From 6d137af6dc41e37b1264992e034a15c396c7d867 Mon Sep 17 00:00:00 2001 From: bot Date: Sat, 9 Nov 2024 12:32:08 +0000 Subject: [PATCH 01/13] home-assistant: Update to 2024.11.1 --- home-assistant/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home-assistant/kustomization.yaml b/home-assistant/kustomization.yaml index 738951b..e470138 100644 --- a/home-assistant/kustomization.yaml +++ b/home-assistant/kustomization.yaml @@ -117,7 +117,7 @@ patches: name: dch-root-ca images: - name: ghcr.io/home-assistant/home-assistant - newTag: 2024.10.3 + newTag: 2024.11.1 - name: docker.io/rhasspy/wyoming-whisper newTag: 2.2.0 - name: docker.io/rhasspy/wyoming-piper From 0db830a670e960cea8cbfc43b1756404486ee786 Mon Sep 17 00:00:00 2001 From: bot Date: Sat, 9 Nov 2024 12:32:08 +0000 Subject: [PATCH 02/13] zigbee2mqtt: Update to 1.41.0 --- home-assistant/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home-assistant/kustomization.yaml b/home-assistant/kustomization.yaml index e470138..6b47efb 100644 --- a/home-assistant/kustomization.yaml +++ b/home-assistant/kustomization.yaml @@ -123,7 +123,7 @@ images: - name: docker.io/rhasspy/wyoming-piper newTag: 1.5.0 - name: docker.io/koenkk/zigbee2mqtt - newTag: 1.40.2 + newTag: 1.41.0 - name: docker.io/zwavejs/zwave-js-ui newTag: 9.24.0 - name: docker.io/library/eclipse-mosquitto From f7eb3b49e7378a99aa38d6c863c27ec448bd0439 Mon Sep 17 00:00:00 2001 From: bot Date: Sat, 9 Nov 2024 12:32:08 +0000 Subject: [PATCH 03/13] zwavejs2mqtt: Update to 9.26.0 --- home-assistant/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home-assistant/kustomization.yaml b/home-assistant/kustomization.yaml index 6b47efb..052eadb 100644 --- a/home-assistant/kustomization.yaml +++ b/home-assistant/kustomization.yaml @@ -125,6 +125,6 @@ images: - name: docker.io/koenkk/zigbee2mqtt newTag: 1.41.0 - name: docker.io/zwavejs/zwave-js-ui - newTag: 9.24.0 + newTag: 9.26.0 - name: docker.io/library/eclipse-mosquitto newTag: 2.0.20 From b956e9ac05340a08edce903b48ffad3ba1f13410 Mon Sep 17 00:00:00 2001 From: bot Date: Sat, 9 Nov 2024 12:32:16 +0000 Subject: [PATCH 04/13] authelia: Update to 4.38.17 --- authelia/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/authelia/kustomization.yaml b/authelia/kustomization.yaml index e824476..79eb7dd 100644 --- a/authelia/kustomization.yaml +++ b/authelia/kustomization.yaml @@ -57,4 +57,4 @@ patches: name: dch-root-ca images: - name: ghcr.io/authelia/authelia - newTag: 4.38.16 + newTag: 4.38.17 From 115b4ade3951c6bb6b9ad1c4b81d28d2852303f1 Mon Sep 17 00:00:00 2001 From: bot Date: Sat, 16 Nov 2024 12:32:08 +0000 Subject: [PATCH 05/13] home-assistant: Update to 2024.11.2 --- home-assistant/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home-assistant/kustomization.yaml b/home-assistant/kustomization.yaml index 052eadb..b789d3a 100644 --- a/home-assistant/kustomization.yaml +++ b/home-assistant/kustomization.yaml @@ -117,7 +117,7 @@ patches: name: dch-root-ca images: - name: ghcr.io/home-assistant/home-assistant - newTag: 2024.11.1 + newTag: 2024.11.2 - name: docker.io/rhasspy/wyoming-whisper newTag: 2.2.0 - name: docker.io/rhasspy/wyoming-piper From acd9a0fa92f8ba65c8240c7089c9f76233334499 Mon Sep 17 00:00:00 2001 From: bot Date: Sat, 16 Nov 2024 12:32:08 +0000 Subject: [PATCH 06/13] zwavejs2mqtt: Update to 9.27.2 --- home-assistant/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home-assistant/kustomization.yaml b/home-assistant/kustomization.yaml index b789d3a..495a452 100644 --- a/home-assistant/kustomization.yaml +++ b/home-assistant/kustomization.yaml @@ -125,6 +125,6 @@ images: - name: docker.io/koenkk/zigbee2mqtt newTag: 1.41.0 - name: docker.io/zwavejs/zwave-js-ui - newTag: 9.26.0 + newTag: 9.27.2 - name: docker.io/library/eclipse-mosquitto newTag: 2.0.20 From f0b16fd53c94803c0759979830b8e0023956d8fa Mon Sep 17 00:00:00 2001 From: bot Date: Sat, 16 Nov 2024 12:32:12 +0000 Subject: [PATCH 07/13] firefly-iii: Update to 6.1.22 --- firefly-iii/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/firefly-iii/kustomization.yaml b/firefly-iii/kustomization.yaml index afe32f2..694db58 100644 --- a/firefly-iii/kustomization.yaml +++ b/firefly-iii/kustomization.yaml @@ -55,4 +55,4 @@ patches: defaultMode: 0640 images: - name: docker.io/fireflyiii/core - newTag: version-6.1.21 + newTag: version-6.1.22 From 74ce0e1b0ad2c16e121db8ebc6b07a660434ef02 Mon Sep 17 00:00:00 2001 From: bot Date: Sat, 16 Nov 2024 12:32:14 +0000 Subject: [PATCH 08/13] paperless-ngx: Update to 2.13.5 --- paperless-ngx/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/paperless-ngx/kustomization.yaml b/paperless-ngx/kustomization.yaml index 91fe3fe..9d5a914 100644 --- a/paperless-ngx/kustomization.yaml +++ b/paperless-ngx/kustomization.yaml @@ -45,7 +45,7 @@ patches: images: - name: ghcr.io/paperless-ngx/paperless-ngx - newTag: 2.12.1 + newTag: 2.13.5 - name: docker.io/gotenberg/gotenberg newTag: 8.12.0 - name: docker.io/apache/tika From c31db5fde27e27bfb912e72b51cb0f80a902b92b Mon Sep 17 00:00:00 2001 From: bot Date: Sat, 16 Nov 2024 12:32:14 +0000 Subject: [PATCH 09/13] gotenberg: Update to 8.13.0 --- paperless-ngx/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/paperless-ngx/kustomization.yaml b/paperless-ngx/kustomization.yaml index 9d5a914..0367133 100644 --- a/paperless-ngx/kustomization.yaml +++ b/paperless-ngx/kustomization.yaml @@ -47,6 +47,6 @@ images: - name: ghcr.io/paperless-ngx/paperless-ngx newTag: 2.13.5 - name: docker.io/gotenberg/gotenberg - newTag: 8.12.0 + newTag: 8.13.0 - name: docker.io/apache/tika newTag: 2.9.2.1 From 4d2cc40b5e44940ea8bab153aae953498e5d27c1 Mon Sep 17 00:00:00 2001 From: bot Date: Sat, 16 Nov 2024 12:32:14 +0000 Subject: [PATCH 10/13] tika: Update to 3.0.0.0 --- paperless-ngx/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/paperless-ngx/kustomization.yaml b/paperless-ngx/kustomization.yaml index 0367133..6006e6b 100644 --- a/paperless-ngx/kustomization.yaml +++ b/paperless-ngx/kustomization.yaml @@ -49,4 +49,4 @@ images: - name: docker.io/gotenberg/gotenberg newTag: 8.13.0 - name: docker.io/apache/tika - newTag: 2.9.2.1 + newTag: 3.0.0.0 From 121e6e7111b1b816f0d4ef63c3b6cd929c2dcb95 Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Thu, 21 Nov 2024 22:48:06 -0600 Subject: [PATCH 11/13] rabbitmq: Switch to using volume claim templates This will make it easier to "blow away" the RabbitMQ data volume on the occasions when it gets into a weird state. Simply scale the StatefulSet down to 0 replicas, delete the PVC, then scale back up. Kubernetes will handle creating a new PVC automatically. --- rabbitmq/rabbitmq.yaml | 35 +++++++++++++++-------------------- 1 file changed, 15 insertions(+), 20 deletions(-) diff --git a/rabbitmq/rabbitmq.yaml b/rabbitmq/rabbitmq.yaml index b6f02db..72de625 100644 --- a/rabbitmq/rabbitmq.yaml +++ b/rabbitmq/rabbitmq.yaml @@ -1,19 +1,4 @@ apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: rabbitmq - labels: - app.kubernetes.io/name: rabbitmq - app.kubernetes.io/component: rabbitmq -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - ---- -apiVersion: v1 kind: Service metadata: labels: @@ -82,7 +67,7 @@ spec: name: tmp subPath: tmp - mountPath: /var/lib/rabbitmq - name: rabbitmq-data + name: data subPath: data securityContext: runAsNonRoot: true @@ -98,10 +83,20 @@ spec: - name: rabbitmq-config configMap: name: rabbitmq - - name: rabbitmq-data - persistentVolumeClaim: - claimName: rabbitmq - name: tmp emptyDir: medium: Memory - + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: data + labels: + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/component: rabbitmq + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi From d6c83565ec53c9cf6e9ac6a0c498336573ff50d2 Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Thu, 21 Nov 2024 22:49:32 -0600 Subject: [PATCH 12/13] rabbitmq: Update to 4.0 RabbitMQ Server 3.13 is out of support now. --- rabbitmq/rabbitmq.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rabbitmq/rabbitmq.yaml b/rabbitmq/rabbitmq.yaml index 72de625..cf8998a 100644 --- a/rabbitmq/rabbitmq.yaml +++ b/rabbitmq/rabbitmq.yaml @@ -36,7 +36,7 @@ spec: spec: containers: - name: rabbitmq - image: docker.io/library/rabbitmq:3.13-alpine + image: docker.io/library/rabbitmq:4.0-alpine ports: - name: amqps containerPort: 5671 From 0a6086eb2a7dd3721ea5fc6b451b7b1cce87bba9 Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Thu, 21 Nov 2024 22:50:07 -0600 Subject: [PATCH 13/13] longhorn: Run on dedicated nodes I've created new worker nodes that are dedicated to running Longhorn replicas. These nodes are tainted with the `node-role.kubernetes.io/longhorn` taint, so no regular pods will be scheduled there by default. Longhorn pods thus needs to be configured to tolerate that taint, and to be scheduled on nodes with the similarly-named label. --- storage/longhorn-settings.yaml | 2 +- storage/longhorn.yaml | 37 ++++++++++++++++++++++++++++++++-- 2 files changed, 36 insertions(+), 3 deletions(-) diff --git a/storage/longhorn-settings.yaml b/storage/longhorn-settings.yaml index a8e91d7..51cb66e 100644 --- a/storage/longhorn-settings.yaml +++ b/storage/longhorn-settings.yaml @@ -3,4 +3,4 @@ kind: Setting metadata: name: taint-toleration namespace: longhorn-system -value: du5t1n.me/machine=raspberrypi:NoExecute +value: du5t1n.me/machine=raspberrypi:NoExecute;node-role.kubernetes.io/longhorn:NoSchedule diff --git a/storage/longhorn.yaml b/storage/longhorn.yaml index 3732e65..cabb0f1 100644 --- a/storage/longhorn.yaml +++ b/storage/longhorn.yaml @@ -63,7 +63,7 @@ data: reclaimPolicy: "Delete" volumeBindingMode: Immediate parameters: - numberOfReplicas: "3" + numberOfReplicas: "2" staleReplicaTimeout: "30" fromBackup: "" fsType: "ext4" @@ -3877,6 +3877,9 @@ spec: - key: du5t1n.me/machine operator: Exists effect: NoExecute + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule initContainers: - name: wait-longhorn-admission-webhook image: longhornio/longhorn-manager:v1.4.1 @@ -4017,9 +4020,15 @@ spec: value: "longhornio/csi-snapshotter:v5.0.1" - name: CSI_LIVENESS_PROBE_IMAGE value: "longhornio/livenessprobe:v2.8.0" + nodeSelector: + node-role.kubernetes.io/longhorn: '' serviceAccountName: longhorn-service-account securityContext: runAsUser: 0 + tolerations: + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule --- # Source: longhorn/templates/deployment-recovery-backend.yaml apiVersion: apps/v1 @@ -4085,7 +4094,13 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName + nodeSelector: + node-role.kubernetes.io/longhorn: '' serviceAccountName: longhorn-service-account + tolerations: + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule --- # Source: longhorn/templates/deployment-ui.yaml apiVersion: apps/v1 @@ -4099,7 +4114,7 @@ metadata: name: longhorn-ui namespace: longhorn-system spec: - replicas: 1 + replicas: 2 selector: matchLabels: app: longhorn-ui @@ -4142,6 +4157,12 @@ spec: value: "http://longhorn-backend:9500" - name: LONGHORN_UI_PORT value: "8000" + nodeSelector: + node-role.kubernetes.io/longhorn: '' + tolerations: + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule volumes: - emptyDir: {} name: nginx-cache @@ -4208,7 +4229,13 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + nodeSelector: + node-role.kubernetes.io/longhorn: '' serviceAccountName: longhorn-service-account + tolerations: + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule --- # Source: longhorn/templates/deployment-webhook.yaml apiVersion: apps/v1 @@ -4279,7 +4306,13 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName + nodeSelector: + node-role.kubernetes.io/longhorn: '' serviceAccountName: longhorn-service-account + tolerations: + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule --- # Source: longhorn/templates/validate-psp-install.yaml #