Auto-update README with current k8s applications

Generated by CI/CD workflow on 2026-06-17 13:54:11 This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.
2026-06-17 13:54:11 +00:00
6 changed files with 32 additions and 80 deletions
@@ -30,21 +30,6 @@ data:
      fi
    }
    delete_rule() {
      local table_args=()
      if [ "${1:-}" = "-t" ]; then
        table_args=("$1" "$2")
        shift 2
      fi
      local chain="$1"
      shift
      while iptables "${table_args[@]}" -D "${chain}" "$@" >/dev/null 2>&1; do
        true
      done
    }
    ensure_append_rule() {
      local table_args=()
      if [ "${1:-}" = "-t" ]; then
@@ -71,7 +56,6 @@ data:
    sysctl -w net.ipv4.ip_forward=1
    delete_rule INPUT -i tailscale0 -p udp -m comment --comment amneziawg-block-tailscale -j DROP
    ensure_insert_rule INPUT -i "${EXT_IF}" -p udp --dport "${PORT}" -m comment --comment amneziawg-allow-external -j ACCEPT
    ensure_insert_rule INPUT -i tailscale0 -p udp --dport "${PORT}" -m comment --comment amneziawg-block-tailscale -j DROP
    ensure_append_rule INPUT -i awg0 -m comment --comment amneziawg-awg-input -j ACCEPT
@@ -116,7 +100,6 @@ data:
    fi
    delete_rule INPUT -i tailscale0 -p udp --dport "${PORT}" -m comment --comment amneziawg-block-tailscale -j DROP
    delete_rule INPUT -i tailscale0 -p udp -m comment --comment amneziawg-block-tailscale -j DROP
    delete_rule INPUT -i awg0 -m comment --comment amneziawg-awg-input -j ACCEPT
    delete_rule FORWARD -i awg0 -m comment --comment amneziawg-forward-in -j ACCEPT
    delete_rule FORWARD -o awg0 -m comment --comment amneziawg-forward-out -j ACCEPT
@@ -41,18 +41,18 @@ spec:
            - name: GITEA__service__REGISTER_MANUAL_CONFIRM
              value: "true"
            - name: GITEA__service__ENABLE_CAPTCHA
              value: "true"
            - name: GITEA__service__REQUIRE_CAPTCHA_FOR_LOGIN
              value: "false"
            - name: GITEA__service__REQUIRE_CAPTCHA_FOR_LOGIN
              value: "true"
            - name: GITEA__service__REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA
              value: "true"
            - name: GITEA__service__CAPTCHA_TYPE
-              value: "cfturnstile"
+              value: "hcaptcha"
            - name: GITEA__webhook__ALLOWED_HOST_LIST
              value: "*"
          envFrom:
          - secretRef:
-              name: gitea-runner-act-runner-secrets
+              name: gitea-recapcha-creds
          ports:
            - name: http
              containerPort: 3000
@@ -13,10 +13,6 @@ spec:
      data:
        token: |-
          {{ .password }}
        GITEA__service__CF_TURNSTILE_SITEKEY: |-
          {{ .CF_TURNSTILE_SITEKEY }}
        GITEA__service__CF_TURNSTILE_SECRET: |-
          {{ .CF_TURNSTILE_SECRET }}
  data:
    - secretKey: password
      sourceRef:
@@ -26,19 +22,38 @@ spec:
      remoteRef:
        key: e475b5ab-ea3c-48a5-bb4c-a6bc552fc064
        property: login.password
-    - secretKey: CF_TURNSTILE_SITEKEY
+
 ---
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
 metadata:
  name: gitea-recapcha-creds
 spec:
  refreshInterval: 1m
  target:
    name: gitea-recapcha-creds
    deletionPolicy: Delete
    template:
      type: Opaque
      data:
        GITEA__service__HCAPTCHA_SITEKEY: |-
          {{ .HCAPTCHA_SITEKEY }}
        GITEA__service__HCAPTCHA_SECRET: |-
          {{ .HCAPTCHA_SECRET }}
  data:
    - secretKey: HCAPTCHA_SITEKEY
      sourceRef:
        storeRef:
          name: vaultwarden-login
          kind: ClusterSecretStore
      remoteRef:
-        key: e475b5ab-ea3c-48a5-bb4c-a6bc552fc064
+        key: 89c8d8d2-6b53-42c5-805f-38a341ef163e
-        property: fields[0].value
+        property: login.username
-    - secretKey: CF_TURNSTILE_SECRET
+    - secretKey: HCAPTCHA_SECRET
      sourceRef:
        storeRef:
          name: vaultwarden-login
          kind: ClusterSecretStore
      remoteRef:
-        key: e475b5ab-ea3c-48a5-bb4c-a6bc552fc064
+        key: 89c8d8d2-6b53-42c5-805f-38a341ef163e
-        property: fields[1].value
+        property: login.password
@@ -7,7 +7,7 @@ kind: Kustomization
 helmCharts:
  - name: longhorn
    repo: https://charts.longhorn.io
-    version: 1.12.0
+    version: 1.11.2
    releaseName: longhorn
    namespace: longhorn
    valuesFile: values.yaml
@@ -1,54 +1,7 @@
 global:
  tolerations:
    - key: "workload"
      operator: "Exists"
      effect: "NoSchedule"
    - key: "node.kubernetes.io/unreachable"
      operator: "Exists"
      effect: "NoSchedule"
    - key: "node.kubernetes.io/unreachable"
      operator: "Exists"
      effect: "NoExecute"
 longhornManager:
  tolerations:
    - key: "workload"
      operator: "Exists"
      effect: "NoSchedule"
    - key: "node.kubernetes.io/unreachable"
      operator: "Exists"
      effect: "NoSchedule"
    - key: "node.kubernetes.io/unreachable"
      operator: "Exists"
      effect: "NoExecute"
 longhornDriver:
  tolerations:
    - key: "workload"
      operator: "Exists"
      effect: "NoSchedule"
    - key: "node.kubernetes.io/unreachable"
      operator: "Exists"
      effect: "NoSchedule"
    - key: "node.kubernetes.io/unreachable"
      operator: "Exists"
      effect: "NoExecute"
 longhornUI:
  replicas: 1
  tolerations:
    - key: "workload"
      operator: "Exists"
      effect: "NoSchedule"
    - key: "node.kubernetes.io/unreachable"
      operator: "Exists"
      effect: "NoSchedule"
    - key: "node.kubernetes.io/unreachable"
      operator: "Exists"
      effect: "NoExecute"
 defaultSettings:
  taintToleration: "workload=ai:NoSchedule; workload=desktop:NoSchedule; node.kubernetes.io/unreachable:NoSchedule; node.kubernetes.io/unreachable:NoExecute"
  # Keep new instance-manager pods schedulable on nodes with high CPU requests.
  guaranteedInstanceManagerCPU: '{"v1":"6","v2":"6"}'
@@ -1,3 +1,4 @@
 alertmanager:
  config:
    global:
@@ -24,7 +25,7 @@ alertmanager:
              {{ end }}
  ingress:
-    enabled: false
+    enabled: true
    ingressClassName: traefik
    annotations:
      cert-manager.io/cluster-issuer: letsencrypt