From d60bf807aaca85b95b4fb1ab10838ea649ef924b Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sat, 28 Dec 2024 20:47:13 -0500 Subject: [PATCH 1/8] fix(workflows): do not error on helm repository not found Signed-off-by: Devin Buhl --- .github/workflows/helm-repository-sync.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/helm-repository-sync.yaml b/.github/workflows/helm-repository-sync.yaml index d32ec49e5807d..3c23d1211478e 100644 --- a/.github/workflows/helm-repository-sync.yaml +++ b/.github/workflows/helm-repository-sync.yaml @@ -63,7 +63,7 @@ jobs: for r in "${repos[@]}"; do IFS=':' read -r repo_namespace repo_name <<< "${r}" flux --namespace ${repo_namespace} \ - reconcile source helm ${repo_name} + reconcile source helm ${repo_name} || true done - if: ${{ github.event.inputs.helmRepoNamespace != '' && github.event.inputs.helmRepoName != '' }} @@ -71,4 +71,4 @@ jobs: shell: bash run: | flux --namespace ${{ github.event.inputs.helmRepoNamespace }} \ - reconcile source helm ${{ github.event.inputs.helmRepoName }} + reconcile source helm ${{ github.event.inputs.helmRepoName }} || true From 7107156643538a190b45c0b5b4c9dc6017ba2ca8 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sat, 28 Dec 2024 21:09:30 -0500 Subject: [PATCH 2/8] chore: update readme Signed-off-by: Devin Buhl --- README.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index f72bc14f3ad8f..b63f2e095625d 100644 --- a/README.md +++ b/README.md @@ -162,7 +162,13 @@ In my cluster there are two instances of [ExternalDNS](https://github.com/kubern
-[![Star History Chart](https://api.star-history.com/svg?repos=onedr0p/home-ops&type=Date)](https://star-history.com/#onedr0p/home-ops&Date) + + + + + Star History Chart + +
From 3b2f4cd811785180c1d26920eaf2d7db92b6578a Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sat, 28 Dec 2024 21:39:17 -0500 Subject: [PATCH 3/8] fix(talos): disable kexec reboot due to iGPU issues Signed-off-by: Devin Buhl --- kubernetes/main/talos/192.168.42.10.sops.yaml.j2 | 3 ++- kubernetes/main/talos/192.168.42.11.sops.yaml.j2 | 3 ++- kubernetes/main/talos/192.168.42.12.sops.yaml.j2 | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 index 1445c8a9295b3..f2550eba1d35f 100644 --- a/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 @@ -37,7 +37,7 @@ machine: diskSelector: model: Samsung SSD 870 extraKernelArgs: - - i915.enable_guc=3 # Meteor Lake CPU + - i915.enable_guc=3 # Meteor Lake CPU / iGPU - apparmor=0 # Less security, faster puter - init_on_alloc=0 # Less security, faster puter - init_on_free=0 # Less security, faster puter @@ -71,6 +71,7 @@ machine: sysctls: fs.inotify.max_user_watches: 1048576 # Watchdog fs.inotify.max_user_instances: 8192 # Watchdog + kernel.kexec_load_disabled: 1 # Meteor Lake CPU / iGPU net.core.default_qdisc: fq # 10Gb/s net.core.rmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC net.core.wmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC diff --git a/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 index a1d5911c64f82..f3cf1ea39e301 100644 --- a/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 @@ -37,7 +37,7 @@ machine: diskSelector: model: Samsung SSD 870 extraKernelArgs: - - i915.enable_guc=3 # Meteor Lake CPU + - i915.enable_guc=3 # Meteor Lake CPU / iGPU - apparmor=0 # Less security, faster puter - init_on_alloc=0 # Less security, faster puter - init_on_free=0 # Less security, faster puter @@ -71,6 +71,7 @@ machine: sysctls: fs.inotify.max_user_watches: 1048576 # Watchdog fs.inotify.max_user_instances: 8192 # Watchdog + kernel.kexec_load_disabled: 1 # Meteor Lake CPU / iGPU net.core.default_qdisc: fq # 10Gb/s net.core.rmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC net.core.wmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC diff --git a/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 index 6738b65d77b56..0391d29438b38 100644 --- a/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 @@ -37,7 +37,7 @@ machine: diskSelector: model: Samsung SSD 870 extraKernelArgs: - - i915.enable_guc=3 # Meteor Lake CPU + - i915.enable_guc=3 # Meteor Lake CPU / iGPU - apparmor=0 # Less security, faster puter - init_on_alloc=0 # Less security, faster puter - init_on_free=0 # Less security, faster puter @@ -71,6 +71,7 @@ machine: sysctls: fs.inotify.max_user_watches: 1048576 # Watchdog fs.inotify.max_user_instances: 8192 # Watchdog + kernel.kexec_load_disabled: 1 # Meteor Lake CPU / iGPU net.core.default_qdisc: fq # 10Gb/s net.core.rmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC net.core.wmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC From f649ce5b8f3bbaf8a923fb89479c2f028b81c816 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sat, 28 Dec 2024 22:47:58 -0500 Subject: [PATCH 4/8] fix: flux diff workflow should only run on flux changes --- .github/workflows/flux-diff.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index 519b71664013b..172c86e71560e 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -5,7 +5,9 @@ name: "Flux Diff" on: pull_request: branches: ["main"] - paths: ["kubernetes/**"] + paths: + - kubernetes/main/apps/** + - kubernetes/main/flux/** concurrency: group: ${{ github.workflow }}-${{ github.event.number || github.ref }} From 01ab8a10fa530e2c668dfec774a0c7ca324a5f08 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sat, 28 Dec 2024 22:48:34 -0500 Subject: [PATCH 5/8] and shared too --- .github/workflows/flux-diff.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index 172c86e71560e..8d504a573cc9c 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -8,6 +8,7 @@ on: paths: - kubernetes/main/apps/** - kubernetes/main/flux/** + - kubernetes/shared/** concurrency: group: ${{ github.workflow }}-${{ github.event.number || github.ref }} From ff8940b11d211812937fb3f67a6580d997e7d43a Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sat, 28 Dec 2024 22:50:15 -0500 Subject: [PATCH 6/8] fix: pre pull image workflow should only run on certain changes --- .github/workflows/pre-pull-images.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pre-pull-images.yaml b/.github/workflows/pre-pull-images.yaml index ddcdd49bcce7d..c89f2a851ee26 100644 --- a/.github/workflows/pre-pull-images.yaml +++ b/.github/workflows/pre-pull-images.yaml @@ -5,7 +5,10 @@ name: "Pre-pull Images" on: pull_request: branches: ["main"] - paths: ["kubernetes/**"] + paths: + - kubernetes/main/apps/** + - kubernetes/main/flux/** + - kubernetes/shared/** concurrency: group: ${{ github.workflow }}-${{ github.event.number || github.ref }} From 50183b326426311a6165d39a4bcc2830926dcf91 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sat, 28 Dec 2024 22:53:31 -0500 Subject: [PATCH 7/8] fix(talos): disable kexec via kernel (#8568) --- .../main/talos/192.168.42.10.sops.yaml.j2 | 20 +++++++++---------- .../main/talos/192.168.42.11.sops.yaml.j2 | 20 +++++++++---------- .../main/talos/192.168.42.12.sops.yaml.j2 | 20 +++++++++---------- 3 files changed, 30 insertions(+), 30 deletions(-) diff --git a/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 index f2550eba1d35f..6fece96b00695 100644 --- a/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 @@ -37,15 +37,16 @@ machine: diskSelector: model: Samsung SSD 870 extraKernelArgs: - - i915.enable_guc=3 # Meteor Lake CPU / iGPU - - apparmor=0 # Less security, faster puter - - init_on_alloc=0 # Less security, faster puter - - init_on_free=0 # Less security, faster puter - - intel_iommu=on # PCI Passthrough - - iommu=pt # PCI Passthrough - - mitigations=off # Less security, faster puter - - module_blacklist=igc # Disable onboard NIC - - security=none # Less security, faster puter + - i915.enable_guc=3 # Meteor Lake CPU / iGPU + - apparmor=0 # Less security, faster puter + - init_on_alloc=0 # Less security, faster puter + - init_on_free=0 # Less security, faster puter + - intel_iommu=on # PCI Passthrough + - iommu=pt # PCI Passthrough + - mitigations=off # Less security, faster puter + - module_blacklist=igc # Disable onboard NIC + - security=none # Less security, faster puter + - sysctl.kernel.kexec_load_disabled=1 # Meteor Lake CPU / iGPU # i915-ucode, intel-ucode, mei, thunderbolt image: factory.talos.dev/installer/de3b865124c5616da8084826167f8c0b0fbc9b905b146290db797024e84097fc:{{ ENV.TALOS_VERSION }} wipe: false @@ -71,7 +72,6 @@ machine: sysctls: fs.inotify.max_user_watches: 1048576 # Watchdog fs.inotify.max_user_instances: 8192 # Watchdog - kernel.kexec_load_disabled: 1 # Meteor Lake CPU / iGPU net.core.default_qdisc: fq # 10Gb/s net.core.rmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC net.core.wmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC diff --git a/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 index f3cf1ea39e301..2f8e122261ac8 100644 --- a/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 @@ -37,15 +37,16 @@ machine: diskSelector: model: Samsung SSD 870 extraKernelArgs: - - i915.enable_guc=3 # Meteor Lake CPU / iGPU - - apparmor=0 # Less security, faster puter - - init_on_alloc=0 # Less security, faster puter - - init_on_free=0 # Less security, faster puter - - intel_iommu=on # PCI Passthrough - - iommu=pt # PCI Passthrough - - mitigations=off # Less security, faster puter - - module_blacklist=igc # Disable onboard NIC - - security=none # Less security, faster puter + - i915.enable_guc=3 # Meteor Lake CPU / iGPU + - apparmor=0 # Less security, faster puter + - init_on_alloc=0 # Less security, faster puter + - init_on_free=0 # Less security, faster puter + - intel_iommu=on # PCI Passthrough + - iommu=pt # PCI Passthrough + - mitigations=off # Less security, faster puter + - module_blacklist=igc # Disable onboard NIC + - security=none # Less security, faster puter + - sysctl.kernel.kexec_load_disabled=1 # Meteor Lake CPU / iGPU # i915-ucode, intel-ucode, mei, thunderbolt image: factory.talos.dev/installer/de3b865124c5616da8084826167f8c0b0fbc9b905b146290db797024e84097fc:{{ ENV.TALOS_VERSION }} wipe: false @@ -71,7 +72,6 @@ machine: sysctls: fs.inotify.max_user_watches: 1048576 # Watchdog fs.inotify.max_user_instances: 8192 # Watchdog - kernel.kexec_load_disabled: 1 # Meteor Lake CPU / iGPU net.core.default_qdisc: fq # 10Gb/s net.core.rmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC net.core.wmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC diff --git a/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 index 0391d29438b38..3f6ecda88ae5f 100644 --- a/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 @@ -37,15 +37,16 @@ machine: diskSelector: model: Samsung SSD 870 extraKernelArgs: - - i915.enable_guc=3 # Meteor Lake CPU / iGPU - - apparmor=0 # Less security, faster puter - - init_on_alloc=0 # Less security, faster puter - - init_on_free=0 # Less security, faster puter - - intel_iommu=on # PCI Passthrough - - iommu=pt # PCI Passthrough - - mitigations=off # Less security, faster puter - - module_blacklist=igc # Disable onboard NIC - - security=none # Less security, faster puter + - i915.enable_guc=3 # Meteor Lake CPU / iGPU + - apparmor=0 # Less security, faster puter + - init_on_alloc=0 # Less security, faster puter + - init_on_free=0 # Less security, faster puter + - intel_iommu=on # PCI Passthrough + - iommu=pt # PCI Passthrough + - mitigations=off # Less security, faster puter + - module_blacklist=igc # Disable onboard NIC + - security=none # Less security, faster puter + - sysctl.kernel.kexec_load_disabled=1 # Meteor Lake CPU / iGPU # i915-ucode, intel-ucode, mei, thunderbolt image: factory.talos.dev/installer/de3b865124c5616da8084826167f8c0b0fbc9b905b146290db797024e84097fc:{{ ENV.TALOS_VERSION }} wipe: false @@ -71,7 +72,6 @@ machine: sysctls: fs.inotify.max_user_watches: 1048576 # Watchdog fs.inotify.max_user_instances: 8192 # Watchdog - kernel.kexec_load_disabled: 1 # Meteor Lake CPU / iGPU net.core.default_qdisc: fq # 10Gb/s net.core.rmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC net.core.wmem_max: 67108864 # 10Gb/s | Cloudflared / QUIC From fc1abdb5f91e8abcf39a248d4907df727cdaddcc Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Sat, 28 Dec 2024 23:13:45 -0500 Subject: [PATCH 8/8] =?UTF-8?q?feat(container):=20update=20ghcr.io/cross-s?= =?UTF-8?q?eed/cross-seed=20(=206.5.2=20=E2=86=92=206.6.0=20)=20(#8569)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml index 3499ed0d9cb38..578fd9c5a75c6 100644 --- a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/cross-seed/cross-seed - tag: 6.5.2@sha256:d0a9e80d026e37806960ac3551e97b7cf75ae16470dbbf1df217a7aec86cf9c5 + tag: 6.6.0@sha256:9c67a3dc12beb8c4699094fbc4cc2888ebd071712a99ff252dc28d5706fcee0a env: CROSS_SEED_PORT: &port 80 TZ: America/New_York