Auto-update README with current k8s applications

Generated by CI/CD workflow on 2026-02-04 15:10:57

This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.

k8s/apps/n8n/kustomization.yaml

@@ -5,7 +5,6 @@ kind: Kustomization
 resources:
   - external-secrets.yaml
   - storage.yaml
-  - rbac.yaml
 
 helmCharts:
   - name: n8n

k8s/apps/n8n/rbac.yaml

@@ -1,71 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: n8n-readonly
-rules:
-- apiGroups: [""]
-  resources: 
-    - pods
-    - services
-    - endpoints
-    - persistentvolumeclaims
-    - persistentvolumes
-    - configmaps
-    - secrets
-    - nodes
-    - namespaces
-    - events
-  verbs: ["get", "list", "watch"]
-- apiGroups: ["apps"]
-  resources:
-    - deployments
-    - replicasets
-    - statefulsets
-    - daemonsets
-  verbs: ["get", "list", "watch"]
-- apiGroups: ["networking.k8s.io"]
-  resources:
-    - ingresses
-    - networkpolicies
-  verbs: ["get", "list", "watch"]
-- apiGroups: ["extensions"]
-  resources:
-    - ingresses
-  verbs: ["get", "list", "watch"]
-- apiGroups: ["autoscaling"]
-  resources:
-    - horizontalpodautoscalers
-  verbs: ["get", "list", "watch"]
-- apiGroups: ["batch"]
-  resources:
-    - jobs
-    - cronjobs
-  verbs: ["get", "list", "watch"]
-- apiGroups: ["metrics.k8s.io"]
-  resources:
-    - pods
-    - nodes
-  verbs: ["get", "list"]
-- apiGroups: ["storage.k8s.io"]
-  resources:
-    - storageclasses
-  verbs: ["get", "list", "watch"]
-- apiGroups: ["policy"]
-  resources:
-    - poddisruptionbudgets
-  verbs: ["get", "list", "watch"]
-
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: n8n-readonly
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: n8n-readonly
-subjects:
-- kind: ServiceAccount
-  name: n8n-readonly
-  namespace: n8n

k8s/apps/n8n/values-n8n.yaml

@@ -1,13 +1,10 @@
 nodeSelector:
   kubernetes.io/hostname: master.tail2fe2d.ts.net
 
-
 db:
   type: postgresdb
 
 main:
-  extraEnvVars: 
-    NODES_EXCLUDE: "[]"
   resources:
     requests:
       cpu: 100m
@@ -21,30 +18,30 @@ main:
     mountPath: /home/node/.n8n
 
 podSecurityContext:
-  runAsUser: 1000
-  runAsGroup: 1000
-  runAsNonRoot: true
-
-# Configure health probes for slow startup
-main:
-  livenessProbe:
-    httpGet:
-      path: /healthz
-      port: http
-    initialDelaySeconds: 120
-    periodSeconds: 30
-    timeoutSeconds: 10
-    failureThreshold: 6
-  
-  readinessProbe:
-    httpGet:
-      path: /healthz/readiness
-      port: http
-    initialDelaySeconds: 60
-    periodSeconds: 10
-    timeoutSeconds: 5
-    failureThreshold: 10
+  fsGroup: 1000
+  fsGroupChangePolicy: "OnRootMismatch"
 
+# Fix NFS permission issues - required for NFS volumes
+initContainers:
+  - name: fix-permissions
+    image: busybox:1.35
+    command:
+      - sh
+      - -c  
+      - |
+        echo "Fixing permissions for NFS volume..."
+        if [ ! -d "/home/node/.n8n" ]; then
+          mkdir -p /home/node/.n8n
+        fi
+        chown -R 1000:1000 /home/node/.n8n
+        chmod -R 775 /home/node/.n8n
+        echo "Permissions fixed: $(ls -ld /home/node/.n8n)"
+    volumeMounts:
+      - name: node-modules  
+        mountPath: /home/node/.n8n
+    securityContext:
+      runAsUser: 0
+      runAsGroup: 0
 
 worker:
   mode: regular
@@ -57,12 +54,6 @@ redis:
 
 existingEncryptionKeySecret: credentials
 
-serviceAccount:
-  create: true
-  automount: true
-  annotations: {}
-  name: "n8n-readonly"
-
 externalPostgresql:
   existingSecret: credentials
   host: "psql.psql.svc"