Auto-update README with current k8s applications

Generated by CI/CD workflow on 2025-12-28 20:42:01 This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.
Added UK jellyfin
2025-12-28 20:42:01 +00:00 · 2025-12-28 20:41:27 +00:00 · 2025-12-28 20:35:42 +00:00 · 2025-12-28 20:33:35 +00:00 · 2025-12-28 20:32:46 +00:00 · 2025-12-28 20:31:08 +00:00
10 changed files with 260 additions and 12 deletions
--- a/README.md
+++ b/README.md
@@ -56,6 +56,7 @@ ArgoCD homelab project
 | **tg-bots** | [![tg-bots](https://ag.hexor.cy/api/badge?name=tg-bots&revision=true)](https://ag.hexor.cy/applications/argocd/tg-bots) |
 | **vaultwarden** | [![vaultwarden](https://ag.hexor.cy/api/badge?name=vaultwarden&revision=true)](https://ag.hexor.cy/applications/argocd/vaultwarden) |
 | **vpn** | [![vpn](https://ag.hexor.cy/api/badge?name=vpn&revision=true)](https://ag.hexor.cy/applications/argocd/vpn) |
 | **xandikos** | [![xandikos](https://ag.hexor.cy/api/badge?name=xandikos&revision=true)](https://ag.hexor.cy/applications/argocd/xandikos) |
 </td>
 </tr>
--- a/k8s/desktop/jellyfin/app.yaml
+++ b/k8s/desktop/jellyfin/app.yaml
@@ -0,0 +1,21 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: jellyfin-uk
  namespace: argocd
 spec:
  project: apps
  destination:
    namespace: jellyfin-uk
    server: https://kubernetes.default.svc
  source:
    repoURL: ssh://git@gt.hexor.cy:30022/ab/homelab.git
    targetRevision: HEAD
    path: k8s/desktop/jellyfin
  syncPolicy:
    automated:
      selfHeal: true
      prune: true
    syncOptions:
      - CreateNamespace=true
--- a/k8s/desktop/jellyfin/kustomization.yaml
+++ b/k8s/desktop/jellyfin/kustomization.yaml
@@ -0,0 +1,16 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - app.yaml
  - qbittorent.yaml
 helmCharts:
  - name: jellyfin
    repo: https://utkuozdemir.org/helm-charts
    version: 2.0.0
    releaseName: jellyfin
    namespace: jellyfin
    valuesFile: values.yaml
    includeCRDs: true
--- a/k8s/desktop/jellyfin/qbittorent.yaml
+++ b/k8s/desktop/jellyfin/qbittorent.yaml
@@ -0,0 +1,123 @@
 ---
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
 metadata:
  name: vpn-creds
 spec:
  target:
    name: vpn-creds
    deletionPolicy: Delete
    template:
      type: Opaque
      data:
        ss_link: |-
          {{ .ss_link }}
  data:
    - secretKey: ss_link
      sourceRef:
        storeRef:
          name: vaultwarden-login
          kind: ClusterSecretStore
      remoteRef:
        key: cfee6f62-fb06-4a4c-b6d8-92da4908c65a
        property: fields[0].value
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: qbittorrent
  labels:
    app: qbittorrent
  annotations:
    reloader.stakater.com/auto: "true"
 spec:
  selector:
    matchLabels:
      app: qbittorrent
  replicas: 1
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  template:
    metadata:
      labels:
        app: qbittorrent
    spec:
      nodeSelector:
        kubernetes.io/hostname: uk-desktop.tail2fe2d.ts.net
      tolerations:
        - key: workload
          operator: Equal
          value: desktop
          effect: NoSchedule
      volumes:
        - name: config
          hostPath:
            path: /k8s/qbt-config
            type: DirectoryOrCreate
        - name: media
          hostPath:
            path: /k8s/media/downloads
            type: DirectoryOrCreate
      containers:
        - name: qbittorrent
          image: 'linuxserver/qbittorrent:latest'
          ports:
            - name: http
              containerPort: 8080
              protocol: TCP
          volumeMounts:
            - name: config
              mountPath: /config
            - name: media
              mountPath: /downloads
        - name: shadowsocks-proxy
          image: teddysun/shadowsocks-rust:latest
          env:
            - name: SS_LINK
              valueFrom:
                secretKeyRef:
                  name: vpn-creds
                  key: ss_link
          command: ["/bin/bash", "-c", "rm /etc/shadowsocks-rust/config.json && sslocal --server-url $SS_LINK --local-addr 127.0.0.1:8081 -U --protocol http"]
          resources:
            requests:
              memory: "64Mi"
              cpu: "300m"
            limits:
              memory: "128Mi"
              cpu: "300m"
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: qbittorrent
 spec:
  selector:
    app: qbittorrent
  ports:
    - protocol: TCP
      port: 80
      targetPort: 8080
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: jf-local-ingress
  annotations:
    ingressClassName: traefik
 spec:
  rules:
    - host: tr.uk
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: qbittorrent
                port:
                  number: 80
--- a/k8s/desktop/jellyfin/values.yaml
+++ b/k8s/desktop/jellyfin/values.yaml
@@ -0,0 +1,41 @@
 image:
  tag: 10.11.4
 resources:
  requests:
    memory: "2Gi"
    cpu: "1000m"
  limits:
    memory: "8Gi"
    cpu: "6000m"
 nodeSelector:
  kubernetes.io/hostname: uk-desktop.tail2fe2d.ts.net
 tolerations:
  - key: workload
    operator: Equal
    value: desktop
    effect: NoSchedule
 persistence:
  config:
    enabled: true
    isPvc: false
    customVolume:
      hostPath:
        path: /k8s/jellyfin
        type: DirectoryOrCreate
  data:
    enabled: true
    isPvc: false
    customVolume:
      hostPath:
        path: /k8s/media/downloads
        type: DirectoryOrCreate
 ingress:
    enabled: true
    className: traefik
    hosts:
      - host: jf.uk
        paths:
          - path: /
            pathType: Prefix
--- a/k8s/desktop/khm/app.yaml
+++ b/k8s/desktop/khm/app.yaml
@@ -6,7 +6,7 @@ metadata:
 spec:
  project: desktop
  destination:
-    namespace: default
+    namespace: khm
    server: https://kubernetes.default.svc
  source:
    repoURL: ssh://git@gt.hexor.cy:30022/ab/homelab.git
--- a/k8s/desktop/khm/external-secrets.yaml
+++ b/k8s/desktop/khm/external-secrets.yaml
@@ -0,0 +1,33 @@
 ---
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
 metadata:
  name: khm-client-creds
 spec:
  target:
    name: khm-client-creds
    deletionPolicy: Delete
    template:
      type: Opaque
      data:
        USERNAME: |-
          {{ .username }}
        PASSWORD: |-
          {{ .password }}
  data:
    - secretKey: username
      sourceRef:
        storeRef:
          name: vaultwarden-login
          kind: ClusterSecretStore
      remoteRef:
        key: 19c06480-0814-4d1f-aa80-710105989188
        property: login.username
    - secretKey: password
      sourceRef:
        storeRef:
          name: vaultwarden-login
          kind: ClusterSecretStore
      remoteRef:
        key: 19c06480-0814-4d1f-aa80-710105989188
        property: login.password
--- a/k8s/desktop/khm/khm-client-cronjob.yaml
+++ b/k8s/desktop/khm/khm-client-cronjob.yaml
@@ -6,7 +6,7 @@ metadata:
  labels:
    app: khm-client
 spec:
-  schedule: "* * * * *"
+  schedule: "15 * * * *"
  concurrencyPolicy: Forbid
  successfulJobsHistoryLimit: 3
  failedJobsHistoryLimit: 3
@@ -18,6 +18,7 @@ spec:
            app: khm-client
        spec:
          restartPolicy: OnFailure
          hostNetwork: true
          nodeSelector:
            node-role.kubernetes.io/desktop: ""
          tolerations:
@@ -25,7 +26,6 @@ spec:
              operator: Equal
              value: desktop
              effect: NoSchedule
          hostNetwork: false
          containers:
            - name: khm-client
              image: 'ultradesu/khm:latest'
@@ -40,14 +40,26 @@ spec:
                  memory: "256Mi"
                  cpu: "200m"
              command:
-                - /usr/local/bin/khm
+                - /bin/sh
-                - --known-hosts
+                - -c
-                - /host-ssh/known_hosts
+                - |
-                - --host
+                  /usr/local/bin/khm \
-                - https://khm.hexor.cy
+                    --known-hosts /host-ssh/known_hosts \
-                - --flow=work
+                    --host https://khm.hexor.cy \
-                - --basic-auth=ultradesu:JiMkWGaA0UZRkzzqtdPvvE0D5vIMCrH7LZGvK2Ux6eGSWECrPlh7UH1khdEm
+                    --flow=private \
-                - --in-place
+                    --basic-auth="${USERNAME}:${PASSWORD}" \
                    --in-place
              env:
                - name: USERNAME
                  valueFrom:
                    secretKeyRef:
                      name: khm-client-creds
                      key: USERNAME
                - name: PASSWORD
                  valueFrom:
                    secretKeyRef:
                      name: khm-client-creds
                      key: PASSWORD
              volumeMounts:
                - name: known-hosts
                  mountPath: /host-ssh/known_hosts
--- a/k8s/desktop/khm/kustomization.yaml
+++ b/k8s/desktop/khm/kustomization.yaml
@@ -2,5 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - app.yaml
+  - external-secrets.yaml
  - khm-client-cronjob.yaml
--- a/terraform/authentik/proxy-apps.tfvars
+++ b/terraform/authentik/proxy-apps.tfvars
@@ -196,6 +196,7 @@ EOT
    internal_host_ssl_validation = false
    meta_description             = ""
    skip_path_regex              = <<-EOT
 /
 /sub/
 /dashboard/
 /api/
Author	SHA1	Message	Date
Gitea Actions Bot	649df07ffe	Auto-update README with current k8s applications All checks were successful Terraform / Terraform (pull_request) Successful in 31s Details Generated by CI/CD workflow on 2025-12-28 20:42:01 This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.	2025-12-28 20:42:01 +00:00
Ultradesu	22382b63a1	Added UK jellyfin All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 9s Details Check with kubeconform / lint (push) Successful in 13s Details Auto-update README / Generate README and Create MR (push) Successful in 7s Details	2025-12-28 20:41:27 +00:00
Ultradesu	718709115f	Added UK jellyfin All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 8s Details Check with kubeconform / lint (push) Successful in 11s Details Auto-update README / Generate README and Create MR (push) Successful in 6s Details	2025-12-28 20:35:42 +00:00
Ultradesu	df78728137	Added UK jellyfin All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 8s Details Check with kubeconform / lint (push) Successful in 12s Details Auto-update README / Generate README and Create MR (push) Successful in 7s Details	2025-12-28 20:33:35 +00:00
Ultradesu	9671dc3aa8	Added UK jellyfin All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 8s Details Check with kubeconform / lint (push) Successful in 14s Details Auto-update README / Generate README and Create MR (push) Successful in 7s Details	2025-12-28 20:32:46 +00:00
Ultradesu	609fd9d522	Added UK jellyfin All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 7s Details Check with kubeconform / lint (push) Successful in 14s Details Auto-update README / Generate README and Create MR (push) Successful in 6s Details	2025-12-28 20:31:08 +00:00
Ultradesu	0e66f4bddd	Added UK jellyfin All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 8s Details Check with kubeconform / lint (push) Successful in 12s Details Auto-update README / Generate README and Create MR (push) Successful in 6s Details	2025-12-28 20:30:05 +00:00
ab	9f35d520b6	Update terraform/authentik/proxy-apps.tfvars All checks were successful Terraform / Terraform (push) Successful in 36s Details Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 7s Details	2025-12-28 18:53:37 +00:00
AB-UK	512e993f7b	Fixed KHM desktop All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 7s Details Check with kubeconform / lint (push) Successful in 11s Details Auto-update README / Generate README and Create MR (push) Successful in 6s Details	2025-12-28 13:07:23 +00:00
AB-UK	b6b6e23026	Fixed KHM desktop All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 8s Details Check with kubeconform / lint (push) Successful in 11s Details Auto-update README / Generate README and Create MR (push) Successful in 7s Details	2025-12-28 13:06:35 +00:00
AB-UK	bd997082e9	Fixed KHM desktop All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 8s Details Check with kubeconform / lint (push) Successful in 19s Details Auto-update README / Generate README and Create MR (push) Successful in 7s Details	2025-12-28 13:02:06 +00:00
AB-UK	0689b6abc8	Fixed KHM desktop All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 7s Details Check with kubeconform / lint (push) Successful in 10s Details Auto-update README / Generate README and Create MR (push) Successful in 6s Details	2025-12-28 12:57:40 +00:00
AB-UK	bbeac646e9	Fixed KHM desktop All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 7s Details Check with kubeconform / lint (push) Successful in 12s Details Auto-update README / Generate README and Create MR (push) Successful in 6s Details	2025-12-28 12:56:37 +00:00
AB-UK	5d4d620681	Fixed KHM desktop All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 8s Details Check with kubeconform / lint (push) Successful in 11s Details Auto-update README / Generate README and Create MR (push) Successful in 6s Details	2025-12-28 12:54:06 +00:00