Update Helm release loki to v6.34.0

2025-07-29 20:02:09 +00:00
21 changed files with 51 additions and 50 deletions
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 # Kluster setup and IaaC using argoCD
-### Description
+### Initial setup
 #### Requirements:
 - A running k3s instance
 - `sealedsecrets` deployed
@@ -27,21 +27,20 @@ The app-of-apps will bootstrap a fully featured cluster with the following compo
    - immich
    - ...
-## Setup instructions
+#### Recap
-1. install sealedsecrets see [README](./infrastructure/sealedsecrets/README.md)
+- install sealedsecrets see [README](./infrastructure/sealedsecrets/README.md)
    ```bash
    kubectl apply -k infrastructure/sealedsecrets
    kubectl apply -f infrastructure/sealedsecrets/main.key
    kubectl delete pod -n kube-system -l name=sealed-secrets-controller
    ```
-1. install argocd and the app-of-apps bundled with it
+- install argocd
    ```bash
    kubectl apply -k infrastructure/argocd
    ```
 - wait...
 > NOTE: The argocd kustomization already mentions some CRDs available only after the full bootstrapping (traefik). You might have to apply the last step twice
 ### Adding an application
 todo
--- a/apps/adguard/kustomization.yaml
+++ b/apps/adguard/kustomization.yaml
@@ -10,7 +10,7 @@ resources:
 images:
  - name: adguard/adguardhome
    newName: adguard/adguardhome
-    newTag: v0.107.65
+    newTag: v0.107.64
 namespace: adguard
--- a/apps/audiobookshelf/kustomization.yaml
+++ b/apps/audiobookshelf/kustomization.yaml
@@ -12,4 +12,4 @@ namespace: audiobookshelf
 images:
  - name: audiobookshelf
    newName: ghcr.io/advplyr/audiobookshelf
-    newTag: "2.29.0"
+    newTag: "2.26.3"
--- a/apps/finance/kustomization.yaml
+++ b/apps/finance/kustomization.yaml
@@ -14,4 +14,4 @@ resources:
 images:
  - name: actualbudget
    newName: actualbudget/actual-server
-    newTag: 25.9.0
+    newTag: 25.7.1
--- a/apps/grafana/kustomization.yaml
+++ b/apps/grafana/kustomization.yaml
@@ -17,5 +17,5 @@ helmCharts:
  - releaseName: grafana
    name: grafana
    repo: https://grafana.github.io/helm-charts
-    version: 9.4.5
+    version: 9.2.10
    valuesFile: grafana.values.yaml
--- a/apps/homeassistant/kustomization.yaml
+++ b/apps/homeassistant/kustomization.yaml
@@ -15,4 +15,4 @@ resources:
 images:
  - name: homeassistant
    newName: homeassistant/home-assistant
-    newTag: "2025.9"
+    newTag: "2025.7"
--- a/apps/immich/kustomization.yaml
+++ b/apps/immich/kustomization.yaml
@@ -22,9 +22,9 @@ helmCharts:
 images:
  - name: ghcr.io/immich-app/immich-machine-learning
-    newTag: v1.141.1
+    newTag: v1.136.0
  - name: ghcr.io/immich-app/immich-server
-    newTag: v1.141.1
+    newTag: v1.136.0
 patches:
--- a/apps/linkding/kustomization.yaml
+++ b/apps/linkding/kustomization.yaml
@@ -13,4 +13,4 @@ namespace: linkding
 images:
  - name: linkding
    newName: sissbruecker/linkding
-    newTag: "1.42.0"
+    newTag: "1.41.0"
--- a/apps/ntfy/kustomization.yaml
+++ b/apps/ntfy/kustomization.yaml
@@ -13,4 +13,4 @@ resources:
 images:
  - name: binwiederhier/ntfy
    newName: binwiederhier/ntfy
-    newTag: v2.14.0
+    newTag: v2.13.0
--- a/apps/paperless/kustomization.yaml
+++ b/apps/paperless/kustomization.yaml
@@ -14,14 +14,14 @@ namespace: paperless
 images:
  - name: paperless
    newName: ghcr.io/paperless-ngx/paperless-ngx
-    newTag: "2.18.4"
+    newTag: "2.17.1"
 helmCharts:
  - name: redis
    releaseName: redis
    repo: https://charts.bitnami.com/bitnami
-    version: 22.0.7
+    version: 21.2.13
    valuesInline:
      auth:
        enabled: false
--- a/apps/recipes/kustomization.yaml
+++ b/apps/recipes/kustomization.yaml
@@ -13,5 +13,5 @@ resources:
 images:
  - name: mealie
-    newTag: v3.1.2
+    newTag: v3.0.2
    newName: ghcr.io/mealie-recipes/mealie
--- a/infrastructure/authelia/kustomization.yaml
+++ b/infrastructure/authelia/kustomization.yaml
@@ -27,6 +27,6 @@ images:
 helmCharts:
  - name: authelia
    releaseName: authelia
-    version: 0.10.46
+    version: 0.10.41
    repo: https://charts.authelia.com
    valuesFile: authelia.values.yaml
--- a/infrastructure/gitea/kustomization.yaml
+++ b/infrastructure/gitea/kustomization.yaml
@@ -23,6 +23,6 @@ helmCharts:
  - name: gitea
    namespace: gitea # needs to be set explicitly for svc to be referenced correctly
    releaseName: gitea
-    version: 12.2.0
+    version: 12.1.2
    valuesFile: gitea.values.yaml
    repo: https://dl.gitea.io/charts/
--- a/infrastructure/metallb-system/ipaddresspool.yaml
+++ b/infrastructure/metallb-system/ipaddresspool.yaml
@@ -2,6 +2,7 @@ apiVersion: metallb.io/v1beta1
 kind: IPAddressPool
 metadata:
  name: default
  namespace: metallb-system
 spec:
  addresses:
    - 192.168.3.0/24
@@ -9,8 +10,5 @@ spec:
 apiVersion: metallb.io/v1beta1
 kind: L2Advertisement
 metadata:
-  name: default
+  name: empty
-# selector is left empty on purpose to match all IPAddressPools
+  namespace: metallb-system
 # spec:
 #   ipAddressPools:
 #   - default
--- a/infrastructure/metallb-system/kustomization.yaml
+++ b/infrastructure/metallb-system/kustomization.yaml
@@ -1,12 +1,15 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources: 
  - namespace.yaml
  - ipaddresspool.yaml
 namespace: metallb-system
 resources:
  # - namespace.yaml
  # namespace is already included in the remote kustomization
  # - github.com/metallb/metallb/config/native?ref=v0.15.2
  - github.com/metallb/metallb/config/frr?ref=v0.15.2
  - ipaddresspool.yaml
 helmCharts:
  - name: metallb
    repo: https://metallb.github.io/metallb
    version: 0.15.2
    releaseName: metallb
    valuesFile: values.yaml
--- a/infrastructure/metallb-system/namespace.yaml
+++ b/infrastructure/metallb-system/namespace.yaml
@@ -1,6 +1,6 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: metallb-system
+  name: placeholder
-  # labels:
+  labels:
-    # pod-security.kubernetes.io/enforce: privileged
+    pod-security.kubernetes.io/enforce: privileged 
--- a/infrastructure/monitoring/kustomization.yaml
+++ b/infrastructure/monitoring/kustomization.yaml
@@ -24,7 +24,7 @@ helmCharts:
  - name: loki
    releaseName: loki
    repo: https://grafana.github.io/helm-charts
-    version: 6.39.0
+    version: 6.34.0
    valuesFile: loki.values.yaml
  - name: prometheus-node-exporter
    releaseName: prometheus-node-exporter
--- a/infrastructure/monitoring/loki.values.yaml
+++ b/infrastructure/monitoring/loki.values.yaml
@@ -30,6 +30,7 @@ loki:
    filesystem:
      chunks_directory: /var/loki/chunks
      rules_directory: /var/loki/rules
      admin_api_directory: /var/loki/admin
 minio:
  enabled: false
--- a/infrastructure/sealedsecrets/kustomization.yaml
+++ b/infrastructure/sealedsecrets/kustomization.yaml
@@ -9,4 +9,4 @@ resources:
 images:
  - name: controller
    newName: docker.io/bitnami/sealed-secrets-controller
-    newTag: 0.32.1
+    newTag: 0.30.0
--- a/infrastructure/traefik-system/configmap.yaml
+++ b/infrastructure/traefik-system/configmap.yaml
@@ -71,7 +71,7 @@ data:
        address = ":9100"
      [entryPoints.traefik]
-        address = ":8080"
+        address = ":9000"
      [entryPoints.dnsovertls]
        address = ":8853"
--- a/infrastructure/traefik-system/values.yaml
+++ b/infrastructure/traefik-system/values.yaml
@@ -23,7 +23,8 @@ ingressClass:
  # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
  enabled: true
  isDefaultClass: true
-
+  # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
  fallbackApiVersion: ""
 # Activate Pilot integration
 pilot:
@@ -66,8 +67,7 @@ providers:
  kubernetesIngress:
    enabled: true
    allowExternalNameServices: true
-    # Ingresses missing the annotation, having an empty value, or the value traefik are processed by default.
+    ingressClass: traefik
    # ingressClass: traefik
    # labelSelector: environment=production,method=traefik