Update image ghcr.io/siderolabs/kubelet to v1.31.3

2024-11-23 08:03:55 +00:00
43 changed files with 32 additions and 572 deletions
--- a/kubernetes/apps/ai/open-webui/app/helmrelease.yaml
+++ b/kubernetes/apps/ai/open-webui/app/helmrelease.yaml
@ -33,10 +33,10 @@ spec:
          app:
            image:
              repository: ghcr.io/open-webui/open-webui
-              tag: v0.4.5
+              tag: v0.4.4
            env:
              - name: OLLAMA_BASE_URL
-                value: http://10.1.1.61:11434
+                value: http://ollama.ai.svc.cluster.local:11434
              - name: ENABLE_RAG_WEB_SEARCH
                value: true
              - name: RAG_WEB_SEARCH_ENGINE
--- a/kubernetes/apps/anime/sonarr/app/helmrelease.yaml
+++ b/kubernetes/apps/anime/sonarr/app/helmrelease.yaml
@ -31,7 +31,7 @@ spec:
          app:
            image:
              repository: ghcr.io/onedr0p/sonarr-develop
-              tag: 4.0.11.2697
+              tag: 4.0.10.2656
            env:
              SONARR__APP__INSTANCENAME: Sonarr-Anime
              SONARR__APP__THEME: dark
--- a/kubernetes/apps/database/crunchy-postgres-operator/cluster/postgrescluster.yaml
+++ b/kubernetes/apps/database/crunchy-postgres-operator/cluster/postgrescluster.yaml
@ -144,11 +144,6 @@ spec:
        - jellyseerr
      password:
        type: AlphaNumeric
-    - name: ptero
-      databases:
-        - ptero
-      password:
-        type: AlphaNumeric


  backups:
--- a/kubernetes/apps/database/crunchy-postgres-operator/operator/helmrelease.yaml
+++ b/kubernetes/apps/database/crunchy-postgres-operator/operator/helmrelease.yaml
@ -9,7 +9,7 @@ spec:
  chart:
    spec:
      chart: pgo
-      version: 5.7.1
+      version: 5.7.0
      sourceRef:
        kind: HelmRepository
        name: crunchydata
--- a/kubernetes/apps/database/dragonfly/cluster/dragonfly.yaml
+++ b/kubernetes/apps/database/dragonfly/cluster/dragonfly.yaml
@ -5,7 +5,7 @@ kind: Dragonfly
 metadata:
  name: dragonfly
 spec:
-  image: ghcr.io/dragonflydb/dragonfly:v1.25.4
+  image: ghcr.io/dragonflydb/dragonfly:v1.25.1
  replicas: 3
  env:
    - name: MAX_MEMORY
--- a/kubernetes/apps/database/kustomization.yaml
+++ b/kubernetes/apps/database/kustomization.yaml
@ -10,4 +10,3 @@ resources:
  - ./dragonfly/ks.yaml
  - ./emqx/ks.yaml
  - ./influxdb/ks.yaml
-  - ./mariadb/ks.yaml
--- a/kubernetes/apps/database/mariadb/cluster/backup.yaml
+++ b/kubernetes/apps/database/mariadb/cluster/backup.yaml
@ -1,78 +0,0 @@
---
-# yaml-language-server: $schema=https://ks.hsn.dev/k8s.mariadb.com/backup_v1alpha1.json
-apiVersion: k8s.mariadb.com/v1alpha1
-kind: Backup
-metadata:
-  name: &name mariadb-backup
-spec:
-  mariaDbRef:
-    name: mariadb
-  timeZone: "America/Chicago"
-  schedule:
-    cron: "0 * * * *"
-    suspend: false
-  stagingStorage:
-    persistentVolumeClaim:
-      storageClassName: openebs-hostpath
-      resources:
-        requests:
-          storage: 6Gi
-      accessModes:
-        - ReadWriteOnce
-  podSecurityContext:
-    runAsUser: 568
-    runAsGroup: 568
-    fsGroup: 568
-    fsGroupChangePolicy: OnRootMismatch
-  storage:
-    s3:
-      endpoint: s3.hsn.dev
-      bucket: mariadb
-      prefix: full/
-      accessKeyIdSecretKeyRef:
-        name: mariadb-secret
-        key: AWS_ACCESS_KEY_ID
-      secretAccessKeySecretKeyRef:
-        name: mariadb-secret
-        key: AWS_SECRET_ACCESS_KEY
---
-# yaml-language-server: $schema=https://ks.hsn.dev/k8s.mariadb.com/backup_v1alpha1.json
-apiVersion: k8s.mariadb.com/v1alpha1
-kind: Backup
-metadata:
-  name: &name mariadb-pterodactyl-backup
-  namespace: database
-spec:
-  mariaDbRef:
-    name: mariadb
-    namespace: database
-  timeZone: "America/Chicago"
-  schedule:
-    cron: "0 * * * *"
-    suspend: false
-  stagingStorage:
-    persistentVolumeClaim:
-      storageClassName: openebs-hostpath
-      resources:
-        requests:
-          storage: 6Gi
-      accessModes:
-        - ReadWriteOnce
-  podSecurityContext:
-    runAsUser: 568
-    runAsGroup: 568
-    fsGroup: 568
-    fsGroupChangePolicy: OnRootMismatch
-  databases:
-    - pterodactyl
-  storage:
-    s3:
-      endpoint: s3.hsn.dev
-      bucket: mariadb
-      prefix: pterodactyl/
-      accessKeyIdSecretKeyRef:
-        name: mariadb-secret
-        key: AWS_ACCESS_KEY_ID
-      secretAccessKeySecretKeyRef:
-        name: mariadb-secret
-        key: AWS_SECRET_ACCESS_KEY
--- a/kubernetes/apps/database/mariadb/cluster/externalsecret.yaml
+++ b/kubernetes/apps/database/mariadb/cluster/externalsecret.yaml
@ -1,27 +0,0 @@
---
-# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: &name mariadb
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: onepassword-connect
-  target:
-    name: mariadb-secret
-    template:
-      engineVersion: v2
-      data:
-        AWS_ACCESS_KEY_ID: "{{ .minio_mariadb_access_key }}"
-        AWS_SECRET_ACCESS_KEY: "{{ .minio_mariadb_secret_key }}"
-  dataFrom:
-    - extract:
-        key: minio
-      rewrite:
-        - regexp:
-            source: "[-]"
-            target: "_"
-        - regexp:
-            source: "(.*)"
-            target: "minio_$1"
--- a/kubernetes/apps/database/mariadb/cluster/gatus.yaml
+++ b/kubernetes/apps/database/mariadb/cluster/gatus.yaml
@ -1,21 +0,0 @@
---
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: mariadb-gatus-ep
-  labels:
-    gatus.io/enabled: "true"
-data:
-  config.yaml: |
-    endpoints:
-      - name: mariadb
-        group: infrastructure
-        url: tcp://mariadb.database.svc.cluster.local:3306
-        interval: 1m
-        ui:
-          hide-url: true
-          hide-hostname: true
-        conditions:
-          - "[CONNECTED] == true"
-        alerts:
-          - type: pushover
--- a/kubernetes/apps/database/mariadb/cluster/kustomization.yaml
+++ b/kubernetes/apps/database/mariadb/cluster/kustomization.yaml
@ -1,9 +0,0 @@
---
-# yaml-language-server: $schema=https://json.schemastore.org/kustomization
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ./backup.yaml
-  - ./externalsecret.yaml
-  - ./gatus.yaml
-  - ./mariadb.yaml
--- a/kubernetes/apps/database/mariadb/cluster/mariadb.yaml
+++ b/kubernetes/apps/database/mariadb/cluster/mariadb.yaml
@ -1,38 +0,0 @@
---
-# yaml-language-server: $schema=https://ks.hsn.dev/k8s.mariadb.com/mariadb_v1alpha1.json
-apiVersion: k8s.mariadb.com/v1alpha1
-kind: MariaDB
-metadata:
-  name: &name mariadb
-spec:
-  # renovate: datasource=docker depName=docker.io/library/mariadb
-  image: docker.io/library/mariadb:11.6.2
-  replicas: 3
-  storage:
-    size: 5Gi
-    storageClassName: openebs-hostpath
-  # bootstrapFrom:
-  #   backupRef:
-  #     name: mariadb-backup
-  maxScale:
-    enabled: true
-    kubernetesService:
-      type: LoadBalancer
-      metadata:
-        annotations:
-          io.cilium/lb-ipam-ips: 10.1.1.39
-    connection:
-      secretName: mxs-connection
-      port: 3306
-  galera:
-    enabled: true
-  podSecurityContext:
-    runAsUser: 568
-    runAsGroup: 568
-    fsGroup: 568
-    fsGroupChangePolicy: OnRootMismatch
-  service:
-    type: LoadBalancer
-    metadata:
-      annotations:
-        io.cilium/lb-ipam-ips: 10.1.1.33
--- a/kubernetes/apps/database/mariadb/cluster/restore.yaml
+++ b/kubernetes/apps/database/mariadb/cluster/restore.yaml
@ -1,17 +0,0 @@
---
-# yaml-language-server: $schema=https://ks.hsn.dev/k8s.mariadb.com/restore_v1alpha1.json
-apiVersion: k8s.mariadb.com/v1alpha1
-kind: Restore
-metadata:
-  name: restore
-spec:
-  mariaDbRef:
-    name: mariadb
-    namespace: database
-  backupRef:
-    name: mariadb-backup
-  podSecurityContext:
-    runAsUser: 568
-    runAsGroup: 568
-    fsGroup: 568
-    fsGroupChangePolicy: OnRootMismatch
--- a/kubernetes/apps/database/mariadb/crds/helmrelease.yaml
+++ b/kubernetes/apps/database/mariadb/crds/helmrelease.yaml
@ -1,17 +0,0 @@
---
-# yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: mariadb-operator-crds
-spec:
-  interval: 30m
-  chart:
-    spec:
-      chart: mariadb-operator-crds
-      version: 0.36.0
-      sourceRef:
-        kind: HelmRepository
-        name: mariadb-operator
-        namespace: flux-system
-      interval: 5m
--- a/kubernetes/apps/database/mariadb/crds/kustomization.yaml
+++ b/kubernetes/apps/database/mariadb/crds/kustomization.yaml
@ -1,6 +0,0 @@
---
-# yaml-language-server: $schema=https://json.schemastore.org/kustomization
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - helmrelease.yaml
--- a/kubernetes/apps/database/mariadb/ks.yaml
+++ b/kubernetes/apps/database/mariadb/ks.yaml
@ -1,64 +0,0 @@
---
-# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: &app mariadb-operator
-  namespace: flux-system
-spec:
-  targetNamespace: database
-  commonMetadata:
-    labels:
-      app.kubernetes.io/name: *app
-  dependsOn:
-    - name: external-secrets-stores
-  path: ./kubernetes/apps/database/mariadb/operator
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: theshire
-  wait: true
-  interval: 30m
-  timeout: 5m
---
-# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: &app mariadb-operator-crds
-  namespace: flux-system
-spec:
-  targetNamespace: database
-  commonMetadata:
-    labels:
-      app.kubernetes.io/name: *app
-  path: ./kubernetes/apps/database/mariadb/crds
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: theshire
-  wait: true
-  interval: 30m
-  timeout: 5m
---
-# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: &app mariadb-cluster
-  namespace: flux-system
-spec:
-  targetNamespace: database
-  commonMetadata:
-    labels:
-      app.kubernetes.io/name: *app
-  dependsOn:
-    - name: external-secrets-stores
-  path: ./kubernetes/apps/database/mariadb/cluster
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: theshire
-  wait: true
-  interval: 30m
-  timeout: 5m
--- a/kubernetes/apps/database/mariadb/operator/helmrelease.yaml
+++ b/kubernetes/apps/database/mariadb/operator/helmrelease.yaml
@ -1,31 +0,0 @@
---
-# yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: mariadb-operator
-spec:
-  interval: 30m
-  chart:
-    spec:
-      chart: mariadb-operator
-      version: 0.36.0
-      sourceRef:
-        kind: HelmRepository
-        name: mariadb-operator
-        namespace: flux-system
-      interval: 5m
-  values:
-    logLevel: debug
-    image:
-      repository: ghcr.io/mariadb-operator/mariadb-operator
-      pullPolicy: IfNotPresent
-    metrics:
-      enabled: true
-      serviceMonitor:
-        enabled: true
-    webhook:
-      certificate:
-        certManager: true
-      serviceMonitor:
-        enabled: true
--- a/kubernetes/apps/database/mariadb/operator/kustomization.yaml
+++ b/kubernetes/apps/database/mariadb/operator/kustomization.yaml
@ -1,6 +0,0 @@
---
-# yaml-language-server: $schema=https://json.schemastore.org/kustomization
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - helmrelease.yaml
--- a/kubernetes/apps/default/autobrr/app/helmrelease.yaml
+++ b/kubernetes/apps/default/autobrr/app/helmrelease.yaml
@ -31,7 +31,7 @@ spec:
          app:
            image:
              repository: ghcr.io/autobrr/autobrr
-              tag: v1.51.1@sha256:747c682d8d59e72a202ee4239bafbd7cfa10b0fc3a6220b61446de73dbd0c956
+              tag: v1.50.0@sha256:6a6f23570ab6b418318ab12bf2558712714e2f243cf18b139afa414f8417e97d
            env:
              AUTOBRR__CHECK_FOR_UPDATES: "false"
              AUTOBRR__HOST: 0.0.0.0
--- a/kubernetes/apps/default/excalidraw/app/helmrelease.yaml
+++ b/kubernetes/apps/default/excalidraw/app/helmrelease.yaml
@ -30,7 +30,7 @@ spec:
          app:
            image:
              repository: docker.io/excalidraw/excalidraw
-              tag: latest@sha256:c6b7fc35e9e9cfb2b85e76081530223407b00157896b00a01f272b4085ffe4c9
+              tag: latest@sha256:4d5423c1d80f353458307324b169500df334856eccc2e39fc6fa13808a64e1c2
              pullPolicy: IfNotPresent
            probes:
              liveness:
--- a/kubernetes/apps/default/home-assistant/app/helmrelease.yaml
+++ b/kubernetes/apps/default/home-assistant/app/helmrelease.yaml
@ -36,7 +36,7 @@ spec:
          app:
            image:
              repository: ghcr.io/onedr0p/home-assistant
-              tag: 2024.11.3@sha256:f45f502b1738e46eb435fbc8947cdcc2574f3713b156c6738129ea2ea9b49018
+              tag: 2024.11.2@sha256:58df3d1169fb02ef2fb6f6cb2f2423abeb2142f89f3c0fd447cc983d63825c56
            env:
              TZ: America/Chicago
            envFrom:
--- a/kubernetes/apps/default/kustomization.yaml
+++ b/kubernetes/apps/default/kustomization.yaml
@ -18,7 +18,6 @@ resources:
  - ./overseerr/ks.yaml
  - ./plex/ks.yaml
  - ./prowlarr/ks.yaml
-  - ./pterodactyl/ks.yaml
  - ./radarr/ks.yaml
  - ./recyclarr/ks.yaml
  - ./redlib/ks.yaml
--- a/kubernetes/apps/default/prowlarr/app/helmrelease.yaml
+++ b/kubernetes/apps/default/prowlarr/app/helmrelease.yaml
@ -31,7 +31,7 @@ spec:
          app:
            image:
              repository: ghcr.io/onedr0p/prowlarr-develop
-              tag: 1.27.0.4852@sha256:6e1041a558cceee6356efe74cc9a9138909f4a8bac5eb714a420a37e4b478c77
+              tag: 1.26.1.4844@sha256:dd6ab1a0c8f2d780b990f1034f2da6ffb0b4d3e3ca6042b656f691f06d4c9397
            env:
              # Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
              # Ref: https://github.com/dotnet/runtime/issues/9336
--- a/kubernetes/apps/default/pterodactyl/app/externalsecret.yaml
+++ b/kubernetes/apps/default/pterodactyl/app/externalsecret.yaml
@ -1,30 +0,0 @@
---
-# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: pterodactyl
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: onepassword-connect
-  target:
-    name: pterodactyl-secret
-    template:
-      engineVersion: v2
-      data:
-        APP_SERVICE_AUTHOR: "{{ .PTERODACTYL_APP_EMAIL }}"
-        APP_URL: "https://pt.hsn.dev"
-        DB_DATABASE: "pterodactyl"
-        DB_HOST: "mariadb.database.svc.cluster.local"
-        DB_PASSWORD: "{{ .PTERODACTYL_MARIADB_PANEL_PASSWORD }}"
-        DB_USERNAME: "pterodactyl"
-        REDIS_HOST: "dragonfly.database.svc.cluster.local"
-
-  dataFrom:
-    - extract:
-        key: pterodactyl
-      rewrite:
-        - regexp:
-            source: "(.*)"
-            target: "PTERODACTYL_$1"
--- a/kubernetes/apps/default/pterodactyl/app/helmrelease.yaml
+++ b/kubernetes/apps/default/pterodactyl/app/helmrelease.yaml
@ -1,101 +0,0 @@
---
-# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: &app pterodactyl
-spec:
-  interval: 30m
-  chart:
-    spec:
-      chart: app-template
-      version: 3.5.1
-      sourceRef:
-        kind: HelmRepository
-        name: bjw-s
-        namespace: flux-system
-  install:
-    remediation:
-      retries: 3
-  upgrade:
-    cleanupOnFail: true
-    remediation:
-      retries: 3
-      strategy: rollback
-  values:
-    controllers:
-      pterodactyl:
-        annotations:
-          reloader.stakater.com/auto: "true"
-        containers:
-          app:
-            image:
-              repository: ghcr.io/pterodactyl/panel
-              tag: v1.11.10@sha256:6c9d060396c0a2c273aa5573460ed51f9176016dac59608b414a3cb02b0cc30c
-            env:
-              CACHE_DRIVER: "redis"
-              SESSION_DRIVER: "redis"
-              QUEUE_DRIVER: "redis"
-              APP_ENV: "production"
-              APP_ENVIRONMENT_ONLY: "false"
-              APP_TIMEZONE: America/Chicago
-              TRUSTED_PROXIES: "*"
-              TZ: America/Chicago
-            envFrom:
-              - secretRef:
-                  name: pterodactyl-secret
-            securityContext:
-              allowPrivilegeEscalation: false
-              readOnlyRootFilesystem: true
-              capabilities: { drop: ["ALL"] }
-            resources:
-              requests:
-                cpu: 10m
-              limits:
-                memory: 1Gi
-        pod:
-          securityContext:
-            runAsUser: 568
-            runAsGroup: 568
-            runAsNonRoot: true
-            fsGroup: 568
-            fsGroupChangePolicy: OnRootMismatch
-    service:
-      app:
-        controller: pterodactyl
-        ports:
-          http:
-            port: 80
-    ingress:
-      app:
-        enabled: true
-        className: external-nginx
-        annotations:
-          external-dns.alpha.kubernetes.io/target: external.hsn.dev
-          external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
-        hosts:
-          - host: &host "pt.hsn.dev"
-            paths:
-              - path: /
-                service:
-                  identifier: app
-                  port: http
-        tls:
-          - hosts:
-              - *host
-    persistence:
-      config:
-        existingClaim: *app
-        advancedMounts:
-          pterodactyl:
-            app:
-              - subPath: "config"
-                path: "/app/var"
-              - subPath: "nginx"
-                path: "/etc/nginx/http.d"
-              - subPath: "applogs"
-                path: "/app/storage/logs"
-              - subPath: "syslogs"
-                path: "/var/log"
-              - subPath: "letsencrypt"
-                path: "/etc/letsencrypt"
--- a/kubernetes/apps/default/pterodactyl/app/kustomization.yaml
+++ b/kubernetes/apps/default/pterodactyl/app/kustomization.yaml
@ -1,10 +0,0 @@
---
-# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ../../../../templates/volsync
-  - ../../../../templates/gatus/external
-  - ./externalsecret.yaml
-  # - ./helmrelease.yaml
-  - ./mariadb.yaml
--- a/kubernetes/apps/default/pterodactyl/app/mariadb.yaml
+++ b/kubernetes/apps/default/pterodactyl/app/mariadb.yaml
@ -1,46 +0,0 @@
---
-# yaml-language-server: $schema=https://ks.hsn.dev/k8s.mariadb.com/database_v1alpha1.json
-apiVersion: k8s.mariadb.com/v1alpha1
-kind: Database
-metadata:
-  name: pterodactyl
-spec:
-  mariaDbRef:
-    name: mariadb
-    namespace: database
-  characterSet: utf8
-  collate: utf8_general_ci
---
-# yaml-language-server: $schema=https://ks.hsn.dev/k8s.mariadb.com/user_v1alpha1.json
-apiVersion: k8s.mariadb.com/v1alpha1
-kind: User
-metadata:
-  name: pterodactyl
-spec:
-  mariaDbRef:
-    name: mariadb
-    namespace: database
-  passwordSecretKeyRef:
-    name: pterodactyl-secret
-    key: DB_PASSWORD
-  maxUserConnections: 20
-  host: "%"
-  cleanupPolicy: Delete
-
---
-# yaml-language-server: $schema=https://ks.hsn.dev/k8s.mariadb.com/grant_v1alpha1.json
-apiVersion: k8s.mariadb.com/v1alpha1
-kind: Grant
-metadata:
-  name: grant-pterodactyl
-spec:
-  mariaDbRef:
-    name: mariadb
-    namespace: database
-  privileges:
-    - ALL PRIVILEGES
-  database: "pterodactyl"
-  table: "*"
-  username: pterodactyl
-  grantOption: true
-  host: "%"
--- a/kubernetes/apps/default/pterodactyl/ks.yaml
+++ b/kubernetes/apps/default/pterodactyl/ks.yaml
@ -1,31 +0,0 @@
---
-# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: &app pterodactyl
-  namespace: flux-system
-spec:
-  targetNamespace: default
-  commonMetadata:
-    labels:
-      app.kubernetes.io/name: *app
-  dependsOn:
-    - name: external-secrets
-    - name: dragonfly-cluster
-    - name: mariadb-cluster
-    - name: rook-ceph-cluster
-    - name: volsync
-  path: ./kubernetes/apps/default/pterodactyl/app
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: theshire
-  wait: false
-  interval: 30m
-  timeout: 5m
-  postBuild:
-    substitute:
-      APP: *app
-      GATUS_SUBDOMAIN: "pt"
-      VOLSYNC_CAPACITY: 10Gi
--- a/kubernetes/apps/default/redlib/app/helmrelease.yaml
+++ b/kubernetes/apps/default/redlib/app/helmrelease.yaml
@ -38,7 +38,7 @@ spec:
          app:
            image:
              repository: quay.io/redlib/redlib
-              tag: latest@sha256:1f120c85fc33bdac67c97d5d1a6c84a920be40742fbf311c970ab2749a435778
+              tag: latest@sha256:d350eebf055527e2f2189aa0ef3a1e5a178a427ff6ae65a9d3ecbe7f43e83f71
            env:
              REDLIB_DEFAULT_SHOW_NSFW: on
              REDLIB_DEFAULT_WIDE: on
--- a/kubernetes/apps/default/sonarr/app/helmrelease.yaml
+++ b/kubernetes/apps/default/sonarr/app/helmrelease.yaml
@ -31,7 +31,7 @@ spec:
          app:
            image:
              repository: ghcr.io/onedr0p/sonarr-develop
-              tag: 4.0.11.2697
+              tag: 4.0.10.2656
            env:
              SONARR__APP__INSTANCENAME: Sonarr
              SONARR__APP__THEME: dark
--- a/kubernetes/apps/default/stirling-pdf/app/helmrelease.yaml
+++ b/kubernetes/apps/default/stirling-pdf/app/helmrelease.yaml
@ -31,7 +31,7 @@ spec:
          app:
            image:
              repository: ghcr.io/stirling-tools/s-pdf
-              tag: 0.34.0@sha256:42ceaa84712f9271ca4af1c4d892899996424cbc5378f7dd168828091657c0f0
+              tag: 0.33.1@sha256:d30bf0b2826f0e71cf6fe1b806d918db6d90121ac70b3384569e3b49edf51b3f
              pullPolicy: IfNotPresent
            env:
              TZ: America/Chicago
--- a/kubernetes/apps/default/tautulli/app/helmrelease.yaml
+++ b/kubernetes/apps/default/tautulli/app/helmrelease.yaml
@ -31,7 +31,7 @@ spec:
          app:
            image:
              repository: ghcr.io/tautulli/tautulli
-              tag: v2.15.0@sha256:f13daee2a403a95a51902b2625de5f6b944f034e9cd790e9d2a0c5e84c9842cb
+              tag: v2.14.6@sha256:f54d2d3a78780c765cd7a10b882474909f50247b5d2d118badaa9c035421effd
            env:
              TZ: America/Chicago
            command: ["/usr/local/bin/python", "Tautulli.py"]
--- a/kubernetes/apps/observability/prometheus-operator-crds/app/helmrelease.yaml
+++ b/kubernetes/apps/observability/prometheus-operator-crds/app/helmrelease.yaml
@ -9,7 +9,7 @@ spec:
  chart:
    spec:
      chart: prometheus-operator-crds
-      version: 16.0.1
+      version: 16.0.0
      sourceRef:
        kind: HelmRepository
        name: prometheus-community
--- a/kubernetes/apps/qbittorrent/cross-seed/app/externalsecret.yaml
+++ b/kubernetes/apps/qbittorrent/cross-seed/app/externalsecret.yaml
@ -21,6 +21,7 @@ spec:
            delay: 30,
            duplicateCategories: false,
            flatLinking: false,
+            includeEpisodes: true,
            includeNonVideos: true,
            includeSingleEpisodes: true,
            linkCategory: "cross-seed",
@ -35,6 +36,15 @@ spec:
            sonarr: ["http://sonarr.default.svc.cluster.local/?apikey={{ .SONARR_API_KEY }}"],
            torrentDir: "/qbittorrent/qBittorrent/BT_backup",
            torznab: []
+            /* torznab: [
+                  6,  // ANT
+                  8,  // BLU
+                  9,  // TL
+                  10, // FL
+                  12, // FNP
+                  14, // TD
+            ].map(i => `http://prowlarr.default.svc.cluster.local/$${i}/api?apikey={{ .PROWLARR_API_KEY }}`),
+            */
          };
  dataFrom:
    - extract:
--- a/kubernetes/apps/qbittorrent/cross-seed/app/helmrelease.yaml
+++ b/kubernetes/apps/qbittorrent/cross-seed/app/helmrelease.yaml
@ -35,7 +35,7 @@ spec:
          app:
            image:
              repository: ghcr.io/cross-seed/cross-seed
-              tag: 6.1.0@sha256:91fbb2a6a411b7d63cccabffb5f623e6931579d2fd652512b6a3df0a9ba97066
+              tag: 6.0.0-44@sha256:881ce834570f3b369860e47a0801b89ab10469b3beccf5279f90e041d3725058
            env:
              TZ: America/Chicago
            args: ["daemon"]
--- a/kubernetes/apps/qbittorrent/flood/app/helmrelease.yaml
+++ b/kubernetes/apps/qbittorrent/flood/app/helmrelease.yaml
@ -43,7 +43,7 @@ spec:
          app:
            image:
              repository: jesec/flood
-              tag: master@sha256:04196de98223a193e4913c00e0ab1b48a27a370ef159989e52c29864afc2b2e4
+              tag: master@sha256:7b0f2b863434946260621b037d293130acb9f5d9248071408c641b858ffacccf
            envFrom:
              - secretRef:
                  name: flood-secret
--- a/kubernetes/apps/qbittorrent/qbittorrent/tools/helmrelease.yaml
+++ b/kubernetes/apps/qbittorrent/qbittorrent/tools/helmrelease.yaml
@ -39,7 +39,7 @@ spec:
          tagging: &container
            image:
              repository: ghcr.io/buroa/qbtools
-              tag: v0.19.9@sha256:f5405e3c00256d7911d2abb839084a5147c108586adb281e97587cf93729c89b
+              tag: v0.19.8@sha256:6d24270a3b4e31bfa8bcfc21ace625a27c9c71f789ef49d8454dacddbf87e123
            env:
              TZ: *timeZone
              POD_NAMESPACE:
--- a/kubernetes/apps/rook-ceph/rook-ceph/app/helmrelease.yaml
+++ b/kubernetes/apps/rook-ceph/rook-ceph/app/helmrelease.yaml
@ -10,7 +10,7 @@ spec:
  chart:
    spec:
      chart: rook-ceph
-      version: v1.15.6
+      version: v1.15.5
      sourceRef:
        kind: HelmRepository
        name: rook-ceph
--- a/kubernetes/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml
+++ b/kubernetes/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml
@ -10,7 +10,7 @@ spec:
  chart:
    spec:
      chart: rook-ceph-cluster
-      version: v1.15.6
+      version: v1.15.5
      sourceRef:
        kind: HelmRepository
        name: rook-ceph
--- a/kubernetes/apps/security/external-secrets/app/helmrelease.yaml
+++ b/kubernetes/apps/security/external-secrets/app/helmrelease.yaml
@ -10,7 +10,7 @@ spec:
  chart:
    spec:
      chart: external-secrets
-      version: 0.10.7
+      version: 0.10.6
      interval: 30m
      sourceRef:
        kind: HelmRepository
--- a/kubernetes/bootstrap/helmfile.yaml
+++ b/kubernetes/bootstrap/helmfile.yaml
@ -19,7 +19,7 @@ releases:
  - name: prometheus-operator-crds
    namespace: observability
    chart: oci://ghcr.io/prometheus-community/charts/prometheus-operator-crds
-    version: 16.0.1
+    version: 16.0.0
  - name: cilium
    namespace: kube-system
    chart: cilium/cilium
--- a/kubernetes/flux/repositories/helm/kustomization.yaml
+++ b/kubernetes/flux/repositories/helm/kustomization.yaml
@ -29,7 +29,6 @@ resources:
  - kubernetes-sigs-metrics-server.yaml
  - kubernetes-sigs-nfd.yaml
  - kyverno.yaml
-  - mariadb.yaml
  - nvidia.yaml
  - openebs.yaml
  - piraeus.yaml
--- a/kubernetes/flux/repositories/helm/mariadb.yaml
+++ b/kubernetes/flux/repositories/helm/mariadb.yaml
@ -1,10 +0,0 @@
---
-# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrepository-source-v1.json
-apiVersion: source.toolkit.fluxcd.io/v1
-kind: HelmRepository
-metadata:
-  name: mariadb-operator
-  namespace: flux-system
-spec:
-  interval: 1h
-  url: https://mariadb-operator.github.io/mariadb-operator
--- a/kubernetes/flux/repositories/oci/grafana.yaml
+++ b/kubernetes/flux/repositories/oci/grafana.yaml
@ -12,4 +12,4 @@ spec:
    operation: copy
  url: oci://ghcr.io/grafana/helm-charts/grafana
  ref:
-    tag: 8.6.3
+    tag: 8.6.0