diff --git a/cluster/apps/development/gitea/backup-job.yaml b/cluster/apps/development/gitea/backup-job.yaml index e27932b6f..e2cfbd553 100644 --- a/cluster/apps/development/gitea/backup-job.yaml +++ b/cluster/apps/development/gitea/backup-job.yaml @@ -45,7 +45,7 @@ spec: kubectl exec gitea-0 --container gitea --namespace development -- bash -c "rm /tmp/gitea-repositories-$(date +%Y%m%d).tar" ssh -o StrictHostKeyChecking=no homelab@truenas -C "find /mnt/storage/backups/gitea/*.tar.zst -mtime +5 -type f -delete" - curl -m 10 --retry 5 http://healthchecks.monitoring.svc.cluster.local:8000/ping/f7ff2516-e3b5-41ae-b77f-a9dc09005422 + curl -m 10 --retry 5 http://healthchecks.monitoring.svc.cluster.local.:8000/ping/f7ff2516-e3b5-41ae-b77f-a9dc09005422 volumeMounts: - name: secret mountPath: /opt/id_rsa diff --git a/cluster/apps/home-automation/frigate/helm-release.yaml b/cluster/apps/home-automation/frigate/helm-release.yaml index ebb7ffd85..02b222a6b 100644 --- a/cluster/apps/home-automation/frigate/helm-release.yaml +++ b/cluster/apps/home-automation/frigate/helm-release.yaml @@ -25,7 +25,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" hosts: - host: "frigate.${SECRET_CLUSTER_DOMAIN}" diff --git a/cluster/apps/home-automation/home-assistant/helm-release.yaml b/cluster/apps/home-automation/home-assistant/helm-release.yaml index e687f61e9..a2fa3fb93 100644 --- a/cluster/apps/home-automation/home-assistant/helm-release.yaml +++ b/cluster/apps/home-automation/home-assistant/helm-release.yaml @@ -90,7 +90,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" hosts: - host: hass-config.${SECRET_CLUSTER_DOMAIN} diff --git a/cluster/apps/home-automation/zigbee2mqtt/helm-release.yaml b/cluster/apps/home-automation/zigbee2mqtt/helm-release.yaml index 111cc50f2..c61656176 100644 --- a/cluster/apps/home-automation/zigbee2mqtt/helm-release.yaml +++ b/cluster/apps/home-automation/zigbee2mqtt/helm-release.yaml @@ -71,7 +71,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" hosts: - host: "zigbee.${SECRET_CLUSTER_DOMAIN}" diff --git a/cluster/apps/home-automation/zwavejs2mqtt/helm-release.yaml b/cluster/apps/home-automation/zwavejs2mqtt/helm-release.yaml index 12f455bce..a59a773cd 100644 --- a/cluster/apps/home-automation/zwavejs2mqtt/helm-release.yaml +++ b/cluster/apps/home-automation/zwavejs2mqtt/helm-release.yaml @@ -30,7 +30,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" hosts: - host: zwave.${SECRET_CLUSTER_DOMAIN} diff --git a/cluster/apps/media/bazarr/helm-release.yaml b/cluster/apps/media/bazarr/helm-release.yaml index b1e054f5c..9040f59f1 100644 --- a/cluster/apps/media/bazarr/helm-release.yaml +++ b/cluster/apps/media/bazarr/helm-release.yaml @@ -52,7 +52,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" nginx.ingress.kubernetes.io/configuration-snippet: | proxy_set_header Accept-Encoding ""; diff --git a/cluster/apps/media/flood/helm-release.yaml b/cluster/apps/media/flood/helm-release.yaml index d5298eaa3..0abf134c2 100644 --- a/cluster/apps/media/flood/helm-release.yaml +++ b/cluster/apps/media/flood/helm-release.yaml @@ -37,7 +37,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" forecastle.stakater.com/expose: "true" forecastle.stakater.com/appName: "Flood" diff --git a/cluster/apps/media/lidarr/helm-release.yaml b/cluster/apps/media/lidarr/helm-release.yaml index a85c4c522..cd4fb150c 100644 --- a/cluster/apps/media/lidarr/helm-release.yaml +++ b/cluster/apps/media/lidarr/helm-release.yaml @@ -33,7 +33,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" nginx.ingress.kubernetes.io/configuration-snippet: | proxy_set_header Accept-Encoding ""; diff --git a/cluster/apps/media/prowlarr/helm-release.yaml b/cluster/apps/media/prowlarr/helm-release.yaml index 79c689a5b..20c48eda9 100644 --- a/cluster/apps/media/prowlarr/helm-release.yaml +++ b/cluster/apps/media/prowlarr/helm-release.yaml @@ -37,7 +37,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" forecastle.stakater.com/expose: "true" forecastle.stakater.com/appName: "Prowlarr" diff --git a/cluster/apps/media/pyload/helm-release.yaml b/cluster/apps/media/pyload/helm-release.yaml index f9fd70be8..2d68b5b42 100644 --- a/cluster/apps/media/pyload/helm-release.yaml +++ b/cluster/apps/media/pyload/helm-release.yaml @@ -48,7 +48,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" forecastle.stakater.com/expose: "true" forecastle.stakater.com/appName: "pyLoad" diff --git a/cluster/apps/media/qbittorrent/upgrade-p2pblocklist-job.yaml b/cluster/apps/media/qbittorrent/upgrade-p2pblocklist-job.yaml index f57e1090b..b4aaab0b7 100644 --- a/cluster/apps/media/qbittorrent/upgrade-p2pblocklist-job.yaml +++ b/cluster/apps/media/qbittorrent/upgrade-p2pblocklist-job.yaml @@ -32,5 +32,5 @@ spec: QBITTORRENT_POD=$(echo $result | awk '{ print $NF }') echo $QBITTORRENT_POD | grep qbittorrent test $? -eq 0 && kubectl cp /tmp/ipfilter.dat media/$QBITTORRENT_POD:/config/ipfilter.dat - curl -m 10 --retry 5 http://healthchecks.monitoring.svc.cluster.local:8000/ping/b4651e4f-5058-436b-a237-0df660e9de9e + curl -m 10 --retry 5 http://healthchecks.monitoring.svc.cluster.local.:8000/ping/b4651e4f-5058-436b-a237-0df660e9de9e restartPolicy: Never diff --git a/cluster/apps/media/radarr/helm-release.yaml b/cluster/apps/media/radarr/helm-release.yaml index 997ee6d9d..6db6a24b0 100644 --- a/cluster/apps/media/radarr/helm-release.yaml +++ b/cluster/apps/media/radarr/helm-release.yaml @@ -33,7 +33,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" nginx.ingress.kubernetes.io/configuration-snippet: | proxy_set_header Accept-Encoding ""; diff --git a/cluster/apps/media/sabnzbd/helm-release.yaml b/cluster/apps/media/sabnzbd/helm-release.yaml index fe920240b..824dfd079 100644 --- a/cluster/apps/media/sabnzbd/helm-release.yaml +++ b/cluster/apps/media/sabnzbd/helm-release.yaml @@ -33,7 +33,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" nginx.ingress.kubernetes.io/configuration-snippet: | proxy_set_header Accept-Encoding ""; diff --git a/cluster/apps/media/sonarr/helm-release.yaml b/cluster/apps/media/sonarr/helm-release.yaml index 7bc77c7be..054530dbc 100644 --- a/cluster/apps/media/sonarr/helm-release.yaml +++ b/cluster/apps/media/sonarr/helm-release.yaml @@ -33,7 +33,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" nginx.ingress.kubernetes.io/configuration-snippet: | proxy_set_header Accept-Encoding ""; diff --git a/cluster/apps/media/tdarr/helm-release.yaml b/cluster/apps/media/tdarr/helm-release.yaml index c17a12239..dab114a2f 100644 --- a/cluster/apps/media/tdarr/helm-release.yaml +++ b/cluster/apps/media/tdarr/helm-release.yaml @@ -64,7 +64,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" forecastle.stakater.com/expose: "true" forecastle.stakater.com/appName: "Tdarr" diff --git a/cluster/apps/media/travelstories/deployment.yaml b/cluster/apps/media/travelstories/deployment.yaml index 3afebcff3..5fb079bc6 100644 --- a/cluster/apps/media/travelstories/deployment.yaml +++ b/cluster/apps/media/travelstories/deployment.yaml @@ -80,7 +80,7 @@ kind: Ingress metadata: annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" forecastle.stakater.com/expose: "true" forecastle.stakater.com/appName: "Travelstories" diff --git a/cluster/apps/monitoring/blackbox-exporter/helm-release.yaml b/cluster/apps/monitoring/blackbox-exporter/helm-release.yaml index 2614f7fc0..6b620220b 100644 --- a/cluster/apps/monitoring/blackbox-exporter/helm-release.yaml +++ b/cluster/apps/monitoring/blackbox-exporter/helm-release.yaml @@ -88,7 +88,7 @@ spec: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" hosts: - host: "blackbox.${SECRET_CLUSTER_DOMAIN}" diff --git a/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml b/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml index d399dec86..87de52cbd 100644 --- a/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml +++ b/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml @@ -34,7 +34,7 @@ spec: pathType: Prefix annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" hosts: ["alert-manager.${SECRET_CLUSTER_DOMAIN}"] tls: @@ -215,7 +215,7 @@ spec: pathType: Prefix annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" hosts: ["prometheus.${SECRET_CLUSTER_DOMAIN}"] tls: @@ -256,7 +256,8 @@ spec: metrics_path: "/api/prometheus" bearer_token: "${SECRET_HASS_TOKEN}" static_configs: - - targets: ["home-assistant.home.svc.cluster.local:8123"] + - targets: + ["home-assistant.home-automation.svc.cluster.local.:8123"] labels: app: "hass" - job_name: "truenas" diff --git a/cluster/apps/monitoring/loki-stack/helm-release.yaml b/cluster/apps/monitoring/loki-stack/helm-release.yaml index 21c53dd8e..6811385c8 100644 --- a/cluster/apps/monitoring/loki-stack/helm-release.yaml +++ b/cluster/apps/monitoring/loki-stack/helm-release.yaml @@ -50,7 +50,7 @@ spec: # You can use a headless k8s service for all distributor, # ingester and querier components. join_members: - - loki-headless.monitoring.svc.cluster.local:7946 + - loki-headless.monitoring.svc.cluster.local.:7946 # max_join_backoff: 1m # max_join_retries: 10 # min_join_backoff: 1s diff --git a/cluster/apps/monitoring/thanos/helm-release.yaml b/cluster/apps/monitoring/thanos/helm-release.yaml index a67752eff..2e3d50a17 100644 --- a/cluster/apps/monitoring/thanos/helm-release.yaml +++ b/cluster/apps/monitoring/thanos/helm-release.yaml @@ -30,7 +30,7 @@ spec: hostname: "thanos.${SECRET_CLUSTER_DOMAIN}" annotations: kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" tls: true queryFrontend: