Auto-update README with current k8s applications

Generated by CI/CD workflow on 2026-02-03 22:07:26 This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.
2026-02-03 22:07:26 +00:00
8 changed files with 59 additions and 149 deletions
--- a/README.md
+++ b/README.md
@@ -44,6 +44,7 @@ ArgoCD homelab project
 | **jellyfin** | [![jellyfin](https://ag.hexor.cy/api/badge?name=jellyfin&revision=true)](https://ag.hexor.cy/applications/argocd/jellyfin) |
 | **k8s-secrets** | [![k8s-secrets](https://ag.hexor.cy/api/badge?name=k8s-secrets&revision=true)](https://ag.hexor.cy/applications/argocd/k8s-secrets) |
 | **khm** | [![khm](https://ag.hexor.cy/api/badge?name=khm&revision=true)](https://ag.hexor.cy/applications/argocd/khm) |
 | **n8n** | [![n8n](https://ag.hexor.cy/api/badge?name=n8n&revision=true)](https://ag.hexor.cy/applications/argocd/n8n) |
 | **ollama** | [![ollama](https://ag.hexor.cy/api/badge?name=ollama&revision=true)](https://ag.hexor.cy/applications/argocd/ollama) |
 | **paperless** | [![paperless](https://ag.hexor.cy/api/badge?name=paperless&revision=true)](https://ag.hexor.cy/applications/argocd/paperless) |
 | **pasarguard** | [![pasarguard](https://ag.hexor.cy/api/badge?name=pasarguard&revision=true)](https://ag.hexor.cy/applications/argocd/pasarguard) |
--- a/k8s/apps/n8n/external-secrets.yaml
+++ b/k8s/apps/n8n/external-secrets.yaml
@@ -2,18 +2,18 @@
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
 metadata:
-  name: credentials
+  name: postgres-password
 spec:
  target:
-    name: credentials
+    name: postgres-password
    deletionPolicy: Delete
    template:
      type: Opaque
      data:
-        postgres-password: "{{ .psql | trim }}"
+        postgres-password: |-
-        N8N_ENCRYPTION_KEY: "{{ .enc_pass | trim }}"
+          {{ .n8n }}
  data:
-    - secretKey: psql
+    - secretKey: n8n
      sourceRef:
        storeRef:
          name: vaultwarden-login
@@ -24,14 +24,5 @@ spec:
        metadataPolicy: None
        key: 2a9deb39-ef22-433e-a1be-df1555625e22
        property: fields[13].value
-    - secretKey: enc_pass
+
-      sourceRef:
+
        storeRef:
          name: vaultwarden-login
          kind: ClusterSecretStore
      remoteRef:
        conversionStrategy: Default
        decodingStrategy: None
        metadataPolicy: None
        key: 18c92d73-9637-4419-8642-7f7b308460cb
        property: fields[0].value
--- a/k8s/apps/n8n/kustomization.yaml
+++ b/k8s/apps/n8n/kustomization.yaml
@@ -1,10 +1,8 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 # Updated: Fixed n8n volume permissions issue
 resources:
  - external-secrets.yaml
  - storage.yaml
 helmCharts:
  - name: n8n
@@ -12,12 +10,6 @@ helmCharts:
    version: 1.16.28
    releaseName: n8n
    namespace: n8n
-    valuesFile: values-n8n.yaml
+    valuesFile: values.yaml
    includeCRDs: true
  - name: yacy
    repo: https://gt.hexor.cy/api/packages/ab/helm
    version: 0.1.2
    releaseName: yacy
    namespace: n8n
    valuesFile: values-yacy.yaml
    includeCRDs: true
--- a/k8s/apps/n8n/storage.yaml
+++ b/k8s/apps/n8n/storage.yaml
@@ -1,12 +0,0 @@
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: n8n-home
 spec:
  accessModes:
    - ReadWriteMany
  storageClassName: nfs-csi
  resources:
    requests:
      storage: 10Gi
--- a/k8s/apps/n8n/values-n8n.yaml
+++ b/k8s/apps/n8n/values-n8n.yaml
@@ -1,79 +0,0 @@
 nodeSelector:
  kubernetes.io/hostname: master.tail2fe2d.ts.net
 db:
  type: postgresdb
 main:
  resources:
    requests:
      cpu: 100m
      memory: 128Mi
    limits:
      cpu: 512m
      memory: 512Mi
  persistence:
    enabled: true
    existingClaim: n8n-home
    mountPath: /home/node/.n8n
 podSecurityContext:
  fsGroup: 1000
  fsGroupChangePolicy: "OnRootMismatch"
 # Fix NFS permission issues - required for NFS volumes
 initContainers:
  - name: fix-permissions
    image: busybox:1.35
    command:
      - sh
      - -c  
      - |
        echo "Fixing permissions for NFS volume..."
        if [ ! -d "/home/node/.n8n" ]; then
          mkdir -p /home/node/.n8n
        fi
        chown -R 1000:1000 /home/node/.n8n
        chmod -R 775 /home/node/.n8n
        echo "Permissions fixed: $(ls -ld /home/node/.n8n)"
    volumeMounts:
      - name: node-modules  
        mountPath: /home/node/.n8n
    securityContext:
      runAsUser: 0
      runAsGroup: 0
 worker:
  mode: regular
 webhook:
  url: https://n8n.hexor.cy
 redis:
  enabled: true
 existingEncryptionKeySecret: credentials
 externalPostgresql:
  existingSecret: credentials
  host: "psql.psql.svc"
  username: "n8n"
  database: "n8n"
 ingress:
  enabled: true
  className: traefik
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt
    traefik.ingress.kubernetes.io/router.middlewares: kube-system-https-redirect@kubernetescrd
  hosts:
    - host: n8n.hexor.cy
      paths:
        - path: /
          pathType: Prefix
  tls:
    - secretName: n8n-tls
      hosts:
        - '*.hexor.cy'
--- a/k8s/apps/n8n/values-yacy.yaml
+++ b/k8s/apps/n8n/values-yacy.yaml
@@ -1,24 +0,0 @@
 nodeSelector:
  kubernetes.io/hostname: master.tail2fe2d.ts.net
 resources:
  limits:
    memory: 2Gi
  requests:
    memory: 1Gi
 persistence:
  enabled: true
  size: 10Gi
 yacy:
  network:
    mode: "intranet"
  config:
    network.unit.bootstrap.seedlist: ""
    network.unit.remotecrawl: "false"
    network.unit.dhtredundancy.junior: "1"
    network.unit.dhtredundancy.senior: "1"
    index.receive.allow: "false"
    index.distribute.allow: "false"
    crawl.response.timeout: "10000"
--- a/k8s/apps/n8n/values.yaml
+++ b/k8s/apps/n8n/values.yaml
@@ -0,0 +1,47 @@
 webhook:
  url: https://n8n.hexor.cy
 db:
  type: postgresdb
 worker:
  mode: queue
 redis:
  enabled: true
 externalPostgresql:
  existingSecret: postgres-password
  host: "psql.psql.svc"
  username: "n8n"
  database: "n8n"
 main:
  resources:
    requests:
      cpu: 100m
      memory: 128Mi
    limits:
      cpu: 512m
      memory: 512Mi
 ingress:
  enabled: true
  className: traefik
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt
    traefik.ingress.kubernetes.io/router.middlewares: kube-system-https-redirect@kubernetescrd
  hosts:
    - host: n8n.hexor.cy
      paths:
        - path: /
          pathType: Prefix
  tls:
    - secretName: n8n-tls
      hosts:
        - '*.hexor.cy'
 nodeSelector:
  kubernetes.io/hostname: master.tail2fe2d.ts.net
--- a/k8s/core/kube-system-custom/nfs-storage.yaml
+++ b/k8s/core/kube-system-custom/nfs-storage.yaml
@@ -10,11 +10,5 @@ parameters:
 reclaimPolicy: Retain
 volumeBindingMode: Immediate
 mountOptions:
-  - nfsvers=4.1
+  - vers=4
-  - rsize=1048576
+  - hard
  - wsize=1048576
  - timeo=14
  - intr
  - bg
  - soft
  - noatime