Auto-update README with current k8s applications

Generated by CI/CD workflow on 2026-06-04 12:27:28

This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.

README.md

@@ -13,15 +13,19 @@ ArgoCD homelab project
 | Application | Status |
 | :--- | :---: |
 | **argocd** | [![argocd](https://ag.hexor.cy/api/badge?name=argocd&revision=true)](https://ag.hexor.cy/applications/argocd/argocd) |
+| **auth-proxy** | [![auth-proxy](https://ag.hexor.cy/api/badge?name=auth-proxy&revision=true)](https://ag.hexor.cy/applications/argocd/auth-proxy) |
 | **authentik** | [![authentik](https://ag.hexor.cy/api/badge?name=authentik&revision=true)](https://ag.hexor.cy/applications/argocd/authentik) |
 | **cert-manager** | [![cert-manager](https://ag.hexor.cy/api/badge?name=cert-manager&revision=true)](https://ag.hexor.cy/applications/argocd/cert-manager) |
 | **external-secrets** | [![external-secrets](https://ag.hexor.cy/api/badge?name=external-secrets&revision=true)](https://ag.hexor.cy/applications/argocd/external-secrets) |
 | **gpu** | [![gpu](https://ag.hexor.cy/api/badge?name=gpu&revision=true)](https://ag.hexor.cy/applications/argocd/gpu) |
+| **kanidm** | [![kanidm](https://ag.hexor.cy/api/badge?name=kanidm&revision=true)](https://ag.hexor.cy/applications/argocd/kanidm) |
+| **keycloak** | [![keycloak](https://ag.hexor.cy/api/badge?name=keycloak&revision=true)](https://ag.hexor.cy/applications/argocd/keycloak) |
 | **kube-system-custom** | [![kube-system-custom](https://ag.hexor.cy/api/badge?name=kube-system-custom&revision=true)](https://ag.hexor.cy/applications/argocd/kube-system-custom) |
 | **kubernetes-dashboard** | [![kubernetes-dashboard](https://ag.hexor.cy/api/badge?name=kubernetes-dashboard&revision=true)](https://ag.hexor.cy/applications/argocd/kubernetes-dashboard) |
 | **longhorn** | [![longhorn](https://ag.hexor.cy/api/badge?name=longhorn&revision=true)](https://ag.hexor.cy/applications/argocd/longhorn) |
 | **postgresql** | [![postgresql](https://ag.hexor.cy/api/badge?name=postgresql&revision=true)](https://ag.hexor.cy/applications/argocd/postgresql) |
 | **prom-stack** | [![prom-stack](https://ag.hexor.cy/api/badge?name=prom-stack&revision=true)](https://ag.hexor.cy/applications/argocd/prom-stack) |
+| **reloader** | [![reloader](https://ag.hexor.cy/api/badge?name=reloader&revision=true)](https://ag.hexor.cy/applications/argocd/reloader) |
 | **system-upgrade** | [![system-upgrade](https://ag.hexor.cy/api/badge?name=system-upgrade&revision=true)](https://ag.hexor.cy/applications/argocd/system-upgrade) |
 
 ### Games
@@ -39,8 +43,7 @@ ArgoCD homelab project
 | Application | Status |
 | :--- | :---: |
 | **comfyui** | [![comfyui](https://ag.hexor.cy/api/badge?name=comfyui&revision=true)](https://ag.hexor.cy/applications/argocd/comfyui) |
-| **furumi-dev** | [![furumi-dev](https://ag.hexor.cy/api/badge?name=furumi-dev&revision=true)](https://ag.hexor.cy/applications/argocd/furumi-dev) |
+| **furumi** | [![furumi](https://ag.hexor.cy/api/badge?name=furumi&revision=true)](https://ag.hexor.cy/applications/argocd/furumi) |
-| **furumi-server** | [![furumi-server](https://ag.hexor.cy/api/badge?name=furumi-server&revision=true)](https://ag.hexor.cy/applications/argocd/furumi-server) |
 | **gitea** | [![gitea](https://ag.hexor.cy/api/badge?name=gitea&revision=true)](https://ag.hexor.cy/applications/argocd/gitea) |
 | **greece-notifier** | [![greece-notifier](https://ag.hexor.cy/api/badge?name=greece-notifier&revision=true)](https://ag.hexor.cy/applications/argocd/greece-notifier) |
 | **hexound** | [![hexound](https://ag.hexor.cy/api/badge?name=hexound&revision=true)](https://ag.hexor.cy/applications/argocd/hexound) |
@@ -62,9 +65,12 @@ ArgoCD homelab project
 | **sonarr-stack** | [![sonarr-stack](https://ag.hexor.cy/api/badge?name=sonarr-stack&revision=true)](https://ag.hexor.cy/applications/argocd/sonarr-stack) |
 | **stirling-pdf** | [![stirling-pdf](https://ag.hexor.cy/api/badge?name=stirling-pdf&revision=true)](https://ag.hexor.cy/applications/argocd/stirling-pdf) |
 | **syncthing** | [![syncthing](https://ag.hexor.cy/api/badge?name=syncthing&revision=true)](https://ag.hexor.cy/applications/argocd/syncthing) |
+| **teamspeak** | [![teamspeak](https://ag.hexor.cy/api/badge?name=teamspeak&revision=true)](https://ag.hexor.cy/applications/argocd/teamspeak) |
 | **tg-bots** | [![tg-bots](https://ag.hexor.cy/api/badge?name=tg-bots&revision=true)](https://ag.hexor.cy/applications/argocd/tg-bots) |
 | **vaultwarden** | [![vaultwarden](https://ag.hexor.cy/api/badge?name=vaultwarden&revision=true)](https://ag.hexor.cy/applications/argocd/vaultwarden) |
 | **vpn** | [![vpn](https://ag.hexor.cy/api/badge?name=vpn&revision=true)](https://ag.hexor.cy/applications/argocd/vpn) |
+| **web-petting** | [![web-petting](https://ag.hexor.cy/api/badge?name=web-petting&revision=true)](https://ag.hexor.cy/applications/argocd/web-petting) |
+| **wedding** | [![wedding](https://ag.hexor.cy/api/badge?name=wedding&revision=true)](https://ag.hexor.cy/applications/argocd/wedding) |
 | **xandikos** | [![xandikos](https://ag.hexor.cy/api/badge?name=xandikos&revision=true)](https://ag.hexor.cy/applications/argocd/xandikos) |
 
 </td>

k8s/apps/mtproxy/secret-reader-ingress.yaml

@@ -22,7 +22,7 @@ spec:
   entryPoints:
     - websecure
   routes:
-    - match: Host(`secret-reader.hexor.cy`)
+    - match: Host(`proxy.hexor.cy`)
       kind: Rule
       middlewares:
         - name: auth-proxy
@@ -30,16 +30,16 @@ spec:
         - name: secret-reader
           port: 80
   tls:
-    secretName: secret-reader-tls
+    secretName: proxy-tls
 ---
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
-  name: secret-reader-tls
+  name: proxy-tls
 spec:
-  secretName: secret-reader-tls
+  secretName: proxy-tls
   issuerRef:
     name: letsencrypt
     kind: ClusterIssuer
   dnsNames:
-    - secret-reader.hexor.cy
+    - proxy.hexor.cy

k8s/apps/pasarguard/configmap-scripts.yaml

@@ -236,29 +236,52 @@ data:
 
     cd /app
     
-    # Start main process in background
+    write_xray_api_port() {
-    ./main &
+      API_PORT="$1"
-    MAIN_PID=$!
+      case "$API_PORT" in
+        ""|*[!0-9]*)
+          return
+          ;;
+      esac
 
-    # Start continuous port monitoring in background
+      CURRENT_PORT=""
+      if [ -f /shared/xray-api-port ]; then
+        CURRENT_PORT=$(cat /shared/xray-api-port)
+      fi
+
+      if [ "$API_PORT" != "$CURRENT_PORT" ]; then
+        echo "Found xray API port: $API_PORT"
+        echo -n "$API_PORT" > /shared/xray-api-port
+      fi
+    }
+
+    LOG_PIPE="/tmp/pasarguard-main.log"
+    rm -f "$LOG_PIPE"
+    mkfifo "$LOG_PIPE"
+
+    # Capture main logs so the Xray API listener is not confused with Xray's metrics listener.
     {
-      sleep 10  # Wait for xray to start initially
+      while IFS= read -r line; do
-      LAST_PORT=""
+        echo "$line"
-      
+        case "$line" in
-      while true; do
+          *"transport/internet/tcp: listening TCP on 127.0.0.1:"*)
-        API_PORT=$(netstat -tlpn | grep xray | grep 127.0.0.1 | awk '{print $4}' | cut -d: -f2 | head -1)
+            API_PORT=$(echo "$line" | sed -n 's/.*listening TCP on 127\.0\.0\.1:\([0-9][0-9]*\).*/\1/p')
-        if [ -n "$API_PORT" ] && [ "$API_PORT" != "$LAST_PORT" ]; then
+            write_xray_api_port "$API_PORT"
-          echo "Found xray API port: $API_PORT"
+            ;;
-          echo -n "$API_PORT" > /shared/xray-api-port
+        esac
-          LAST_PORT="$API_PORT"
-        fi
-        sleep 5  # Check every 5 seconds
       done
-    } &
+    } < "$LOG_PIPE" &
-    PORT_MONITOR_PID=$!
+    LOG_READER_PID=$!
+
+    # Start main process in background
+    ./main > "$LOG_PIPE" 2>&1 &
+    MAIN_PID=$!
 
     # Wait for main process to finish
     wait $MAIN_PID
+    MAIN_STATUS=$?
 
-    # Clean up port monitor
+    # Clean up log reader
-    kill $PORT_MONITOR_PID 2>/dev/null
+    wait $LOG_READER_PID 2>/dev/null
+    rm -f "$LOG_PIPE"
+    exit $MAIN_STATUS

k8s/apps/pasarguard/daemonset.yaml

@@ -46,7 +46,7 @@ spec:
               mountPath: /scripts
       containers:
         - name: pasarguard-node
-          image: pasarguard/node:v0.4.0
+          image: pasarguard/node:v0.5.0
           imagePullPolicy: Always
           command:
             - /bin/sh
@@ -116,14 +116,20 @@ spec:
             - name: metrics
               containerPort: 9550
               protocol: TCP
-          livenessProbe:
+          startupProbe:
             httpGet:
               path: /scrape
               port: metrics
+            periodSeconds: 10
+            timeoutSeconds: 5
+            failureThreshold: 36
+          livenessProbe:
+            tcpSocket:
+              port: metrics
             initialDelaySeconds: 60
             periodSeconds: 30
             timeoutSeconds: 10
-            failureThreshold: 3
+            failureThreshold: 6
           readinessProbe:
             httpGet:
               path: /scrape

k8s/apps/web-petting/deployment.yaml

@@ -43,10 +43,10 @@ spec:
         env:
         - name: RUST_LOG
           value: "info"
+        - name: WEB_PETTING_DEBUG
+          value: "false"
         resources:
           requests:
             memory: "256Mi"
-            cpu: "350m"
           limits:
             memory: "1Gi"
-            cpu: "1000m"

k8s/core/reloader/app.yaml

@@ -0,0 +1,21 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: reloader
+  namespace: argocd
+spec:
+  project: core
+  destination:
+    namespace: reloader
+    server: https://kubernetes.default.svc
+  source:
+    repoURL: ssh://git@gt.hexor.cy:30022/ab/homelab.git
+    targetRevision: HEAD
+    path: k8s/core/reloader
+  syncPolicy:
+    automated:
+      selfHeal: true
+      prune: true
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true

k8s/core/reloader/kustomization.yaml

@@ -0,0 +1,13 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - app.yaml
+
+helmCharts:
+  - name: reloader
+    repo: https://stakater.github.io/stakater-charts
+    version: 2.2.12
+    releaseName: reloader
+    namespace: reloader
+    valuesFile: values.yaml

k8s/core/reloader/values.yaml

@@ -0,0 +1,24 @@
+reloader:
+  watchGlobally: true
+  autoReloadAll: true
+  reloadOnCreate: true
+  reloadOnDelete: false
+  reloadStrategy: annotations
+  ignoreConfigMaps: false
+  ignoreSecrets: false
+  ignoreJobs: false
+  ignoreCronJobs: false
+  enableHA: true
+  syncAfterRestart: true
+  logLevel: info
+  rbac:
+    enabled: true
+  deployment:
+    replicas: 2
+    resources:
+      requests:
+        cpu: 10m
+        memory: 128Mi
+      limits:
+        cpu: 150m
+        memory: 512Mi