Compare commits
9 Commits
e38a0e3d21
...
updatebot/
| Author | SHA1 | Date | |
|---|---|---|---|
|
fc811815f5 | ||
|
|
8cf7e34ba5 | ||
|
|
e310511a2a | ||
| 707481c6fa | |||
| 3824f5f187 | |||
| 740561b7b6 | |||
| d0193b0001 | |||
|
dd55743d97 | ||
|
|
269f30b33b |
@@ -58,4 +58,4 @@ patches:
|
||||
name: dch-root-ca
|
||||
images:
|
||||
- name: ghcr.io/authelia/authelia
|
||||
newTag: 4.39.14
|
||||
newTag: 4.39.15
|
||||
|
||||
87
fluent-bit/fluent-bit.yaml
Normal file
87
fluent-bit/fluent-bit.yaml
Normal file
@@ -0,0 +1,87 @@
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: fluent-bit
|
||||
labels: &labels
|
||||
app.kubernetes.io/name: fluent-bit
|
||||
app.kubernetes.io/component: fluent-bit
|
||||
spec:
|
||||
selector:
|
||||
matchLabels: *labels
|
||||
template:
|
||||
metadata:
|
||||
labels: *labels
|
||||
spec:
|
||||
containers:
|
||||
- name: fluent-bit
|
||||
image: cr.fluentbit.io/fluent/fluent-bit
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- -c
|
||||
- /etc/fluent-bit/fluent-bit.yml
|
||||
env:
|
||||
- name: HOSTNAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: true
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
add:
|
||||
- CAP_DAC_READ_SEARCH
|
||||
volumeMounts:
|
||||
- mountPath: /etc/fluent-bit
|
||||
name: fluent-bit-config
|
||||
readOnly: true
|
||||
- mountPath: /etc/machine-id
|
||||
name: machine-id
|
||||
readOnly: true
|
||||
- mountPath: /etc/pki/ca-trust/source/anchors
|
||||
name: dch-ca
|
||||
readOnly: true
|
||||
- mountPath: /run/log
|
||||
name: run-log
|
||||
readOnly: true
|
||||
- mountPath: /var/lib/fluent-bit
|
||||
name: fluent-bit-data
|
||||
- mountPath: /var/log
|
||||
name: var-log
|
||||
readOnly: true
|
||||
dnsPolicy: ClusterFirstWithHostNet
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: spc_t
|
||||
serviceAccountName: fluent-bit
|
||||
tolerations:
|
||||
- effect: NoExecute
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
operator: Exists
|
||||
volumes:
|
||||
- name: dch-ca
|
||||
configMap:
|
||||
name: dch-root-ca
|
||||
items:
|
||||
- key: dch-root-ca.crt
|
||||
path: dch-root-ca-r2.crt
|
||||
- name: fluent-bit-config
|
||||
configMap:
|
||||
name: fluent-bit
|
||||
- name: fluent-bit-data
|
||||
hostPath:
|
||||
path: /var/lib/fluent-bit
|
||||
type: DirectoryOrCreate
|
||||
- name: machine-id
|
||||
hostPath:
|
||||
path: /etc/machine-id
|
||||
type: File
|
||||
- name: run-log
|
||||
hostPath:
|
||||
path: /run/log
|
||||
type: Directory
|
||||
- name: var-log
|
||||
hostPath:
|
||||
path: /var/log
|
||||
type: Directory
|
||||
25
fluent-bit/kustomization.yaml
Normal file
25
fluent-bit/kustomization.yaml
Normal file
@@ -0,0 +1,25 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: fluent-bit
|
||||
|
||||
labels:
|
||||
- pairs:
|
||||
app.kubernetes.io/instance: fluent-bit
|
||||
includeTemplates: false
|
||||
includeSelectors: true
|
||||
- pairs:
|
||||
app.kubernetes.io/part-of: fluent-bit
|
||||
includeTemplates: true
|
||||
includeSelectors: false
|
||||
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- rbac.yaml
|
||||
- fluent-bit.yaml
|
||||
#- network-policy.yaml
|
||||
- ../dch-root-ca
|
||||
|
||||
images:
|
||||
- name: cr.fluentbit.io/fluent/fluent-bit
|
||||
newTag: 3.2.8
|
||||
6
fluent-bit/namespace.yaml
Normal file
6
fluent-bit/namespace.yaml
Normal file
@@ -0,0 +1,6 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: fluent-bit
|
||||
labels:
|
||||
app.kubernetes.io/name: fluent-bit
|
||||
42
fluent-bit/rbac.yaml
Normal file
42
fluent-bit/rbac.yaml
Normal file
@@ -0,0 +1,42 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: fluent-bit
|
||||
labels:
|
||||
app.kubernetes.io/name: fluent-bit
|
||||
app.kubernetes.io/component: fluent-bit
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: fluent-bit
|
||||
labels:
|
||||
app.kubernetes.io/name: fluent-bit
|
||||
app.kubernetes.io/component: fluent-bit
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ''
|
||||
resources:
|
||||
- namespaces
|
||||
- pods
|
||||
- nodes
|
||||
- nodes/proxy
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: fluent-bit
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: fluent-bit
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: fluent-bit
|
||||
namespace: fluent-bit
|
||||
@@ -152,14 +152,14 @@ patches:
|
||||
|
||||
images:
|
||||
- name: ghcr.io/home-assistant/home-assistant
|
||||
newTag: 2025.11.3
|
||||
newTag: 2025.12.1
|
||||
- name: docker.io/rhasspy/wyoming-whisper
|
||||
newTag: 3.0.2
|
||||
- name: docker.io/rhasspy/wyoming-piper
|
||||
newTag: 2.1.2
|
||||
- name: ghcr.io/koenkk/zigbee2mqtt
|
||||
newTag: 2.6.3
|
||||
newTag: 2.7.0
|
||||
- name: ghcr.io/zwave-js/zwave-js-ui
|
||||
newTag: 11.8.1
|
||||
newTag: 11.8.2
|
||||
- name: docker.io/library/eclipse-mosquitto
|
||||
newTag: 2.0.22
|
||||
|
||||
@@ -45,7 +45,7 @@ patches:
|
||||
|
||||
images:
|
||||
- name: ghcr.io/paperless-ngx/paperless-ngx
|
||||
newTag: 2.19.6
|
||||
newTag: 2.20.0
|
||||
- name: docker.io/gotenberg/gotenberg
|
||||
newTag: 8.25.0
|
||||
- name: docker.io/apache/tika
|
||||
|
||||
@@ -10,6 +10,9 @@ git.pyrocufflink.net ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbml
|
||||
git.pyrocufflink.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHEF/IXycjT/sSIpFLRDEVZUu95QA3i7d5LZvB/RncHN
|
||||
git.pyrocufflink.net ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDF1tB0KeyMStHKbnuminTQ2xwjjxyES/DBSlZZH0c7F25Lu6TfvxEEs/7YUtZKAnwFGLfuqW5gaS3eWV1eA3w7WtEGYoBAD6VFZUjN0vfmhNYWC85DMcY+gqkOkBQy1/SvyYSPHrtkgTJRPMG/MdWGaYEN+w/znr1HETPnj4qm7bFC8yxXKU2PXzKlUeY+ynY3hhlzAVwG4Ay7hgH+nO071eoAQtYq9zBdYTifXxoTzatLgU8ib3EYuC3/LDNXkFhYhxDhfp9iwPCNZRi49AccMlL323/Vp8x/Jy/iY5A60Fk8cIYtneEihRkIpzpyTudEK0MXyJ+FJ0vmjiEX5ZY9
|
||||
mtrcs0.pyrocufflink.blue ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFklfgYwVlea/FbFNguKEY2hMXw9iOneNveLVws8dd9
|
||||
pikvm-nvr2.mgmt.pyrocufflink.black ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIs34lxHkZMeKsbVaDLE9iFiUxsqmvwIRNv7z7BX1bDLtTH7yihHxnKkjc+q0JueNyvw+0KzsbQbns+6A6RqOuA=
|
||||
pikvm-nvr2.mgmt.pyrocufflink.black ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6X4q2X9OL2SPHn7pF1yUTz0W2L3pyUNAqY+JBLckes
|
||||
pikvm-nvr2.mgmt.pyrocufflink.black ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC10WLu1UCK0DbxqdeSSj5T2bKEeBuGAKLTdGbD2QDQ3hhfz3Tz+NK9wgQftl/Kr346eJ4toZTE4lis/XNLFjjmp2v40Ge4Ban1k2JXdXwFdPUesSDvQVUJxdGPIqEuXmnLpHkDxy+Blw9Y/Z31ujAqmPw2+X/tx19ZiJZS7SPvDB5lOsjapTap/srWDZA+xHALXVfnZAOubJxfi9Zfa0J9i3/HxVpLE0z7dC4hhIIe3imllxc6XiSNuIiUNTZBNwrD30P/+9c5aHELsAGJGMQ/TAZDExmnzPQO+dEIhus8jbVqRkzcl3ayhMIXmaz1ctZZgH8DqZ/gzbuHdkEBy3zOusEsP1fKUkjMlJYLhUgX59/xAVhNk6gVNptRDBRlp8mbYO4GjXOMhLipBBpewwH8fEcGsXCLY5Z51A72hNABbSy/vnXav9UxqIjX7y955lVilnWmjX+UaQMGMpQFoAfcZryqrRUWLcGLZsAxEFhsSxa3Dc6IqT6I8vbDmrLetZk=
|
||||
serial0.pyrocufflink.blue ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIABidV03uxUtikscJfA3qZ+mgXW9KP2QWJBLhlDOleHQ
|
||||
vps-04485add.vps.ovh.us ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPmQD73UDTO8Yv4sZgSKbwzMpHt3XayubSkWe2ACQrnS
|
||||
vps-04485add.vps.ovh.us,15.204.240.219 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIm1WdNspEcqQpQLTPB1ZD45bOA1zI/EFDkkdLjj9USK30TrcN0zN3oDN/+G7L+0det785q3jWS2bwQGmY3eXPI=
|
||||
|
||||
Reference in New Issue
Block a user