Merge branch 'main' into auto-update-readme-20251118-220250

Generated by CI/CD workflow on 2025-11-18 22:02:50

This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.

README.md

@@ -48,7 +48,6 @@ ArgoCD homelab project
 | **paperless** | [![paperless](https://ag.hexor.cy/api/badge?name=paperless&revision=true)](https://ag.hexor.cy/applications/argocd/paperless) |
 | **pasarguard** | [![pasarguard](https://ag.hexor.cy/api/badge?name=pasarguard&revision=true)](https://ag.hexor.cy/applications/argocd/pasarguard) |
 | **qbittorent-nas** | [![qbittorent-nas](https://ag.hexor.cy/api/badge?name=qbittorent-nas&revision=true)](https://ag.hexor.cy/applications/argocd/qbittorent-nas) |
-| **remnawave** | [![remnawave](https://ag.hexor.cy/api/badge?name=remnawave&revision=true)](https://ag.hexor.cy/applications/argocd/remnawave) |
 | **rustdesk** | [![rustdesk](https://ag.hexor.cy/api/badge?name=rustdesk&revision=true)](https://ag.hexor.cy/applications/argocd/rustdesk) |
 | **sonarr-stack** | [![sonarr-stack](https://ag.hexor.cy/api/badge?name=sonarr-stack&revision=true)](https://ag.hexor.cy/applications/argocd/sonarr-stack) |
 | **stirling-pdf** | [![stirling-pdf](https://ag.hexor.cy/api/badge?name=stirling-pdf&revision=true)](https://ag.hexor.cy/applications/argocd/stirling-pdf) |

k8s/apps/remnawave/app.yaml

@@ -1,21 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: remnawave
-  namespace: argocd
-spec:
-  project: apps
-  destination:
-    namespace: remnawave
-    server: https://kubernetes.default.svc
-  source:
-    repoURL: ssh://git@gt.hexor.cy:30022/ab/homelab.git
-    targetRevision: HEAD
-    path: k8s/apps/remnawave
-  syncPolicy:
-    automated:
-      selfHeal: true
-      prune: true
-    syncOptions:
-      - CreateNamespace=true
-

k8s/apps/remnawave/deployment.yaml

@@ -1,71 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: remnawave
-  labels:
-    app: remnawave
-  annotations:
-    reloader.stakater.com/auto: "true"
-spec:
-  selector:
-    matchLabels:
-      app: remnawave
-  replicas: 1
-  strategy:
-    type: RollingUpdate
-  template:
-    metadata:
-      labels:
-        app: remnawave
-    spec:
-      containers:
-        - name: remnawave
-          image: 'remnawave/backend:2'
-          imagePullPolicy: Always
-          envFrom:
-            - secretRef:
-                name: remnawave-secrets
-          env:
-            - name: REDIS_URL
-              value: "redis://remnawave-redis:6379"
-          ports:
-            - name: http
-              containerPort: 3000
-              protocol: TCP
-            - name: metrics
-              containerPort: 3001
-              protocol: TCP
-          livenessProbe:
-            httpGet:
-              path: /health
-              port: 3001
-            initialDelaySeconds: 30
-            periodSeconds: 30
-            timeoutSeconds: 5
-            failureThreshold: 3
-          readinessProbe:
-            httpGet:
-              path: /health
-              port: 3001
-            initialDelaySeconds: 10
-            periodSeconds: 10
-            timeoutSeconds: 3
-            failureThreshold: 3
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: remnawave
-spec:
-  selector:
-    app: remnawave
-  ports:
-    - name: http
-      protocol: TCP
-      port: 3000
-      targetPort: 3000
-    - name: metrics
-      protocol: TCP
-      port: 3001
-      targetPort: 3001

k8s/apps/remnawave/external-secrets.yaml

@@ -1,70 +0,0 @@
----
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: remnawave-secrets
-spec:
-  target:
-    name: remnawave-secrets
-    deletionPolicy: Delete
-    template:
-      type: Opaque
-      data:
-        METRICS_USER: admin
-        FRONT_END_DOMAIN: rw.hexor.cy
-        SUB_PUBLIC_DOMAIN: sub.hexor.cy
-        REDIS_HOST: remnawave-redis
-        REDIS_PORT: "6379"
-
-        DATABASE_URL: |-
-          postgresql://remnawave:{{ .pg_pass }}@psql.psql.svc:5432/remnawave
-        JWT_AUTH_SECRET: |-
-          {{ .jwt_auth_secret }}
-        JWT_API_TOKENS_SECRET: |-
-          {{ .jwt_api_tokens_secret }}
-        METRICS_PASS: |-
-          {{ .metrics_pass }}
-        WEBHOOK_SECRET_HEADER: |-
-          {{ .webhook_secret }}
-
-  data:
-    - secretKey: pg_pass
-      sourceRef:
-        storeRef:
-          name: vaultwarden-login
-          kind: ClusterSecretStore
-      remoteRef:
-        key: 2a9deb39-ef22-433e-a1be-df1555625e22
-        property: fields[10].value
-    - secretKey: jwt_auth_secret
-      sourceRef:
-        storeRef:
-          name: vaultwarden-login
-          kind: ClusterSecretStore
-      remoteRef:
-        key: 0d090436-5e82-453a-914c-19cec2abded1
-        property: fields[0].value
-    - secretKey: jwt_api_tokens_secret
-      sourceRef:
-        storeRef:
-          name: vaultwarden-login
-          kind: ClusterSecretStore
-      remoteRef:
-        key: 0d090436-5e82-453a-914c-19cec2abded1
-        property: fields[1].value
-    - secretKey: metrics_pass
-      sourceRef:
-        storeRef:
-          name: vaultwarden-login
-          kind: ClusterSecretStore
-      remoteRef:
-        key: 0d090436-5e82-453a-914c-19cec2abded1
-        property: fields[2].value
-    - secretKey: webhook_secret
-      sourceRef:
-        storeRef:
-          name: vaultwarden-login
-          kind: ClusterSecretStore
-      remoteRef:
-        key: 0d090436-5e82-453a-914c-19cec2abded1
-        property: fields[3].value

k8s/apps/remnawave/ingress.yaml

@@ -1,37 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: remnawave-tls-ingress
-  annotations:
-    ingressClassName: traefik
-    cert-manager.io/cluster-issuer: letsencrypt
-    traefik.ingress.kubernetes.io/router.middlewares: kube-system-https-redirect@kubernetescrd
-    acme.cert-manager.io/http01-edit-in-place: "true"
-spec:
-  rules:
-    - host: sub.hexor.cy
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: remnawave-subscription-page
-                port:
-                  number: 3010
-    - host: sub.hexor.ru
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: remnawave-subscription-page
-                port:
-                  number: 3010
-  tls:
-    - secretName: remnawave-tls
-      hosts:
-        - sub.hexor.cy
-        - sub.hexor.ru

k8s/apps/remnawave/kustomization.yaml

@@ -1,10 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
-  - ./external-secrets.yaml
-  - ./deployment.yaml
-  - ./redis-deployment.yaml
-  - ./subscription-page-configmap.yaml
-  - ./subscription-page-deployment.yaml
-  - ./servicemonitor.yaml

k8s/apps/remnawave/redis-deployment.yaml

@@ -1,71 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: remnawave-redis
-  labels:
-    app: remnawave-redis
-spec:
-  selector:
-    matchLabels:
-      app: remnawave-redis
-  replicas: 1
-  strategy:
-    type: RollingUpdate
-  template:
-    metadata:
-      labels:
-        app: remnawave-redis
-    spec:
-      containers:
-        - name: redis
-          image: 'valkey/valkey:8.1-alpine'
-          imagePullPolicy: Always
-          ports:
-            - name: redis
-              containerPort: 6379
-              protocol: TCP
-          livenessProbe:
-            exec:
-              command:
-                - valkey-cli
-                - ping
-            initialDelaySeconds: 30
-            periodSeconds: 10
-            timeoutSeconds: 5
-            failureThreshold: 3
-          readinessProbe:
-            exec:
-              command:
-                - valkey-cli
-                - ping
-            initialDelaySeconds: 5
-            periodSeconds: 5
-            timeoutSeconds: 3
-            failureThreshold: 3
-          volumeMounts:
-            - name: redis-data
-              mountPath: /data
-          resources:
-            requests:
-              memory: "64Mi"
-              cpu: "50m"
-            limits:
-              memory: "256Mi"
-              cpu: "200m"
-      volumes:
-        - name: redis-data
-          emptyDir: {}
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: remnawave-redis
-spec:
-  selector:
-    app: remnawave-redis
-  ports:
-    - name: redis
-      protocol: TCP
-      port: 6379
-      targetPort: 6379

k8s/apps/remnawave/servicemonitor.yaml

@@ -1,21 +0,0 @@
----
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
-  name: remnawave-metrics
-  labels:
-    app: remnawave
-    release: prometheus
-spec:
-  selector:
-    matchLabels:
-      app: remnawave
-  endpoints:
-    - port: metrics
-      path: /metrics
-      interval: 30s
-      scrapeTimeout: 10s
-      honorLabels: true
-  namespaceSelector:
-    matchNames:
-      - remnawave

k8s/apps/remnawave/subscription-page-configmap.yaml

@@ -1,27 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: remnawave-subscription-page-config
-  labels:
-    app: remnawave-subscription-page
-data:
-  APP_PORT: "3010"
-  REMNAWAVE_PANEL_URL: "http://remnawave.remnawave.svc:3000"
-  META_TITLE: "RemnaWave Subscription"
-  META_DESCRIPTION: "Your VPN subscription portal"
-  META_KEYWORDS: "vpn,subscription,remnawave"
-  META_AUTHOR: "RemnaWave"
-  ENABLE_ANALYTICS: "false"
-  ANALYTICS_MEASUREMENT_ID: ""
-  CUSTOM_SUB_PREFIX: ""
-  THEME: "dark"
-  CUSTOM_LOGO_URL: ""
-  SHOW_SUBSCRIPTION_INFO: "true"
-  SHOW_CONNECTION_INFO: "true"
-  SHOW_QR_CODE: "true"
-  QR_CODE_SIZE: "256"
-  REFRESH_INTERVAL: "30000"
-  SUBSCRIPTION_TEXT_COLOR: "#ffffff"
-  BACKGROUND_COLOR: "#1a1a1a"
-  ACCENT_COLOR: "#007bff"

k8s/apps/remnawave/subscription-page-deployment.yaml

@@ -1,68 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: remnawave-subscription-page
-  labels:
-    app: remnawave-subscription-page
-spec:
-  selector:
-    matchLabels:
-      app: remnawave-subscription-page
-  replicas: 1
-  strategy:
-    type: RollingUpdate
-  template:
-    metadata:
-      labels:
-        app: remnawave-subscription-page
-    spec:
-      containers:
-        - name: subscription-page
-          image: 'remnawave/subscription-page:latest'
-          imagePullPolicy: Always
-          envFrom:
-            - configMapRef:
-                name: remnawave-subscription-page-config
-          ports:
-            - name: http
-              containerPort: 3010
-              protocol: TCP
-          livenessProbe:
-            httpGet:
-              path: /
-              port: 3010
-            initialDelaySeconds: 30
-            periodSeconds: 30
-            timeoutSeconds: 5
-            failureThreshold: 3
-          readinessProbe:
-            httpGet:
-              path: /
-              port: 3010
-            initialDelaySeconds: 10
-            periodSeconds: 10
-            timeoutSeconds: 3
-            failureThreshold: 3
-          resources:
-            requests:
-              memory: "64Mi"
-              cpu: "50m"
-            limits:
-              memory: "256Mi"
-              cpu: "200m"
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: remnawave-subscription-page
-  labels:
-    app: remnawave-subscription-page
-spec:
-  selector:
-    app: remnawave-subscription-page
-  ports:
-    - name: http
-      protocol: TCP
-      port: 3010
-      targetPort: 3010

k8s/core/authentik/values.yaml

@@ -47,7 +47,6 @@ server:
         - minecraft.hexor.cy # Minecraft UI and server
         - pass.hexor.cy      # k8s-secret for openai
         - ps.hexor.cy        # pasarguard UI
-#       - rw.hexor.cy        # RemnaWave UI
       tls:
         - secretName: idm-tls
           hosts:

k8s/core/postgresql/external-secrets.yaml

@@ -119,8 +119,6 @@ spec:
           {{ .outfleet_rs }}
         USER_pasarguard: |-
           {{ .pasarguard }}
-        USER_remnawave: |-
-          {{ .remnawave }}
   data:
     - secretKey: authentik
       sourceRef:
@@ -221,14 +219,3 @@ spec:
         metadataPolicy: None
         key: 2a9deb39-ef22-433e-a1be-df1555625e22
         property: fields[9].value
-    - secretKey: remnawave
-      sourceRef:
-        storeRef:
-          name: vaultwarden-login
-          kind: ClusterSecretStore
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        metadataPolicy: None
-        key: 2a9deb39-ef22-433e-a1be-df1555625e22
-        property: fields[10].value

terraform/authentik/proxy-apps.tfvars

@@ -206,22 +206,5 @@ EOT
     create_group                 = true
     access_groups                = ["admins"]
   }
-  "remnawave" = {
-    name                         = "RemnaWave"
-    slug                         = "remnawave"
-    group                        = "Tools"
-    external_host                = "https://rw.hexor.cy"
-    internal_host                = "http://remnawave.remnawave.svc:3000"
-    internal_host_ssl_validation = false
-    meta_description             = ""
-    skip_path_regex              = <<-EOT
-/api/sub/
-EOT
-    meta_icon                    = "https://camo.githubusercontent.com/0fbcff9dfaebb0363774139d00ef58d7f128eed3ddabaaf2bf7d18b68fd296a1/68747470733a2f2f63646e2e72656d6e612e73742f6c6f676f732f6c6f676f2e737667"
-    mode                         = "proxy"
-    outpost                      = "kubernetes-outpost"
-    create_group                 = true
-    access_groups                = ["admins"]
-  }
 }