chore(deps): update helm release argo-cd to v9.4.6

chore(deps): update helm release kube-prometheus-stack to v82.4.3
chore(deps): update ghcr.io/siderolabs/discovery-service docker tag to v1.0.15
2026-03-01 21:00:31 +00:00 · 2026-02-27 19:00:32 +00:00 · 2026-02-27 11:00:50 +00:00 · 2026-02-27 10:00:35 +00:00 · 2026-02-26 20:00:31 +00:00 · 2026-02-26 09:00:25 +00:00
12 changed files with 48 additions and 10 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,37 @@
+# Main Infrastructure: weyma-talos
+
+**Production Kubernetes infrastructure with disaster recovery capabilities**
+
+This repository contains the foundational infrastructure for my Kubernetes homelab, designed with reliability and rapid recovery as core principles.
+
+## Architecture
+
+My infrastructure follows a layered "black start" approach - essential services run outside the Kubernetes cluster to enable cluster bootstrapping and recovery from total failures.
+
+### Black Start Layer
+Static services (Docker Compose on TrueNAS/Proxmox) that provide cluster dependencies:
+- Image cache for faster deployments and offline capability
+- Talos discovery server for node bootstrapping  
+- HashiCorp Vault for secrets management (external to cluster)
+- Future: Self-hosted Sidero Omni server (migrating from SaaS)
+
+### System Apps Layer
+Applications running within Kubernetes that provide core cluster functionality, managed via ArgoCD with GitOps principles.
+
+## Repository Structure
+
+- **`black-start/`** - Docker Compose services for cluster dependencies
+- **`config-patches/`** - Talos Linux configuration patches for cluster and individual machines
+- **`omni/`** - Sidero Omni [cluster template](https://docs.siderolabs.com/omni/reference/cluster-templates)
+- **`system-apps/`** - System applications (ArgoCD projects) - monitoring, ingress, certificates, storage
+
+## Tech Stack
+
+**OS:** Talos Linux | **Orchestration:** Kubernetes | **GitOps:** ArgoCD | **Secrets:** Vault | **Storage:** Rook-Ceph
+
+## Recovery Process
+
+The "black start" architecture enables ~15-20 minute automated recovery from complete infrastructure failure:
+1. Start black-start services → 2. Bootstrap Talos → 3. Deploy system apps → 4. Deploy core apps
+
+For application deployments, see [core-apps](https://git.dubyatp.xyz/core-apps).
--- a/black-start/services/talos-discovery/docker-compose.yaml
+++ b/black-start/services/talos-discovery/docker-compose.yaml
@@ -2,7 +2,7 @@ version: "3.8"
 services:
  discovery:
    restart: unless-stopped
-    image: ghcr.io/siderolabs/discovery-service:v1.0.13
+    image: ghcr.io/siderolabs/discovery-service:v1.0.15
    ports:
      - 10.105.6.215:3000:3000
      - 10.105.6.215:3001:3001
--- a/omni/weyma-talos.yaml
+++ b/omni/weyma-talos.yaml
@@ -52,6 +52,7 @@ patches:
            bind-address: 0.0.0.0
        proxy:
          extraArgs:
+            proxy-mode: ipvs
            metrics-bind-address: 0.0.0.0:10249
        scheduler:
          extraArgs:
--- a/system-apps/argocd/Chart.yaml
+++ b/system-apps/argocd/Chart.yaml
@@ -24,5 +24,5 @@ appVersion: "1.0"

 dependencies:
 - name: argo-cd
-  version: 9.4.1
+  version: 9.4.6
  repository: https://argoproj.github.io/argo-helm
--- a/system-apps/cert-manager/Chart.yaml
+++ b/system-apps/cert-manager/Chart.yaml
@@ -24,5 +24,5 @@ appVersion: "1.0"

 dependencies:
 - name: cert-manager
-  version: v1.19.3
+  version: v1.19.4
  repository: https://charts.jetstack.io
--- a/system-apps/external-secrets/chart/Chart.yaml
+++ b/system-apps/external-secrets/chart/Chart.yaml
@@ -24,5 +24,5 @@ appVersion: "1.0"

 dependencies:
 - name: external-secrets
-  version: 2.0.0
+  version: 2.0.1
  repository: https://charts.external-secrets.io
--- a/system-apps/kubernetes-replicator/Chart.yaml
+++ b/system-apps/kubernetes-replicator/Chart.yaml
@@ -24,5 +24,5 @@ appVersion: "1.0"

 dependencies:
 - name: kubernetes-replicator
-  version: 2.12.2
+  version: 2.12.3
  repository: https://helm.mittwald.de
--- a/system-apps/monitoring/Chart.yaml
+++ b/system-apps/monitoring/Chart.yaml
@@ -24,5 +24,5 @@ appVersion: "1.0"

 dependencies:
 - name: kube-prometheus-stack
-  version: 81.5.0
+  version: 82.4.3
  repository: https://prometheus-community.github.io/helm-charts
--- a/system-apps/rook-ceph/operator/Chart.yaml
+++ b/system-apps/rook-ceph/operator/Chart.yaml
@@ -24,5 +24,5 @@ appVersion: "1.0"

 dependencies:
 - name: rook-ceph
-  version: v1.19.1
+  version: v1.19.2
  repository: https://charts.rook.io/release
--- a/system-apps/traefik/Chart.yaml
+++ b/system-apps/traefik/Chart.yaml
@@ -24,5 +24,5 @@ appVersion: "1.0"

 dependencies:
 - name: traefik
-  version: 39.0.0
+  version: 39.0.2
  repository: https://traefik.github.io/charts
--- a/system-apps/traefik/values.yaml
+++ b/system-apps/traefik/values.yaml
@@ -37,7 +37,7 @@ traefik:
    kind: DaemonSet
    additionalContainers:
    - name: cloudflared
-      image: cloudflare/cloudflared:2026.1.2
+      image: cloudflare/cloudflared:2026.2.0
      command:
        - cloudflared
        - tunnel
--- a/system-apps/velero/Chart.yaml
+++ b/system-apps/velero/Chart.yaml
@@ -24,5 +24,5 @@ appVersion: "1.0"

 dependencies:
 - name: velero
-  version: 11.3.2
+  version: 11.4.0
  repository: https://vmware-tanzu.github.io/helm-charts
Author	SHA1	Message	Date
Renovate Bot	d36dd7735f	chore(deps): update helm release argo-cd to v9.4.6	2026-03-01 21:00:31 +00:00
Renovate Bot	1a0aeb0e64	chore(deps): update helm release kube-prometheus-stack to v82.4.3	2026-02-27 19:00:32 +00:00
Renovate Bot	e6e63b5b2c	chore(deps): update ghcr.io/siderolabs/discovery-service docker tag to v1.0.15	2026-02-27 11:00:50 +00:00
Renovate Bot	0fcb071122	chore(deps): update helm release kube-prometheus-stack to v82.4.2	2026-02-27 10:00:35 +00:00
Renovate Bot	e0f4fc71af	chore(deps): update helm release kube-prometheus-stack to v82.4.1	2026-02-26 20:00:31 +00:00
Renovate Bot	e747bbe519	chore(deps): update helm release argo-cd to v9.4.5	2026-02-26 09:00:25 +00:00
William Peebles	067c3cbc59	Merge pull request 'chore(deps): update helm release velero to v11.4.0' (#252 ) from renovate/velero-11.x into main Reviewed-on: #252	2026-02-26 02:07:55 +00:00
William Peebles	27fcdd6bac	Merge pull request 'chore(deps): update helm release kube-prometheus-stack to v82.4.0' (#253 ) from renovate/kube-prometheus-stack-82.x into main Reviewed-on: #253	2026-02-26 02:07:34 +00:00
Renovate Bot	67a7c32675	chore(deps): update helm release kube-prometheus-stack to v82.4.0	2026-02-25 08:00:57 +00:00
Renovate Bot	c352c07f7b	chore(deps): update helm release velero to v11.4.0	2026-02-25 05:01:07 +00:00
Renovate Bot	3397d80865	chore(deps): update helm release rook-ceph to v1.19.2	2026-02-24 20:00:39 +00:00
Renovate Bot	39548b9b31	chore(deps): update helm release cert-manager to v1.19.4	2026-02-24 16:01:20 +00:00
Renovate Bot	9b75b8d4bf	chore(deps): update helm release argo-cd to v9.4.4	2026-02-22 20:00:35 +00:00
Renovate Bot	8d29dd8bd1	chore(deps): update helm release kube-prometheus-stack to v82.2.1	2026-02-22 18:00:23 +00:00
William Peebles	4090830d95	Merge pull request 'chore(deps): update helm release kube-prometheus-stack to v82.2.0' (#245 ) from renovate/kube-prometheus-stack-82.x into main Reviewed-on: #245	2026-02-20 16:40:41 +00:00
Renovate Bot	21790a5a41	chore(deps): update helm release kube-prometheus-stack to v82.2.0	2026-02-20 15:00:59 +00:00
Renovate Bot	4ab5ecdd6f	chore(deps): update helm release traefik to v39.0.2	2026-02-20 15:00:48 +00:00
Renovate Bot	c11f7897d7	chore(deps): update helm release external-secrets to v2.0.1	2026-02-20 14:00:24 +00:00
Renovate Bot	8839dd6eb1	chore(deps): update helm release kube-prometheus-stack to v82.1.1	2026-02-19 17:00:39 +00:00
Renovate Bot	cc57178974	chore(deps): update helm release argo-cd to v9.4.3	2026-02-18 17:00:59 +00:00
William Peebles	3d95158244	Merge pull request 'chore(deps): update helm release kube-prometheus-stack to v82.1.0' (#240 ) from renovate/kube-prometheus-stack-82.x into main Reviewed-on: #240	2026-02-17 19:36:08 +00:00
Renovate Bot	141f05c6ae	chore(deps): update helm release kube-prometheus-stack to v82.1.0	2026-02-17 15:00:31 +00:00
Renovate Bot	3651f23c72	chore(deps): update helm release kube-prometheus-stack to v82.0.2	2026-02-17 01:00:25 +00:00
Renovate Bot	b4cbbd97a6	chore(deps): update helm release kube-prometheus-stack to v82.0.1	2026-02-16 19:00:19 +00:00
William Peebles	ede26d9c1d	Merge pull request 'chore(deps): update helm release kube-prometheus-stack to v82' (#237 ) from renovate/kube-prometheus-stack-82.x into main Reviewed-on: #237	2026-02-16 14:14:15 +00:00
Renovate Bot	cc14ef66ed	chore(deps): update helm release kube-prometheus-stack to v82	2026-02-15 08:00:27 +00:00
Renovate Bot	35b3f6cc42	chore(deps): update helm release kube-prometheus-stack to v81.6.9	2026-02-13 23:00:30 +00:00
Renovate Bot	033a3b95ad	chore(deps): update helm release kube-prometheus-stack to v81.6.8	2026-02-13 22:00:24 +00:00
Renovate Bot	f90060e366	chore(deps): update helm release kube-prometheus-stack to v81.6.7	2026-02-13 15:00:25 +00:00
Renovate Bot	1f074a7087	chore(deps): update helm release kube-prometheus-stack to v81.6.6	2026-02-13 13:01:24 +00:00
Renovate Bot	c6cf3b7d84	chore(deps): update helm release argo-cd to v9.4.2	2026-02-13 13:00:24 +00:00
Renovate Bot	e611c68342	chore(deps): update ghcr.io/siderolabs/discovery-service docker tag to v1.0.14	2026-02-13 12:00:30 +00:00
Renovate Bot	d828d88078	chore(deps): update helm release traefik to v39.0.1	2026-02-13 10:00:29 +00:00
Renovate Bot	8fa00efc16	chore(deps): update helm release kube-prometheus-stack to v81.6.5	2026-02-13 06:00:24 +00:00
Renovate Bot	fbe2274182	chore(deps): update helm release kube-prometheus-stack to v81.6.4	2026-02-13 02:00:37 +00:00
Renovate Bot	bf4985040a	chore(deps): update helm release kubernetes-replicator to v2.12.3	2026-02-12 11:00:46 +00:00
Renovate Bot	ce3a367ec9	chore(deps): update helm release kube-prometheus-stack to v81.6.3	2026-02-12 09:00:20 +00:00
Renovate Bot	6006e75db9	chore(deps): update helm release kube-prometheus-stack to v81.6.2	2026-02-11 19:00:31 +00:00
William Peebles	db590d1d2c	Merge pull request 'chore(deps): update helm release kube-prometheus-stack to v81.6.1' (#224 ) from renovate/kube-prometheus-stack-81.x into main Reviewed-on: #224	2026-02-10 18:52:20 +00:00
Renovate Bot	7b6f92646f	chore(deps): update helm release kube-prometheus-stack to v81.6.1	2026-02-10 14:00:27 +00:00
Renovate Bot	6bbd9748a2	chore(deps): update helm release kube-prometheus-stack to v81.5.2	2026-02-09 19:00:20 +00:00
Renovate Bot	b22ff17c1d	chore(deps): update helm release kube-prometheus-stack to v81.5.1	2026-02-09 13:00:43 +00:00
William P	96900bea0c	add README	2026-02-07 13:47:45 -05:00
William P	0f84c335de	omni: use ipvs for kube-proxy	2026-02-06 21:31:00 -05:00
William P	5e1b5dc007	omni: try to use iptables mode instead of nftables for kube-proxy in attempt to fix TLS timeout issues	2026-02-06 14:48:53 -05:00
William Peebles	f0f1b45c93	Merge pull request 'chore(deps): update cloudflare/cloudflared docker tag to v2026.2.0' (#220 ) from renovate/cloudflare-cloudflared-2026.x into main Reviewed-on: #220	2026-02-06 19:42:42 +00:00
Renovate Bot	db9aa7c99d	chore(deps): update cloudflare/cloudflared docker tag to v2026.2.0	2026-02-06 16:00:22 +00:00