrets
  path: ./kubernetes/apps/network/cloudflared/app
  prune: false
  sourceRef:
--- a/kubernetes/apps/network/external-dns/ks.yaml
+++ b/kubernetes/apps/network/external-dns/ks.yaml
@@ -17,6 +17,7 @@ spec:
    name: home-ops-kubernetes
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
  wait: false
  interval: 30m
  retryInterval: 1m
--- a/kubernetes/apps/observability/gatus/ks.yaml
+++ b/kubernetes/apps/observability/gatus/ks.yaml
@@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
  path: ./kubernetes/apps/observability/gatus/app
  prune: true
  sourceRef:
--- a/kubernetes/apps/observability/scrutiny/ks.yaml
+++ b/kubernetes/apps/observability/scrutiny/ks.yaml
@@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: external-secrets-stores
      namespace: external-secrets
    - name: rook-ceph-cluster
    - name: volsync
  path: ./kubernetes/apps/observability/scrutiny/app