Nikholas Pcenicni
|
02f6ab03bc
|
Update cert-manager configurations for Let's Encrypt to include DNS-01 challenge support for both pcenicni.dev and nikflix.ca. Clarify Cloudflare API token requirements in comments and remove HTTP-01 fallback references for cleaner configuration.
|
2026-05-15 01:20:07 -04:00 |
|
Nikholas Pcenicni
|
6e76a400b6
|
Update .env.sample and Ansible configurations to enhance Pangolin Integration API setup. Add detailed comments for environment variables and clarify usage in README. Implement HTTP-01 challenge support in cert-manager configurations for Let's Encrypt, ensuring proper resource management for domain validation.
|
2026-05-15 01:10:51 -04:00 |
|
Nikholas Pcenicni
|
2fb86f5930
|
Enhance Authentik and Newt configurations to support Open WebUI integration. Add necessary environment variables and secrets management for Open WebUI in .env.sample and Ansible tasks. Update README to clarify setup steps for automating HTTP resources with Pangolin, ensuring consistency with new branding and deployment practices.
|
2026-05-15 00:04:34 -04:00 |
|
Nikholas Pcenicni
|
97da42b15c
|
Add open-webui resource to Kustomization configuration for Noble cluster, enhancing application deployment structure.
|
2026-05-14 23:36:35 -04:00 |
|
Nikholas Pcenicni
|
fbcd2416e6
|
Add optional SMTP configuration for Authentik, including email host, port, and credentials. Update README and .env.sample to clarify usage for outbound email settings. Introduce blueprint support for enhanced deployment flexibility, with assertions in Ansible tasks to ensure required variables are set when enabled.
|
2026-05-14 22:21:11 -04:00 |
|
Nikholas Pcenicni
|
e48b19b64c
|
Implement S3 media storage for Authentik by adding configuration options for dedicated S3 bucket and credentials. Update README and default values to clarify usage and requirements for S3 integration, ensuring compatibility with Velero settings. Enhance Ansible tasks to load S3 configurations from the environment.
|
2026-05-14 20:07:52 -04:00 |
|
Nikholas Pcenicni
|
57a149b3d2
|
Update Authentik values.yaml to clarify PVC usage for media uploads. Specify that authentik-data is mounted on the server only to avoid Multi-Attach errors, and recommend using S3 or an RWX StorageClass for shared media access from workers.
|
2026-05-14 20:05:30 -04:00 |
|
Nikholas Pcenicni
|
032ffee866
|
Enable Authentik installation and add support for extra public hostnames in the configuration. Updated README and values files to reflect changes for improved deployment flexibility and documentation clarity.
|
2026-05-14 19:58:56 -04:00 |
|
Nikholas Pcenicni
|
b90ee2d531
|
Disable infra assessment in Trivy configuration for Talos to prevent node-collector job failures due to read-only file system issues. Updated comments for clarity and removed unnecessary volume mounts to align with Talos constraints.
|
2026-05-14 19:33:36 -04:00 |
|
Nikholas Pcenicni
|
b994e2d6d0
|
Refine Trivy configuration for Talos by removing systemd mounts from nodeCollector to prevent read-only file system errors. Updated comments for clarity and aligned with upstream changes regarding volume management.
|
2026-05-14 19:29:34 -04:00 |
|
Nikholas Pcenicni
|
c3bdda1dd7
|
Enhance Trivy configuration for Talos by adding nodeCollector settings with emptyDir for systemd paths to address read-only file system issues. Updated volume mounts and volumes for improved compliance and functionality.
|
2026-05-14 19:26:58 -04:00 |
|
Nikholas Pcenicni
|
7c9fd1fde6
|
Enhance Headlamp's metrics access by updating the ClusterRoleBinding to include permissions for metrics.k8s.io, nodes, and CustomResourceDefinitions. Update README and RBAC documentation to clarify OIDC user permissions and troubleshooting steps for metrics visibility issues.
|
2026-05-14 19:24:44 -04:00 |
|
Nikholas Pcenicni
|
bb0bd4ca90
|
Update OIDC configuration in Headlamp documentation and Talos config to use preferred_username claim instead of email. Added troubleshooting steps for "Unauthorized" errors related to OIDC token validation.
|
2026-05-14 19:15:47 -04:00 |
|
Nikholas Pcenicni
|
817849ee3c
|
Add CA certificates bundle and update Headlamp configuration for OIDC
|
2026-05-14 18:59:47 -04:00 |
|
Nikholas Pcenicni
|
2321209626
|
Update Helm chart versions across multiple components to latest stable releases, including Argo CD (9.5.14), cert-manager (v1.20.2), Cilium (1.19.4), kube-prometheus-stack (85.0.3), Loki (7.0.0), Fluent Bit (0.57.5), Headlamp (0.42.0), Traefik (40.2.0), and Kyverno (3.8.0). Adjusted related documentation and values files to reflect these changes for improved deployment consistency and compatibility.
|
2026-05-14 18:55:18 -04:00 |
|
Nikholas Pcenicni
|
95b1866144
|
Update .gitignore to exclude all .tmp files and enhance clarity in middleware-https-proto.yaml by adding X-Forwarded-Host and X-Forwarded-Port headers for improved redirect handling in Headlamp.
|
2026-05-14 18:35:49 -04:00 |
|
Nikholas Pcenicni
|
86df02f9bd
|
Update Traefik Ingress middleware reference in values.yaml for Headlamp to align with CRD naming conventions and improve documentation clarity.
|
2026-05-14 18:31:27 -04:00 |
|
Nikholas Pcenicni
|
af3ab32de8
|
Add middleware-https-proto.yaml to enforce HTTPS scheme for Headlamp and update kustomization.yaml and values.yaml accordingly
|
2026-05-14 18:27:42 -04:00 |
|
Nikholas Pcenicni
|
8e42777a1d
|
Update Longhorn runbook documentation for clarity and compliance. Adjusted section references for consistency and added details on security and compliance measures regarding RBAC and namespace management.
|
2026-05-14 17:36:18 -04:00 |
|
Nikholas Pcenicni
|
24cd07015d
|
Update Trivy dashboard application manifest to specify the OCI Helm path as '.' for compatibility with Argo CD documentation, ensuring correct deployment of the trivy-operator-dashboard.
|
2026-05-14 17:24:09 -04:00 |
|
Nikholas Pcenicni
|
e48283fc43
|
Update Trivy configuration paths in Ansible tasks and Argo CD application manifests to reflect new directory structure. Adjust references in values.yaml and dashboard-values.yaml for consistency and clarity in deployment processes.
|
2026-05-14 17:21:49 -04:00 |
|
Nikholas Pcenicni
|
c347416668
|
Refactor Argo CD application management by removing the obsolete root-application.yaml and updating the bootstrap-root-application.yaml to include optional add-on Application manifests from clusters/noble/apps. Adjust documentation to clarify the deployment order and resource ownership, ensuring a streamlined GitOps process with Ansible and Argo CD.
|
2026-05-14 17:18:41 -04:00 |
|
Nikholas Pcenicni
|
4cb8574109
|
Update kustomization.yaml to include additional Trivy resources: namespace.yaml, values.yaml, and dashboard-values.yaml, enhancing security scanning configuration.
|
2026-05-14 17:13:18 -04:00 |
|
Nikholas Pcenicni
|
cea59e501c
|
Update kustomization.yaml to include all Trivy resources, streamlining configuration for security scanning.
|
2026-05-14 17:12:30 -04:00 |
|
Nikholas Pcenicni
|
10fdaf873c
|
Update .gitignore to include .tmp files, remove Trivy namespace from kustomization.yaml, and add Trivy dashboard application to app-of-apps kustomization. Delete obsolete Trivy namespace and values files to streamline deployment configuration.
|
2026-05-14 17:10:00 -04:00 |
|
Nikholas Pcenicni
|
a5869c242a
|
Update documentation and playbook to clarify Trivy Operator installation via Argo CD, removing direct Ansible role references. Adjust README and related files to reflect the new deployment order and ensure proper resource ownership, enhancing overall clarity for users.
|
2026-05-14 17:04:25 -04:00 |
|
Nikholas Pcenicni
|
1e6d84f0f3
|
Refactor noble.yml playbook to apply Argo CD Application manifests after all Helm roles, ensuring proper resource ownership and avoiding SSA conflicts. Update related documentation to reflect the new execution order and clarify the role of Argo CD in the deployment process.
|
2026-05-14 16:46:45 -04:00 |
|
Nikholas Pcenicni
|
1a50599cb4
|
Enhance Authentik role by updating README with detailed troubleshooting steps for Headlamp OIDC integration, including handling of scopes and PKCE settings. Adjust default variables for Headlamp OIDC scopes and ensure proper application of Kubernetes RBAC for OIDC groups. Update Helm tasks to apply necessary static manifests for Headlamp, improving overall deployment and authentication reliability.
|
2026-05-14 16:11:57 -04:00 |
|
Nikholas Pcenicni
|
4bc8da0225
|
Enhance Authentik role by adding Helm wait timeout for oauth2-proxy and improving task conditions for admin access and OAuth2 provider upserts. Update README with new variable descriptions and adjust Longhorn deployment tasks to ensure proper rollout before Loki installation, enhancing overall deployment reliability.
|
2026-05-14 15:52:42 -04:00 |
|
Nikholas Pcenicni
|
5e5c6ef671
|
Enhance Authentik role in noble cluster setup by adding support for resolving OAuth2 flow, signing key, and scope mapping UUIDs from the worker database, improving API access under 2026+ RBAC. Update README with troubleshooting steps for common OAuth2 provider issues and adjust default variables for better configuration management. Ensure seamless integration with oauth2-proxy by allowing unverified email handling in development environments.
|
2026-05-14 14:26:43 -04:00 |
|
Nikholas Pcenicni
|
c392ce1e5a
|
Enhance Authentik integration in noble cluster setup by adding support for OAuth2 flow primary keys in configuration. Update README with troubleshooting steps for common API errors and improve deployment reliability with tasks to wait for Authentik worker rollout and API readiness. Adjust Helm chart values for Grafana and Headlamp to accommodate new OIDC settings, ensuring seamless authentication and authorization processes.
|
2026-05-14 01:29:49 -04:00 |
|
Nikholas Pcenicni
|
15d0e120d3
|
Update Ansible configuration and documentation to reflect new inventory structure. Migrate group_vars to inventory/group_vars/ and enhance README with updated paths for variable files, improving clarity for users.
|
2026-05-14 00:39:29 -04:00 |
|
Nikholas Pcenicni
|
78b524a044
|
Add Authentik and oauth2-proxy support to noble cluster setup, including environment variables, playbook tags, and landing URLs. Update README and kustomization.yaml to reflect new OIDC integration, enhancing security and user authentication capabilities.
|
2026-05-14 00:23:48 -04:00 |
|
Nikholas Pcenicni
|
2bf7277917
|
Enhance csi-snapshot-controller README with troubleshooting guidance for CrashLoopBackOff issues and update kustomization.yaml to include deployment patch. This improves user experience and deployment reliability.
|
2026-05-13 23:59:30 -04:00 |
|
Nikholas Pcenicni
|
663ebc5001
|
Add Trivy integration to noble cluster setup, including namespace and application configurations. Update README and playbook tags to reflect new security scanning capabilities. Enhance Longhorn and kube-prometheus-stack deployment reliability with increased timeout settings and retry mechanisms.
|
2026-05-13 23:48:12 -04:00 |
|
Nikholas Pcenicni
|
0acb5856b4
|
Update Longhorn Helm chart version to 1.11.2 in Argo CD configuration and tasks, ensuring compatibility and consistency across deployments.
|
2026-05-13 18:41:57 -04:00 |
|
Nikholas Pcenicni
|
61895ddf31
|
Remove namespace.yaml from Headlamp kustomization to prevent SharedResourceWarning due to multiple Applications owning the same Namespace.
|
2026-05-13 17:50:28 -04:00 |
|
Nikholas Pcenicni
|
e448e6264e
|
Add new repository configuration for Headlamp in Argo CD application manifest to enhance deployment management and streamline application synchronization.
|
2026-05-13 17:47:21 -04:00 |
|
Nikholas Pcenicni
|
8694773593
|
Disable pre-upgrade job in Longhorn values.yaml to prevent failures during Argo CD syncs when Longhorn is already healthy, ensuring cleaner deployments.
|
2026-05-13 17:40:00 -04:00 |
|
Nikholas Pcenicni
|
d378a8c70d
|
Add ServerSideApply option to Argo CD application configurations for improved deployment management
|
2026-05-13 17:35:43 -04:00 |
|
Nikholas Pcenicni
|
a9d6cbb6c5
|
Refine Argo CD configuration for kube-prometheus-stack to clarify CRD management and server-side apply limitations, ensuring compatibility and preventing last-applied-configuration overflow during deployments.
|
2026-05-13 17:29:09 -04:00 |
|
Nikholas Pcenicni
|
b26099342c
|
Update Argo CD configuration to improve handling of managed fields and enhance compatibility with server-side apply, ensuring smoother deployments and conflict resolution.
|
2026-05-13 17:23:54 -04:00 |
|
Nikholas Pcenicni
|
91b32407f8
|
Enable ServerSideApply for kube-prometheus-stack CRDs in Argo CD configuration to avoid last-applied-configuration limit issues during deployments.
|
2026-05-13 17:19:47 -04:00 |
|
Nikholas Pcenicni
|
c4e000d2d5
|
Refactor Argo CD application deployment by removing obsolete tasks and updating README for clarity. Introduce new task inclusion for Argo CD applications post-platform Helm installation, ensuring proper application order and synchronization.
|
2026-05-13 16:57:51 -04:00 |
|
Nikholas Pcenicni
|
aeffc7d6dd
|
Remove Argo CD application configurations for Fluent Bit, Headlamp, Loki, kube-prometheus, and associated kustomization files from the noble bootstrap directory. This cleanup streamlines the project by eliminating unused resources and simplifies the deployment structure.
|
2026-04-01 02:14:49 -04:00 |
|
Nikholas Pcenicni
|
0f88a33216
|
Remove deprecated Argo CD application configurations for various components including cert-manager, Cilium, CSI snapshot controllers, kube-vip, and others. Update README.md to reflect the current state of leaf applications and clarify optional components. Adjust kustomization files to streamline resource management for bootstrap workloads.
|
2026-04-01 02:13:15 -04:00 |
|
Nikholas Pcenicni
|
bfb72cb519
|
Update Argo CD documentation and kustomization files to include additional applications and namespace resources. Enhance README.md with current leaf applications and clarify optional components. This improves deployment clarity and organization for bootstrap workloads.
|
2026-04-01 02:11:19 -04:00 |
|
Nikholas Pcenicni
|
51eb64dd9d
|
Add applications to Argo CD kustomization.yaml for enhanced deployment
|
2026-04-01 02:05:10 -04:00 |
|
Nikholas Pcenicni
|
f259285f6e
|
Enhance Argo CD integration by adding support for a bootstrap root application. Update group_vars/all.yml and role defaults to include noble_argocd_apply_bootstrap_root_application. Modify tasks to apply the bootstrap application conditionally. Revise documentation to clarify the GitOps workflow and the relationship between the core platform and optional applications. Remove outdated references and streamline the README for better user guidance.
|
2026-04-01 01:55:41 -04:00 |
|
Nikholas Pcenicni
|
c312ceeb56
|
Remove Eclipse Che application configurations and related documentation from the repository. This includes the deletion of application-checluster.yaml, application-devworkspace.yaml, application-operator.yaml, checluster.yaml, dwoc.yaml, kustomization.yaml, and README.md, streamlining the project by eliminating outdated resources.
|
2026-04-01 01:21:32 -04:00 |
|