diff --git a/CHANGELOG.md b/CHANGELOG.md index 477a3ad..a3260fb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,26 +1,6 @@ # Changelog -## [0.2.0] - 2024-11-23 - -### Added - -- Enable gzip compression on Ingress-NGINX -- Enable brotli compression on Ingress-NGINX - - Set brotli level to `6` - -## [0.1.3] - 2024-11-23 - -### Changed - -- Bump ingress-nginx Helm chart to version `4.11.3` - -## [0.1.2] - 2024-11-21 - -### Changed - -- Disable Cilium Envoy (`l7Proxy=false`) - -## [0.1.1] - 2024-11-20 +## [0.2.0] - 2024-11-20 ### Changed diff --git a/apps/hq/harbor.yaml b/apps/hq/harbor.yaml deleted file mode 100644 index 2e332ce..0000000 --- a/apps/hq/harbor.yaml +++ /dev/null @@ -1,87 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: mareshq-registry - namespace: argocd - annotations: - argocd.argoproj.io/sync-wave: "50" -spec: - project: hq - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true - destination: - server: "https://kubernetes.default.svc" - namespace: hq-registry - source: - chart: harbor - repoURL: https://helm.goharbor.io - targetRevision: 1.16.0 - helm: - releaseName: harbor - valuesObject: - externalURL: https://oci.marespkg.com - expose: - type: ingress - tls: - enabled: true - certSource: secret - secret: - secretName: oci-marespkg-com-ingress-tls - ingress: - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt-dns-production - external-dns.alpha.kubernetes.io/hostname: oci.marespkg.com - external-dns.alpha.kubernetes.io/cloudflare-proxied: "true" - hosts: - core: oci.marespkg.com - database: - type: external - external: - host: postgres-rw.postgres.svc - port: 5432 - username: harbor - password: "YFC0tae.bpz2ncf!rye" - # existingSecret: harbor-user-credentials - coreDatabase: harbor - persistence: - enabled: false - imageChartStorage: - type: s3 - s3: - region: us-east-1 # see: https://developers.cloudflare.com/r2/api/s3/api/#bucket-region - bucket: marespkg-registry-storage - regionendpoint: https://f24333bb3c47d6db753e57e2a0c90082.r2.cloudflarestorage.com - accesskey: "e9d400c4f63375cc94f6f125724f3aa6" - secretkey: "5e1da29e9ab131c1c312add4bda82a4bdb75c4afe0f69c40dd384c5f0a6f8120" - metrics: - enabled: false - nginx: - nodeSelector: - kubernetes.io/arch: amd64 - portal: - nodeSelector: - kubernetes.io/arch: amd64 - core: - nodeSelector: - kubernetes.io/arch: amd64 - jobservice: - nodeSelector: - kubernetes.io/arch: amd64 - registry: - nodeSelector: - kubernetes.io/arch: amd64 - trivy: - nodeSelector: - kubernetes.io/arch: amd64 - extraEnvVars: - - name: SCANNER_TRIVY_DB_REPOSITORY - value: "oci.marespkg.com/library/trivy-db:2" - redis: - internal: - nodeSelector: - kubernetes.io/arch: amd64 diff --git a/apps/system/cilium.yaml b/apps/system/cilium.yaml index dce9867..a3194ee 100644 --- a/apps/system/cilium.yaml +++ b/apps/system/cilium.yaml @@ -31,6 +31,3 @@ spec: kubeProxyReplacement: true k8sServiceHost: "172.16.1.1" # internal IP (Hetzner Cloud Network) k8sServicePort: "6443" - - # Disable Envoy proxy - l7Proxy: false diff --git a/apps/system/ingress-nginx.yaml b/apps/system/ingress-nginx.yaml index d0cd8ee..af3af93 100644 --- a/apps/system/ingress-nginx.yaml +++ b/apps/system/ingress-nginx.yaml @@ -19,7 +19,7 @@ spec: source: chart: ingress-nginx repoURL: https://kubernetes.github.io/ingress-nginx - targetRevision: 4.11.3 + targetRevision: 4.11.2 helm: releaseName: ingress-nginx valuesObject: @@ -46,7 +46,3 @@ spec: use-proxy-protocol: "true" use-forwarded-headers: "true" enable-real-ip: "true" - use-gzip: "true" - enable-brotli: "true" - brotli-level: "6" - use-http2: "true"