Auto-update README with current k8s applications

Generated by CI/CD workflow on 2026-06-02 16:52:41 This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.
2026-06-02 16:52:41 +00:00
9 changed files with 41 additions and 124 deletions
@@ -13,10 +13,13 @@ ArgoCD homelab project
 | Application | Status |
 | :--- | :---: |
 | **argocd** | [![argocd](https://ag.hexor.cy/api/badge?name=argocd&revision=true)](https://ag.hexor.cy/applications/argocd/argocd) |
 | **auth-proxy** | [![auth-proxy](https://ag.hexor.cy/api/badge?name=auth-proxy&revision=true)](https://ag.hexor.cy/applications/argocd/auth-proxy) |
 | **authentik** | [![authentik](https://ag.hexor.cy/api/badge?name=authentik&revision=true)](https://ag.hexor.cy/applications/argocd/authentik) |
 | **cert-manager** | [![cert-manager](https://ag.hexor.cy/api/badge?name=cert-manager&revision=true)](https://ag.hexor.cy/applications/argocd/cert-manager) |
 | **external-secrets** | [![external-secrets](https://ag.hexor.cy/api/badge?name=external-secrets&revision=true)](https://ag.hexor.cy/applications/argocd/external-secrets) |
 | **gpu** | [![gpu](https://ag.hexor.cy/api/badge?name=gpu&revision=true)](https://ag.hexor.cy/applications/argocd/gpu) |
 | **kanidm** | [![kanidm](https://ag.hexor.cy/api/badge?name=kanidm&revision=true)](https://ag.hexor.cy/applications/argocd/kanidm) |
 | **keycloak** | [![keycloak](https://ag.hexor.cy/api/badge?name=keycloak&revision=true)](https://ag.hexor.cy/applications/argocd/keycloak) |
 | **kube-system-custom** | [![kube-system-custom](https://ag.hexor.cy/api/badge?name=kube-system-custom&revision=true)](https://ag.hexor.cy/applications/argocd/kube-system-custom) |
 | **kubernetes-dashboard** | [![kubernetes-dashboard](https://ag.hexor.cy/api/badge?name=kubernetes-dashboard&revision=true)](https://ag.hexor.cy/applications/argocd/kubernetes-dashboard) |
 | **longhorn** | [![longhorn](https://ag.hexor.cy/api/badge?name=longhorn&revision=true)](https://ag.hexor.cy/applications/argocd/longhorn) |
@@ -39,8 +42,7 @@ ArgoCD homelab project
 | Application | Status |
 | :--- | :---: |
 | **comfyui** | [![comfyui](https://ag.hexor.cy/api/badge?name=comfyui&revision=true)](https://ag.hexor.cy/applications/argocd/comfyui) |
-| **furumi-dev** | [![furumi-dev](https://ag.hexor.cy/api/badge?name=furumi-dev&revision=true)](https://ag.hexor.cy/applications/argocd/furumi-dev) |
+| **furumi** | [![furumi](https://ag.hexor.cy/api/badge?name=furumi&revision=true)](https://ag.hexor.cy/applications/argocd/furumi) |
 | **furumi-server** | [![furumi-server](https://ag.hexor.cy/api/badge?name=furumi-server&revision=true)](https://ag.hexor.cy/applications/argocd/furumi-server) |
 | **gitea** | [![gitea](https://ag.hexor.cy/api/badge?name=gitea&revision=true)](https://ag.hexor.cy/applications/argocd/gitea) |
 | **greece-notifier** | [![greece-notifier](https://ag.hexor.cy/api/badge?name=greece-notifier&revision=true)](https://ag.hexor.cy/applications/argocd/greece-notifier) |
 | **hexound** | [![hexound](https://ag.hexor.cy/api/badge?name=hexound&revision=true)](https://ag.hexor.cy/applications/argocd/hexound) |
@@ -62,9 +64,12 @@ ArgoCD homelab project
 | **sonarr-stack** | [![sonarr-stack](https://ag.hexor.cy/api/badge?name=sonarr-stack&revision=true)](https://ag.hexor.cy/applications/argocd/sonarr-stack) |
 | **stirling-pdf** | [![stirling-pdf](https://ag.hexor.cy/api/badge?name=stirling-pdf&revision=true)](https://ag.hexor.cy/applications/argocd/stirling-pdf) |
 | **syncthing** | [![syncthing](https://ag.hexor.cy/api/badge?name=syncthing&revision=true)](https://ag.hexor.cy/applications/argocd/syncthing) |
 | **teamspeak** | [![teamspeak](https://ag.hexor.cy/api/badge?name=teamspeak&revision=true)](https://ag.hexor.cy/applications/argocd/teamspeak) |
 | **tg-bots** | [![tg-bots](https://ag.hexor.cy/api/badge?name=tg-bots&revision=true)](https://ag.hexor.cy/applications/argocd/tg-bots) |
 | **vaultwarden** | [![vaultwarden](https://ag.hexor.cy/api/badge?name=vaultwarden&revision=true)](https://ag.hexor.cy/applications/argocd/vaultwarden) |
 | **vpn** | [![vpn](https://ag.hexor.cy/api/badge?name=vpn&revision=true)](https://ag.hexor.cy/applications/argocd/vpn) |
 | **web-petting** | [![web-petting](https://ag.hexor.cy/api/badge?name=web-petting&revision=true)](https://ag.hexor.cy/applications/argocd/web-petting) |
 | **wedding** | [![wedding](https://ag.hexor.cy/api/badge?name=wedding&revision=true)](https://ag.hexor.cy/applications/argocd/wedding) |
 | **xandikos** | [![xandikos](https://ag.hexor.cy/api/badge?name=xandikos&revision=true)](https://ag.hexor.cy/applications/argocd/xandikos) |
 </td>
@@ -22,7 +22,7 @@ spec:
  entryPoints:
    - websecure
  routes:
-    - match: Host(`proxy.hexor.cy`)
+    - match: Host(`secret-reader.hexor.cy`)
      kind: Rule
      middlewares:
        - name: auth-proxy
@@ -30,16 +30,16 @@ spec:
        - name: secret-reader
          port: 80
  tls:
-    secretName: proxy-tls
+    secretName: secret-reader-tls
 ---
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
-  name: proxy-tls
+  name: secret-reader-tls
 spec:
-  secretName: proxy-tls
+  secretName: secret-reader-tls
  issuerRef:
    name: letsencrypt
    kind: ClusterIssuer
  dnsNames:
-    - proxy.hexor.cy
+    - secret-reader.hexor.cy
@@ -236,52 +236,29 @@ data:
    cd /app
    write_xray_api_port() {
      API_PORT="$1"
      case "$API_PORT" in
        ""|*[!0-9]*)
          return
          ;;
      esac
      CURRENT_PORT=""
      if [ -f /shared/xray-api-port ]; then
        CURRENT_PORT=$(cat /shared/xray-api-port)
      fi
      if [ "$API_PORT" != "$CURRENT_PORT" ]; then
        echo "Found xray API port: $API_PORT"
        echo -n "$API_PORT" > /shared/xray-api-port
      fi
    }
    LOG_PIPE="/tmp/pasarguard-main.log"
    rm -f "$LOG_PIPE"
    mkfifo "$LOG_PIPE"
    # Capture main logs so the Xray API listener is not confused with Xray's metrics listener.
    {
      while IFS= read -r line; do
        echo "$line"
        case "$line" in
          *"transport/internet/tcp: listening TCP on 127.0.0.1:"*)
            API_PORT=$(echo "$line" | sed -n 's/.*listening TCP on 127\.0\.0\.1:\([0-9][0-9]*\).*/\1/p')
            write_xray_api_port "$API_PORT"
            ;;
        esac
      done
    } < "$LOG_PIPE" &
    LOG_READER_PID=$!
    # Start main process in background
-    ./main > "$LOG_PIPE" 2>&1 &
+    ./main &
    MAIN_PID=$!
    # Start continuous port monitoring in background
    {
      sleep 10  # Wait for xray to start initially
      LAST_PORT=""
      while true; do
        API_PORT=$(netstat -tlpn | grep xray | grep 127.0.0.1 | awk '{print $4}' | cut -d: -f2 | head -1)
        if [ -n "$API_PORT" ] && [ "$API_PORT" != "$LAST_PORT" ]; then
          echo "Found xray API port: $API_PORT"
          echo -n "$API_PORT" > /shared/xray-api-port
          LAST_PORT="$API_PORT"
        fi
        sleep 5  # Check every 5 seconds
      done
    } &
    PORT_MONITOR_PID=$!
    # Wait for main process to finish
    wait $MAIN_PID
    MAIN_STATUS=$?
-    # Clean up log reader
+    # Clean up port monitor
-    wait $LOG_READER_PID 2>/dev/null
+    kill $PORT_MONITOR_PID 2>/dev/null
    rm -f "$LOG_PIPE"
    exit $MAIN_STATUS
@@ -46,7 +46,7 @@ spec:
              mountPath: /scripts
      containers:
        - name: pasarguard-node
-          image: pasarguard/node:v0.5.0
+          image: pasarguard/node:v0.4.0
          imagePullPolicy: Always
          command:
            - /bin/sh
@@ -116,20 +116,14 @@ spec:
            - name: metrics
              containerPort: 9550
              protocol: TCP
-          startupProbe:
+          livenessProbe:
            httpGet:
              path: /scrape
              port: metrics
            periodSeconds: 10
            timeoutSeconds: 5
            failureThreshold: 36
          livenessProbe:
            tcpSocket:
              port: metrics
            initialDelaySeconds: 60
            periodSeconds: 30
            timeoutSeconds: 10
-            failureThreshold: 6
+            failureThreshold: 3
          readinessProbe:
            httpGet:
              path: /scrape
@@ -43,8 +43,6 @@ spec:
        env:
        - name: RUST_LOG
          value: "info"
        - name: WEB_PETTING_DEBUG
          value: "false"
        resources:
          requests:
            memory: "256Mi"
@@ -1,21 +0,0 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: reloader
  namespace: argocd
 spec:
  project: core
  destination:
    namespace: reloader
    server: https://kubernetes.default.svc
  source:
    repoURL: ssh://git@gt.hexor.cy:30022/ab/homelab.git
    targetRevision: HEAD
    path: k8s/core/reloader
  syncPolicy:
    automated:
      selfHeal: true
      prune: true
    syncOptions:
      - CreateNamespace=true
      - ServerSideApply=true
@@ -1,13 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - app.yaml
 helmCharts:
  - name: reloader
    repo: https://stakater.github.io/stakater-charts
    version: 2.2.12
    releaseName: reloader
    namespace: reloader
    valuesFile: values.yaml
@@ -1,24 +0,0 @@
 reloader:
  watchGlobally: true
  autoReloadAll: true
  reloadOnCreate: true
  reloadOnDelete: false
  reloadStrategy: annotations
  ignoreConfigMaps: false
  ignoreSecrets: false
  ignoreJobs: false
  ignoreCronJobs: false
  enableHA: true
  syncAfterRestart: true
  logLevel: info
  rbac:
    enabled: true
  deployment:
    replicas: 2
    resources:
      requests:
        cpu: 10m
        memory: 128Mi
      limits:
        cpu: 150m
        memory: 512Mi
@@ -9,12 +9,12 @@ groups = [
 proxy_applications = {
  secret-reader = {
-    domain         = "proxy.hexor.cy"
+    domain         = "secret-reader.hexor.cy"
-    allowed_groups = ["hexor-admin", "app-pass"]
+    allowed_groups = ["hexor-guest", "hexor-admin"]
  }
  pass = {
    domain         = "pass.hexor.cy"
-    allowed_groups = ["hexor-admin", "app-pass"]
+    allowed_groups = ["hexor-guest", "hexor-admin"]
  }
 }
@@ -56,3 +56,4 @@ oauth2_applications = {
    post_logout_redirect_uris = ["https://pet.hexor.cy/*", "https://xn--l1acako8eb.xn--p1ai/*", "https://мурняня.рф/*"]
  }
 }