K3S-HOME/applications
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
163 Commits 1 Branch 0 Tags
5890f09ada54b2ac813505aa898012a5fd8f7529
Commit Graph

36 Commits

Author SHA1 Message Date
Mayne0213
5890f09ada PERF(apps): reduce replicas to 1 
- Reduce docusaurus, headlamp, umami replicas to 1
 2026-01-10 13:31:34 +09:00
Mayne0213
ab5d432f5c CHORE(resources): set memory limits equal to memory requests 
- Align memory limits with memory requests for guaranteed QoS class
- umami, code-server, docusaurus
- gitea, homer, mas, headlamp
 2026-01-10 01:20:46 +09:00
Mayne0213
fd1548c70c FEAT(applications): enable HA with replica 2 and soft anti-affinity 
- Add replicaCount: 2 to docusaurus, headlamp, homer, mas, umami
- Add soft pod anti-affinity for node distribution
- Enable high availability across multiple nodes
 2026-01-09 21:38:09 +09:00
Mayne0213
a051b67030 PERF(resources): remove CPU limits - keep memory limits only 
- CPU throttling prevents app startup, not crashes
- Memory OOM is the real cascading failure cause
- CPU request ensures fair scheduling
 2026-01-07 23:48:31 +09:00
Mayne0213
b5517f757a PERF(resources): increase CPU limit to VPA × 3 for startup burst 
- Change CPU limit multiplier from 1.5x to 3x
- Prevents throttling during app startup
- Affected: code-server, crafty, docusaurus, gitea, headlamp,
  homer, immich, mas, umami
 2026-01-07 23:35:06 +09:00
Mayne0213
8353cf22bc FEAT(repo): add startupProbe for CPU-limited apps 
- Add startupProbe to code-server, crafty, mas, umami, immich
- Configure 300s startup timeout (10s × 30 attempts)
- Set initialDelaySeconds to 0 for liveness/readiness
- Reduce immich-ml memory from 2Gi to 1Gi (node memory limit)
 2026-01-07 23:25:06 +09:00
Mayne0213
3bc0b76135 PERF(repo): apply CPU/Memory limits based on VPA 
- Set CPU request to VPA recommendation
- Set CPU limit to VPA × 1.5 for burst allowance
- Set Memory limit to VPA × 1.5 to prevent OOM
- Prevent cascading failure on node failure
 2026-01-07 23:07:30 +09:00
Mayne0213
d65596309b REFACTOR(secrets): flatten Vault paths 
- Change secret paths from <category>/<app> to <app>
- applications/code-server → code-server
- applications/umami → umami
- databases/postgresql → postgresql
- cluster-infrastructure/authelia → authelia
 2026-01-06 16:53:02 +09:00
Mayne0213
068d9339b9 REFACTOR(repo): move vault/ to manifests/ 
- Move ExternalSecret files from vault/ to manifests/secret.yaml
- Merge multiple secrets with --- separator (immich)
- Update kustomization.yaml references
- Remove vault/ folders

Apps: umami, immich, code-server
 2026-01-06 16:43:34 +09:00
Mayne0213
7661427f4b REFACTOR(umami): move dual ingress to manifests 
- Move ingress.yaml to manifests/ (public + protected ingress)
- Keep ingress disabled in helm-values.yaml due to complex routing
 2026-01-06 15:13:42 +09:00
Mayne0213
67dd7c966a FEAT(umami): add /api/send to public ingress 
- Add /api/send path to public ingress routes
- Allow tracking data submission without auth
 2026-01-05 00:43:51 +09:00
Mayne0213
42eb875c01 REFACTOR(repo): migrate repoURL to K3S-HOME 
- Update repository URL to K3S-HOME organization
- Change from personal to organization repo
 2026-01-05 00:43:51 +09:00
renovate[bot]
2f03f56f78 CHORE(umami): update Helm release umami to v7 
- Upgrade Umami chart to v7
- Apply new chart configuration
 2026-01-05 00:43:51 +09:00
Mayne0213
2934188c79 FEAT(traefik): add /intl to public ingress 
- Add /intl path to public ingress routes
- Enable internationalization endpoint access
 2026-01-05 00:43:51 +09:00
Mayne0213
6aec454da1 FEAT(traefik): add /api/websites to ingress 
- Add /api/websites path to ingress routes
- Enable website API access
 2026-01-05 00:43:51 +09:00
Mayne0213
3a6c4c9d4e FEAT(umami): allow public share URLs 
- Split ingress into public (umami-share) and protected (umami-ingress)
- Public paths: /share, /api/share, /_next, /script.js
- Protected paths: everything else (requires Authelia SSO)
 2026-01-05 00:43:51 +09:00
Mayne0213
c45f9f93ba FEAT(authelia): bypass share link in authelia 
- Add bypass rule for share link paths
- Allow public access to share URLs
 2026-01-05 00:43:51 +09:00
Mayne0213
ae59d858e1 REFACTOR(authelia): change homer, disable login 
- Update Homer authentication settings
- Disable login requirement for dashboard
 2026-01-05 00:43:51 +09:00
Mayne0213
6ea23f1995 CHORE(authelia): disable local auth and add Authelia SSO 
- code-server: Change --auth password to --auth none
- code-server: Add Authelia middleware to ingress
- immich: Add Authelia middleware to ingress
- umami: Add Authelia middleware to ingress
 2026-01-05 00:43:51 +09:00
Mayne0213
cfe238ffa5 PERF(umami): reduce umami replicas to 1 2026-01-05 00:43:51 +09:00
Mayne0213
22694d9699 REFACTOR(traefik): switch ingress to Traefik 
- Update ingressClassName from haproxy to traefik
- Update kubernetes-dashboard with Traefik backend SSL annotation
 2026-01-05 00:43:51 +09:00
Mayne0213
c44ec110e7 CHORE(eso): update ESO API version 2026-01-05 00:43:51 +09:00
Mayne0213
0beffc4d32 CHORE(pg): update pg namespace reference 2026-01-05 00:43:51 +09:00
Mayne0213
9b256777bd REFACTOR(gitea): migrate repoURL from Gitea to GitHub 
- Update repository URL from Gitea to GitHub
- Change source control provider
 2026-01-05 00:43:51 +09:00
Mayne0213
19adcadfdf REFACTOR(goldilocks): use managedNsMeta for Goldil 
- Remove namespace.yaml files
- Add managedNamespaceMetadata with Goldilocks label
- Set CreateNamespace=true in syncOptions
- Update kustomization.yaml to remove namespace.yaml references
 2026-01-05 00:43:51 +09:00
Mayne0213
0996187c82 REFACTOR(docs): detach services,ingress from docs 2026-01-05 00:43:51 +09:00
Mayne0213
cdbf94bc81 FIX(umami): umami namespace from analytics to umam 
- Change ExternalSecret namespace from analytics to umami
- This fixes umami degraded status caused by namespace mismatch
 2026-01-05 00:43:51 +09:00
Mayne0213
32ab5a75fe REFACTOR(umami): change namespace of umami 2026-01-05 00:43:51 +09:00
Mayne0213
71f7f1b741 REFACTOR(repo): restructure apps folder and remove CreateNamespace 
- Remove argocd/ and helm-values/ subdirectories
- Move files to parent directory (argocd.yaml, helm-values.yaml)
- Update helm valueFiles paths in ArgoCD Applications
- Remove CreateNamespace=true from all applications
- Namespace creation now handled by namespace.yaml with Goldilocks labels
 2026-01-05 00:43:51 +09:00
Mayne0213
c7c7698610 FEAT(goldilocks): add goldilocks labels to applica 
- Add namespace.yaml with goldilocks.fairwinds.com/enabled label
- Enable VPA recommendations for all applications
- Update kustomization.yaml to include namespace resources
- Fix namespace names to match actual usage (umami -> analytics)
 2026-01-05 00:43:51 +09:00
Mayne0213
9481fb6b8c REFACTOR(umami): migrate umami to CNPG database 2026-01-05 00:43:51 +09:00
Mayne0213
6805058bc4 PERF(grafana): optimize cpu requests based on actu 
- code-server: 50m → 5m (actual: 1m)
- docusaurus: 50m → 5m (actual: 1m)
- kubernetes-dashboard: 15m → 5m (actual: 1m)
- kubernetes-dashboard-metrics-scraper: 50m → 5m (actual: 1m)
- homer: 50m → 5m (actual: 1m)
- umami: 30m → 5m (actual: 1m)
- gitea: 50m → 10m (actual: 5m)
 2025-12-26 11:46:38 +09:00
Mayne0213
cb532c3bd1 FEAT(traefik): add per-application ingress managem 
- Added ingress.yaml for code-server, kubernetes-dashboard, and umami
- Updated kustomization files to include ingress resources
- Migrated from centralized ingress management to per-app architecture
 2025-12-25 20:21:26 +09:00
Mayne0213
09c53730db REFACTOR(code-server): change vault secret path 2025-12-17 21:32:30 +09:00
Mayne0213
089f8c0575 CHORE(argocd): update ArgoCD apps to point to apps 2025-12-17 15:13:15 +09:00
Mayne0213
9763b1e682 INIT(repo): apps setup with all user-facing servic 2025-12-17 15:11:34 +09:00