add test OIDC client

apps/charts/bytestash/templates/oidc.yaml

@@ -0,0 +1,14 @@
+
+apiVersion: authentik.homelab.mortenolsen.pro/v1alpha1
+kind: AuthentikClient
+metadata:
+  name: "{{ .Release.Name }}"
+  namespace: "{{ .Release.Namespace }}"
+spec:
+  serverRef:
+    name: authentik
+    namespace: shared
+  name: Bytestash
+  redirectUris:
+    - https://{{ .Values.subdomain }}.{{ .Values.globals.domain }}/api/auth/oidc/callback
+

apps/charts/forgejo/templates/external-http-service.yaml

@@ -1,11 +0,0 @@
-apiVersion: homelab.mortenolsen.pro/v1
-kind: ExternalHttpService
-metadata:
-  name: '{{ .Release.Name }}'
-spec:
-  environment: '{{ .Values.globals.environment }}'
-  subdomain: '{{ .Values.subdomain }}'
-  destination:
-    host: '{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local'
-    port:
-      number: 80

apps/charts/forgejo/templates/virtual-service.yaml

@@ -1,11 +1,11 @@
 apiVersion: networking.istio.io/v1
 kind: VirtualService
 metadata:
-  name: "{{ .Release.Name }}"
+  name: "{{ .Release.Name }}-public"
   namespace: "{{ .Release.Namespace }}"
 spec:
   gateways:
-    - "{{ .Values.globals.istio.gateway }}"
+    - "{{ .Values.globals.istio.gateways.public }}"
     - mesh
   hosts:
     - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}"
@@ -16,3 +16,24 @@ spec:
             host: "{{ .Release.Name }}"
             port:
               number: 80
+
+---
+apiVersion: networking.istio.io/v1
+kind: VirtualService
+metadata:
+  name: "{{ .Release.Name }}-private"
+  namespace: "{{ .Release.Namespace }}"
+spec:
+  gateways:
+    - "{{ .Values.globals.istio.gateways.private }}"
+    - mesh
+  hosts:
+    - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}"
+    - mesh
+  http:
+    - route:
+        - destination:
+            host: "{{ .Release.Name }}"
+            port:
+              number: 80
+

apps/charts/gitea/templates/external-http-service.yaml

@@ -1,11 +0,0 @@
-apiVersion: homelab.mortenolsen.pro/v1
-kind: ExternalHttpService
-metadata:
-  name: '{{ .Release.Name }}'
-spec:
-  environment: '{{ .Values.globals.environment }}'
-  subdomain: '{{ .Values.subdomain }}'
-  destination:
-    host: '{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local'
-    port:
-      number: 80

apps/charts/gitea/templates/virtual-service.yaml

@@ -1,11 +1,11 @@
 apiVersion: networking.istio.io/v1
 kind: VirtualService
 metadata:
-  name: "{{ .Release.Name }}"
+  name: "{{ .Release.Name }}-public"
   namespace: "{{ .Release.Namespace }}"
 spec:
   gateways:
-    - "{{ .Values.globals.istio.gateway }}"
+    - "{{ .Values.globals.istio.gateways.public }}"
     - mesh
   hosts:
     - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}"
@@ -16,3 +16,24 @@ spec:
             host: "{{ .Release.Name }}"
             port:
               number: 80
+
+---
+apiVersion: networking.istio.io/v1
+kind: VirtualService
+metadata:
+  name: "{{ .Release.Name }}-private"
+  namespace: "{{ .Release.Namespace }}"
+spec:
+  gateways:
+    - "{{ .Values.globals.istio.gateways.private }}"
+    - mesh
+  hosts:
+    - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}"
+    - mesh
+  http:
+    - route:
+        - destination:
+            host: "{{ .Release.Name }}"
+            port:
+              number: 80
+

apps/charts/immich/templates/deployment.yaml

@@ -99,7 +99,7 @@ spec:
             claimName: "{{ .Release.Name }}-library"
         - name: nas
           persistentVolumeClaim:
-            claimName: pictures
+            claimName: images
 
 ---
 apiVersion: apps/v1

apps/charts/volumes/values.yaml

@@ -20,3 +20,5 @@ shares:
     path: /mnt/HDD/Misc
   kidsmusic:
     path: /mnt/HDD/Misc/Kids_Music
+  images:
+    path: /mnt/HDD/images