chore(deps): update helm release external-secrets to v1.1.1 (#62 )

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Use 100gi for clickhouse
2025-12-06 07:16:19 +00:00 · 2025-12-05 17:56:45 +00:00 · 2025-11-23 23:54:08 +01:00 · 2025-11-23 23:46:17 +01:00 · 2025-11-23 18:34:59 +01:00 · 2025-11-21 18:37:07 +00:00
19 changed files with 605 additions and 8 deletions
--- a/apps/authentik.yaml
+++ b/apps/authentik.yaml
@@ -17,7 +17,7 @@ spec:
  source:
    repoURL: https://charts.goauthentik.io
    chart: authentik
-    targetRevision: 2025.10.0
+    targetRevision: 2025.10.2
    helm:
      valuesObject:
        authentik:
--- a/apps/clickhouse-operator.yaml
+++ b/apps/clickhouse-operator.yaml
@@ -7,7 +7,8 @@ spec:
  project: default
  destination:
    server: https://kubernetes.default.svc
-    namespace: clickhouse-operator
+    # i don't wanna deal with making this cluster scoped
+    namespace: otel
  syncPolicy:
    automated:
      prune: true
@@ -21,4 +22,6 @@ spec:
    chart: altinity-clickhouse-operator
    targetRevision: 0.25.5
    helm:
-      valuesObject: {}
+      valuesObject:
+        rbac:
+          namespaceScoped: true
--- a/apps/external-secrets.yaml
+++ b/apps/external-secrets.yaml
@@ -19,7 +19,7 @@ spec:
  source:
    repoURL: https://charts.external-secrets.io
    chart: external-secrets
-    targetRevision: 0.20.4
+    targetRevision: 1.1.1
    helm:
      valuesObject:
        bitwarden-sdk-server:
--- a/apps/grafana-operator.yaml
+++ b/apps/grafana-operator.yaml
@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: grafana-operator
+  namespace: argocd
+spec:
+  project: default
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: grafana
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true
+  source:
+    repoURL: ghcr.io/grafana/helm-charts
+    chart: grafana-operator
+    targetRevision: v5.20.0
+    helm:
+      valuesObject: {}
--- a/apps/immich/kustomization.yaml
+++ b/apps/immich/kustomization.yaml
@@ -6,7 +6,7 @@ helmCharts:
    name: immich
    releaseName: immich
    namespace: immich
-    version: 0.10.1
+    version: 0.10.3
    valuesFile: values.yaml

 resources:
--- a/apps/immich/values.yaml
+++ b/apps/immich/values.yaml
@@ -39,7 +39,7 @@ controllers:
      main:
        image:
          # renovate: datasource=github-releases depName=immich-app/immich
-          tag: "v2.2.1"
+          tag: "v2.3.1"
        env:
          DB_URL: postgres://immich@postgres-cluster-rw.postgres/immich?sslcert=/pg/tls.crt&sslkey=/pg/tls.key&sslrootcert=/pg/ca.crt
          IMMICH_CONFIG_FILE: /config/config.yaml
--- a/apps/kyoo-v5.yaml
+++ b/apps/kyoo-v5.yaml
@@ -0,0 +1,114 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: kyoo-v5
+  namespace: argocd
+spec:
+  project: default
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: kyoo-next
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+  source:
+    repoURL: https://github.com/zoriya/Kyoo
+    path: chart
+    targetRevision: master
+    # repoURL: ghcr.io/zoriya/helm-charts
+    # chart: kyoo
+    # targetRevision: edge
+    helm:
+      valuesObject:
+        global:
+          image:
+            tag: edge
+            imagePullPolicy: Always
+          postgres:
+            shared:
+              host: kyoo-v5-postgres
+          extraEnv:
+            - name: OTEL_EXPORTER_OTLP_ENDPOINT
+              value: "http://otel-collector.otel.svc:4317"
+            - name: OTEL_EXPORTER_OTLP_PROTOCOL
+              value: "grpc"
+        postgres:
+          enabled: true
+          persistence:
+            size: 16Gi
+        kyoo:
+          address: https://beta.sdg.moe
+          transcoderAcceleration: nvidia
+          auth:
+            apikeys:
+              extra:
+                - name: admin
+                  existingSecret: admin-apikey
+                  apikeyKey: uuid
+                  claims: '{"permissions": ["users.read", "users.write", "apikeys.read", "apikeys.write", "users.delete", "core.read", "core.write", "core.play", "scanner.trigger"], "verified": true}'
+        transcoder:
+          runtimeClass: nvidia
+        ingress:
+          enabled: true
+          host: beta.sdg.moe
+          ingressClassName: cilium
+          annotations:
+            cert-manager.io/cluster-issuer: letsencrypt
+            acme.cert-manager.io/http01-edit-in-place: "true"
+          tls: true
+          tlsSecret: kyoo-tls
+        extraObjects:
+          - apiVersion: v1
+            kind: Secret
+            metadata:
+              name: bigsecret
+            type: Opaque
+            stringData:
+              postgres_user: kyoo_all
+              postgres_password: watchSomething4me
+              scanner_apikey: scanner-triquarter4u
+
+          - apiVersion: v1
+            kind: PersistentVolume
+            metadata:
+              name: kyoo-v5-medias
+            spec:
+              accessModes:
+                - ReadWriteOnce
+              capacity:
+                storage: 200Ti
+              csi:
+                driver: zfs.csi.openebs.io
+                fsType: zfs
+                volumeAttributes:
+                  openebs.io/poolname: ocean
+                volumeHandle: "medias"
+              persistentVolumeReclaimPolicy: Retain
+          - apiVersion: v1
+            kind: PersistentVolumeClaim
+            metadata:
+              name: media
+            spec:
+              storageClassName: ""
+              volumeName: kyoo-v5-medias
+              accessModes:
+                - ReadWriteOnce
+              resources:
+                requests:
+                  storage: 200Ti
+
+          - apiVersion: external-secrets.io/v1
+            kind: ExternalSecret
+            metadata:
+              name: admin-apikey
+            spec:
+              refreshPolicy: CreatedOnce
+              dataFrom:
+                - sourceRef:
+                    generatorRef:
+                      apiVersion: generators.external-secrets.io/v1alpha1
+                      kind: ClusterGenerator
+                      name: uuid
--- a/apps/openebs/kustomization.yaml
+++ b/apps/openebs/kustomization.yaml
@@ -6,7 +6,7 @@ helmCharts:
  name: openebs
  namespace: openebs
  releaseName: openebs
-  version: 4.3.3
+  version: 4.4.0
  valuesFile: values.yaml

 resources:
--- a/apps/otel-operator.yaml
+++ b/apps/otel-operator.yaml
@@ -0,0 +1,31 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: otel-operator
+  namespace: argocd
+spec:
+  project: default
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: otel-operator
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+  source:
+    repoURL: https://open-telemetry.github.io/opentelemetry-helm-charts
+    chart: opentelemetry-operator
+    targetRevision: 0.99.2
+    helm:
+      valuesObject:
+        # optional and not used anymore
+        kubeRBACProxy:
+            enabled: false
+        manager:
+          collectorImage:
+            repository: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib
+        admissionWebhooks:
+          certManager:
+            enabled: true
--- a/apps/otel.yaml
+++ b/apps/otel.yaml
@@ -0,0 +1,20 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: otel
+  namespace: argocd
+spec:
+  project: default
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: otel
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: false
+    syncOptions:
+      - CreateNamespace=true
+  source:
+    repoURL: https://github.com/zoriya/snow
+    targetRevision: HEAD
+    path: apps/otel
--- a/apps/otel/clickhouse-datasource.yaml
+++ b/apps/otel/clickhouse-datasource.yaml
@@ -0,0 +1,40 @@
+apiVersion: grafana.integreatly.org/v1beta1
+kind: GrafanaDatasource
+metadata:
+  name: clickhouse
+spec:
+  valuesFrom:
+  - targetPath: "secureJsonData.password"
+    valueFrom:
+      secretKeyRef:
+        name: clickhouse-passwords
+        key: grafana
+  datasource:
+    name: clickhouse
+    access: proxy
+    isDefault: true
+    type: grafana-clickhouse-datasource
+    jsonData:
+      host: clickhouse-otel-cluster.otel.svc.cluster.local
+      port: 9000
+      username: grafana
+      defaultDatabase: otel
+      protocol: native
+      logs:
+        defaultDatabase: otel
+        defaultTable: otel_logs
+        otelEnabled: true
+        otelVersion: latest
+      traces:
+        defaultDatabase: otel
+        defaultTable: otel_traces
+        otelEnabled: true
+        otelVersion: latest
+    secureJsonData:
+      password: ${grafana}
+  instanceSelector:
+    matchLabels:
+      dashboards: grafana
+  plugins:
+    - name: grafana-clickhouse-datasource
+      version: 4.11.2
--- a/apps/otel/grafana-oidc.yaml
+++ b/apps/otel/grafana-oidc.yaml
@@ -0,0 +1,12 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: grafana-oidc
+spec:
+  refreshInterval: 24h
+  secretStoreRef:
+    name: bitwarden
+    kind: ClusterSecretStore
+  dataFrom:
+  - extract:
+      key: grafana-sso
--- a/apps/otel/grafana.yaml
+++ b/apps/otel/grafana.yaml
@@ -0,0 +1,86 @@
+apiVersion: grafana.integreatly.org/v1beta1
+kind: Grafana
+metadata:
+  name: grafana
+  labels:
+    dashboards: "grafana"
+spec:
+  config:
+    log:
+      mode: "console"
+    auth:
+      disable_login_form: "false"
+      signout_redirect_url: "https://authentik.sdg.moe/application/o/grafana/end-session/"
+      oauth_auto_login: "true"
+    server:
+      root_url: https://grafana.sdg.moe
+    auth.generic_oauth:
+      name: authentik
+      enabled: "true"
+      allow_sign_up: "true"
+      client_id: ${AUTH_CLIENT_ID}
+      client_secret: ${AUTH_CLIENT_SECRET}
+      scopes: "openid profile email"
+      auth_url: "https://authentik.sdg.moe/application/o/authorize/"
+      token_url: "https://authentik.sdg.moe/application/o/token/"
+      api_url: "https://authentik.sdg.moe/application/o/userinfo/"
+      role_attribute_path: contains(groups, 'admins') && 'Admin' || 'Editor'
+      allow_assign_grafana_admin: "true"
+
+  persistentVolumeClaim:
+    spec:
+      accessModes:
+        - ReadWriteOnce
+      resources:
+        requests:
+          storage: 10Gi
+  deployment:
+    spec:
+      template:
+        spec:
+          securityContext:
+            fsGroup: 10001
+          containers:
+            - name: grafana
+              env:
+                - name: AUTH_CLIENT_ID
+                  valueFrom:
+                    secretKeyRef:
+                      name: grafana-oidc
+                      key: clientId
+                - name: AUTH_CLIENT_SECRET
+                  valueFrom:
+                    secretKeyRef:
+                      name: grafana-oidc
+                      key: clientSecret
+              readinessProbe:
+                failureThreshold: 3
+          volumes:
+            - name: grafana-data
+              persistentVolumeClaim:
+                claimName: grafana-pvc
+      strategy:
+        type: Recreate
+
+  ingress:
+    metadata:
+      annotations:
+        cert-manager.io/cluster-issuer: letsencrypt
+        acme.cert-manager.io/http01-edit-in-place: "true"
+    spec:
+      ingressClassName: cilium
+      rules:
+        - host: grafana.sdg.moe
+          http:
+            paths:
+              - path: /
+                pathType: Prefix
+                backend:
+                  service:
+                    name: grafana-service
+                    port:
+                      number: 3000
+      tls:
+        - hosts:
+            - grafana.sdg.moe
+          secretName: grafana-ssl
--- a/apps/otel/otel-basicauth.yaml
+++ b/apps/otel/otel-basicauth.yaml
@@ -0,0 +1,12 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: otel-basicauth
+spec:
+  refreshInterval: 24h
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: bitwarden
+  dataFrom:
+    - extract:
+        key: otel-basicauth
--- a/apps/otel/otel-clickhouse.yaml
+++ b/apps/otel/otel-clickhouse.yaml
@@ -0,0 +1,97 @@
+apiVersion: clickhouse.altinity.com/v1
+kind: ClickHouseInstallation
+metadata:
+  name: otel-cluster
+spec:
+  configuration:
+    settings:
+      logger/size: "500M"
+      logger/count: 1
+    clusters:
+      - name: otel-cluster
+        layout:
+          shardsCount: 1
+          replicasCount: 1
+        templates:
+          podTemplate: clickhouse-pod-template
+    users:
+      collector/password:
+        valueFrom:
+          secretKeyRef:
+            name: clickhouse-passwords
+            key: collector
+      collector/networks/ip: "::/0"
+      collector/grants/query:
+        - GRANT SELECT, INSERT, UPDATE, DROP, DELETE, ALTER, CREATE ON otel.*
+        - GRANT CREATE DATABASE ON *.*
+      grafana/password:
+        valueFrom:
+          secretKeyRef:
+            name: clickhouse-passwords
+            key: grafana
+      grafana/networks/ip: "::/0"
+      grafana/grants/query:
+        - GRANT SELECT ON otel.*
+  defaults:
+    templates:
+      podTemplate: pod-template
+      dataVolumeClaimTemplate: data-volume-template
+      logVolumeClaimTemplate: log-volume-template
+  templates:
+    podTemplates:
+      - name: pod-template
+        spec:
+          containers:
+            - name: clickhouse
+              image: clickhouse/clickhouse-server:latest
+              env:
+                - name: CLICKHOUSE_ALWAYS_RUN_INITDB_SCRIPTS
+                  value: "true"
+              volumeMounts:
+                - name: bootstrap-configmap-volume
+                  mountPath: /docker-entrypoint-initdb.d
+          volumes:
+            - name: bootstrap-configmap-volume
+              configMap:
+                name: bootstrap-mounted-configmap
+    volumeClaimTemplates:
+      - name: data-volume-template
+        spec:
+          accessModes:
+            - ReadWriteOnce
+          resources:
+            requests:
+              storage: 100Gi
+      - name: log-volume-template
+        spec:
+          accessModes:
+            - ReadWriteOnce
+          resources:
+            requests:
+              storage: 1Gi
+---
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: clickhouse-passwords
+spec:
+  refreshPolicy: CreatedOnce
+  dataFrom:
+    - sourceRef:
+        generatorRef:
+          apiVersion: generators.external-secrets.io/v1alpha1
+          kind: ClusterGenerator
+          name: uuid
+      rewrite:
+        - regexp:
+            source: uuid
+            target: collector
+    - sourceRef:
+        generatorRef:
+          apiVersion: generators.external-secrets.io/v1alpha1
+          kind: ClusterGenerator
+          name: uuid
+      rewrite:
+        - regexp:
+            source: uuid
+            target: grafana
--- a/apps/otel/otel-ingress.yaml
+++ b/apps/otel/otel-ingress.yaml
@@ -0,0 +1,24 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-otel
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt
+    acme.cert-manager.io/http01-edit-in-place: "true"
+spec:
+  ingressClassName: cilium
+  rules:
+    - host: otel.sdg.moe
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: otel-collector
+                port:
+                  name: otlp-http
+  tls:
+    - hosts:
+        - otel.sdg.moe
+      secretName: otel-ssl
--- a/apps/otel/otel-rbac.yaml
+++ b/apps/otel/otel-rbac.yaml
@@ -0,0 +1,24 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: otel-collector
+rules:
+  - apiGroups: [""]
+    resources: ["pods", "namespaces", "nodes"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["apps"]
+    resources: ["deployments", "statefulsets", "daemonsets", "replicasets"]
+    verbs: ["get", "list", "watch"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: otel-collector
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: otel-collector
+subjects:
+  - kind: ServiceAccount
+    name: otel-collector
+    namespace: otel
--- a/apps/otel/otel.yaml
+++ b/apps/otel/otel.yaml
@@ -0,0 +1,111 @@
+apiVersion: opentelemetry.io/v1beta1
+kind: OpenTelemetryCollector
+metadata:
+  name: otel
+spec:
+  mode: daemonset
+  env:
+    - name: CLICKHOUSE_PASSWORD
+      valueFrom:
+        secretKeyRef:
+          name: clickhouse-passwords
+          key: collector
+
+  volumes:
+    - name: htpasswd
+      secret:
+        secretName: otel-basicauth
+        items:
+          - key: .htpasswd
+            path: .htpasswd
+  volumeMounts:
+    - name: htpasswd
+      mountPath: .htpasswd
+      subPath: .htpasswd
+
+  config:
+    receivers:
+      # hostmetrics:
+      #   scrapers:
+      #     cpu:
+      #     disk:
+      #     filesystem:
+      #     load:
+      #     memory:
+      #     network:
+      #     process:
+      #     processes:
+      #     paging:
+      otlp:
+        protocols:
+          grpc:
+            endpoint: 0.0.0.0:4317
+          http:
+            endpoint: 0.0.0.0:4318
+            auth:
+              authenticator: basicauth
+
+    processors:
+      memory_limiter:
+        check_interval: 5s
+        limit_mib: 4000
+        spike_limit_mib: 500
+      batch:
+        send_batch_size: 2000
+        send_batch_max_size: 2000
+        timeout: 5s
+      k8sattributes:
+        extract:
+          metadata:
+            - k8s.namespace.name
+            - k8s.pod.name
+            - k8s.pod.start_time
+            - k8s.pod.uid
+            - k8s.deployment.name
+            - k8s.node.name
+
+    exporters:
+      debug:
+        verbosity: detailed
+      clickhouse:
+        endpoint: tcp://clickhouse-otel-cluster.otel.svc.cluster.local:9000?dial_timeout=10s&compress=lz4&async_insert=1
+        username: collector
+        password: ${env:CLICKHOUSE_PASSWORD}
+        ttl: 168h # a week
+        create_schema: true
+        timeout: 5s
+        database: otel
+        sending_queue:
+          queue_size: 1000
+        retry_on_failure:
+          enabled: true
+          initial_interval: 5s
+          max_interval: 30s
+          max_elapsed_time: 300s
+
+    extensions:
+      health_check:
+        endpoint: 0.0.0.0:13133
+      pprof:
+        endpoint: 0.0.0.0:1777
+      zpages:
+        endpoint: 0.0.0.0:55679
+      basicauth:
+        htpasswd:
+          file: .htpasswd
+
+    service:
+      extensions: [basicauth, health_check, pprof, zpages]
+      pipelines:
+        traces:
+          receivers: [otlp]
+          processors: [k8sattributes, memory_limiter, batch]
+          exporters: [clickhouse]
+        metrics:
+          receivers: [otlp] #[otlp, hostmetrics]
+          processors: [k8sattributes, memory_limiter, batch]
+          exporters: [debug, clickhouse]
+        logs:
+          receivers: [otlp]
+          processors: [k8sattributes, memory_limiter, batch]
+          exporters: [clickhouse]
--- a/apps/telepresence.yaml
+++ b/apps/telepresence.yaml
@@ -17,7 +17,7 @@ spec:
  source:
    repoURL: ghcr.io/telepresenceio
    chart: telepresence-oss
-    targetRevision: 2.25.0
+    targetRevision: 2.25.1
    helm:
      releaseName: traffic-manager
      valuesObject: {}
Author	SHA1	Message	Date
renovate[bot]	4ebd8118a0	chore(deps): update helm release external-secrets to v1.1.1 (#62 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-12-05 17:56:45 +00:00
Zoe Roux	69ed9b69bf	Use 100gi for clickhouse	2025-11-23 23:54:08 +01:00
Zoe Roux	a8174e4c9d	Fix clickhouse logs quota	2025-11-23 23:46:17 +01:00
Zoe Roux	1aad534340	Set kyoo v5 postgres size to 10gi	2025-11-23 18:34:59 +01:00
renovate[bot]	bc29912051	chore(deps): update helm release openebs to v4.4.0 (#61 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-21 18:37:07 +00:00
renovate[bot]	7e92eb7893	chore(deps): update helm release external-secrets to v1.1.0 (#60 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-21 18:36:56 +00:00
renovate[bot]	4feb939aac	chore(deps): update helm release opentelemetry-operator to v0.99.2 (#59 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-20 17:43:53 +00:00
renovate[bot]	6afad81bf9	chore(deps): update dependency immich-app/immich to v2.3.1 (#58 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-20 06:02:15 +00:00
renovate[bot]	5955796c41	chore(deps): update dependency immich-app/immich to v2.3.0 (#57 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-20 00:38:37 +00:00
Zoe Roux	dc41e670a9	Add kyoo admin apikey for personal use	2025-11-19 23:32:22 +01:00
Zoe Roux	c8144fd3b2	Add k8sattributes	2025-11-19 20:02:49 +01:00
Zoe Roux	4300527cf3	Enable otel for kyoo v5	2025-11-19 17:33:57 +01:00
renovate[bot]	0e57e8e3a8	chore(deps): update helm release authentik to v2025.10.2 (#56 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-19 16:30:13 +00:00
acelinkio	f0b51f8930	point to kyoo github chart & postgres shared (#55 )	2025-11-19 10:20:54 +01:00
renovate[bot]	a7b9671810	chore(deps): update helm release opentelemetry-operator to v0.99.1 (#54 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-18 03:09:42 +00:00
renovate[bot]	693e9ba6e5	chore(deps): update immich docker tag to v0.10.3 (#53 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-14 22:52:30 +00:00
Zoe Roux	3c8904b74a	Add basicauth to otel	2025-11-14 23:47:15 +01:00
Zoe Roux	8488467ca7	Configure otel tables for grafana	2025-11-14 17:59:05 +01:00
Zoe Roux	1235a58128	Add http and grpc ingress for otel	2025-11-14 17:33:54 +01:00
Zoe Roux	f6d1d3551c	Fix grafana datasource	2025-11-13 10:13:37 +01:00
Zoe Roux	d3c36d03bf	Try to fix grafana roles	2025-11-12 17:15:35 +01:00
renovate[bot]	c13e3b6cab	chore(deps): update ghcr.io/telepresenceio/telepresence-oss docker tag to v2.25.1 (#52 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-11 01:43:02 +00:00
Zoe Roux	f65d9c9570	Move grafana to otel ns	2025-11-11 00:49:03 +01:00
Zoe Roux	c9ee8eb1cd	Add clickhouse datasource to grafana	2025-11-10 23:53:49 +01:00
Zoe Roux	d40c9b2d2e	Add kyoo v5	2025-11-10 20:05:27 +01:00
Zoe Roux	a11c7ea3b8	Add grafana	2025-11-10 18:37:07 +01:00
Zoe Roux	38a8286b50	Add grafana operator	2025-11-10 17:38:31 +01:00
renovate[bot]	44e7809853	chore(deps): update immich docker tag to v0.10.2 (#51 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-10 13:56:35 +00:00
Zoe Roux	c49a4828e4	Add clickhouse users	2025-11-10 12:55:56 +01:00
Zoe Roux	8eb58e9a16	Add clickhouse exporter	2025-11-10 11:07:12 +01:00
Zoe Roux	73fda509ba	Add otel ingress	2025-11-10 10:40:41 +01:00
Zoe Roux	b83679353a	Disable hostmetrics for now	2025-11-10 10:25:24 +01:00
renovate[bot]	a5f4e9f4e2	chore(deps): update helm release external-secrets to v1 (#50 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-07 15:58:47 +01:00
renovate[bot]	a10b23c4a7	chore(deps): update helm release opentelemetry-operator to v0.99.0 (#49 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-05 18:02:46 +00:00
renovate[bot]	c31aad3e13	chore(deps): update dependency immich-app/immich to v2.2.3 (#48 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-05 18:02:36 +00:00
Zoe Roux	383b195a03	Add otel collector	2025-11-05 18:14:31 +01:00
Zoe Roux	918688e675	Create otel operator	2025-11-05 17:32:20 +01:00
Zoe Roux	7e371a5117	Add clickhouse	2025-11-05 17:22:48 +01:00
renovate[bot]	200d077125	chore(deps): update helm release authentik to v2025.10.1 (#47 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-03 18:57:25 +00:00
renovate[bot]	2c941e9216	chore(deps): update dependency immich-app/immich to v2.2.2 (#46 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-03 18:57:14 +00:00