home-server

Author	SHA1	Message	Date
Nikholas Pcenicni	b90ee2d531	Disable infra assessment in Trivy configuration for Talos to prevent node-collector job failures due to read-only file system issues. Updated comments for clarity and removed unnecessary volume mounts to align with Talos constraints.	2026-05-14 19:33:36 -04:00
Nikholas Pcenicni	b994e2d6d0	Refine Trivy configuration for Talos by removing systemd mounts from nodeCollector to prevent read-only file system errors. Updated comments for clarity and aligned with upstream changes regarding volume management.	2026-05-14 19:29:34 -04:00
Nikholas Pcenicni	c3bdda1dd7	Enhance Trivy configuration for Talos by adding nodeCollector settings with emptyDir for systemd paths to address read-only file system issues. Updated volume mounts and volumes for improved compliance and functionality.	2026-05-14 19:26:58 -04:00
Nikholas Pcenicni	7c9fd1fde6	Enhance Headlamp's metrics access by updating the ClusterRoleBinding to include permissions for metrics.k8s.io, nodes, and CustomResourceDefinitions. Update README and RBAC documentation to clarify OIDC user permissions and troubleshooting steps for metrics visibility issues.	2026-05-14 19:24:44 -04:00
Nikholas Pcenicni	bb0bd4ca90	Update OIDC configuration in Headlamp documentation and Talos config to use preferred_username claim instead of email. Added troubleshooting steps for "Unauthorized" errors related to OIDC token validation.	2026-05-14 19:15:47 -04:00
Nikholas Pcenicni	817849ee3c	Add CA certificates bundle and update Headlamp configuration for OIDC	2026-05-14 18:59:47 -04:00
Nikholas Pcenicni	2321209626	Update Helm chart versions across multiple components to latest stable releases, including Argo CD (9.5.14), cert-manager (v1.20.2), Cilium (1.19.4), kube-prometheus-stack (85.0.3), Loki (7.0.0), Fluent Bit (0.57.5), Headlamp (0.42.0), Traefik (40.2.0), and Kyverno (3.8.0). Adjusted related documentation and values files to reflect these changes for improved deployment consistency and compatibility.	2026-05-14 18:55:18 -04:00
Nikholas Pcenicni	95b1866144	Update .gitignore to exclude all .tmp files and enhance clarity in middleware-https-proto.yaml by adding X-Forwarded-Host and X-Forwarded-Port headers for improved redirect handling in Headlamp.	2026-05-14 18:35:49 -04:00
Nikholas Pcenicni	86df02f9bd	Update Traefik Ingress middleware reference in values.yaml for Headlamp to align with CRD naming conventions and improve documentation clarity.	2026-05-14 18:31:27 -04:00
Nikholas Pcenicni	af3ab32de8	Add middleware-https-proto.yaml to enforce HTTPS scheme for Headlamp and update kustomization.yaml and values.yaml accordingly	2026-05-14 18:27:42 -04:00
Nikholas Pcenicni	8e42777a1d	Update Longhorn runbook documentation for clarity and compliance. Adjusted section references for consistency and added details on security and compliance measures regarding RBAC and namespace management.	2026-05-14 17:36:18 -04:00
Nikholas Pcenicni	24cd07015d	Update Trivy dashboard application manifest to specify the OCI Helm path as '.' for compatibility with Argo CD documentation, ensuring correct deployment of the trivy-operator-dashboard.	2026-05-14 17:24:09 -04:00
Nikholas Pcenicni	e48283fc43	Update Trivy configuration paths in Ansible tasks and Argo CD application manifests to reflect new directory structure. Adjust references in values.yaml and dashboard-values.yaml for consistency and clarity in deployment processes.	2026-05-14 17:21:49 -04:00
Nikholas Pcenicni	c347416668	Refactor Argo CD application management by removing the obsolete root-application.yaml and updating the bootstrap-root-application.yaml to include optional add-on Application manifests from clusters/noble/apps. Adjust documentation to clarify the deployment order and resource ownership, ensuring a streamlined GitOps process with Ansible and Argo CD.	2026-05-14 17:18:41 -04:00
Nikholas Pcenicni	4cb8574109	Update kustomization.yaml to include additional Trivy resources: namespace.yaml, values.yaml, and dashboard-values.yaml, enhancing security scanning configuration.	2026-05-14 17:13:18 -04:00
Nikholas Pcenicni	cea59e501c	Update kustomization.yaml to include all Trivy resources, streamlining configuration for security scanning.	2026-05-14 17:12:30 -04:00
Nikholas Pcenicni	10fdaf873c	Update .gitignore to include .tmp files, remove Trivy namespace from kustomization.yaml, and add Trivy dashboard application to app-of-apps kustomization. Delete obsolete Trivy namespace and values files to streamline deployment configuration.	2026-05-14 17:10:00 -04:00
Nikholas Pcenicni	a5869c242a	Update documentation and playbook to clarify Trivy Operator installation via Argo CD, removing direct Ansible role references. Adjust README and related files to reflect the new deployment order and ensure proper resource ownership, enhancing overall clarity for users.	2026-05-14 17:04:25 -04:00
Nikholas Pcenicni	c3c89b8f0a	Add Ansible getting started guide for Proxmox to Talos deployment process and update README with narrative walkthrough. This enhances documentation clarity and provides a structured approach for users to set up the noble cluster.	2026-05-14 16:58:23 -04:00
Nikholas Pcenicni	1e6d84f0f3	Refactor noble.yml playbook to apply Argo CD Application manifests after all Helm roles, ensuring proper resource ownership and avoiding SSA conflicts. Update related documentation to reflect the new execution order and clarify the role of Argo CD in the deployment process.	2026-05-14 16:46:45 -04:00
Nikholas Pcenicni	1a50599cb4	Enhance Authentik role by updating README with detailed troubleshooting steps for Headlamp OIDC integration, including handling of scopes and PKCE settings. Adjust default variables for Headlamp OIDC scopes and ensure proper application of Kubernetes RBAC for OIDC groups. Update Helm tasks to apply necessary static manifests for Headlamp, improving overall deployment and authentication reliability.	2026-05-14 16:11:57 -04:00
Nikholas Pcenicni	4bc8da0225	Enhance Authentik role by adding Helm wait timeout for oauth2-proxy and improving task conditions for admin access and OAuth2 provider upserts. Update README with new variable descriptions and adjust Longhorn deployment tasks to ensure proper rollout before Loki installation, enhancing overall deployment reliability.	2026-05-14 15:52:42 -04:00
Nikholas Pcenicni	5e5c6ef671	Enhance Authentik role in noble cluster setup by adding support for resolving OAuth2 flow, signing key, and scope mapping UUIDs from the worker database, improving API access under 2026+ RBAC. Update README with troubleshooting steps for common OAuth2 provider issues and adjust default variables for better configuration management. Ensure seamless integration with oauth2-proxy by allowing unverified email handling in development environments.	2026-05-14 14:26:43 -04:00
Nikholas Pcenicni	c392ce1e5a	Enhance Authentik integration in noble cluster setup by adding support for OAuth2 flow primary keys in configuration. Update README with troubleshooting steps for common API errors and improve deployment reliability with tasks to wait for Authentik worker rollout and API readiness. Adjust Helm chart values for Grafana and Headlamp to accommodate new OIDC settings, ensuring seamless authentication and authorization processes.	2026-05-14 01:29:49 -04:00
Nikholas Pcenicni	15d0e120d3	Update Ansible configuration and documentation to reflect new inventory structure. Migrate group_vars to inventory/group_vars/ and enhance README with updated paths for variable files, improving clarity for users.	2026-05-14 00:39:29 -04:00
Nikholas Pcenicni	78b524a044	Add Authentik and oauth2-proxy support to noble cluster setup, including environment variables, playbook tags, and landing URLs. Update README and kustomization.yaml to reflect new OIDC integration, enhancing security and user authentication capabilities.	2026-05-14 00:23:48 -04:00
Nikholas Pcenicni	2bf7277917	Enhance csi-snapshot-controller README with troubleshooting guidance for CrashLoopBackOff issues and update kustomization.yaml to include deployment patch. This improves user experience and deployment reliability.	2026-05-13 23:59:30 -04:00
Nikholas Pcenicni	663ebc5001	Add Trivy integration to noble cluster setup, including namespace and application configurations. Update README and playbook tags to reflect new security scanning capabilities. Enhance Longhorn and kube-prometheus-stack deployment reliability with increased timeout settings and retry mechanisms.	2026-05-13 23:48:12 -04:00
Nikholas Pcenicni	774b97894c	Add tasks to wait for Kyverno admission controller rollout and webhook service endpoints, enhancing deployment reliability and ensuring successful policy validation.	2026-05-13 21:08:56 -04:00
Nikholas Pcenicni	70cb74d8bd	Add noble_helm_cert_manager_wait_timeout variable and update Helm upgrade task to include --timeout option for improved deployment reliability	2026-05-13 20:42:57 -04:00
Nikholas Pcenicni	07de0ec629	Add --timeout option to Longhorn Helm upgrade tasks for improved deployment control	2026-05-13 20:28:48 -04:00
Nikholas Pcenicni	0acb5856b4	Update Longhorn Helm chart version to 1.11.2 in Argo CD configuration and tasks, ensuring compatibility and consistency across deployments.	2026-05-13 18:41:57 -04:00
Nikholas Pcenicni	61895ddf31	Remove namespace.yaml from Headlamp kustomization to prevent SharedResourceWarning due to multiple Applications owning the same Namespace.	2026-05-13 17:50:28 -04:00
Nikholas Pcenicni	e448e6264e	Add new repository configuration for Headlamp in Argo CD application manifest to enhance deployment management and streamline application synchronization.	2026-05-13 17:47:21 -04:00
Nikholas Pcenicni	8694773593	Disable pre-upgrade job in Longhorn values.yaml to prevent failures during Argo CD syncs when Longhorn is already healthy, ensuring cleaner deployments.	2026-05-13 17:40:00 -04:00
Nikholas Pcenicni	d378a8c70d	Add ServerSideApply option to Argo CD application configurations for improved deployment management	2026-05-13 17:35:43 -04:00
Nikholas Pcenicni	a9d6cbb6c5	Refine Argo CD configuration for kube-prometheus-stack to clarify CRD management and server-side apply limitations, ensuring compatibility and preventing last-applied-configuration overflow during deployments.	2026-05-13 17:29:09 -04:00
Nikholas Pcenicni	b26099342c	Update Argo CD configuration to improve handling of managed fields and enhance compatibility with server-side apply, ensuring smoother deployments and conflict resolution.	2026-05-13 17:23:54 -04:00
Nikholas Pcenicni	91b32407f8	Enable ServerSideApply for kube-prometheus-stack CRDs in Argo CD configuration to avoid last-applied-configuration limit issues during deployments.	2026-05-13 17:19:47 -04:00
Nikholas Pcenicni	5833e421c0	Add --force-conflicts option to Helm upgrade commands across multiple roles to ensure proper handling of conflicts during deployments.	2026-05-13 17:14:22 -04:00
Nikholas Pcenicni	fc70c68c26	Add tasks to manage kyverno-admission-controller FlowSchema for Argo CD compatibility, addressing server-side applied conflicts and ensuring proper Helm SSA conflict recovery.	2026-05-13 17:11:11 -04:00
Nikholas Pcenicni	d206a590ab	Enhance hubble-server-certs management for Argo CD by adding a new configuration option and updating tasks to ensure compatibility with older kubectl versions. This includes improved handling of managed fields for Helm SSA conflict resolution.	2026-05-13 17:06:37 -04:00
Nikholas Pcenicni	b98fcfa471	Add task to manage hubble-server-certs Secret for Argo CD compatibility, ensuring proper Helm SSA conflict resolution during deployment.	2026-05-13 17:02:32 -04:00
Nikholas Pcenicni	c4e000d2d5	Refactor Argo CD application deployment by removing obsolete tasks and updating README for clarity. Introduce new task inclusion for Argo CD applications post-platform Helm installation, ensuring proper application order and synchronization.	2026-05-13 16:57:51 -04:00
Nikholas Pcenicni	4adaf100a2	Add LDAP authentication configuration to Tube Archivist service	2026-05-08 22:33:22 -04:00
Nikholas Pcenicni	8f1738e80a	Refactor m3u-editor service configuration to enhance environment variable management and improve overall clarity in setup.	2026-05-08 22:29:19 -04:00
Nikholas Pcenicni	ded15665be	Update m3u-editor service configuration to include additional environment variables and improve clarity in the setup.	2026-05-08 17:35:30 -04:00
Nikholas Pcenicni	97a755dc0a	Remove old tvheadend configuration files and add new m3u-editor service configuration with environment variables	2026-04-26 12:34:36 -04:00
Nikholas Pcenicni	2c71e4546c	Comment out devices section in tvheadend service configuration for clarity	2026-04-26 12:13:08 -04:00
Nikholas Pcenicni	48f60bd8d9	Add Docker Compose configuration for tvheadend service	2026-04-26 12:12:19 -04:00

1 2 3 4 5

225 Commits