Introduce tinkerbell essentials

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>

.github/CODEOWNERS

@@ -1 +1 @@
-* @kvaps @lllamnyp
+* @kvaps

ADOPTERS.md

@@ -13,8 +13,8 @@ but it means a lot to us.
 
 To add your organization to this list, you can either:
 
-- [open a pull request](https://github.com/cozystack/cozystack/pulls) to directly update this file, or
+- [open a pull request](https://github.com/aenix-io/cozystack/pulls) to directly update this file, or
-- [edit this file](https://github.com/cozystack/cozystack/blob/main/ADOPTERS.md) directly in GitHub
+- [edit this file](https://github.com/aenix-io/cozystack/blob/main/ADOPTERS.md) directly in GitHub
 
 Feel free to ask in the Slack chat if you any questions and/or require
 assistance with updating this list.

CONTRIBUTING.md

@@ -23,7 +23,7 @@ We welcome many types of contributions including:
 * New features
 * Builds, CI/CD
 * Bug fixes
-* [Documentation](https://github.com/cozystack/cozystack-website/tree/main)
+* [Documentation](https://github.com/aenix-io/cozystack-website/tree/main)
 * Issue Triage
 * Answering questions on Slack or Github Discussions
 * Web design

Makefile

@@ -6,12 +6,10 @@ build:
 	make -C packages/apps/mysql image
 	make -C packages/apps/clickhouse image
 	make -C packages/apps/kubernetes image
-	make -C packages/extra/monitoring image
 	make -C packages/system/cozystack-api image
 	make -C packages/system/cozystack-controller image
 	make -C packages/system/cilium image
 	make -C packages/system/kubeovn image
-	make -C packages/system/kubeovn-webhook image
 	make -C packages/system/dashboard image
 	make -C packages/system/kamaji image
 	make -C packages/system/bucket image
@@ -37,7 +35,6 @@ assets:
 	make -C packages/core/installer/ assets
 
 test:
-	test -f _out/assets/nocloud-amd64.raw.xz || make -C packages/core/installer talos-nocloud
 	make -C packages/core/testing apply
 	make -C packages/core/testing test
 	make -C packages/core/testing test-applications

README.md

@@ -2,11 +2,11 @@
 ![Cozystack](img/cozystack-logo-white.svg#gh-dark-mode-only)
 
 [![Open Source](https://img.shields.io/badge/Open-Source-brightgreen)](https://opensource.org/)
-[![Apache-2.0 License](https://img.shields.io/github/license/cozystack/cozystack)](https://opensource.org/licenses/)
+[![Apache-2.0 License](https://img.shields.io/github/license/aenix-io/cozystack)](https://opensource.org/licenses/)
-[![Support](https://img.shields.io/badge/$-support-12a0df.svg?style=flat)](https://cozystack.io/support/)
+[![Support](https://img.shields.io/badge/$-support-12a0df.svg?style=flat)](https://aenix.io/contact-us/#meet)
-[![Active](http://img.shields.io/badge/Status-Active-green.svg)](https://github.com/cozystack/cozystack)
+[![Active](http://img.shields.io/badge/Status-Active-green.svg)](https://aenix.io/cozystack/)
-[![GitHub Release](https://img.shields.io/github/release/cozystack/cozystack.svg?style=flat)](https://github.com/cozystack/cozystack/releases/latest)
+[![GitHub Release](https://img.shields.io/github/release/aenix-io/cozystack.svg?style=flat)](https://github.com/aenix-io/cozystack)
-[![GitHub Commit](https://img.shields.io/github/commit-activity/y/cozystack/cozystack)](https://github.com/cozystack/cozystack/graphs/contributors) 
+[![GitHub Commit](https://img.shields.io/github/commit-activity/y/aenix-io/cozystack)](https://github.com/aenix-io/cozystack) 
 
 # Cozystack
 
@@ -42,21 +42,21 @@ If you encounter any difficulties, start with the [troubleshooting guide](https:
 ## Versioning
 
 Versioning adheres to the [Semantic Versioning](http://semver.org/) principles.  
-A full list of the available releases is available in the GitHub repository's [Release](https://github.com/cozystack/cozystack/releases) section.
+A full list of the available releases is available in the GitHub repository's [Release](https://github.com/aenix-io/cozystack/releases) section.
 
-- [Roadmap](https://cozystack.io/docs/roadmap/)
+- [Roadmap](https://github.com/orgs/aenix-io/projects/2)
 
 ## Contributions
 
 Contributions are highly appreciated and very welcomed!
 
-In case of bugs, please, check if the issue has been already opened by checking the [GitHub Issues](https://github.com/cozystack/cozystack/issues) section.
+In case of bugs, please, check if the issue has been already opened by checking the [GitHub Issues](https://github.com/aenix-io/cozystack/issues) section.
 In case it isn't, you can open a new one: a detailed report will help us to replicate it, assess it, and work on a fix.
 
 You can express your intention in working on the fix on your own.
 Commits are used to generate the changelog, and their author will be referenced in it.
 
-In case of **Feature Requests** please use the [Discussion's Feature Request section](https://github.com/cozystack/cozystack/discussions/categories/feature-requests).
+In case of **Feature Requests** please use the [Discussion's Feature Request section](https://github.com/aenix-io/cozystack/discussions/categories/feature-requests).
 
 You can join our weekly community meetings (just add this events to your [Google Calendar](https://calendar.google.com/calendar?cid=ZTQzZDIxZTVjOWI0NWE5NWYyOGM1ZDY0OWMyY2IxZTFmNDMzZTJlNjUzYjU2ZGJiZGE3NGNhMzA2ZjBkMGY2OEBncm91cC5jYWxlbmRhci5nb29nbGUuY29t) or [iCal](https://calendar.google.com/calendar/ical/e43d21e5c9b45a95f28c5d649c2cb1e1f433e2e653b56dbbda74ca306f0d0f68%40group.calendar.google.com/public/basic.ics)) or [Telegram group](https://t.me/cozystack).
 
@@ -67,4 +67,8 @@ The code is provided as-is with no warranties.
 
 ## Commercial Support
 
-A list of companies providing commercial support for this project can be found on [official site](https://cozystack.io/support/).
+[**Ænix**](https://aenix.io) offers enterprise-grade support, available 24/7.
+
+We provide all types of assistance, including consultations, development of missing features, design, assistance with installation, and integration.
+
+[Contact us](https://aenix.io/contact/)

api/api-rules/cozystack_api_violation_exceptions.list

@@ -1,4 +1,4 @@
-API rule violation: list_type_missing,github.com/cozystack/cozystack/pkg/apis/apps/v1alpha1,ApplicationStatus,Conditions
+API rule violation: list_type_missing,github.com/aenix-io/cozystack/pkg/apis/apps/v1alpha1,ApplicationStatus,Conditions
 API rule violation: names_match,k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1,JSONSchemaProps,Ref
 API rule violation: names_match,k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1,JSONSchemaProps,Schema
 API rule violation: names_match,k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1,JSONSchemaProps,XEmbeddedResource

cmd/cozystack-api/main.go

@@ -19,7 +19,7 @@ package main
 import (
 	"os"
 
-	"github.com/cozystack/cozystack/pkg/cmd/server"
+	"github.com/aenix-io/cozystack/pkg/cmd/server"
 	genericapiserver "k8s.io/apiserver/pkg/server"
 	"k8s.io/component-base/cli"
 )

cmd/cozystack-assets-server/main.go

@@ -1,29 +0,0 @@
-package main
-
-import (
-	"flag"
-	"log"
-	"net/http"
-	"path/filepath"
-)
-
-func main() {
-	addr := flag.String("address", ":8123", "Address to listen on")
-	dir := flag.String("dir", "/cozystack/assets", "Directory to serve files from")
-	flag.Parse()
-
-	absDir, err := filepath.Abs(*dir)
-	if err != nil {
-		log.Fatalf("Error getting absolute path for %s: %v", *dir, err)
-	}
-
-	fs := http.FileServer(http.Dir(absDir))
-	http.Handle("/", fs)
-
-	log.Printf("Server starting on %s, serving directory %s", *addr, absDir)
-
-	err = http.ListenAndServe(*addr, nil)
-	if err != nil {
-		log.Fatalf("Server failed to start: %v", err)
-	}
-}

cmd/cozystack-controller/main.go

@@ -36,9 +36,9 @@ import (
 	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 
-	cozystackiov1alpha1 "github.com/cozystack/cozystack/api/v1alpha1"
+	cozystackiov1alpha1 "github.com/aenix-io/cozystack/api/v1alpha1"
-	"github.com/cozystack/cozystack/internal/controller"
+	"github.com/aenix-io/cozystack/internal/controller"
-	"github.com/cozystack/cozystack/internal/telemetry"
+	"github.com/aenix-io/cozystack/internal/telemetry"
 	// +kubebuilder:scaffold:imports
 )
 

go.mod

@@ -1,6 +1,6 @@
 // This is a generated file. Do not edit directly.
 
-module github.com/cozystack/cozystack
+module github.com/aenix-io/cozystack
 
 go 1.23.0
 

hack/download-dashboards.sh

@@ -21,7 +21,7 @@ fix_d8() {
 }
 
 swap_pvc_overview() {
- jq '(.panels[] | select(.title=="PVC Detailed") | .panels[] | select(.title=="Overview")) as $a | del(.panels[] | select(.title=="PVC Detailed").panels[] | select(.title=="Overview")) | ( (.panels[] | select(.title=="PVC Detailed"))) as $b | del( .panels[] | select(.title=="PVC Detailed")) | (.panels[.panels|length]=($a|.gridPos.y=$b.gridPos.y)) | (.panels[.panels|length]=($b|.gridPos.y=$a.gridPos.y))'
+ jq '(.panels[] | select(.title=="PVC Detailed") | .panels[] | select(.title=="Overview")) as $a | del(.panels[] | select(.title=="PVC Detailed").panels[] | select(.title=="Overview")) | ( (.panels[] | select(.title=="PVC Detailed"))) as $b | del( .panels[] | select(.title=="PVC Detailed")) | (.panels[.panels|length]=($a|.gridPos.y=$b.gridPos.y)) | (.panels[.panels|length]=($b|.gridPos.y=$a.gridPos.y))' 
 }
 
 deprectaed_remove_faq() {
@@ -68,7 +68,7 @@ modules/402-ingress-nginx/monitoring/grafana-dashboards/ingress-nginx/namespace/
 modules/402-ingress-nginx/monitoring/grafana-dashboards/ingress-nginx/vhost/vhost_detail.json
 modules/402-ingress-nginx/monitoring/grafana-dashboards/ingress-nginx/vhost/vhosts.json
 modules/340-monitoring-kubernetes-control-plane/monitoring/grafana-dashboards/kubernetes-cluster/control-plane-status.json
-modules/340-monitoring-kubernetes-control-plane/monitoring/grafana-dashboards/kubernetes-cluster/kube-etcd.json                #TODO
+modules/340-monitoring-kubernetes-control-plane/monitoring/grafana-dashboards/kubernetes-cluster/kube-etcd3.json                #TODO
 modules/340-monitoring-kubernetes-control-plane/monitoring/grafana-dashboards/kubernetes-cluster/deprecated-resources.json
 modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//kubernetes-cluster/nodes/ntp.json                              #TODO
 modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//kubernetes-cluster/nodes/nodes.json
@@ -78,10 +78,6 @@ modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//main/pod.json
 modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//main/namespace/namespaces.json
 modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//main/namespace/namespace.json
 modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//main/capacity-planning/capacity-planning.json
-modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//flux/flux-control-plane.json
-modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//flux/flux-stats.json
-modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//kafka/strimzi-kafka.json
-modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//goldpinger/goldpinger.json
 EOT
 
 
@@ -113,3 +109,4 @@ done <<\EOT
 	https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-namespaces.json
 	https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-pods.json
 EOT
+

hack/e2e.sh

@@ -60,7 +60,7 @@ done
 
 # Prepare system drive
 if [ ! -f nocloud-amd64.raw ]; then
-  wget https://github.com/cozystack/cozystack/releases/latest/download/nocloud-amd64.raw.xz -O nocloud-amd64.raw.xz
+  wget https://github.com/aenix-io/cozystack/releases/latest/download/nocloud-amd64.raw.xz -O nocloud-amd64.raw.xz
   rm -f nocloud-amd64.raw
   xz --decompress nocloud-amd64.raw.xz
 fi

internal/controller/suite_test.go

@@ -33,7 +33,7 @@ import (
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
 
-	cozystackiov1alpha1 "github.com/cozystack/cozystack/api/v1alpha1"
+	cozystackiov1alpha1 "github.com/aenix-io/cozystack/api/v1alpha1"
 	// +kubebuilder:scaffold:imports
 )
 

internal/controller/workloadmonitor_controller.go

@@ -19,7 +19,7 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
-	cozyv1alpha1 "github.com/cozystack/cozystack/api/v1alpha1"
+	cozyv1alpha1 "github.com/aenix-io/cozystack/api/v1alpha1"
 )
 
 // WorkloadMonitorReconciler reconciles a WorkloadMonitor object

internal/telemetry/collector.go

@@ -16,7 +16,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/log"
 
-	cozyv1alpha1 "github.com/cozystack/cozystack/api/v1alpha1"
+	cozyv1alpha1 "github.com/aenix-io/cozystack/api/v1alpha1"
 )
 
 // Collector handles telemetry data collection and sending

manifests/cozystack-installer.yaml

@@ -5,7 +5,6 @@ kind: Namespace
 metadata:
   name: cozy-system
   labels:
-    cozystack.io/system: "true"
     pod-security.kubernetes.io/enforce: privileged
 ---
 # Source: cozy-installer/templates/cozystack.yaml
@@ -69,7 +68,7 @@ spec:
       serviceAccountName: cozystack
       containers:
       - name: cozystack
-        image: "ghcr.io/cozystack/cozystack/installer:v0.28.1"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.23.1"
         env:
         - name: KUBERNETES_SERVICE_HOST
           value: localhost
@@ -87,12 +86,13 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: metadata.name
-      - name: assets
+      - name: darkhttpd
-        image: "ghcr.io/cozystack/cozystack/installer:v0.28.1"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.23.1"
         command:
-        - /usr/bin/cozystack-assets-server
+        - /usr/bin/darkhttpd
-        - "-dir=/cozystack/assets"
+        - /cozystack/assets
-        - "-address=:8123"
+        - --port
+        - "8123"
         ports:
         - name: http
           containerPort: 8123

packages/apps/clickhouse/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.6.2
+version: 0.6.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/clickhouse/Makefile

@@ -14,7 +14,6 @@ image:
 		--cache-to type=inline \
 		--metadata-file images/clickhouse-backup.json \
 		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
 		--load=$(LOAD)
 	echo "$(REGISTRY)/clickhouse-backup:$(call settag,$(CLICKHOUSE_BACKUP_TAG))@$$(yq e '."containerimage.digest"' images/clickhouse-backup.json -o json -r)" \
 		> images/clickhouse-backup.tag

packages/apps/clickhouse/images/clickhouse-backup.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/clickhouse-backup:0.6.2@sha256:67dd53efa86b704fc5cb876aca055fef294b31ab67899b683a4821ea12582ea7
+ghcr.io/aenix-io/cozystack/clickhouse-backup:0.6.1@sha256:7a99cabdfd541f863aa5d1b2f7b49afd39838fb94c8448986634a1dc9050751c

packages/apps/clickhouse/templates/dashboard-resourcemap.yaml

@@ -17,10 +17,3 @@ rules:
   resourceNames:
   - {{ .Release.Name }}-credentials
   verbs: ["get", "list", "watch"]
-- apiGroups:
-  - cozystack.io
-  resources:
-  - workloadmonitors
-  resourceNames:
-  - {{ .Release.Name }}
-  verbs: ["get", "list", "watch"]

packages/apps/clickhouse/templates/workloadmonitor.yaml

@@ -1,13 +0,0 @@
----
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}
-spec:
-  replicas: {{ .Values.replicas }}
-  minReplicas: 1
-  kind: clickhouse
-  type: clickhouse
-  selector:
-    clickhouse.altinity.com/chi: {{ $.Release.Name }}
-  version: {{ $.Chart.Version }}

packages/apps/ferretdb/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.2
+version: 0.4.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/ferretdb/images/postgres-backup.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/postgres-backup:0.9.0@sha256:2b6ba87f5688a439bd2ac12835a5ab9e601feb15c0c44ed0d9ca48cec7c52521
+ghcr.io/aenix-io/cozystack/postgres-backup:0.8.0@sha256:6a8ec7e7052f2d02ec5457d7cbac6ee52b3ed93a883988a192d1394fc7c88117

packages/apps/ferretdb/templates/dashboard-resourcemap.yaml

@@ -17,10 +17,3 @@ rules:
   resourceNames:
   - {{ .Release.Name }}-credentials
   verbs: ["get", "list", "watch"]
-- apiGroups:
-  - cozystack.io
-  resources:
-  - workloadmonitors
-  resourceNames:
-  - {{ .Release.Name }}
-  verbs: ["get", "list", "watch"]

packages/apps/ferretdb/templates/postgres.yaml

@@ -6,13 +6,7 @@ metadata:
 spec:
   instances: {{ .Values.replicas }}
   enableSuperuserAccess: true
-  {{- $configMap := lookup "v1" "ConfigMap" "cozy-system" "cozystack-scheduling" }}
+
-  {{- if $configMap }}
-  {{- $rawConstraints := get $configMap.data "globalAppTopologySpreadConstraints" }}
-  {{- if $rawConstraints }}
-  {{- $rawConstraints | fromYaml | toYaml | nindent 2 }}
-  {{- end }}
-  {{- end }}
   minSyncReplicas: {{ .Values.quorum.minSyncReplicas }}
   maxSyncReplicas: {{ .Values.quorum.maxSyncReplicas }}
 

packages/apps/ferretdb/templates/workloadmonitor.yaml

@@ -1,13 +0,0 @@
----
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}
-spec:
-  replicas: {{ .Values.replicas }}
-  minReplicas: 1
-  kind: ferretdb
-  type: ferretdb
-  selector:
-    app: {{ $.Release.Name }}
-  version: {{ $.Chart.Version }}

packages/apps/http-cache/Makefile

@@ -13,7 +13,6 @@ image-nginx:
 		--cache-to type=inline \
 		--metadata-file images/nginx-cache.json \
 		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
 		--load=$(LOAD)
 	echo "$(REGISTRY)/nginx-cache:$(call settag,$(NGINX_CACHE_TAG))@$$(yq e '."containerimage.digest"' images/nginx-cache.json -o json -r)" \
 		> images/nginx-cache.tag

packages/apps/http-cache/images/nginx-cache.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/nginx-cache:0.3.1@sha256:2b82eae28239ca0f9968602c69bbb752cd2a5818e64934ccd06cb91d95d019c7
+ghcr.io/aenix-io/cozystack/nginx-cache:0.3.1@sha256:a3c25199acb8e8426e6952658ccc4acaadb50fe2cfa6359743b64e5166b3fc70

packages/apps/kafka/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.3.3
+version: 0.3.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/kafka/templates/dashboard-resourcemap.yaml

@@ -17,11 +17,3 @@ rules:
   resourceNames:
   - {{ .Release.Name }}-clients-ca
   verbs: ["get", "list", "watch"]
-- apiGroups:
-  - cozystack.io
-  resources:
-  - workloadmonitors
-  resourceNames:
-  - {{ .Release.Name }}
-  - {{ $.Release.Name }}-zookeeper
-  verbs: ["get", "list", "watch"]

packages/apps/kafka/templates/kafka.yaml

@@ -57,12 +57,6 @@ spec:
         class: {{ . }}
         {{- end }}
         deleteClaim: true
-    metricsConfig:
-      type: jmxPrometheusExporter
-      valueFrom:
-        configMapKeyRef:
-          name: {{ .Release.Name }}-metrics
-          key: kafka-metrics-config.yml
   zookeeper:
     replicas: {{ .Values.zookeeper.replicas }}
     storage:
@@ -74,12 +68,6 @@ spec:
       class: {{ . }}
       {{- end }}
       deleteClaim: false
-    metricsConfig:
-      type: jmxPrometheusExporter
-      valueFrom:
-        configMapKeyRef:
-          name: {{ .Release.Name }}-metrics
-          key: kafka-metrics-config.yml
   entityOperator:
     topicOperator: {}
     userOperator: {}

packages/apps/kafka/templates/metrics-configmap.yaml

@@ -1,198 +0,0 @@
-kind: ConfigMap
-apiVersion: v1
-metadata:
-  name: {{ .Release.Name }}-metrics
-data:
-  kafka-metrics-config.yml: |
-    # See https://github.com/prometheus/jmx_exporter for more info about JMX Prometheus Exporter metrics
-    lowercaseOutputName: true
-    rules:
-    # Special cases and very specific rules
-    - pattern: kafka.server<type=(.+), name=(.+), clientId=(.+), topic=(.+), partition=(.*)><>Value
-      name: kafka_server_$1_$2
-      type: GAUGE
-      labels:
-        clientId: "$3"
-        topic: "$4"
-        partition: "$5"
-    - pattern: kafka.server<type=(.+), name=(.+), clientId=(.+), brokerHost=(.+), brokerPort=(.+)><>Value
-      name: kafka_server_$1_$2
-      type: GAUGE
-      labels:
-        clientId: "$3"
-        broker: "$4:$5"
-    - pattern: kafka.server<type=(.+), cipher=(.+), protocol=(.+), listener=(.+), networkProcessor=(.+)><>connections
-      name: kafka_server_$1_connections_tls_info
-      type: GAUGE
-      labels:
-        cipher: "$2"
-        protocol: "$3"
-        listener: "$4"
-        networkProcessor: "$5"
-    - pattern: kafka.server<type=(.+), clientSoftwareName=(.+), clientSoftwareVersion=(.+), listener=(.+), networkProcessor=(.+)><>connections
-      name: kafka_server_$1_connections_software
-      type: GAUGE
-      labels:
-        clientSoftwareName: "$2"
-        clientSoftwareVersion: "$3"
-        listener: "$4"
-        networkProcessor: "$5"
-    - pattern: "kafka.server<type=(.+), listener=(.+), networkProcessor=(.+)><>(.+-total):"
-      name: kafka_server_$1_$4
-      type: COUNTER
-      labels:
-        listener: "$2"
-        networkProcessor: "$3"
-    - pattern: "kafka.server<type=(.+), listener=(.+), networkProcessor=(.+)><>(.+):"
-      name: kafka_server_$1_$4
-      type: GAUGE
-      labels:
-        listener: "$2"
-        networkProcessor: "$3"
-    - pattern: kafka.server<type=(.+), listener=(.+), networkProcessor=(.+)><>(.+-total)
-      name: kafka_server_$1_$4
-      type: COUNTER
-      labels:
-        listener: "$2"
-        networkProcessor: "$3"
-    - pattern: kafka.server<type=(.+), listener=(.+), networkProcessor=(.+)><>(.+)
-      name: kafka_server_$1_$4
-      type: GAUGE
-      labels:
-        listener: "$2"
-        networkProcessor: "$3"
-    # Some percent metrics use MeanRate attribute
-    # Ex) kafka.server<type=(KafkaRequestHandlerPool), name=(RequestHandlerAvgIdlePercent)><>MeanRate
-    - pattern: kafka.(\w+)<type=(.+), name=(.+)Percent\w*><>MeanRate
-      name: kafka_$1_$2_$3_percent
-      type: GAUGE
-    # Generic gauges for percents
-    - pattern: kafka.(\w+)<type=(.+), name=(.+)Percent\w*><>Value
-      name: kafka_$1_$2_$3_percent
-      type: GAUGE
-    - pattern: kafka.(\w+)<type=(.+), name=(.+)Percent\w*, (.+)=(.+)><>Value
-      name: kafka_$1_$2_$3_percent
-      type: GAUGE
-      labels:
-        "$4": "$5"
-    # Generic per-second counters with 0-2 key/value pairs
-    - pattern: kafka.(\w+)<type=(.+), name=(.+)PerSec\w*, (.+)=(.+), (.+)=(.+)><>Count
-      name: kafka_$1_$2_$3_total
-      type: COUNTER
-      labels:
-        "$4": "$5"
-        "$6": "$7"
-    - pattern: kafka.(\w+)<type=(.+), name=(.+)PerSec\w*, (.+)=(.+)><>Count
-      name: kafka_$1_$2_$3_total
-      type: COUNTER
-      labels:
-        "$4": "$5"
-    - pattern: kafka.(\w+)<type=(.+), name=(.+)PerSec\w*><>Count
-      name: kafka_$1_$2_$3_total
-      type: COUNTER
-    # Generic gauges with 0-2 key/value pairs
-    - pattern: kafka.(\w+)<type=(.+), name=(.+), (.+)=(.+), (.+)=(.+)><>Value
-      name: kafka_$1_$2_$3
-      type: GAUGE
-      labels:
-        "$4": "$5"
-        "$6": "$7"
-    - pattern: kafka.(\w+)<type=(.+), name=(.+), (.+)=(.+)><>Value
-      name: kafka_$1_$2_$3
-      type: GAUGE
-      labels:
-        "$4": "$5"
-    - pattern: kafka.(\w+)<type=(.+), name=(.+)><>Value
-      name: kafka_$1_$2_$3
-      type: GAUGE
-    # Emulate Prometheus 'Summary' metrics for the exported 'Histogram's.
-    # Note that these are missing the '_sum' metric!
-    - pattern: kafka.(\w+)<type=(.+), name=(.+), (.+)=(.+), (.+)=(.+)><>Count
-      name: kafka_$1_$2_$3_count
-      type: COUNTER
-      labels:
-        "$4": "$5"
-        "$6": "$7"
-    - pattern: kafka.(\w+)<type=(.+), name=(.+), (.+)=(.*), (.+)=(.+)><>(\d+)thPercentile
-      name: kafka_$1_$2_$3
-      type: GAUGE
-      labels:
-        "$4": "$5"
-        "$6": "$7"
-        quantile: "0.$8"
-    - pattern: kafka.(\w+)<type=(.+), name=(.+), (.+)=(.+)><>Count
-      name: kafka_$1_$2_$3_count
-      type: COUNTER
-      labels:
-        "$4": "$5"
-    - pattern: kafka.(\w+)<type=(.+), name=(.+), (.+)=(.*)><>(\d+)thPercentile
-      name: kafka_$1_$2_$3
-      type: GAUGE
-      labels:
-        "$4": "$5"
-        quantile: "0.$6"
-    - pattern: kafka.(\w+)<type=(.+), name=(.+)><>Count
-      name: kafka_$1_$2_$3_count
-      type: COUNTER
-    - pattern: kafka.(\w+)<type=(.+), name=(.+)><>(\d+)thPercentile
-      name: kafka_$1_$2_$3
-      type: GAUGE
-      labels:
-        quantile: "0.$4"
-    # KRaft overall related metrics
-    # distinguish between always increasing COUNTER (total and max) and variable GAUGE (all others) metrics
-    - pattern: "kafka.server<type=raft-metrics><>(.+-total|.+-max):"
-      name: kafka_server_raftmetrics_$1
-      type: COUNTER
-    - pattern: "kafka.server<type=raft-metrics><>(current-state): (.+)"
-      name: kafka_server_raftmetrics_$1
-      value: 1
-      type: UNTYPED
-      labels:
-        $1: "$2"
-    - pattern: "kafka.server<type=raft-metrics><>(.+):"
-      name: kafka_server_raftmetrics_$1
-      type: GAUGE
-    # KRaft "low level" channels related metrics
-    # distinguish between always increasing COUNTER (total and max) and variable GAUGE (all others) metrics
-    - pattern: "kafka.server<type=raft-channel-metrics><>(.+-total|.+-max):"
-      name: kafka_server_raftchannelmetrics_$1
-      type: COUNTER
-    - pattern: "kafka.server<type=raft-channel-metrics><>(.+):"
-      name: kafka_server_raftchannelmetrics_$1
-      type: GAUGE
-    # Broker metrics related to fetching metadata topic records in KRaft mode
-    - pattern: "kafka.server<type=broker-metadata-metrics><>(.+):"
-      name: kafka_server_brokermetadatametrics_$1
-      type: GAUGE
-  zookeeper-metrics-config.yml: |
-    # See https://github.com/prometheus/jmx_exporter for more info about JMX Prometheus Exporter metrics
-    lowercaseOutputName: true
-    rules:
-    # replicated Zookeeper
-    - pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+)><>(\\w+)"
-      name: "zookeeper_$2"
-      type: GAUGE
-    - pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+)><>(\\w+)"
-      name: "zookeeper_$3"
-      type: GAUGE
-      labels:
-        replicaId: "$2"
-    - pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+), name2=(\\w+)><>(Packets\\w+)"
-      name: "zookeeper_$4"
-      type: COUNTER
-      labels:
-        replicaId: "$2"
-        memberType: "$3"
-    - pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+), name2=(\\w+)><>(\\w+)"
-      name: "zookeeper_$4"
-      type: GAUGE
-      labels:
-        replicaId: "$2"
-        memberType: "$3"
-    - pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+), name2=(\\w+), name3=(\\w+)><>(\\w+)"
-      name: "zookeeper_$4_$5"
-      type: GAUGE
-      labels:
-        replicaId: "$2"
-        memberType: "$3"

packages/apps/kafka/templates/podscrape.yaml

@@ -1,40 +0,0 @@
-apiVersion: operator.victoriametrics.com/v1beta1
-kind: VMPodScrape
-metadata:
-  name: {{ .Release.Name }}
-spec:
-  podMetricsEndpoints:
-    - port: tcp-prometheus
-      scheme: http
-      relabelConfigs:
-      - separator: ;
-        regex: __meta_kubernetes_pod_label_(strimzi_io_.+)
-        replacement: $1
-        action: labelmap
-      - sourceLabels: [__meta_kubernetes_namespace]
-        separator: ;
-        regex: (.*)
-        targetLabel: namespace
-        replacement: $1
-        action: replace
-      - sourceLabels: [__meta_kubernetes_pod_name]
-        separator: ;
-        regex: (.*)
-        targetLabel: pod
-        replacement: $1
-        action: replace
-      - sourceLabels: [__meta_kubernetes_pod_node_name]
-        separator: ;
-        regex: (.*)
-        targetLabel: node
-        replacement: $1
-        action: replace
-      - sourceLabels: [__meta_kubernetes_pod_host_ip]
-        separator: ;
-        regex: (.*)
-        targetLabel: node_ip
-        replacement: $1
-        action: replace
-  selector:
-    matchLabels:
-      app.kubernetes.io/instance: {{ .Release.Name }}

packages/apps/kafka/templates/workloadmonitor.yaml

@@ -1,30 +0,0 @@
----
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}
-spec:
-  replicas: {{ .Values.replicas }}
-  minReplicas: 1
-  kind: kafka
-  type: kafka
-  selector:
-    app.kubernetes.io/instance: {{ $.Release.Name }}
-    app.kubernetes.io/name: kafka
-  version: {{ $.Chart.Version }}
-
----
-
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}-zookeeper
-spec:
-  replicas: {{ .Values.replicas }}
-  minReplicas: 1
-  kind: kafka
-  type: zookeeper
-  selector:
-    app.kubernetes.io/instance: {{ $.Release.Name }}
-    app.kubernetes.io/name: zookeeper
-  version: {{ $.Chart.Version }}

packages/apps/kubernetes/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.15.2
+version: 0.15.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/kubernetes/Makefile

@@ -18,7 +18,6 @@ image-ubuntu-container-disk:
 		--cache-to type=inline \
 		--metadata-file images/ubuntu-container-disk.json \
 		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
 		--load=$(LOAD)
 	echo "$(REGISTRY)/ubuntu-container-disk:$(call settag,$(UBUNTU_CONTAINER_DISK_TAG))@$$(yq e '."containerimage.digest"' images/ubuntu-container-disk.json -o json -r)" \
 		> images/ubuntu-container-disk.tag
@@ -33,7 +32,6 @@ image-kubevirt-cloud-provider:
 		--cache-to type=inline \
 		--metadata-file images/kubevirt-cloud-provider.json \
 		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
 		--load=$(LOAD)
 	echo "$(REGISTRY)/kubevirt-cloud-provider:$(call settag,$(KUBERNETES_PKG_TAG))@$$(yq e '."containerimage.digest"' images/kubevirt-cloud-provider.json -o json -r)" \
 		> images/kubevirt-cloud-provider.tag
@@ -48,7 +46,6 @@ image-kubevirt-csi-driver:
 		--cache-to type=inline \
 		--metadata-file images/kubevirt-csi-driver.json \
 		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
 		--load=$(LOAD)
 	echo "$(REGISTRY)/kubevirt-csi-driver:$(call settag,$(KUBERNETES_PKG_TAG))@$$(yq e '."containerimage.digest"' images/kubevirt-csi-driver.json -o json -r)" \
 		> images/kubevirt-csi-driver.tag
@@ -64,7 +61,6 @@ image-cluster-autoscaler:
 		--cache-to type=inline \
 		--metadata-file images/cluster-autoscaler.json \
 		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
 		--load=$(LOAD)
 	echo "$(REGISTRY)/cluster-autoscaler:$(call settag,$(KUBERNETES_PKG_TAG))@$$(yq e '."containerimage.digest"' images/cluster-autoscaler.json -o json -r)" \
 		> images/cluster-autoscaler.tag

packages/apps/kubernetes/images/cluster-autoscaler.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/cluster-autoscaler:0.15.2@sha256:ea5cd225dbd1233afe2bfd727b9f90847f198f5d231871141d494d491fdee795
+ghcr.io/aenix-io/cozystack/cluster-autoscaler:0.15.0@sha256:538ee308f16c9e627ed16ee7c4aaa65919c2e6c4c2778f964a06e4797610d1cd

packages/apps/kubernetes/images/kubevirt-cloud-provider.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/kubevirt-cloud-provider:0.15.2@sha256:de98b18691cbd1e0d7d886c57873c2ecdae7a5ab2e3c4c59f9a24bdc321622a9
+ghcr.io/aenix-io/cozystack/kubevirt-cloud-provider:0.15.0@sha256:7716c88947d13dc90ccfcc3e60bfdd6e6fa9b201339a75e9c84bf825c76e2b1f

packages/apps/kubernetes/images/kubevirt-csi-driver.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.15.2@sha256:fdfa71edcb8a9f537926963fa11ad959fa2a20c08ba757c253b9587e8625b700
+ghcr.io/aenix-io/cozystack/kubevirt-csi-driver:0.15.0@sha256:be5e0eef92dada3ace5cddda5c68b30c9fe4682774c5e6e938ed31efba11ebbf

packages/apps/kubernetes/images/ubuntu-container-disk.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/ubuntu-container-disk:v1.30.1@sha256:bc08ea0ced2cb7dd98b26d72a9462fc0a3863adb908a5effbfcdf7227656ea65
+ghcr.io/aenix-io/cozystack/ubuntu-container-disk:v1.30.1@sha256:8392f00a7182294ce6fd417d254f7c2aa09fb9203d829dec70344a8050369430

packages/apps/kubernetes/templates/cluster.yaml

@@ -118,7 +118,7 @@ spec:
     ingress:
       extraAnnotations:
         nginx.ingress.kubernetes.io/ssl-passthrough: "true"
-      hostname: {{ .Values.host | default (printf "%s.%s" .Release.Name $host) }}
+      hostname: {{ .Values.host | default (printf "%s.%s" .Release.Name $host) }}:443
       className: "{{ $ingress }}"
   deployment:
     podAdditionalMetadata:
@@ -250,7 +250,7 @@ spec:
         apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
         kind: KubevirtMachineTemplate
         name: {{ $.Release.Name }}-{{ $groupName }}-{{ $kubevirtmachinetemplateHash }}
-        namespace: {{ $.Release.Namespace }}
+        namespace: default
       version: v1.30.1
 ---
 apiVersion: cluster.x-k8s.io/v1beta1

packages/apps/mysql/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.3
+version: 0.5.2
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/mysql/Makefile

@@ -14,7 +14,6 @@ image:
 		--cache-to type=inline \
 		--metadata-file images/mariadb-backup.json \
 		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
 		--load=$(LOAD)
 	echo "$(REGISTRY)/mariadb-backup:$(call settag,$(MARIADB_BACKUP_TAG))@$$(yq e '."containerimage.digest"' images/mariadb-backup.json -o json -r)" \
 		> images/mariadb-backup.tag

packages/apps/mysql/images/mariadb-backup.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/mariadb-backup:0.5.3@sha256:8ca1fb01e880d351ee7d984a0b437c1142836963cd079986156ed28750067138
+ghcr.io/aenix-io/cozystack/mariadb-backup:0.5.2@sha256:4bbfbb397bd7ecea45507ca47989c51429c4a24f40853ac92583e5b5b352fbea

packages/apps/mysql/templates/dashboard-resourcemap.yaml

@@ -18,10 +18,3 @@ rules:
   resourceNames:
   - {{ .Release.Name }}-credentials
   verbs: ["get", "list", "watch"]
-- apiGroups:
-  - cozystack.io
-  resources:
-  - workloadmonitors
-  resourceNames:
-  - {{ .Release.Name }}
-  verbs: ["get", "list", "watch"]

packages/apps/mysql/templates/workloadmonitor.yaml

@@ -1,13 +0,0 @@
----
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}
-spec:
-  replicas: {{ .Values.replicas }}
-  minReplicas: 1
-  kind: mysql
-  type: mysql
-  selector:
-    app.kubernetes.io/instance: {{ $.Release.Name }}
-  version: {{ $.Chart.Version }}

packages/apps/nats/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.1
+version: 0.4.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/nats/templates/resourcemap.yaml

@@ -17,10 +17,3 @@ rules:
   resourceNames:
   - {{ .Release.Name }}-credentials
   verbs: ["get", "list", "watch"]
-- apiGroups:
-  - cozystack.io
-  resources:
-  - workloadmonitors
-  resourceNames:
-  - {{ .Release.Name }}
-  verbs: ["get", "list", "watch"]

packages/apps/nats/templates/workloadmonitor.yaml

@@ -1,13 +0,0 @@
----
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}
-spec:
-  replicas: {{ .Values.replicas }}
-  minReplicas: 1
-  kind: nats
-  type: nats
-  selector:
-    app.kubernetes.io/instance: {{ $.Release.Name }}-system
-  version: {{ $.Chart.Version }}

packages/apps/postgres/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.9.0
+version: 0.8.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/postgres/Makefile

@@ -14,7 +14,6 @@ image:
 		--cache-to type=inline \
 		--metadata-file images/postgres-backup.json \
 		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
 		--load=$(LOAD)
 	echo "$(REGISTRY)/postgres-backup:$(call settag,$(POSTGRES_BACKUP_TAG))@$$(yq e '."containerimage.digest"' images/postgres-backup.json -o json -r)" \
 		> images/postgres-backup.tag

packages/apps/postgres/images/postgres-backup.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/postgres-backup:0.9.0@sha256:2b6ba87f5688a439bd2ac12835a5ab9e601feb15c0c44ed0d9ca48cec7c52521
+ghcr.io/aenix-io/cozystack/postgres-backup:0.8.0@sha256:6a8ec7e7052f2d02ec5457d7cbac6ee52b3ed93a883988a192d1394fc7c88117

packages/apps/postgres/templates/db.yaml

@@ -6,13 +6,7 @@ metadata:
 spec:
   instances: {{ .Values.replicas }}
   enableSuperuserAccess: true
-  {{- $configMap := lookup "v1" "ConfigMap" "cozy-system" "cozystack-scheduling" }}
+
-  {{- if $configMap }}
-  {{- $rawConstraints := get $configMap.data "globalAppTopologySpreadConstraints" }}
-  {{- if $rawConstraints }}
-  {{- $rawConstraints | fromYaml | toYaml | nindent 2 }}
-  {{- end }}
-  {{- end }}
   postgresql:
     parameters:
       max_wal_senders: "30"

packages/apps/rabbitmq/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.4
+version: 0.4.3
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/rabbitmq/templates/dashboard-resourcemap.yaml

@@ -20,10 +20,3 @@ rules:
   resourceNames:
   - {{ .Release.Name }}
   verbs: ["get", "list", "watch"]
-- apiGroups:
-  - cozystack.io
-  resources:
-  - workloadmonitors
-  resourceNames:
-  - {{ .Release.Name }}
-  verbs: ["get", "list", "watch"]

packages/apps/rabbitmq/templates/workloadmonitor.yaml

@@ -1,13 +0,0 @@
----
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}
-spec:
-  replicas: {{ .Values.replicas }}
-  minReplicas: 1
-  kind: rabbitmq
-  type: rabbitmq
-  selector:
-    app.kubernetes.io/name: {{ $.Release.Name }}
-  version: {{ $.Chart.Version }}

packages/apps/tenant/Chart.yaml

@@ -4,4 +4,4 @@ description: Separated tenant namespace
 icon: /logos/tenant.svg
 
 type: application
-version: 1.9.0
+version: 1.6.7

packages/apps/tenant/README.md

@@ -50,12 +50,11 @@ tenant-u1
 
 ### Common parameters
 
-| Name             | Description                                                                                                                 | Value   |
+| Name         | Description                                                                                                                 | Value   |
-| ---------------- | --------------------------------------------------------------------------------------------------------------------------- | ------- |
+| ------------ | --------------------------------------------------------------------------------------------------------------------------- | ------- |
-| `host`           | The hostname used to access tenant services (defaults to using the tenant name as a subdomain for it's parent tenant host). | `""`    |
+| `host`       | The hostname used to access tenant services (defaults to using the tenant name as a subdomain for it's parent tenant host). | `""`    |
-| `etcd`           | Deploy own Etcd cluster                                                                                                     | `false` |
+| `etcd`       | Deploy own Etcd cluster                                                                                                     | `false` |
-| `monitoring`     | Deploy own Monitoring Stack                                                                                                 | `false` |
+| `monitoring` | Deploy own Monitoring Stack                                                                                                 | `false` |
-| `ingress`        | Deploy own Ingress Controller                                                                                               | `false` |
+| `ingress`    | Deploy own Ingress Controller                                                                                               | `false` |
-| `seaweedfs`      | Deploy own SeaweedFS                                                                                                        | `false` |
+| `seaweedfs`  | Deploy own SeaweedFS                                                                                                        | `false` |
-| `isolated`       | Enforce tenant namespace with network policies                                                                              | `true`  |
+| `isolated`   | Enforce tenant namespace with network policies                                                                              | `false` |
-| `resourceQuotas` | Define resource quotas for the tenant                                                                                       | `{}`    |

packages/apps/tenant/templates/dashboard-resourcemap.yaml

@@ -1,12 +1,13 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: info-dashboard-resources
+  name: {{ include "tenant.name" . }}-dashboard-resources
+  namespace: {{ .Release.namespace }}
 rules:
 - apiGroups:
   - ""
   resources:
   - secrets
   resourceNames:
-  - kubeconfig-{{ .Release.Namespace }}
+  - kubeconfig-{{ include "tenant.name" . }}
   verbs: ["get", "list", "watch"]

packages/apps/tenant/templates/info.yaml

@@ -1,27 +0,0 @@
-{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }}
-{{- $oidcEnabled := index $cozyConfig.data "oidc-enabled" }}
-{{- if $oidcEnabled }}
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: info
-  namespace: {{ include "tenant.name" . }}
-  annotations:
-    helm.sh/resource-policy: keep
-  labels:
-    cozystack.io/ui: "true"
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-spec:
-  chart:
-    spec:
-      chart: info
-      reconcileStrategy: Revision
-      sourceRef:
-        kind: HelmRepository
-        name: cozystack-extra
-        namespace: cozy-public
-      version: "*"
-  interval: 1m0s
-  timeout: 5m0s
-{{- end }}

packages/apps/tenant/templates/kubeconfig.yaml

@@ -15,7 +15,8 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: kubeconfig-{{ .Release.Namespace }}
+  name: kubeconfig-{{ include "tenant.name" . }}
+  namespace: tenant-root
 stringData:
   kubeconfig: |
     apiVersion: v1
@@ -27,10 +28,10 @@ stringData:
     contexts:
     - context:
         cluster: cluster
-        namespace: {{ .Release.Namespace }}
+        namespace: {{ include "tenant.name" . }}
         user: keycloak
-      name: {{ .Release.Namespace }}
+      name: {{ include "tenant.name" . }}
-    current-context: {{ .Release.Namespace }}
+    current-context: {{ include "tenant.name" . }}
     users:
     - name: keycloak
       user:

packages/apps/tenant/templates/quota.yaml

@@ -1,10 +0,0 @@
-{{- if .Values.resourceQuotas }}
-apiVersion: v1
-kind: ResourceQuota
-metadata:
-  name: tenant-quota
-  namespace: {{ include "tenant.name" . }}
-spec:
-  hard:
-    {{- toYaml .Values.resourceQuotas | nindent 4 }}
-{{- end }}

packages/apps/tenant/templates/tenant.yaml

@@ -34,11 +34,7 @@ rules:
 - apiGroups: ["apps.cozystack.io"]
   resources: ['*']
   verbs: ['*']
-- apiGroups:
+
-  - cozystack.io
-  resources:
-  - workloadmonitors
-  verbs: ["get", "list", "watch"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
@@ -107,11 +103,6 @@ rules:
       - get
       - list
       - watch
-  - apiGroups:
-    - cozystack.io
-    resources:
-    - workloadmonitors
-    verbs: ["get", "list", "watch"]
 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
@@ -184,11 +175,6 @@ rules:
     verbs:
     - get
     - list
-  - apiGroups:
-    - cozystack.io
-    resources:
-    - workloadmonitors
-    verbs: ["get", "list", "watch"]
 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
@@ -272,7 +258,6 @@ rules:
     - virtualmachines
     - vmdisks
     - vminstances
-    - infos
     verbs:
     - get
     - list
@@ -281,11 +266,6 @@ rules:
     - update
     - patch
     - delete
-  - apiGroups:
-    - cozystack.io
-    resources:
-    - workloadmonitors
-    verbs: ["get", "list", "watch"]
 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
@@ -354,11 +334,6 @@ rules:
     - '*'
     verbs:
     - '*'
-  - apiGroups:
-    - cozystack.io
-    resources:
-    - workloadmonitors
-    verbs: ["get", "list", "watch"]
 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1

packages/apps/tenant/values.schema.json

@@ -30,12 +30,7 @@
         "isolated": {
             "type": "boolean",
             "description": "Enforce tenant namespace with network policies",
-            "default": true
+            "default": false
-        },
-        "resourceQuotas": {
-            "type": "object",
-            "description": "Define resource quotas for the tenant",
-            "default": {}
         }
     }
 }

packages/apps/tenant/values.yaml

@@ -6,18 +6,9 @@
 ## @param ingress Deploy own Ingress Controller
 ## @param seaweedfs Deploy own SeaweedFS
 ## @param isolated Enforce tenant namespace with network policies
-## @param resourceQuotas Define resource quotas for the tenant
 host: ""
 etcd: false
 monitoring: false
 ingress: false
 seaweedfs: false
-isolated: true
+isolated: false
-resourceQuotas: {}
-# resourceQuotas:
-#   requests.cpu: "1"
-#   requests.memory: "1Gi"
-#   limits.cpu: "2"
-#   limits.memory: "2Gi"
-#   requests.nvidia.com/gpu: 4
-#   requests.storage: 100Gi

packages/apps/versions_map

@@ -6,15 +6,13 @@ clickhouse 0.3.0 b00621e
 clickhouse 0.4.0 320fc32
 clickhouse 0.5.0 2a4768a5
 clickhouse 0.6.0 18bbdb67
-clickhouse 0.6.1 b7375f73
+clickhouse 0.6.1 HEAD
-clickhouse 0.6.2 HEAD
 ferretdb 0.1.0 4ffa8615
 ferretdb 0.1.1 5ca8823
 ferretdb 0.2.0 adaf603
 ferretdb 0.3.0 aa2f553
 ferretdb 0.4.0 def2eb0f
-ferretdb 0.4.1 a9555210
+ferretdb 0.4.1 HEAD
-ferretdb 0.4.2 HEAD
 http-cache 0.1.0 a956713
 http-cache 0.2.0 5ca8823
 http-cache 0.3.0 fab5940
@@ -25,9 +23,7 @@ kafka 0.2.1 3ac17018
 kafka 0.2.2 d0758692
 kafka 0.2.3 5ca8823
 kafka 0.3.0 c07c4bbd
-kafka 0.3.1 b7375f73
+kafka 0.3.1 HEAD
-kafka 0.3.2 b75aaf17
-kafka 0.3.3 HEAD
 kubernetes 0.1.0 f642698
 kubernetes 0.2.0 7cd7de73
 kubernetes 0.3.0 7caccec1
@@ -47,23 +43,19 @@ kubernetes 0.12.1 28fca4e
 kubernetes 0.13.0 ced8e5b9
 kubernetes 0.14.0 bfbde07c
 kubernetes 0.14.1 fde4bcfa
-kubernetes 0.15.0 cb7b8158
+kubernetes 0.15.0 HEAD
-kubernetes 0.15.1 43e593c7
-kubernetes 0.15.2 HEAD
 mysql 0.1.0 f642698
 mysql 0.2.0 8b975ff0
 mysql 0.3.0 5ca8823
 mysql 0.4.0 93018c4
 mysql 0.5.0 4b84798
 mysql 0.5.1 fab5940b
-mysql 0.5.2 d8a92aa3
+mysql 0.5.2 HEAD
-mysql 0.5.3 HEAD
 nats 0.1.0 5ca8823
 nats 0.2.0 c07c4bbd
 nats 0.3.0 78366f19
 nats 0.3.1 b7375f73
-nats 0.4.0 da1e705a
+nats 0.4.0 HEAD
-nats 0.4.1 HEAD
 postgres 0.1.0 f642698
 postgres 0.2.0 7cd7de73
 postgres 0.2.1 4a97e297
@@ -75,16 +67,14 @@ postgres 0.6.0 2a4768a
 postgres 0.6.2 54fd61c
 postgres 0.7.0 dc9d8bb
 postgres 0.7.1 175a65f
-postgres 0.8.0 cb7b8158
+postgres 0.8.0 HEAD
-postgres 0.9.0 HEAD
 rabbitmq 0.1.0 f642698
 rabbitmq 0.2.0 5ca8823
 rabbitmq 0.3.0 9e33dc0
 rabbitmq 0.4.0 36d8855
 rabbitmq 0.4.1 35536bb
 rabbitmq 0.4.2 00b2834e
-rabbitmq 0.4.3 d8a92aa3
+rabbitmq 0.4.3 HEAD
-rabbitmq 0.4.4 HEAD
 redis 0.1.1 f642698
 redis 0.2.0 5ca8823
 redis 0.3.0 c07c4bbd
@@ -110,11 +100,7 @@ tenant 1.6.3 2057bb96
 tenant 1.6.4 3c9e50a4
 tenant 1.6.5 f1e11451
 tenant 1.6.6 d4634797
-tenant 1.6.7 06afcf27
+tenant 1.6.7 HEAD
-tenant 1.6.8 4cc48e6f
-tenant 1.7.0 6c73e3f3
-tenant 1.8.0 e2369ba
-tenant 1.9.0 HEAD
 virtual-machine 0.1.4 f2015d6
 virtual-machine 0.1.5 7cd7de7
 virtual-machine 0.2.0 5ca8823
@@ -122,20 +108,12 @@ virtual-machine 0.3.0 b908400
 virtual-machine 0.4.0 4746d51
 virtual-machine 0.5.0 cad9cde
 virtual-machine 0.6.0 0e728870
-virtual-machine 0.6.1 af58018a
+virtual-machine 0.7.0 HEAD
-virtual-machine 0.7.0 af58018a
-virtual-machine 0.7.1 05857b95
-virtual-machine 0.8.0 3fa4dd3
-virtual-machine 0.8.1 3fa4dd3a
-virtual-machine 0.8.2 HEAD
 vm-disk 0.1.0 HEAD
 vm-instance 0.1.0 ced8e5b9
 vm-instance 0.2.0 4f767ee3
 vm-instance 0.3.0 0e728870
-vm-instance 0.4.0 af58018a
+vm-instance 0.4.0 HEAD
-vm-instance 0.4.1 05857b95
-vm-instance 0.5.0 3fa4dd3
-vm-instance 0.5.1 HEAD
 vpn 0.1.0 f642698
 vpn 0.2.0 7151424
 vpn 0.3.0 a2bcf100

packages/apps/virtual-machine/Chart.yaml

@@ -17,10 +17,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.8.2
+version: 0.7.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.8.2"
+appVersion: "0.7.0"

packages/apps/virtual-machine/Makefile

@@ -8,4 +8,3 @@ generate:
 	  && yq -i -o json ".properties.instanceProfile.optional=true | .properties.instanceProfile.enum = $${PREFERENCES}" values.schema.json
 	yq -i -o json '.properties.externalPorts.items.type = "integer"' values.schema.json
 	yq -i -o json '.properties.systemDisk.properties.image.enum = ["ubuntu", "cirros", "alpine", "fedora", "talos"]' values.schema.json
-	yq -i -o json '.properties.externalMethod.enum = ["WholeIP", "PortList"]' values.schema.json

packages/apps/virtual-machine/README.md

@@ -39,7 +39,6 @@ virtctl ssh <user>@<vm>
 | Name                      | Description                                                                                                | Value            |
 | ------------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------- |
 | `external`                | Enable external access from outside the cluster                                                            | `false`          |
-| `externalMethod`          | specify method to passthrough the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList` | `WholeIP`        |
 | `externalPorts`           | Specify ports to forward from outside the cluster                                                          | `[]`             |
 | `running`                 | Determines if the virtual machine should be running                                                        | `true`           |
 | `instanceType`            | Virtual Machine instance type                                                                              | `u1.medium`      |

packages/apps/virtual-machine/templates/service.yaml

@@ -6,24 +6,16 @@ metadata:
   name: {{ include "virtual-machine.fullname" . }}
   labels:
     {{- include "virtual-machine.labels" . | nindent 4 }}
-  {{- if eq .Values.externalMethod "WholeIP" }}
-  annotations:
-    networking.cozystack.io/wholeIP: "true"
-  {{- end }}
 spec:
   type: {{ ternary "LoadBalancer" "ClusterIP" .Values.external }}
   externalTrafficPolicy: Local
   allocateLoadBalancerNodePorts: false
   selector:
-    {{- include "virtual-machine.selectorLabels" . | nindent 4 }}
+    {{- include "virtual-machine.labels" . | nindent 4 }}
   ports:
-    {{- if eq .Values.externalMethod "WholeIP" }}
-    - port: 65535
-    {{- else }}
     {{- range .Values.externalPorts }}
     - name: port-{{ . }}
       port: {{ . }}
       targetPort: {{ . }}
     {{- end }}
-    {{- end }}
 {{- end }}

packages/apps/virtual-machine/templates/vm-update-hook.yaml

@@ -45,7 +45,6 @@ spec:
     metadata:
       labels:
         app: "{{ $.Release.Name }}-update-hook"
-        policy.cozystack.io/allow-to-apiserver: "true"
     spec:
       serviceAccountName: {{ $.Release.Name }}-update-hook
       restartPolicy: Never

packages/apps/virtual-machine/values.schema.json

@@ -7,15 +7,6 @@
       "description": "Enable external access from outside the cluster",
       "default": false
     },
-    "externalMethod": {
-      "type": "string",
-      "description": "specify method to passthrough the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList`",
-      "default": "WholeIP",
-      "enum": [
-        "WholeIP",
-        "PortList"
-      ]
-    },
     "externalPorts": {
       "type": "array",
       "description": "Specify ports to forward from outside the cluster",

packages/apps/virtual-machine/values.yaml

@@ -1,10 +1,8 @@
 ## @section Common parameters
 
 ## @param external Enable external access from outside the cluster
-## @param externalMethod specify method to passthrough the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList`
 ## @param externalPorts [array] Specify ports to forward from outside the cluster
 external: false
-externalMethod: WholeIP
 externalPorts:
 - 22
 

packages/apps/vm-instance/Chart.yaml

@@ -17,10 +17,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.1
+version: 0.4.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.5.1"
+appVersion: "0.4.0"

packages/apps/vm-instance/Makefile

@@ -8,4 +8,3 @@ generate:
 	PREFERENCES=$$(yq e '.metadata.name' -o=json -r ../../system/kubevirt-instancetypes/templates/preferences.yaml | yq 'split(" ") | . + [""]' -o json) \
 	  && yq -i -o json ".properties.instanceProfile.optional=true | .properties.instanceProfile.enum = $${PREFERENCES}" values.schema.json
 	yq -i -o json '.properties.externalPorts.items.type = "integer"' values.schema.json
-	yq -i -o json '.properties.externalMethod.enum = ["WholeIP", "PortList"]' values.schema.json

packages/apps/vm-instance/README.md

@@ -36,19 +36,18 @@ virtctl ssh <user>@<vm>
 
 ### Common parameters
 
-| Name               | Description                                                                                                | Value            |
+| Name               | Description                                                                        | Value            |
-| ------------------ | ---------------------------------------------------------------------------------------------------------- | ---------------- |
+| ------------------ | ---------------------------------------------------------------------------------- | ---------------- |
-| `external`         | Enable external access from outside the cluster                                                            | `false`          |
+| `external`         | Enable external access from outside the cluster                                    | `false`          |
-| `externalMethod`   | specify method to passthrough the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList` | `WholeIP`        |
+| `externalPorts`    | Specify ports to forward from outside the cluster                                  | `[]`             |
-| `externalPorts`    | Specify ports to forward from outside the cluster                                                          | `[]`             |
+| `running`          | Determines if the virtual machine should be running                                | `true`           |
-| `running`          | Determines if the virtual machine should be running                                                        | `true`           |
+| `instanceType`     | Virtual Machine instance type                                                      | `u1.medium`      |
-| `instanceType`     | Virtual Machine instance type                                                                              | `u1.medium`      |
+| `instanceProfile`  | Virtual Machine prefferences profile                                               | `ubuntu`         |
-| `instanceProfile`  | Virtual Machine prefferences profile                                                                       | `ubuntu`         |
+| `disks`            | List of disks to attach                                                            | `[]`             |
-| `disks`            | List of disks to attach                                                                                    | `[]`             |
+| `resources.cpu`    | The number of CPU cores allocated to the virtual machine                           | `""`             |
-| `resources.cpu`    | The number of CPU cores allocated to the virtual machine                                                   | `""`             |
+| `resources.memory` | The amount of memory allocated to the virtual machine                              | `""`             |
-| `resources.memory` | The amount of memory allocated to the virtual machine                                                      | `""`             |
+| `sshKeys`          | List of SSH public keys for authentication. Can be a single key or a list of keys. | `[]`             |
-| `sshKeys`          | List of SSH public keys for authentication. Can be a single key or a list of keys.                         | `[]`             |
+| `cloudInit`        | cloud-init user data config. See cloud-init documentation for more details.        | `#cloud-config
-| `cloudInit`        | cloud-init user data config. See cloud-init documentation for more details.                                | `#cloud-config
 ` |
 
 ## U Series

packages/apps/vm-instance/templates/service.yaml

@@ -6,24 +6,16 @@ metadata:
   name: {{ include "virtual-machine.fullname" . }}
   labels:
     {{- include "virtual-machine.labels" . | nindent 4 }}
-  {{- if eq .Values.externalMethod "WholeIP" }}
-  annotations:
-    networking.cozystack.io/wholeIP: "true"
-  {{- end }}
 spec:
   type: {{ ternary "LoadBalancer" "ClusterIP" .Values.external }}
   externalTrafficPolicy: Local
   allocateLoadBalancerNodePorts: false
   selector:
-    {{- include "virtual-machine.selectorLabels" . | nindent 4 }}
+    {{- include "virtual-machine.labels" . | nindent 4 }}
   ports:
-    {{- if eq .Values.externalMethod "WholeIP" }}
-    - port: 65535
-    {{- else }}
     {{- range .Values.externalPorts }}
     - name: port-{{ . }}
       port: {{ . }}
       targetPort: {{ . }}
     {{- end }}
-    {{- end }}
 {{- end }}

packages/apps/vm-instance/templates/vm-update-hook.yaml

@@ -35,7 +35,6 @@ spec:
     metadata:
       labels:
         app: "{{ $.Release.Name }}-update-hook"
-        policy.cozystack.io/allow-to-apiserver: "true"
     spec:
       serviceAccountName: {{ $.Release.Name }}-update-hook
       restartPolicy: Never

packages/apps/vm-instance/templates/vm.yaml

@@ -12,7 +12,7 @@ metadata:
   labels:
     {{- include "virtual-machine.labels" . | nindent 4 }}
 spec:
-  running: {{ .Values.running }}
+  running: {{ .Values.running | default "true" }}
   {{- with .Values.instanceType }}
   instancetype:
     kind: VirtualMachineClusterInstancetype

packages/apps/vm-instance/values.schema.json

@@ -7,15 +7,6 @@
       "description": "Enable external access from outside the cluster",
       "default": false
     },
-    "externalMethod": {
-      "type": "string",
-      "description": "specify method to passthrough the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList`",
-      "default": "WholeIP",
-      "enum": [
-        "WholeIP",
-        "PortList"
-      ]
-    },
     "externalPorts": {
       "type": "array",
       "description": "Specify ports to forward from outside the cluster",

packages/apps/vm-instance/values.yaml

@@ -1,10 +1,8 @@
 ## @section Common parameters
 
 ## @param external Enable external access from outside the cluster
-## @param externalMethod specify method to passthrough the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList`
 ## @param externalPorts [array] Specify ports to forward from outside the cluster
 external: false
-externalMethod: WholeIP
 externalPorts:
 - 22
 

packages/core/builder/values.yaml

@@ -1,3 +1,3 @@
 talos:
   imager:
-    image: ghcr.io/siderolabs/imager:v1.9.3
+    image: ghcr.io/siderolabs/imager:v1.9.2

packages/core/installer/Makefile

@@ -28,23 +28,22 @@ image-cozystack: run-builder
 	make -C ../../.. repos
 	docker buildx build -f images/cozystack/Dockerfile ../../.. \
 		--provenance false \
-		--tag $(REGISTRY)/installer:$(call settag,$(TAG)) \
+		--tag $(REGISTRY)/cozystack:$(call settag,$(TAG)) \
-		--cache-from type=registry,ref=$(REGISTRY)/installer:latest \
+		--cache-from type=registry,ref=$(REGISTRY)/cozystack:latest \
-		--platform linux/amd64 \
+		--platform linux/amd64,linux/arm64 \
 		--cache-to type=inline \
-		--metadata-file images/installer.json \
+		--metadata-file images/cozystack.json \
 		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
 		--load=$(LOAD)
-	IMAGE="$(REGISTRY)/installer:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/installer.json -o json -r)" \
+	IMAGE="$(REGISTRY)/cozystack:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/cozystack.json -o json -r)" \
 		yq -i '.cozystack.image = strenv(IMAGE)' values.yaml
-	rm -f images/installer.json
+	rm -f images/cozystack.json
 
 image-talos: run-builder
 	test -f ../../../_out/assets/installer-amd64.tar || make talos-installer
 	skopeo copy docker-archive:../../../_out/assets/installer-amd64.tar docker://$(REGISTRY)/talos:$(call settag,$(TALOS_VERSION))
 
-image-matchbox: run-builder
+image-matchbox:  run-builder
 	test -f ../../../_out/assets/kernel-amd64 || make talos-kernel
 	test -f ../../../_out/assets/initramfs-metal-amd64.xz || make talos-initramfs
 	docker buildx build -f images/matchbox/Dockerfile ../../.. \
@@ -55,10 +54,7 @@ image-matchbox: run-builder
 		--cache-to type=inline \
 		--metadata-file images/matchbox.json \
 		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
 		--load=$(LOAD)
-	echo "$(REGISTRY)/matchbox:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/matchbox.json -o json -r)" \
-		> ../../extra/bootbox/images/matchbox.tag
 	rm -f images/matchbox.json
 
 assets: talos-iso talos-nocloud talos-metal

packages/core/installer/images/cozystack/Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:alpine3.21 as k8s-await-election-builder
+FROM golang:alpine3.19 as k8s-await-election-builder
 
 ARG K8S_AWAIT_ELECTION_GITREPO=https://github.com/LINBIT/k8s-await-election
 ARG K8S_AWAIT_ELECTION_VERSION=0.4.1
@@ -13,7 +13,7 @@ RUN git clone ${K8S_AWAIT_ELECTION_GITREPO} /usr/local/go/k8s-await-election/ \
  && make \
  && mv ./out/k8s-await-election-${TARGETARCH} /k8s-await-election
 
-FROM golang:alpine3.21 as builder
+FROM alpine:3.19 AS builder
 
 RUN apk add --no-cache make git
 RUN apk add helm --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community
@@ -21,14 +21,12 @@ RUN apk add helm --repository=https://dl-cdn.alpinelinux.org/alpine/edge/communi
 COPY . /src/
 WORKDIR /src
 
-RUN go build -o /cozystack-assets-server -ldflags '-extldflags "-static" -w -s' ./cmd/cozystack-assets-server
-
 # Check that versions_map is not changed
 RUN make repos
 
-FROM alpine:3.21
+FROM alpine:3.19
 
-RUN apk add --no-cache make
+RUN apk add --no-cache make darkhttpd
 RUN apk add helm kubectl --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community
 
 COPY scripts /cozystack/scripts
@@ -36,7 +34,6 @@ COPY --from=builder /src/packages/core /cozystack/packages/core
 COPY --from=builder /src/packages/system /cozystack/packages/system
 COPY --from=builder /src/_out/repos /cozystack/assets/repos
 COPY --from=builder /src/_out/logos /cozystack/assets/logos
-COPY --from=builder /cozystack-assets-server /usr/bin/cozystack-assets-server
 COPY --from=k8s-await-election-builder /k8s-await-election /usr/bin/k8s-await-election
 COPY dashboards /cozystack/assets/dashboards
 

packages/core/installer/images/talos/profiles/initramfs.yaml

@@ -3,24 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.9.3
+version: v1.9.2
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.9.3
+    imageRef: ghcr.io/siderolabs/installer:v1.9.2
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20250109
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20241210
     - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250109
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20241210
     - imageRef: ghcr.io/siderolabs/i915-ucode:20241110
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20241210
     - imageRef: ghcr.io/siderolabs/intel-ucode:20241112
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20241210
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.3
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.2
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.3
+    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.2
 output:
   kind: initramfs
   imageOptions: {}

packages/core/installer/images/talos/profiles/installer.yaml

@@ -3,24 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.9.3
+version: v1.9.2
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.9.3
+    imageRef: ghcr.io/siderolabs/installer:v1.9.2
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20250109
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20241210
     - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250109
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20241210
     - imageRef: ghcr.io/siderolabs/i915-ucode:20241110
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20241210
     - imageRef: ghcr.io/siderolabs/intel-ucode:20241112
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20241210
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.3
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.2
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.3
+    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.2
 output:
   kind: installer
   imageOptions: {}

packages/core/installer/images/talos/profiles/iso.yaml

@@ -3,24 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.9.3
+version: v1.9.2
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.9.3
+    imageRef: ghcr.io/siderolabs/installer:v1.9.2
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20250109
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20241210
     - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250109
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20241210
     - imageRef: ghcr.io/siderolabs/i915-ucode:20241110
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20241210
     - imageRef: ghcr.io/siderolabs/intel-ucode:20241112
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20241210
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.3
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.2
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.3
+    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.2
 output:
   kind: iso
   imageOptions: {}

packages/core/installer/images/talos/profiles/kernel.yaml

@@ -3,24 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.9.3
+version: v1.9.2
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.9.3
+    imageRef: ghcr.io/siderolabs/installer:v1.9.2
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20250109
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20241210
     - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250109
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20241210
     - imageRef: ghcr.io/siderolabs/i915-ucode:20241110
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20241210
     - imageRef: ghcr.io/siderolabs/intel-ucode:20241112
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20241210
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.3
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.2
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.3
+    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.2
 output:
   kind: kernel
   imageOptions: {}

packages/core/installer/images/talos/profiles/metal.yaml

@@ -3,24 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.9.3
+version: v1.9.2
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.9.3
+    imageRef: ghcr.io/siderolabs/installer:v1.9.2
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20250109
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20241210
     - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250109
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20241210
     - imageRef: ghcr.io/siderolabs/i915-ucode:20241110
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20241210
     - imageRef: ghcr.io/siderolabs/intel-ucode:20241112
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20241210
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.3
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.2
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.3
+    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.2
 output:
   kind: image
   imageOptions: { diskSize: 1306525696, diskFormat: raw }

packages/core/installer/images/talos/profiles/nocloud.yaml

@@ -3,24 +3,24 @@
 arch: amd64
 platform: nocloud
 secureboot: false
-version: v1.9.3
+version: v1.9.2
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.9.3
+    imageRef: ghcr.io/siderolabs/installer:v1.9.2
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20250109
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20241210
     - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250109
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20241210
     - imageRef: ghcr.io/siderolabs/i915-ucode:20241110
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20241210
     - imageRef: ghcr.io/siderolabs/intel-ucode:20241112
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250109
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20241210
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.3
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.2
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.3
+    - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.2
 output:
   kind: image
   imageOptions: { diskSize: 1306525696, diskFormat: raw }

packages/core/installer/templates/cozystack.yaml

@@ -4,7 +4,6 @@ kind: Namespace
 metadata:
   name: cozy-system
   labels:
-    cozystack.io/system: "true"
     pod-security.kubernetes.io/enforce: privileged
 ---
 apiVersion: v1
@@ -68,12 +67,13 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: metadata.name
-      - name: assets
+      - name: darkhttpd
         image: "{{ .Values.cozystack.image }}"
         command:
-        - /usr/bin/cozystack-assets-server
+        - /usr/bin/darkhttpd
-        - "-dir=/cozystack/assets"
+        - /cozystack/assets
-        - "-address=:8123"
+        - --port
+        - "8123"
         ports:
         - name: http
           containerPort: 8123

packages/core/installer/values.yaml

@@ -1,2 +1,2 @@
 cozystack:
-  image: ghcr.io/cozystack/cozystack/installer:v0.28.1@sha256:2e7c6cb288500e59768fccfe76d7750a7a3a44187ae388dd2cea0a0193b791b7
+  image: ghcr.io/aenix-io/cozystack/cozystack:v0.23.1@sha256:dfa803a3e02ec9ea221029d361aa9d7aef0b5eb0a36d66c949b265d4ac4fc114