mrtz
58b8a8a21d
fix(kyverno): Downgrade
2025-10-15 18:42:36 +02:00
mrtz
20aa570eeb
Merge branch 'renovate/kyverno-3.x' into 'main'
...
Update Helm release kyverno to v3.5.2
See merge request oceanbox/manifests!35
2025-10-15 18:27:39 +02:00
juselius
3d15eced51
ci: atlantis
2025-10-15 15:23:05 +00:00
juselius
fc1f3854ee
ci: sorcerer
2025-10-15 15:23:01 +00:00
stigrj
b37cd2bcdb
ci: atlantis
2025-10-15 15:17:34 +00:00
juselius
93eeecdda9
fix: add new employees to acl
2025-10-14 15:23:03 +02:00
juselius
2442e12012
fix: remove cruft
2025-10-14 14:19:22 +02:00
juselius
3da2d60683
fix: fix interal ekman and rossby dns in tailscale
2025-10-14 13:13:31 +02:00
juselius
0068b5de30
Merge branch 'main' of gitlab.com:oceanbox/manifests
2025-10-14 13:00:56 +02:00
juselius
747ae04ca3
fix: simplify and clean headscale acls
2025-10-14 13:00:42 +02:00
mrtz
2009a6f6f8
fix(ekman): Bump dapr to 1.16.1
2025-10-14 12:14:40 +02:00
mrtz
ece1657d7b
fix: Bump dapr
2025-10-14 12:00:41 +02:00
juselius
284a02be7b
fix: update headscale acls
2025-10-14 11:13:47 +02:00
mrtz
d782913d94
fix: Remove trailing , for hs-router
2025-10-13 16:39:38 +02:00
juselius
e5d13f4a29
fix: fix for gotmpl fickleness
2025-10-13 16:01:40 +02:00
juselius
273b9c77d6
feat: add separate headscale for (un-snatted) subnet routing
2025-10-13 15:57:44 +02:00
mrtz
e64ddf76f2
fix(hs): Persist
2025-10-13 10:41:41 +02:00
mrtz
d2aa34690d
ci: plume
2025-10-12 17:43:02 +00:00
mrtz
a2402dfd51
ci: plume
2025-10-12 17:13:06 +00:00
mrtz
3c467ed857
Merge branch 'renovate/argo-rollouts-2.x' into 'main'
...
Update Helm release argo-rollouts to v2.40.5
See merge request oceanbox/manifests!37
2025-10-12 18:55:22 +02:00
07969c75ba
Update Helm release argo-rollouts to v2.40.5
2025-10-12 16:51:09 +00:00
juselius
9fe44586d3
ci: atlantis
2025-10-12 16:50:17 +00:00
juselius
0cc1ceea91
ci: sorcerer
2025-10-12 16:50:14 +00:00
mrtz
32cfb4185b
ci: atlantis
2025-10-12 16:49:36 +00:00
mrtz
128ad0158f
ci: sorcerer
2025-10-12 16:49:33 +00:00
0f49f551d8
fix(nix): Add velero cli to shell
2025-10-12 18:11:53 +02:00
71acc5f5f4
fix(hs): Persist config
2025-10-12 18:11:15 +02:00
mrtz
4e4dd03dd4
Merge branch 'renovate/ghcr.io-juanfont-headscale-0.x' into 'main'
...
Update ghcr.io/juanfont/headscale Docker tag to v0.26.1
See merge request oceanbox/manifests!26
2025-10-12 14:02:07 +02:00
6b78991566
fix(hs): Persist values
2025-10-12 08:34:41 +02:00
juselius
958eae2fdf
fix: revert
2025-10-11 20:34:55 +02:00
juselius
afde7724eb
fix: fix headscale dns split server to fs-backup
2025-10-11 20:29:58 +02:00
juselius
0edb3a72d8
fix: uddate vtn net acl for vtn-system
2025-10-11 17:40:41 +02:00
mrtz
d9793a9b85
chore: Bump openfga
2025-10-11 17:14:53 +02:00
stigrj
d25814b87f
ci: atlantis
2025-10-10 15:00:44 +00:00
mrtz
a15d2901d0
fix: Switch to legacy velero kubectl image
2025-10-10 16:45:01 +02:00
mrtz
f690617d17
ci: plume
2025-10-10 13:31:12 +00:00
mrtz
fd0e6adc08
feat: Add split dns for obx -> coredns
2025-10-09 16:23:06 +02:00
juselius
ddd3caaff8
fix: change tailscale domain to ts.obx
2025-10-09 15:40:37 +02:00
mrtz
bfbcaf3297
fix(hs): Rename system-tos -> tos-system
2025-10-08 15:04:17 +02:00
juselius
b8d46b1ad8
Merge branch 'main' of gitlab.com:oceanbox/manifests
2025-10-07 21:17:45 +02:00
juselius
949c31a85b
fix: fix headscale acls for routing between tos and vtn
2025-10-07 21:17:32 +02:00
a019559ef2
fix: Remove unused hs dns
2025-10-07 20:58:39 +02:00
5e61657001
fix: Add headscale cm to correct place
2025-10-07 20:57:58 +02:00
juselius
c3502e3d5a
fix: fix headscale acls for routing between tos and vtn
2025-10-07 19:39:40 +02:00
mrtz
8e97364595
fix: Add ts to whitelist
2025-10-07 17:42:08 +02:00
mrtz
c4a1d6f689
fix(hs): Visualize ACL
2025-10-07 17:38:46 +02:00
mrtz
393751c519
fix: Add correct whitelist
2025-10-07 17:25:25 +02:00
mrtz
ae5262c379
fix: Update kyverno whitelist
2025-10-07 16:36:55 +02:00
simkir
33db5f28d9
Remove split dns
...
I do not think this works when there are multiple sources holding the
dns records. The dns split should point to a server we have access to,
which can route the dns to another service in the network. Exposing
essentially some private dns. Not contend with a public dns record, as I
tried to do.
I think. This might become more relevant later...
2025-10-07 10:59:20 +02:00
simkir
a4a86c436d
Merge branch 'simkir/split-dns' into 'main'
...
Add oceanbox.io as split domain
See merge request oceanbox/manifests!36
2025-10-06 15:02:41 +02:00
mrtz
juselius
stigrj
Renovate Bot
simkir