Something is going on

Updated the tekton installation
Try tekton
2023-09-27 12:05:35 +02:00 · 2023-09-27 06:26:54 +02:00 · 2023-09-23 15:29:52 +02:00 · 2023-09-22 10:29:40 +02:00 · 2023-09-20 21:52:07 +02:00 · 2023-09-14 10:28:18 +02:00
28 changed files with 342 additions and 200 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -105,4 +105,16 @@ steps:
      SOPS_AGE_KEY:
        from_secret: SOPS_AGE_KEY
    commands:
-      - cdh --kind helmfile -p $DRONE_WORKSPACE/helmfile.yaml --helmfile-environment badhouseplants -o
+      - echo "Hey, bud, some helm releases are outdated:" > message_file.tpl
      - cdh --kind helmfile -p $DRONE_WORKSPACE/helmfile.yaml --helmfile-environment badhouseplants -o >> message_file.tpl
  - name: Send telegram notification
    when:
      status:
        - failure
    image: appleboy/drone-telegram
    settings:
      token:
        from_secret: TELEGRAM_TOKEN
      to: 131601077
      message_file: message_file.tpl
--- a/badhouseplants/helmfile.yaml
+++ b/badhouseplants/helmfile.yaml
@ -7,6 +7,16 @@ releases:
    namespace: drone-service
    createNamespace: false
  - <<: *drone-runner-docker
    installed: true
    namespace: drone-service
    createNamespace: false
  - <<: *tekton-pipeline
    installed: true
    namespace: tekton-service
    createNamespace: true
  - <<: *longhorn
    installed: true
    namespace: longhorn-system
@ -87,5 +97,3 @@ bases:
  - ../environments.yaml
  - ../repositories.yaml
    #helmfiles:
    #  - namespaces.yaml
--- a/badhouseplants/values/secrets.minecraft.yaml
+++ b/badhouseplants/values/secrets.minecraft.yaml
@ -0,0 +1,28 @@
 minecraftServer:
    rcon:
        password: ENC[AES256_GCM,data:7kQAt4R+uN/28Uvn3KnJnOvOcCOf6FEaow==,iv:G20SygTZZ1O2DyPr+/f3XSC3bB4L5p/9CxZkPS5qibY=,tag:O2Ab+AC+Eho6MRm0vC9hHQ==,type:str]
 mcbackup:
    resticEnvs:
        RESTIC_PASSWORD: ENC[AES256_GCM,data:mjrSV6d6a4ZvesYjobhHCVTngw5EQqesAKecSPVY,iv:WSk5V61opvccp/1bhbcO6S+8GcEYVlxk8l6nl++nxc4=,tag:wENZyx6IxJgswetDi8alZA==,type:str]
        AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:+4HuGGHaZgPXLX3Sm6U=,iv:qMVfe2BzdJtvHYX7T/6WPt8kCNRdn02Ynew/q9QH1KA=,tag:7JwAloF6HPdBXTGC3kto4w==,type:str]
        AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:yfS/LrX0,iv:HzZmzUOmI0vJ+vPkI2xn2F/w43/BKOGil+SLRwhcG0I=,tag:c+d8nyR5w5mU9F/H0zl/1A==,type:str]
 sops:
    kms: []
    gcp_kms: []
    azure_kv: []
    hc_vault: []
    age:
        - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxTWUxY2hYT0dId2hsR0x1
            MXFtRjlSelgwdUcyVnBUdlJ6Nng1UkNJaHg4Ckc5NXBORjBCZHQyc0lDTiswazNF
            cGhKVFFNdlZnRWlxS05OTklOUDJDQjQKLS0tIDNWNDVVWXcxUW8yUHgrOTNkRkQ1
            MGNDV2cvUUF3dWZHSlZNeVFDNXhzalkKubKuiiZuqoZTvRMr2FiUxnFUu+Pvj3Wf
            pZTfZg9rnUukmV+kmwqQKcfoPNfeShhoAsszWwPM628cV9pq87I2/A==
            -----END AGE ENCRYPTED FILE-----
    lastmodified: "2023-08-15T15:32:19Z"
    mac: ENC[AES256_GCM,data:ghfbBqsdFzQaRehefvpnnFLxp6tYE1K36gXLyN7gdxlvZ20JRn+FMfeUm8IjNKl3fCH2aVdM18v+T4xBs4QSXAWH5R79+HPn6hl7kYXzGJKTdmddj6EFZFXajisIJa2eZpEKPk7uOT6YczcNxNKByKxgHxTXe7SYlIkE6CgLT9w=,iv:inXW7OxvQXPGO4mkJkd/SMVsTBWA+utso26VXb5yNdM=,tag:f/GBzkgI0zgInSdDbHICag==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
    version: 3.7.3
--- a/badhouseplants/values/secrets.tekton-pipeline.yaml
+++ b/badhouseplants/values/secrets.tekton-pipeline.yaml
@ -0,0 +1,23 @@
 auth:
    git:
        password: ENC[AES256_GCM,data:X1wVDcAeDP9IY/Kry+pP3BayBFJJ4o4NxA==,iv:qVG9R033GKeQxaVpCpN3hUV9d6dGULceEPt70U5psX0=,tag:jgmc/T42T9/JH3PgN6v2qA==,type:str]
 sops:
    kms: []
    gcp_kms: []
    azure_kv: []
    hc_vault: []
    age:
        - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEdmJzcTFKd1M2dUZyTmxZ
            Mnljc1FCRk9tQUFyWUk4U21kYWR0MVMzSms4CjdCNTFONTJGU1B4bDBOQnp3NEtW
            UDZpTkU4bWFrYVhiV0tUbGRmaTlPTUEKLS0tIHJmTkhGbTZiQkQzR2VHckRoVFVF
            eUtWMXpDWlBwVE1zM1FOMklQd3BhZk0KvJBAxTdAQCHGDd7W2qv/31OblHrX7o0X
            0GCL/z1dw+sG4GS0zwgxVu8jlGzWK8PCZjq5k8bMMzbbKtUNKiShuA==
            -----END AGE ENCRYPTED FILE-----
    lastmodified: "2023-09-27T04:26:20Z"
    mac: ENC[AES256_GCM,data:Hknt7Td7Tyx/c98Xf7dbsaGRLKO1zzZR34ZarkZtFVyvTcB0kxb5VWeJv+O215UAXEjPE7LUB2gHvhAtgLsAnek55stjZ84ifz923gMKB2ul18TeX4s0oqXyKvKZyv7SKPsVduSA4EutbrOnxLiZCmL8b/u0Y6scUH5pOe7aydg=,iv:vXvdvPE4n6ZYb0CXZZppWuvFFOlDEM2dMiiUwVTTTvE=,tag:gfNWefDG3cC1QzNGwgs5mQ==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
    version: 3.8.0
--- a/badhouseplants/values/values.funkwhale.yaml
+++ b/badhouseplants/values/values.funkwhale.yaml
@ -53,3 +53,4 @@ redis:
  host: redis-master.database-service.svc.cluster.local
  auth:
    enabled: true
  database: 3
--- a/badhouseplants/values/values.istio-ingressgateway.yaml
+++ b/badhouseplants/values/values.istio-ingressgateway.yaml
@ -22,6 +22,10 @@ service:
      port: 1194
      protocol: TCP
      targetPort: 1194
    - name: tcp
      port: 25
      protocol: TCP
      targetPort: 25
    # -----------
    # -- Email
    # -----------
--- a/badhouseplants/values/values.minecraft.yaml
+++ b/badhouseplants/values/values.minecraft.yaml
@ -30,10 +30,11 @@ istio:
 image:
  tag: java17-graalvm-ce
  pullPolicy: Always
 resources:
  requests:
-    memory: 512Mi
+    memory: 3Gi
-    cpu: 50m
+    cpu: 256m
  limits:
    memory: 3Gi
@ -42,6 +43,7 @@ lifecycle:
    - bash
    - -c
    - for i in {1..100}; do mc-health && break || sleep 20; done && mc-send-to-console setpassword 11223345
 readinessProbe:
  command:
    - mc-health
@ -50,7 +52,9 @@ readinessProbe:
  timeoutSeconds: 10
 livenessProbe:
  timeoutSeconds: 10
 minecraftServer:
  overrideServerProperties: true
  eula: "TRUE"
  onlineMode: false
  difficulty: hard
@ -58,10 +62,14 @@ minecraftServer:
  version: 1.20.1
  maxWorldSize: 90000
  type: "PAPER"
-  paperDownloadUrl: https://api.papermc.io/v2/projects/paper/versions/1.20.1/builds/100/downloads/paper-1.20.1-100.jar
+  paperDownloadUrl: https://api.papermc.io/v2/projects/paper/versions/1.20.1/builds/170/downloads/paper-1.20.1-170.jar
  gameMode: survival
  pvp: true
-  memory: 2512M
+  rcon:
    enabled: true
    withGeneratedPassword: false
    port: 25575
    serviceType: ClusterIP
  extraPorts:
    - name: metrics
      containerPort: 9225
@ -79,6 +87,28 @@ persistence:
  dataDir:
    enabled: true
    Size: 15Gi
 mcbackup:
  enabled: true
  backupInterval: 2h
  pauseIfNoPlayers: "false"
  pruneBackupsDays: 2
  rconRetries: 5
  rconRetryInterval: 10s
  excludes: "*.jar,cache,logs"
  backupMethod: restic
  resticRepository: s3:https://s3.e.badhouseplants.net:443/restic/minecraft
  resticAdditionalTags: "mc_backups"
  pruneResticRetention: "--keep-last 12 --keep-daily 1 --keep-weekly 2 --keep-monthly 2 --keep-yearly 2"
  resources:
    requests:
      memory: 512Mi
      cpu: 100m
  persistence:
    backupDir:
      enabled: false
 # ---------------------------------------------
 # -- Install Plugins
 # ---------------------------------------------
 initContainers:
  - name: install-prometheus-exporter
    image: alpine/curl
@ -104,6 +134,18 @@ initContainers:
      - name: plugins
        mountPath: /data/plugins
        readOnly: false
  - name: install-gravity-control-plugin
    image: alpine/curl
    command:
      - curl
      - -L
      - https://github.com/e-im/GravityControl/releases/download/v1.3.0/GravityControl-1.3.0.jar
      - -o
      - /data/plugins/GravityControl-1.3.0.jar
    volumeMounts:
      - name: plugins
        mountPath: /data/plugins
        readOnly: false
 extraVolumes:
  - volumeMounts:
      - name: plugins
--- a/badhouseplants/values/values.mysql.yaml
+++ b/badhouseplants/values/values.mysql.yaml
@ -4,4 +4,3 @@ primary:
 auth:
  createDatabase: false
--- a/badhouseplants/values/values.openvpn.yaml
+++ b/badhouseplants/values/values.openvpn.yaml
@ -13,10 +13,31 @@ istio:
      hostname: "*"
      service: openvpn
      port: 1194
    - name: openvpn-tcp-fake-port
      gateway: badhouseplants-vpn
      kind: tcp
      port_match: 25
      hostname: "*"
      service: openvpn
      port: 1194
 # ------------------------------------------
 image:
  tag: v2.6.5-xor-4.0.0beta08
 storage:
  class: longhorn
  size: 512Mi
 storageClassName: longhorn
 openvpn:
-  server: "tcp://195.201.250.50:1194"
+  proto: tcp
  host: 195.201.250.50
 easyrsa:
  cn: Bad Houseplants
  country: Germany
  province: NRW
  city: Duesseldorf
  org: Bad Houseplants
  email: allanger@zohomail.com
 service:
  type: ClusterIP
  port: 1194
--- a/badhouseplants/values/values.tekton-pipeline.yaml
+++ b/badhouseplants/values/values.tekton-pipeline.yaml
@ -0,0 +1,4 @@
 auth:
  git:
    username: tekton
    url: https://git.badhouseplants.net
--- a/docs/restic.md
+++ b/docs/restic.md
@ -0,0 +1,7 @@
 # Restic
 We are using restic for backing up the Minecraft server
 ## How to restore
 TODO: Describe the restoration process
--- a/etersoft/helmfile.yaml
+++ b/etersoft/helmfile.yaml
@ -0,0 +1,5 @@
 ---
 bases:
  - ../environments.yaml
  - ../repositories.yaml
--- a/etersoft/values/secrets.drone-runner-docker.yaml
+++ b/etersoft/values/secrets.drone-runner-docker.yaml
@ -1,22 +0,0 @@
 env:
    DRONE_RPC_SECRET: ENC[AES256_GCM,data:RAZbnTrv9PxiCLLqjKWBtFWd+Nzqma8Zw+NuKRLO,iv:IiFcTQGUmYa6UCBzx1yTDd0zwB6D1Cv0raXZxLXm1qA=,tag:83bnBW+MhkKehZfso3g+/g==,type:str]
 sops:
    kms: []
    gcp_kms: []
    azure_kv: []
    hc_vault: []
    age:
        - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOVk0yaTlySHpuOWFFT3J5
            Z210NzJPTmV0akdFQ1REM1JzK0pwTC9XWjJJCm54QmQ3ODJwakZuamMzYTBIeEJi
            aUxKNmQ3dU52V2N2cjl5VTJpTTAwWGsKLS0tIDFyR2o2VnQ4QWFCWWRzZGNMZnNQ
            em1VMlhBNGRrVFhXVUVRdU16Q1Q4bUEKvZ6UbZsfdvfCk37FlEN4vg0RTnPO2nwh
            DY4klzcan+9DBRT2qdIIy6pj94GuSoXKXEYc9X0AvYab/HoLithMWA==
            -----END AGE ENCRYPTED FILE-----
    lastmodified: "2023-05-21T09:27:21Z"
    mac: ENC[AES256_GCM,data:U2JETtW0lbb2znJBupGMPsab13y5M1v1N0wkFxEBs+YVNFhnkvIqSZiY5mq9KTYiY4tRzw1kV+jqP0jNsODekCI1++4NBuQsGSZFUoTERHgTRlnz1aAS+nf39lvYnWyQxsQmw9vY/GQ/yluBJkOEV/EoIF3wHjxZe1HCBIViPyk=,iv:WMj7aSgW8LdNQbOgC4FcyOtR/3gjckiHO8vlZGdiTeY=,tag:Xty2QVLJ/D2dlzQY13od5w==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
    version: 3.7.3
--- a/etersoft/values/values.drone-runner-docker.yaml
+++ b/etersoft/values/values.drone-runner-docker.yaml
@ -1,16 +0,0 @@
 ---
 env:
  DRONE_RPC_HOST: drone.badhouseplants.net
  DRONE_RPC_PROTO: https
  DRONE_NAMESPACE_DEFAULT: drone-service
 rbac:
  buildNamespaces:
    - drone-service
 dind:
  resources:
    limits:
      cpu: 2000m
      memory: 2024Mi
    requests:
      cpu: 100m
      memory: 512Mi
--- a/etersoft/values/values.minio.yaml
+++ b/etersoft/values/values.minio.yaml
@ -71,6 +71,8 @@ policies:
    - resources:
        - 'arn:aws:s3:::longhorn/*'
        - 'arn:aws:s3:::longhorn'
        - 'arn:aws:s3:::restic/*'
        - 'arn:aws:s3:::restic'
      actions:
        - "s3:DeleteObject"
        - "s3:GetObject"
@ -81,6 +83,10 @@ buckets:
    policy: none
    purge: false
    versioning: false
  - name: restic
    policy: none
    purge: false
    versioning: false
 metrics:
  serviceMonitor:
    enabled: false
--- a/etersoft/values/values.openvpn.yaml
+++ b/etersoft/values/values.openvpn.yaml
@ -14,7 +14,9 @@ istio:
      service: openvpn
      port: 1194
-storageClassName: microk8s-hostpath
+storage:
  class: microk8s-hostpath
  size: 5Gi
 openvpn:
  server: "tcp://91.232.225.63:1194"
 service:
--- a/helmfile.yaml
+++ b/helmfile.yaml
@ -46,11 +46,5 @@ releases:
    namespace: metallb-system
    createNamespace: true
  - <<: *drone-runner-docker
    installed: true
    namespace: drone-service
    createNamespace: false
 helmfiles:
  - path: {{.Environment.Name }}/helmfile.yaml
--- a/manifests/debug/istio-stuff.yaml
+++ b/manifests/debug/istio-stuff.yaml
@ -1,17 +0,0 @@
 apiVersion: networking.istio.io/v1alpha3
 kind: EnvoyFilter
 metadata:
  name: proxy-protocol
  namespace: istio-system
 spec:
  workloadSelector:
    labels:
      istio: ingressgateway
  configPatches:
  - applyTo: LISTENER
    patch:
      operation: MERGE
      value:
        listener_filters:
        - name: envoy.listener.proxy_protocol
--- a/manifests/debug/proxy-prot.yaml
+++ b/manifests/debug/proxy-prot.yaml
@ -1,17 +0,0 @@
 apiVersion: networking.istio.io/v1alpha3
 kind: EnvoyFilter
 metadata:
  name: proxy-protocol
  namespace: istio-system
 spec:
  configPatches:
  - applyTo: LISTENER
    patch:
      operation: MERGE
      value:
        listener_filters:
        - name: envoy.listener.proxy_protocol
        - name: envoy.listener.tls_inspector
  workloadSelector:
    labels:
      istio: ingressgateway
--- a/manifests/debug/test.yaml
+++ b/manifests/debug/test.yaml
@ -1,83 +0,0 @@
 apiVersion: networking.istio.io/v1alpha3
 kind: Gateway
 metadata:
  name: httpbin-gateway
 spec:
  selector:
    istio: ingressgateway
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP2
    hosts:
    - "test.badhouseplants.net"
  - hosts:
    - "test.badhouseplants.net"
    port:
      name: https
      number: 443
      protocol: HTTPS
    tls:
      credentialName: badhouseplants-wildcard-tls
      mode: SIMPLE
 ---
 apiVersion: networking.istio.io/v1alpha3
 kind: VirtualService
 metadata:
  name: httpbin
 spec:
  hosts:
  - "test.badhouseplants.net"
  gateways:
  - httpbin-gateway
  http:
  - route:
    - destination:
        host: httpbin
        port:
          number: 8000
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: httpbin
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: httpbin
  labels:
    app: httpbin
    service: httpbin
 spec:
  ports:
  - name: http
    port: 8000
    targetPort: 80
  selector:
    app: httpbin
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: httpbin
 spec:
  replicas: 1
  selector:
    matchLabels:
      app: httpbin
      version: v1
  template:
    metadata:
      labels:
        app: httpbin
        version: v1
    spec:
      serviceAccountName: httpbin
      containers:
      - image: docker.io/kong/httpbin
        imagePullPolicy: IfNotPresent
        name: httpbin
        ports:
        - containerPort: 80
--- a/manifests/git_clone.yaml
+++ b/manifests/git_clone.yaml
@ -0,0 +1,80 @@
 apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
  name: git-clone-repo
  namespace: tekton-jobs
 spec:
  workspaces:
    - name: src
      mountPath: /src
  params:
    - name: url
  steps:
    - name: Git Clone
      image: alpine/git
      script: |
        #!/bin/bash
 ---
 apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
  name: write
  namespace: tekton-jobs
 spec:
  workspaces:
    - name: src
      mountPath: /custom/path/relative/to/root
  steps:
    - name: goodbye
      image: ubuntu
      script: |
        #!/bin/bash
        cat $(workspaces.src.path)/check
 ---
 apiVersion: tekton.dev/v1beta1
 kind: Pipeline
 metadata:
  name: hello-goodbye
  namespace: tekton-jobs
 spec:
  tasks:
    - name: read
      taskRef:
        name: read
      workspaces:
        - name: src
          workspace: src
    - name: write
      runAfter:
        - read
      taskRef:
        name: read
      workspaces:
        - name: src
          workspace: src
  workspaces:
    - name: src
 ---
 apiVersion: tekton.dev/v1beta1
 kind: PipelineRun
 metadata:
  name: hello-goodbye-run
  namespace: tekton-jobs
 spec:
  pipelineRef:
    name: hello-goodbye
    namespace: tekton-jobs
  params:
    - name: username
      value: "Tekton"
  workspaces:
    - name: src
      volumeClaimTemplate:
        spec:
          accessModes:
            - ReadWriteOnce # access mode may affect how you can use this volume in parallel tasks
          resources:
            requests:
              storage: 1Gi
--- a/manifests/metallb/badhouseplants-ip.yaml
+++ b/manifests/metallb/badhouseplants-ip.yaml
@ -1,5 +1,4 @@
 # addresspool.yaml
 ---
 apiVersion: metallb.io/v1beta1
 kind: IPAddressPool
 metadata:
@ -7,4 +6,4 @@ metadata:
  namespace: metallb-system
 spec:
  addresses:
-  - 195.201.250.50-195.201.250.50
+    - 195.201.250.50-195.201.250.50
--- a/manifests/metallb/etersoft-ip.yaml
+++ b/manifests/metallb/etersoft-ip.yaml
@ -1,5 +1,4 @@
 # addresspool.yaml
 ---
 apiVersion: metallb.io/v1beta1
 kind: IPAddressPool
 metadata:
@ -7,4 +6,4 @@ metadata:
  namespace: metallb-system
 spec:
  addresses:
-  - 91.232.225.63-91.232.225.63
+    - 91.232.225.63-91.232.225.63
--- a/manifests/tekton/cdh.yaml
+++ b/manifests/tekton/cdh.yaml
@ -0,0 +1,13 @@
 apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
  name: check-da-helm
  namespace: tekton-pipelines
 spec:
  params:
    - name: environment
      type: string
  steps:
    - name: check-da-helm
      image: ghcr.io/allanger/check-da-helm-helmfile-secrets:stable
      script: "cdh --kind helmfile -p helmfile.yaml --helmfile-environment  \n"
--- a/manifests/tekton/gitea-event-listener.yaml
+++ b/manifests/tekton/gitea-event-listener.yaml
@ -0,0 +1,13 @@
 ---
 apiVersion: triggers.tekton.dev/v1beta1
 kind: EventListener
 metadata:
  name: gitea-webhook
 spec:
  serviceAccountName: pipeline
  triggers:
    - name: tekton-greeter-webhook
      bindings:
        - ref: gitea-triggerbinding
      template:
        ref: tekton-greeter-trigger-template
--- a/message_file.tpl
+++ b/message_file.tpl
--- a/releases.yaml
+++ b/releases.yaml
@ -26,6 +26,33 @@ templates:
        args:
          - -c
          - "helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl delete -f - || true"
  tekton-triggers-hook:
    hooks:
      - events: ["preapply"]
        showlogs: true
        command: "sh"
        args:
          - -c
          - |
            kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml \
              && kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml
      - events: ["prepare"]
        showlogs: true
        command: "sh"
        args:
          - -c
          - |
            kubectl diff  -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml || true \
              && kubectl diff -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml || true
      - events: ["postuninstall"]
        showlogs: true
        command: "sh"
        args:
          - -c
          - |
            kubectl delete  -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml \
              && kubectl delete -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml
  # ----------------------------
  # -- Configs
  # ----------------------------
@ -94,12 +121,12 @@ templates:
  metallb: &metallb
    name: metallb
    chart: metallb/metallb
-    version: 0.13.10
+    version: 0.13.11
  cert-manager: &cert-manager
    name: cert-manager
    chart: jetstack/cert-manager
-    version: 1.12.3
+    version: 1.12.4
    set:
      - name: installCRDs
        value: true
@ -113,7 +140,7 @@ templates:
  argocd: &argocd
    name: argocd
    chart: argo/argo-cd
-    version: 5.42.2
+    version: 5.46.2
    inherit:
      - template: default-env-values
      - template: default-env-secrets
@ -126,7 +153,7 @@ templates:
  prometheus: &prometheus
    name: prometheus
    chart: prometheus-community/kube-prometheus-stack
-    version: 48.3.1
+    version: 51.0.0
    inherit:
      - template: monitoring-common
      - template: default-env-values
@ -137,7 +164,7 @@ templates:
  loki: &loki
    name: loki
    chart: grafana/loki
-    version: 5.10.0
+    version: 5.20.0
    inherit:
      - template: monitoring-common
      - template: default-env-values
@ -145,7 +172,7 @@ templates:
  promtail: &promtail
    name: promtail
    chart: grafana/promtail
-    version: 6.14.1
+    version: 6.15.1
    inherit:
      - template: monitoring-common
      - template: default-env-values
@ -155,7 +182,7 @@ templates:
  istio-common:
    labels:
      bundle: istio
-    version: 1.18.2
+    version: 1.19.0
  istio-base: &istio-base
    name: istio-base
@ -183,8 +210,8 @@ templates:
  # ----------------------------
  openvpn: &openvpn
    name: openvpn
-    chart: allanger-charts/openvpn
+    chart: allanger-gitea/openvpn
-    version: 1.0.3
+    version: 1.0.6
    inherit:
      - template: default-env-values
      - template: ext-istio-resource
@ -197,7 +224,7 @@ templates:
  drone: &drone
    name: drone
    chart: drone/drone
-    version: 0.6.4
+    version: 0.6.5
    inherit:
      - template: default-env-values
      - template: default-env-secrets
@ -213,10 +240,19 @@ templates:
      - template: default-env-secrets
      - template: drone-common
  tekton-pipeline: &tekton-pipeline
    name: tekton-pipeline
    chart: cdf/tekton-pipeline
    version: 1.0.2
    inherit:
      - template: default-env-values
      - template: default-env-secrets
      - template: tekton-triggers-hook
  nrodionov: &nrodionov
    name: nrodionov
    chart: bitnami/wordpress
-    version: 17.0.4
+    version: 17.1.7
    inherit:
      - template: default-env-values
      - template: default-env-secrets
@ -235,15 +271,16 @@ templates:
  minecraft: &minecraft
    name: minecraft
    chart: minecraft-server-charts/minecraft
-    version: 4.9.3
+    version: 4.9.6
    inherit:
      - template: default-env-values
      - template: default-env-secrets
      - template: ext-istio-resource
  gitea: &gitea
    name: gitea
    chart: gitea/gitea
-    version: 9.1.0
+    version: 9.4.0
    inherit:
      - template: default-env-values
      - template: default-env-secrets
@ -253,7 +290,7 @@ templates:
  funkwhale: &funkwhale
    name: funkwhale
    chart: ananace-charts/funkwhale
-    version: 2.0.1
+    version: 2.0.3
    inherit:
      - template: default-env-values
      - template: default-env-secrets
@ -282,7 +319,7 @@ templates:
  redis: &redis
    name: redis
    chart: bitnami/redis
-    version: 17.14.6
+    version: 18.0.4
    inherit:
      - template: default-env-values
      - template: default-env-secrets
@ -290,7 +327,7 @@ templates:
  postgres: &postgres
    name: postgres
    chart: bitnami/postgresql
-    version: 12.8.0
+    version: 12.11.1
    inherit:
      - template: default-env-values
      - template: default-env-secrets
@ -298,7 +335,7 @@ templates:
  db-operator: &db-operator
    name: db-operator
    chart: db-operator/db-operator
-    version: 1.9.1
+    version: 1.10.1
  db-instances: &db-instances
    name: db-instances
@ -311,7 +348,7 @@ templates:
  mysql: &mysql
    name: mysql
    chart: bitnami/mysql
-    version: 9.10.10
+    version: 9.12.2
    inherit:
      - template: default-env-values
      - template: default-env-secrets
--- a/repositories.yaml
+++ b/repositories.yaml
@ -2,8 +2,6 @@
 repositories:
  - name: metrics-server
    url: https://kubernetes-sigs.github.io/metrics-server/
  - name: allanger-charts
    url: https://allanger.github.io/allanger-charts
  - name: jetstack
    url: https://charts.jetstack.io
  - name: istio
@ -37,4 +35,6 @@ repositories:
  - name: db-operator
    url: https://db-operator.github.io/charts
  - name: allanger-gitea
-    url:  https://git.badhouseplants.net/api/packages/allanger/helm
+    url: https://git.badhouseplants.net/api/packages/allanger/helm
  - name: cdf
    url: https://cdfoundation.github.io/tekton-helm-chart/
Author	SHA1	Message	Date
Nikolai Rodionov	bc3d8dfde3	Something is going on	2023-09-27 12:05:35 +02:00
Nikolai Rodionov	3274fbdd97	Updated the tekton installation	2023-09-27 06:26:54 +02:00
Nikolai Rodionov	bfe08e1eae	Try tekton	2023-09-23 15:29:52 +02:00
Nikolai Rodionov	a941f7df16	Remove drone runner from the etersoft cluster	2023-09-22 10:29:40 +02:00
Nikolai Rodionov	63968337e2	add telegram notifications for outdated charts	2023-09-20 21:52:07 +02:00
Nikolai Rodionov	8cfd4bf88d	Use another redis db for funkwhale	2023-09-14 10:28:18 +02:00
Nikolai Rodionov	1d5e6f6d93	chore: Upgrade releases	2023-09-12 10:39:42 +02:00
Nikolai Rodionov	af236d75a1	chore: Update MetalLB	2023-09-09 05:06:14 +02:00
Nikolai Rodionov	b149d953f3	chore: Some updates that are not critical	2023-09-09 00:39:02 +02:00
Nikolai Rodionov	2cae97fccb	chore: Update drone	2023-09-09 00:08:38 +02:00
Nikolai Rodionov	a68bf4502a	Update minecraft config and Paper	2023-09-07 00:31:47 +02:00
Nikolai Rodionov	39893c3390	chore: Fix gitea version	2023-09-03 11:15:21 +02:00
Nikolai Rodionov	1c50200fa2	chore: Upgrade releases	2023-09-03 11:13:25 +02:00
Nikolai Rodionov	0d4f0c1053	Update backup setup	2023-08-24 21:35:08 +02:00
Nikolai Rodionov	2d8bb5ff39	Downgrade openvpn	2023-08-24 21:34:15 +02:00
Nikolai Rodionov	6aaeb5db0d	Add 'faster minecarts' to Minecraft again	2023-08-22 23:51:31 +02:00
Nikolai Rodionov	162b2dd602	Add 'faster minecarts' to Minecraft	2023-08-22 23:46:39 +02:00
Nikolai Rodionov	8183029ebd	Update outdated releases	2023-08-19 09:15:58 +02:00
Nikolai Rodionov	bb6617b58c	Update OpenVPN	2023-08-19 09:14:35 +02:00
Nikolai Rodionov	39160f7e66	Update db-operator chart to 1.10.0	2023-08-17 11:10:47 +02:00
Nikolai Rodionov	e3760ca400	Migrate to the new openvpn setup	2023-08-16 20:55:56 +02:00
Nikolai Rodionov	15bbc19939	minecraft: Override server properties	2023-08-15 17:41:10 +02:00
Nikolai Rodionov	5ac35a5a60	Fix the name of restic repo	2023-08-15 17:27:55 +02:00
Nikolai Rodionov	12c1a0ca31	Enable default secrets for minecraft	2023-08-15 17:25:31 +02:00
Nikolai Rodionov	b755239823	Enable restic backups for minecraft	2023-08-15 15:40:59 +02:00
Nikolai Rodionov	ced4bcd4c5	Add new bucket to minio and setup rcon	2023-08-15 14:53:20 +02:00
RNRod	e3848a49cc	install gravity control plugin for minecraft server	2023-08-14 18:42:56 +02:00
Nikolai Rodionov	3643ea788b	chore: Upgrade outdated releases	2023-08-14 11:31:49 +02:00
Nikolai Rodionov	77429c2c36	Setup a new XOR patched VPN	2023-08-09 21:15:25 +02:00
`@ -4,4 +4,3 @@ primary:`

	`auth:`	`auth:`
	`createDatabase: false`	`createDatabase: false`