From 792421ffc563dd15802731759bd1346504b9ac80 Mon Sep 17 00:00:00 2001
From: ab <ab@hexor.cy>
Date: Thu, 6 Nov 2025 13:36:29 +0000
Subject: [PATCH 01/10] Update k8s/apps/pasarguard/deployment.yaml

Enabled PasarGuard API
---
 k8s/apps/pasarguard/deployment.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/k8s/apps/pasarguard/deployment.yaml b/k8s/apps/pasarguard/deployment.yaml
index 18542c5..81c21e4 100644
--- a/k8s/apps/pasarguard/deployment.yaml
+++ b/k8s/apps/pasarguard/deployment.yaml
@@ -33,6 +33,8 @@ spec:
               value: "0.0.0.0"
             - name: UVICORN_PORT
               value: "8000"
+            - name: DOCS
+              value: "true"
             - name: UVICORN_SSL_CERTFILE
               value: "/app/tls/tls.crt"
             - name: UVICORN_SSL_KEYFILE

From 7c8a3b2aaaaa4e37cd5eed47db952ee744746253 Mon Sep 17 00:00:00 2001
From: ab <ab@hexor.cy>
Date: Thu, 6 Nov 2025 13:43:07 +0000
Subject: [PATCH 02/10] Update terraform/authentik/proxy-apps.tfvars

---
 terraform/authentik/proxy-apps.tfvars | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/authentik/proxy-apps.tfvars b/terraform/authentik/proxy-apps.tfvars
index 83a6b2a..1c7552e 100644
--- a/terraform/authentik/proxy-apps.tfvars
+++ b/terraform/authentik/proxy-apps.tfvars
@@ -197,7 +197,7 @@ EOT
     meta_description             = ""
     skip_path_regex              = <<-EOT
 /sub/
-/
+/dashboard/
 EOT
     meta_icon                    = "https://img.icons8.com/?size=100&id=fqAD3lAB6zTe&format=png&color=000000"
     mode                         = "proxy"

From 31fe1bf95d8a662477e279d5c957f9c4ef8507fe Mon Sep 17 00:00:00 2001
From: ab <ab@hexor.cy>
Date: Thu, 6 Nov 2025 14:07:01 +0000
Subject: [PATCH 03/10] Update k8s/apps/pasarguard/daemonset.yaml

---
 k8s/apps/pasarguard/daemonset.yaml | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/k8s/apps/pasarguard/daemonset.yaml b/k8s/apps/pasarguard/daemonset.yaml
index a1fd4b1..4388d98 100644
--- a/k8s/apps/pasarguard/daemonset.yaml
+++ b/k8s/apps/pasarguard/daemonset.yaml
@@ -180,25 +180,27 @@ spec:
                 echo "Certificate already exists"
               fi
 
-              # Wait for certificate to be ready (max 60 seconds)
+              # Wait for certificate to be ready
+              $TTL=600
               echo "Waiting for certificate to be ready..."
-              for i in {1..60}; do
+              for i in {1..$TTL}; do
                 if kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" &>/dev/null; then
                   echo "Certificate secret is ready!"
                   break
                 fi
-                echo "Waiting for certificate... ($i/60)"
+                echo "Waiting for certificate... ($i/$TTL)"
                 sleep 1
               done
 
               if ! kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" &>/dev/null; then
-                echo "WARNING: Certificate secret not ready after 60 seconds"
+                echo "WARNING: Certificate secret not ready after $TTL seconds"
               else
                 # Extract certificate and key from secret to shared volume
                 echo "Extracting certificate and key..."
                 kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" -o jsonpath='{.data.tls\.crt}' | base64 -d > /shared/tls.crt
                 kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" -o jsonpath='{.data.tls\.key}' | base64 -d > /shared/tls.key
-                echo "Certificate and key extracted successfully"
+                echo "Certificate and key extracted successfully."
+                cat /shared/tls.crt
               fi
 
               # Create individual Service and Endpoints for this node

From 360f260cb537858607104291fa47bf5f16fceb90 Mon Sep 17 00:00:00 2001
From: ab <ab@hexor.cy>
Date: Thu, 6 Nov 2025 14:08:37 +0000
Subject: [PATCH 04/10] Update k8s/apps/pasarguard/daemonset.yaml

---
 k8s/apps/pasarguard/daemonset.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/k8s/apps/pasarguard/daemonset.yaml b/k8s/apps/pasarguard/daemonset.yaml
index 4388d98..981cf01 100644
--- a/k8s/apps/pasarguard/daemonset.yaml
+++ b/k8s/apps/pasarguard/daemonset.yaml
@@ -181,19 +181,19 @@ spec:
               fi
 
               # Wait for certificate to be ready
-              $TTL=600
+              
               echo "Waiting for certificate to be ready..."
-              for i in {1..$TTL}; do
+              for i in {1..600}; do
                 if kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" &>/dev/null; then
                   echo "Certificate secret is ready!"
                   break
                 fi
-                echo "Waiting for certificate... ($i/$TTL)"
+                echo "Waiting for certificate... ($i/600)"
                 sleep 1
               done
 
               if ! kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" &>/dev/null; then
-                echo "WARNING: Certificate secret not ready after $TTL seconds"
+                echo "WARNING: Certificate secret not ready after 600 seconds"
               else
                 # Extract certificate and key from secret to shared volume
                 echo "Extracting certificate and key..."

From 82cf742edb66d97c0cda0434227c910d37ebf8de Mon Sep 17 00:00:00 2001
From: ab <ab@hexor.cy>
Date: Thu, 6 Nov 2025 14:13:11 +0000
Subject: [PATCH 05/10] Update terraform/authentik/proxy-apps.tfvars

---
 terraform/authentik/proxy-apps.tfvars | 1 +
 1 file changed, 1 insertion(+)

diff --git a/terraform/authentik/proxy-apps.tfvars b/terraform/authentik/proxy-apps.tfvars
index 1c7552e..93607b0 100644
--- a/terraform/authentik/proxy-apps.tfvars
+++ b/terraform/authentik/proxy-apps.tfvars
@@ -198,6 +198,7 @@ EOT
     skip_path_regex              = <<-EOT
 /sub/
 /dashboard/
+/
 EOT
     meta_icon                    = "https://img.icons8.com/?size=100&id=fqAD3lAB6zTe&format=png&color=000000"
     mode                         = "proxy"

From 407b11f40ded719a2c55b70899103aa035c61f49 Mon Sep 17 00:00:00 2001
From: ab <ab@hexor.cy>
Date: Thu, 6 Nov 2025 14:17:31 +0000
Subject: [PATCH 06/10] Update k8s/apps/pasarguard/daemonset.yaml

---
 k8s/apps/pasarguard/daemonset.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/k8s/apps/pasarguard/daemonset.yaml b/k8s/apps/pasarguard/daemonset.yaml
index 981cf01..e7e3d74 100644
--- a/k8s/apps/pasarguard/daemonset.yaml
+++ b/k8s/apps/pasarguard/daemonset.yaml
@@ -97,6 +97,8 @@ spec:
         - name: init-uuid
           image: bitnami/kubectl:latest
           env:
+            - name: OPENSSL_FIPS
+              value: "0"
             - name: NODE_NAME
               valueFrom:
                 fieldRef:

From 1ee1b9a1c6e627279ed019ccc48e267d05609e5d Mon Sep 17 00:00:00 2001
From: ab <ab@hexor.cy>
Date: Thu, 6 Nov 2025 14:19:18 +0000
Subject: [PATCH 07/10] Update k8s/apps/pasarguard/daemonset.yaml

---
 k8s/apps/pasarguard/daemonset.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/k8s/apps/pasarguard/daemonset.yaml b/k8s/apps/pasarguard/daemonset.yaml
index e7e3d74..5d7d054 100644
--- a/k8s/apps/pasarguard/daemonset.yaml
+++ b/k8s/apps/pasarguard/daemonset.yaml
@@ -108,7 +108,7 @@ spec:
             - -c
             - |
               set -e
-
+              echo "Started"
               # NODE_NAME is already set via environment variable
               NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
 

From 8e18775e3e3b7089d204e3d6390e2668c2e43205 Mon Sep 17 00:00:00 2001
From: Ultradesu <ultradesu@hexor.cy>
Date: Thu, 6 Nov 2025 16:46:47 +0200
Subject: [PATCH 08/10] Fix xray-nodes

---
 k8s/apps/pasarguard/daemonset.yaml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/k8s/apps/pasarguard/daemonset.yaml b/k8s/apps/pasarguard/daemonset.yaml
index 5d7d054..e643e40 100644
--- a/k8s/apps/pasarguard/daemonset.yaml
+++ b/k8s/apps/pasarguard/daemonset.yaml
@@ -95,10 +95,8 @@ spec:
                 operator: Exists
       initContainers:
         - name: init-uuid
-          image: bitnami/kubectl:latest
+          image: rancher/kubectl:v1.28.2
           env:
-            - name: OPENSSL_FIPS
-              value: "0"
             - name: NODE_NAME
               valueFrom:
                 fieldRef:

From 8dfc8e2549f3cf644d5dd8c452349f0aae0267be Mon Sep 17 00:00:00 2001
From: Ultradesu <ultradesu@hexor.cy>
Date: Thu, 6 Nov 2025 16:51:32 +0200
Subject: [PATCH 09/10] Fix xray-nodes

---
 k8s/apps/pasarguard/daemonset.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/k8s/apps/pasarguard/daemonset.yaml b/k8s/apps/pasarguard/daemonset.yaml
index e643e40..b1e6e06 100644
--- a/k8s/apps/pasarguard/daemonset.yaml
+++ b/k8s/apps/pasarguard/daemonset.yaml
@@ -95,14 +95,14 @@ spec:
                 operator: Exists
       initContainers:
         - name: init-uuid
-          image: rancher/kubectl:v1.28.2
+          image: rancher/kubectl:v1.32.9
           env:
             - name: NODE_NAME
               valueFrom:
                 fieldRef:
                   fieldPath: spec.nodeName
           command:
-            - /bin/bash
+            - /bin/sh
             - -c
             - |
               set -e

From 30a3b1cd60a6d98d2dad513ec23235f97fb026a0 Mon Sep 17 00:00:00 2001
From: Ultradesu <ultradesu@hexor.cy>
Date: Thu, 6 Nov 2025 16:53:41 +0200
Subject: [PATCH 10/10] Fix xray-nodes

---
 k8s/apps/pasarguard/daemonset.yaml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/k8s/apps/pasarguard/daemonset.yaml b/k8s/apps/pasarguard/daemonset.yaml
index b1e6e06..c1bd403 100644
--- a/k8s/apps/pasarguard/daemonset.yaml
+++ b/k8s/apps/pasarguard/daemonset.yaml
@@ -95,14 +95,16 @@ spec:
                 operator: Exists
       initContainers:
         - name: init-uuid
-          image: rancher/kubectl:v1.32.9
+          image: bitnami/kubectl:latest
           env:
+            - name: GODEBUG
+              value: "x509sha1=1"
             - name: NODE_NAME
               valueFrom:
                 fieldRef:
                   fieldPath: spec.nodeName
           command:
-            - /bin/sh
+            - /bin/bash
             - -c
             - |
               set -e