Auto-update README with current k8s applications

Generated by CI/CD workflow on 2026-03-20 09:37:41 This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.
Authentik hostfix
2026-03-20 09:37:41 +00:00 · 2026-03-20 09:37:05 +00:00
3 changed files with 89 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -16,6 +16,7 @@ ArgoCD homelab project
 | **authentik** | [![authentik](https://ag.hexor.cy/api/badge?name=authentik&revision=true)](https://ag.hexor.cy/applications/argocd/authentik) |
 | **cert-manager** | [![cert-manager](https://ag.hexor.cy/api/badge?name=cert-manager&revision=true)](https://ag.hexor.cy/applications/argocd/cert-manager) |
 | **external-secrets** | [![external-secrets](https://ag.hexor.cy/api/badge?name=external-secrets&revision=true)](https://ag.hexor.cy/applications/argocd/external-secrets) |
 | **gpu** | [![gpu](https://ag.hexor.cy/api/badge?name=gpu&revision=true)](https://ag.hexor.cy/applications/argocd/gpu) |
 | **kube-system-custom** | [![kube-system-custom](https://ag.hexor.cy/api/badge?name=kube-system-custom&revision=true)](https://ag.hexor.cy/applications/argocd/kube-system-custom) |
 | **kubernetes-dashboard** | [![kubernetes-dashboard](https://ag.hexor.cy/api/badge?name=kubernetes-dashboard&revision=true)](https://ag.hexor.cy/applications/argocd/kubernetes-dashboard) |
 | **longhorn** | [![longhorn](https://ag.hexor.cy/api/badge?name=longhorn&revision=true)](https://ag.hexor.cy/applications/argocd/longhorn) |
@@ -37,6 +38,9 @@ ArgoCD homelab project
 | Application | Status |
 | :--- | :---: |
 | **comfyui** | [![comfyui](https://ag.hexor.cy/api/badge?name=comfyui&revision=true)](https://ag.hexor.cy/applications/argocd/comfyui) |
 | **furumi-dev** | [![furumi-dev](https://ag.hexor.cy/api/badge?name=furumi-dev&revision=true)](https://ag.hexor.cy/applications/argocd/furumi-dev) |
 | **furumi-server** | [![furumi-server](https://ag.hexor.cy/api/badge?name=furumi-server&revision=true)](https://ag.hexor.cy/applications/argocd/furumi-server) |
 | **gitea** | [![gitea](https://ag.hexor.cy/api/badge?name=gitea&revision=true)](https://ag.hexor.cy/applications/argocd/gitea) |
 | **greece-notifier** | [![greece-notifier](https://ag.hexor.cy/api/badge?name=greece-notifier&revision=true)](https://ag.hexor.cy/applications/argocd/greece-notifier) |
 | **hexound** | [![hexound](https://ag.hexor.cy/api/badge?name=hexound&revision=true)](https://ag.hexor.cy/applications/argocd/hexound) |
@@ -45,6 +49,9 @@ ArgoCD homelab project
 | **jellyfin** | [![jellyfin](https://ag.hexor.cy/api/badge?name=jellyfin&revision=true)](https://ag.hexor.cy/applications/argocd/jellyfin) |
 | **k8s-secrets** | [![k8s-secrets](https://ag.hexor.cy/api/badge?name=k8s-secrets&revision=true)](https://ag.hexor.cy/applications/argocd/k8s-secrets) |
 | **khm** | [![khm](https://ag.hexor.cy/api/badge?name=khm&revision=true)](https://ag.hexor.cy/applications/argocd/khm) |
 | **lidarr** | [![lidarr](https://ag.hexor.cy/api/badge?name=lidarr&revision=true)](https://ag.hexor.cy/applications/argocd/lidarr) |
 | **matrix** | [![matrix](https://ag.hexor.cy/api/badge?name=matrix&revision=true)](https://ag.hexor.cy/applications/argocd/matrix) |
 | **mtproxy** | [![mtproxy](https://ag.hexor.cy/api/badge?name=mtproxy&revision=true)](https://ag.hexor.cy/applications/argocd/mtproxy) |
 | **n8n** | [![n8n](https://ag.hexor.cy/api/badge?name=n8n&revision=true)](https://ag.hexor.cy/applications/argocd/n8n) |
 | **ollama** | [![ollama](https://ag.hexor.cy/api/badge?name=ollama&revision=true)](https://ag.hexor.cy/applications/argocd/ollama) |
 | **paperless** | [![paperless](https://ag.hexor.cy/api/badge?name=paperless&revision=true)](https://ag.hexor.cy/applications/argocd/paperless) |
--- a/k8s/core/authentik/kustomization.yaml
+++ b/k8s/core/authentik/kustomization.yaml
@@ -5,6 +5,7 @@ resources:
  - app.yaml
  - external-secrets.yaml
  - https-middleware.yaml
  - outpost-selector-fix.yaml
 # - worker-restart.yaml
 helmCharts:
--- a/k8s/core/authentik/outpost-selector-fix.yaml
+++ b/k8s/core/authentik/outpost-selector-fix.yaml
@@ -0,0 +1,81 @@
 ## Workaround for authentik bug: embedded outpost controller creates
 ## a Service with selectors that don't match the pod labels it sets.
 ## Remove this after upgrading to a version with the fix.
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: outpost-selector-fix
  namespace: authentik
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  name: outpost-selector-fix
  namespace: authentik
 rules:
  - apiGroups: [""]
    resources: ["services"]
    verbs: ["get", "patch"]
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: outpost-selector-fix
  namespace: authentik
 subjects:
  - kind: ServiceAccount
    name: outpost-selector-fix
    namespace: authentik
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: outpost-selector-fix
 ---
 apiVersion: batch/v1
 kind: CronJob
 metadata:
  name: outpost-selector-fix
  namespace: authentik
 spec:
  schedule: "*/5 * * * *"
  successfulJobsHistoryLimit: 1
  failedJobsHistoryLimit: 3
  concurrencyPolicy: Replace
  jobTemplate:
    spec:
      ttlSecondsAfterFinished: 300
      template:
        spec:
          serviceAccountName: outpost-selector-fix
          restartPolicy: OnFailure
          containers:
            - name: fix
              image: bitnami/kubectl:latest
              command:
                - /bin/sh
                - -c
                - |
                  SVC="ak-outpost-authentik-embedded-outpost"
                  # check if endpoints are populated
                  ADDRS=$(kubectl get endpoints "$SVC" -n authentik -o jsonpath='{.subsets[*].addresses[*].ip}' 2>/dev/null)
                  if [ -n "$ADDRS" ]; then
                    echo "Endpoints OK ($ADDRS), nothing to fix"
                    exit 0
                  fi
                  echo "No endpoints for $SVC, patching selector..."
                  kubectl patch svc "$SVC" -n authentik --type=json -p '[
                    {"op":"remove","path":"/spec/selector/app.kubernetes.io~1component"},
                    {"op":"replace","path":"/spec/selector/app.kubernetes.io~1name","value":"authentik-outpost-proxy"}
                  ]'
                  echo "Patched. Verifying..."
                  sleep 2
                  ADDRS=$(kubectl get endpoints "$SVC" -n authentik -o jsonpath='{.subsets[*].addresses[*].ip}' 2>/dev/null)
                  if [ -n "$ADDRS" ]; then
                    echo "Fix confirmed, endpoints: $ADDRS"
                  else
                    echo "WARNING: still no endpoints after patch"
                    exit 1
                  fi
Author	SHA1	Message	Date
Gitea Actions Bot	a5e390714d	Auto-update README with current k8s applications All checks were successful Terraform / Terraform (pull_request) Successful in 25s Details Generated by CI/CD workflow on 2026-03-20 09:37:41 This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.	2026-03-20 09:37:41 +00:00
Ultradesu	4151deca72	Authentik hostfix All checks were successful Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 13s Details Check with kubeconform / lint (push) Successful in 9s Details Auto-update README / Generate README and Create MR (push) Successful in 8s Details	2026-03-20 09:37:05 +00:00