backups added resources limits, set offsite backup size limit to 15GB

cd: enable cron job, set helm chart to version 12.4.0
rename dev-scripts to ops-scripts
2025-12-04 01:16:24 +00:00 · 2025-11-29 14:19:57 +00:00 · 2025-11-29 14:12:29 +00:00 · 2025-11-29 12:53:23 +00:00 · 2025-11-29 12:50:57 +00:00 · 2025-11-29 12:48:10 +00:00
31 changed files with 401 additions and 344 deletions
--- a/.devcontainer/.gitignore
+++ b/.devcontainer/.gitignore
@@ -1 +0,0 @@
 .kube/**
--- a/.devcontainer/.zshrc
+++ b/.devcontainer/.zshrc
@@ -1,111 +0,0 @@
 # If you come from bash you might have to change your $PATH.
 # export PATH=$HOME/bin:$HOME/.local/bin:/usr/local/bin:$PATH
 # Path to your Oh My Zsh installation.
 export ZSH="$HOME/.oh-my-zsh"
 # Set name of the theme to load --- if set to "random", it will
 # load a random theme each time Oh My Zsh is loaded, in which case,
 # to know which specific one was loaded, run: echo $RANDOM_THEME
 # See https://github.com/ohmyzsh/ohmyzsh/wiki/Themes
 ZSH_THEME="gnzh"
 # Set list of themes to pick from when loading at random
 # Setting this variable when ZSH_THEME="devcontainers"
 # a theme from this variable instead of looking in $ZSH/themes/
 # If set to an empty array, this variable will have no effect.
 # ZSH_THEME_RANDOM_CANDIDATES=( "robbyrussell" "agnoster" )
 # Uncomment the following line to use case-sensitive completion.
 # CASE_SENSITIVE="true"
 # Uncomment the following line to use hyphen-insensitive completion.
 # Case-sensitive completion must be off. _ and - will be interchangeable.
 # HYPHEN_INSENSITIVE="true"
 # Uncomment one of the following lines to change the auto-update behavior
 # zstyle ':omz:update' mode disabled  # disable automatic updates
 # zstyle ':omz:update' mode auto      # update automatically without asking
 # zstyle ':omz:update' mode reminder  # just remind me to update when it's time
 # Uncomment the following line to change how often to auto-update (in days).
 # zstyle ':omz:update' frequency 13
 # Uncomment the following line if pasting URLs and other text is messed up.
 # DISABLE_MAGIC_FUNCTIONS="true"
 # Uncomment the following line to disable colors in ls.
 # DISABLE_LS_COLORS="true"
 # Uncomment the following line to disable auto-setting terminal title.
 # DISABLE_AUTO_TITLE="true"
 # Uncomment the following line to enable command auto-correction.
 # ENABLE_CORRECTION="true"
 # Uncomment the following line to display red dots whilst waiting for completion.
 # You can also set it to another string to have that shown instead of the default red dots.
 # e.g. COMPLETION_WAITING_DOTS="%F{yellow}waiting...%f"
 # Caution: this setting can cause issues with multiline prompts in zsh < 5.7.1 (see #5765)
 # COMPLETION_WAITING_DOTS="true"
 # Uncomment the following line if you want to disable marking untracked files
 # under VCS as dirty. This makes repository status check for large repositories
 # much, much faster.
 # DISABLE_UNTRACKED_FILES_DIRTY="true"
 # Uncomment the following line if you want to change the command execution time
 # stamp shown in the history command output.
 # You can set one of the optional three formats:
 # "mm/dd/yyyy"|"dd.mm.yyyy"|"yyyy-mm-dd"
 # or set a custom format using the strftime function format specifications,
 # see 'man strftime' for details.
 # HIST_STAMPS="mm/dd/yyyy"
 # Would you like to use another custom folder than $ZSH/custom?
 # ZSH_CUSTOM=/path/to/new-custom-folder
 # Which plugins would you like to load?
 # Standard plugins can be found in $ZSH/plugins/
 # Custom plugins may be added to $ZSH_CUSTOM/plugins/
 # Example format: plugins=(rails git textmate ruby lighthouse)
 # Add wisely, as too many plugins slow down shell startup.
 plugins=(git timer web-search ssh kubectl helm colorize zsh-autosuggestions fast-syntax-highlighting)
 ZSH_COLORIZE_TOOL=chroma
 source $ZSH/oh-my-zsh.sh
 # User configuration
 # export MANPATH="/usr/local/man:$MANPATH"
 # You may need to manually set your language environment
 # export LANG=en_US.UTF-8
 # Preferred editor for local and remote sessions
 # if [[ -n $SSH_CONNECTION ]]; then
 #   export EDITOR='vim'
 # else
 #   export EDITOR='nvim'
 # fi
 # Compilation flags
 # export ARCHFLAGS="-arch $(uname -m)"
 # Set personal aliases, overriding those provided by Oh My Zsh libs,
 # plugins, and themes. Aliases can be placed here, though Oh My Zsh
 # users are encouraged to define aliases within a top-level file in
 # the $ZSH_CUSTOM folder, with .zsh extension. Examples:
 # - $ZSH_CUSTOM/aliases.zsh
 # - $ZSH_CUSTOM/macos.zsh
 # For a full list of active aliases, run `alias`.
 #
 # Example aliases
 # alias zshconfig="mate ~/.zshrc"
 # alias ohmyzsh="mate ~/.oh-my-zsh"
 DISABLE_AUTO_UPDATE=true
 DISABLE_UPDATE_PROMPT=true
 export FAST_HIGHLIGHT_CHROMA_PATH="/home/vscode/lib/chroma"
 export FAST_HIGHLIGHT_CHROMA=1
 export PATH=$PATH:/home/vscode/lib
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -1,43 +1,34 @@
 // For format details, see https://aka.ms/devcontainer.json. For config options, see the
 // README at: https://github.com/devcontainers/templates/tree/main/src/ubuntu
 {
-	"name": "git-limbosolutions-com-dev-container",
+	"name": "git-limbosolutions-com-dev",
-	// Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile
+	"image": "git.limbosolutions.com/mylimbo/devcontainers/devops:latest",
 	"image": "mcr.microsoft.com/devcontainers/base:jammy",
 	"features": {
 		"ghcr.io/devcontainers/features/kubectl-helm-minikube:1": {}
 	},
 	"runArgs": ["--hostname=git-limbosolutions-com-dev-container"],
-	// "features": {},
+	"remoteUser": "vscode",
 	// Use 'forwardPorts' to make a list of ports inside the container available locally.
 	// "forwardPorts": [],
 	// Configure tool-specific properties.
 	// "customizations": {},
 	"mounts": [
-		"source=${localWorkspaceFolder}/.devcontainer/.zshrc,target=/home/vscode/.zshrc,type=bind",
+		"source=${localWorkspaceFolder}/.kube,target=/home/vscode/.kube,type=bind",
-		"source=${localWorkspaceFolder}/.devcontainer/.kube,target=/home/vscode/.kube,type=bind",
+		"source=${localEnv:HOME}/.gitconfig,target=/home/vscode/.gitconfig,type=bind",
-		"source=${localEnv:HOME}/.gitconfig,target=/home/vscode/.gitconfig,type=bind,consistency=cached",
+		"source=${localEnv:HOME}/.ssh,target=/home/vscode/.ssh,type=bind"
 		"source=${localEnv:HOME}/.ssh,target=/home/vscode/.ssh,type=bind,consistency=cached"
 	],
 	"remoteEnv": {
 	},
 	"postCreateCommand": "bash .devcontainer/scripts/postCreate.sh",
 	"customizations": {
 		"vscode": {
 			"extensions": [
 				"ms-kubernetes-tools.vscode-kubernetes-tools",
 				"redhat.ansible",
 				"mtxr.sqltools-driver-mysql",
 				"stateful.runme",
 				"yzhang.markdown-all-in-one",
 				"davidanson.vscode-markdownlint",
-				"eamodio.gitlens"
+				"eamodio.gitlens",
-			],
+				"m4ns0ur.base64",
-			"settings": {
+				"rogalmic.bash-debug",
-				"terminal.integrated.defaultProfile.linux": "zsh"
+				"streetsidesoftware.code-spell-checker",
-			}
+				"ms-azuretools.vscode-containers",
 				"eamodio.gitlens",
 				"shd101wyy.markdown-preview-enhanced",
 				"bierner.markdown-preview-github-styles"
 			]
 		}
 	}
 }
--- a/.devcontainer/scripts/postCreate.sh
+++ b/.devcontainer/scripts/postCreate.sh
@@ -1,11 +0,0 @@
 #!/bin/zsh
 #setup chroma for zsh colorize
 mkdir -p ~/lib
 curl -Lo ~/lib/chroma https://github.com/alecthomas/chroma/releases/latest/download/chroma-linux-amd64
 chmod +x ~/lib/chroma
 git clone https://github.com/zdharma-continuum/fast-syntax-highlighting.git ~/.oh-my-zsh/custom/plugins/fast-syntax-highlighting
 git clone https://github.com/zsh-users/zsh-autosuggestions ~/.oh-my-zsh/custom/plugins/zsh-autosuggestions
--- a/.gitea/workflows/app-continous-deploy.yaml
+++ b/.gitea/workflows/app-continous-deploy.yaml
@@ -0,0 +1,93 @@
 on:
  schedule:
    - cron: '0 9 * * 0' # every sunday 9 am
  push:
    branches:
      - main
  pull_request:
      branches:
      - main
 jobs:
  continuous-deploy:
    runs-on: ubuntu-latest
    container:
      image: git.limbosolutions.com/kb/gitea/act:latest-network-stack
    env:
      GITHUB_TEMP: ${{ runner.temp }} # fix missing GITHUB_TEMP on gitea
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
      - name: limbo public actions
        env: 
          WORKSPACE: "${{ gitea.workspace }}"
        run: |
          curl -fsSL https://git.limbosolutions.com/kb/gitea/raw/branch/main/cloud-scripts/setup-limbo-actions.sh | bash 2>&1
      # limbo custom actions required https://git.limbosolutions.com/kb/gitea/raw/branch/main
      - name: Configure kubectl config
        uses: ./.gitea/limbo_actions/kubectl-setup
        with:
          kube_server: ${{ secrets.HOSTING_KUBE_SERVER }}
          kube_ca_base64: ${{ secrets.HOSTING_KUBE_CA_BASE64 }}
          kube_token: ${{ secrets.HOSTING_KUBE_TOKEN }}
      - name: Deploy
        shell: bash
        env:
          # cron jobs env
          CRONJOBS_BACKUPS_SECRETS_PBS_REPOSITORY: ${{ secrets.CRONJOBS_BACKUPS_SECRETS_PBS_REPOSITORY }}
          CRONJOBS_BACKUPS_SECRETS_PBS_PASSWORD: ${{ secrets.CRONJOBS_BACKUPS_SECRETS_PBS_PASSWORD }}
          CRONJOBS_BACKUPS_SECRETS_PBS_FINGERPRINT: ${{ secrets.CRONJOBS_BACKUPS_SECRETS_PBS_FINGERPRINT }}
          CRONJOBS_BACKUPS_SECRETS_BORG_REPO: ${{ secrets.CRONJOBS_BACKUPS_SECRETS_BORG_REPO }}
          CRONJOBS_BACKUPS_SECRETS_BORG_PASSPHRASE: ${{ secrets.CRONJOBS_BACKUPS_SECRETS_BORG_PASSPHRASE }}
          CRONJOBS_BACKUPS_SECRETS_OFFSITE_TARGET_FOLDER: ${{ secrets.CRONJOBS_BACKUPS_SECRETS_OFFSITE_TARGET_FOLDER }}
          CRONJOBS_BACKUPS_SECRETS_ID_RSA: ${{ secrets.CRONJOBS_BACKUPS_SECRETS_ID_RSA }}
          CRONJOBS_BACKUPS_SECRETS_BORG_KEY: ${{ secrets.CRONJOBS_BACKUPS_SECRETS_BORG_KEY }}
          # helm chart values
          APP_HELM_VALUE_VALKEY_GLOBAL_PASSWORD: ${{ secrets.APP_HELM_VALUE_VALKEY_GLOBAL_PASSWORD }}
          APP_HELM_VALUE_POSTGRESQL_AUTH_POSTGRESPASSWORD: ${{ secrets.APP_HELM_VALUE_POSTGRESQL_AUTH_POSTGRESPASSWORD }}
          APP_HELM_VALUE_POSTGRESQL_AUTH_PASSWORD: ${{ secrets.APP_HELM_VALUE_POSTGRESQL_AUTH_PASSWORD }}
          APP_HELM_VALUE_POSTGRESQL_AUTH_DATABASE: ${{ secrets.APP_HELM_VALUE_POSTGRESQL_AUTH_DATABASE }}
          APP_HELM_VALUE_POSTGRESQL_AUTH_USERNAME: ${{ secrets.APP_HELM_VALUE_POSTGRESQL_AUTH_USERNAME }}
          APP_HELM_VALUE_GITEA_ADMIN_USERNAME: ${{ secrets.APP_HELM_VALUE_GITEA_ADMIN_USERNAME }}
          APP_HELM_VALUE_GITEA_ADMIN_PASSWORD: ${{ secrets.APP_HELM_VALUE_GITEA_ADMIN_PASSWORD }}
          APP_HELM_VALUE_GITEA_ADMIN_EMAIL: ${{ secrets.APP_HELM_VALUE_GITEA_ADMIN_EMAIL }}
          APP_HELM_VALUE_GITEA_CONFIG_OAUTH2_JWT_SECRET: ${{ secrets.APP_HELM_VALUE_GITEA_CONFIG_OAUTH2_JWT_SECRET }}
          APP_HELM_VALUE_GITEA_CONFIG_SERVER_LFS_JWT_SECRET: ${{ secrets.APP_HELM_VALUE_GITEA_CONFIG_SERVER_LFS_JWT_SECRET }}
          APP_HELM_VALUE_GITEA_CONFIG_SECURITY_SECRET_KEY: ${{ secrets.APP_HELM_VALUE_GITEA_CONFIG_SECURITY_SECRET_KEY }}
          APP_HELM_VALUE_GITEA_CONFIG_SECURITY_REVERSE_PROXY_TRUSTED_PROXIES: ${{ secrets.APP_HELM_VALUE_GITEA_CONFIG_SECURITY_REVERSE_PROXY_TRUSTED_PROXIES }}
          APP_HELM_VALUE_GITEA_CONFIG_SECURITY_INTERNAL_TOKEN: ${{ secrets.APP_HELM_VALUE_GITEA_CONFIG_SECURITY_INTERNAL_TOKEN }}
          APP_HELM_VALUE_GITEA_CONFIG_SECURITY_PASSWORD_HASH_ALGO: ${{ secrets.APP_HELM_VALUE_GITEA_CONFIG_SECURITY_PASSWORD_HASH_ALGO }}
          APP_HELM_VALUE_GITEA_CONFIG_SERVICE_OAUTH2_JWT_SECRET: ${{ secrets.APP_HELM_VALUE_GITEA_CONFIG_SERVICE_OAUTH2_JWT_SECRET }}
        run: |
          set -euo pipefail
          # ensure cleanup always runs
          trap 'rm -f \
                    deploy/app/cronjobs/backups/.env.d/secrets \
                    deploy/app/cronjobs/backups/.env.d/id_rsa \
                    deploy/app/cronjobs/backups/.env.d/borg_key' EXIT
          # setup env for cronjobs backups
          echo "PBS_REPOSITORY=${CRONJOBS_BACKUPS_SECRETS_PBS_REPOSITORY}" >> deploy/app/cronjobs/backups/.env.d/secrets
          echo "PBS_PASSWORD=${CRONJOBS_BACKUPS_SECRETS_PBS_PASSWORD}" >> deploy/app/cronjobs/backups/.env.d/secrets
          echo "PBS_FINGERPRINT=${CRONJOBS_BACKUPS_SECRETS_PBS_FINGERPRINT}" >> deploy/app/cronjobs/backups/.env.d/secrets
          echo "BORG_REPO=${CRONJOBS_BACKUPS_SECRETS_BORG_REPO}" >> deploy/app/cronjobs/backups/.env.d/secrets
          echo "BORG_PASSPHRASE=${CRONJOBS_BACKUPS_SECRETS_BORG_PASSPHRASE}" >> deploy/app/cronjobs/backups/.env.d/secrets
          echo "OFFSITE_TARGET_FOLDER=${CRONJOBS_BACKUPS_SECRETS_OFFSITE_TARGET_FOLDER}" >> deploy/app/cronjobs/backups/.env.d/secrets
          echo "${CRONJOBS_BACKUPS_SECRETS_ID_RSA}" >> deploy/app/cronjobs/backups/.env.d/id_rsa
          echo "${CRONJOBS_BACKUPS_SECRETS_BORG_KEY}" >> deploy/app/cronjobs/backups/.env.d/borg_key
          # enforce security
          chmod 600 deploy/app/cronjobs/backups/.env.d/secrets
          chmod 600 deploy/app/cronjobs/backups/.env.d/id_rsa
          chmod 600 deploy/app/cronjobs/backups/.env.d/borg_key
          # invoke deploy script
          ops-scripts/apply-app.sh
--- a/.gitignore
+++ b/.gitignore
@@ -2,4 +2,4 @@ tmp
 **.env
 **.private.**
 **.local.**
-kb
+.kube/**
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -0,0 +1,5 @@
 {
    "cSpell.words": [
        "valkey"
    ]
 }
--- a/README.md
+++ b/README.md
@@ -4,13 +4,41 @@ Welcome to public repository of my [Git Server](https://git.limbosolutions.com)
 Using [gitea](https://git.limbosolutions.com/kb/gitea) as git server.
- [Deploy and Setup](#deploy-and-setup)
+- [Deploy](#deploy)
  - [App](#app)
  - [Continuous Deploy](#continuous-deploy)
  - [Infra](#infra)
 - [Backups](#backups)
-## Deploy and Setup
+## Deploy
-for more information [check readme](./deploy/README.md).
+### App
 **Environment files:**
 - ./deploy/app/cronjobs/backups/.env.d/secrets [Example](./deploy/app/cronjobs/backups/.env.d/secrets.example)
 - ./deploy/app/cronjobs/backups/.env.d/borg_key [Example](./deploy/app/cronjobs/backups/.env.d/borg_key.example)
 - ./deploy/app/cronjobs/backups/.env.d/id_rsa [Example](./deploy/app/cronjobs/backups/.env.d/id_rsa.example)
 - ./deploy/helm/.env [Example](./deploy/helm/.env.example)
 ```bash
 ./ops-scripts/apply-app.sh
 ```
 - [kustomization](/deploy/app/kustomization.yaml)
 ### Continuous Deploy
 Executes [App Deploy](#app) using [Gitea workflow](./.gitea/workflows/app-deploy.yaml).
 ### Infra
 ```bash
 ./ops-scripts/apply-infra.sh
 ```
 - [kustomization](/deploy/infra/kustomization.yaml)
 ## Backups
 for more information [check readme](./docs/backups.md).
--- a/deploy/README.md
+++ b/deploy/README.md
@@ -1,60 +0,0 @@
 # Deploy
 - [kubernetes Namespace](#kubernetes-namespace)
 - [Backups](#backups)
  - [secrets](#secrets)
  - [Proxmox Backup Server (kubernetes cron job)](#proxmox-backup-server-kubernetes-cron-job)
  - [Borg and Offsite sync (kubernetes cron job)](#borg-and-offsite-sync-kubernetes-cron-job)
 ```bash
 # run for setup/update 
 # using helm chart
 ./setup.sh
 ```
 ## kubernetes Namespace
 ```yaml
 apiVersion: v1
 kind: Namespace
 metadata:
  name: git-limbosolutions-com
  labels:
    name: git-limbosolutions-com
 ```
 ## Backups
 ### secrets
 ```bash
 set -a
 source ./backups/.env
 set +a
 envsubst < ./backups/backup-secrets.yaml | kubectl apply -n git-limbosolutions-com -f -
 SSH_ID_RSA=$(echo -n "$SSH_ID_RSA" | base64 -w 0)
 BORG_KEY=$(echo -n "$BORG_KEY" | base64 -w 0)
 kubectl patch secret gitea-backup-secret --patch "{\"data\":{\"ssh_id_rsa\":\"$SSH_ID_RSA\"}}" -n git-limbosolutions-com 
 kubectl patch secret gitea-backup-secret --patch "{\"data\":{\"borg_key\":\"$BORG_KEY\"}}" -n git-limbosolutions-com 
 ```
 ### Proxmox Backup Server (kubernetes cron job)
 ```bash
 # deploy cronjon
 kubectl apply -f ./backups/backup-pbs-cronjob.yaml -n git-limbosolutions-com
 ```
 [kubernetes cron job](./backups/backup-pbs-cronjob.yaml)
 ### Borg and Offsite sync (kubernetes cron job)
 ```bash
 # deploy cronjon
 kubectl apply -f ./backups/backup-borg-offsite-cronjob.yaml  -n git-limbosolutions-com
 ```
 [kubernetes cron job](./backups/borgbackup-offsite-cronjob.yaml)
--- a/deploy/app/cronjobs/backups/.env.d/.gitignore
+++ b/deploy/app/cronjobs/backups/.env.d/.gitignore
@@ -0,0 +1,3 @@
 **
 !.gitignore
 !*.example
--- a/deploy/app/cronjobs/backups/.env.d/borg_key.example
+++ b/deploy/app/cronjobs/backups/.env.d/borg_key.example
@@ -0,0 +1 @@
 BORG_KEY an valid borg key
--- a/deploy/app/cronjobs/backups/.env.d/id_rsa.example
+++ b/deploy/app/cronjobs/backups/.env.d/id_rsa.example
@@ -0,0 +1,3 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
 AND VALID PRIVATE SSH KEY WITH ACCESS TO SSH SERVER  
 -----END OPENSSH PRIVATE KEY-----
--- a/deploy/app/cronjobs/backups/.env.d/secrets.example
+++ b/deploy/app/cronjobs/backups/.env.d/secrets.example
@@ -0,0 +1,7 @@
 PBS_REPOSITORY="pbs repository"
 PBS_PASSWORD="pbs access passwordd"
 PBS_FINGERPRINT="00:00:00:00:00" # the pbs finger print
 BORG_REPO="ssh://user@reposerver/path" # required by offsite babckup
 BORG_PASSPHRASE="borg passphare" # required by offsite babckup
 OFFSITE_TARGET_FOLDER="test:target_path" # follow rclone naming convension
--- a/deploy/app/cronjobs/backups/backup-borg-offsite-cronjob.yaml
+++ b/deploy/app/cronjobs/backups/backup-borg-offsite-cronjob.yaml
@@ -17,6 +17,13 @@ spec:
          restartPolicy: Never
          initContainers:
            - name: postgres-export
              resources:
                limits:
                  memory: "512Mi"
                  cpu: "500m"
                requests:
                  memory: "256Mi"
                  cpu: "250m"
              image: postgres:latest
              command: ["sh", "-c"]
              args:
@@ -42,39 +49,39 @@ spec:
            - name: borg-client
              image: git.limbosolutions.com/kb/borg-backup:latest
              imagePullPolicy: Always
-              # resources:
+              resources:
-              #   limits:
+                limits:
-              #     memory: "512Mi"
+                  memory: "512Mi"
-              #     cpu: "500m"
+                  cpu: "500m"
-              #   requests:
+                requests:
-              #     memory: "256Mi"
+                  memory: "256Mi"
-              #     cpu: "250m"
+                  cpu: "250m"
              env:
                - name: BORG_REPO
                  valueFrom:
                    secretKeyRef:
-                      name: gitea-backup-secret
+                      name: gitea-backup
-                      key: borg_repo
+                      key: BORG_REPO
                - name: BORG_PASSPHRASE
                  valueFrom:
                    secretKeyRef:
-                      name: gitea-backup-secret
+                      name: gitea-backup
-                      key: borg_passphrase
+                      key: BORG_PASSPHRASE
                - name: OFFSITE_TARGET_FOLDER
                  valueFrom:
                    secretKeyRef:
-                      name: gitea-backup-secret
+                      name: gitea-backup
-                      key: offsite_target_folder
+                      key: OFFSITE_TARGET_FOLDER
                - name: BORG_RSH
                  value: ssh -p 2222 -o StrictHostKeyChecking=no -o LogLevel=ERROR
                - name: REPO_SYNC_MAX_SIZE
-                  value: "10737418240" # 10GB
+                  value: "16106127360" # 15GB
                - name: MODE
                  value: SHELL
@@ -108,7 +115,7 @@ spec:
                else 
                  # Repository size is within limits for offsite sync
                  # ssh to backup server and enforce rclone to onedrive
-                  remote-connect "rclone sync $SSH_FOLDER $OFFSITE_TARGET_FOLDER --progress" && \
+                  remote-connect "rclone sync $SSH_FOLDER $OFFSITE_TARGET_FOLDER --stats=0" && \
                  echo "INFO: Finished Backup of git.limbosolutions.com (offsite) ($((SCRIPT_DURATION / 60 / 60)):$((SCRIPT_DURATION / 60)):$((SCRIPT_DURATION % 60))) "
                fi
@@ -124,14 +131,14 @@ spec:
                  mountPath: /data/postgresql-export
                  subPath: postgresql-export
-                - name: gitea-backup-secret
+                - name: gitea-backup-secrets
                  mountPath: /root/.ssh/id_rsa
-                  subPath: ssh_id_rsa
+                  subPath: SSH_ID_RSA
                  readOnly: true
-                - name: gitea-backup-secret
+                - name: gitea-backup-secrets
                  mountPath: /app/borg/key
-                  subPath: borg_key
+                  subPath: BORG_KEY
          volumes:
@@ -143,9 +150,9 @@ spec:
              secret:
                secretName: gitea-inline-config
-            - name: gitea-backup-secret
+            - name: gitea-backup-secrets
              secret:
-                secretName: gitea-backup-secret
+                secretName: gitea-backup
                defaultMode: 0600
            - name: backup-var-data
--- a/deploy/app/cronjobs/backups/backup-pbs-cronjob.yaml
+++ b/deploy/app/cronjobs/backups/backup-pbs-cronjob.yaml
@@ -17,6 +17,13 @@ spec:
          initContainers:
            - name: postgres-export
              image: postgres:latest
              resources:
                limits:
                  memory: "512Mi"
                  cpu: "500m"
                requests:
                  memory: "256Mi"
                  cpu: "250m"
              command: ["sh", "-c"]
              args:
                - |
@@ -45,24 +52,31 @@ spec:
            - name: gitea-pbs-client
              image: git.limbosolutions.com/kb/pbsclient
              imagePullPolicy: Always
              resources:
                limits:
                  memory: "512Mi"
                  cpu: "500m"
                requests:
                  memory: "256Mi"
                  cpu: "250m"
              env:  
                - name: MODE
                  value: shell
                - name: PBS_REPOSITORY
                  valueFrom:
                    secretKeyRef:
-                      name: gitea-backup-secret
+                      name: gitea-backup
-                      key:  pbs_repository
+                      key:  PBS_REPOSITORY
                - name: PBS_PASSWORD
                  valueFrom:
                    secretKeyRef:
-                      name: gitea-backup-secret
+                      name: gitea-backup
-                      key: pbs_password
+                      key: PBS_PASSWORD
                - name: PBS_FINGERPRINT
                  valueFrom:
                    secretKeyRef:
-                      name: gitea-backup-secret
+                      name: gitea-backup
-                      key: pbs_fingerprint
+                      key: PBS_FINGERPRINT
              command: ["bash", "-c"]
              args:
--- a/deploy/app/kustomization.yaml
+++ b/deploy/app/kustomization.yaml
@@ -0,0 +1,17 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - cronjobs/backups/backup-borg-offsite-cronjob.yaml
  - cronjobs/backups/backup-pbs-cronjob.yaml
 secretGenerator:
 - name: gitea-backup
  namespace: git-limbosolutions-com
  envs:
    - cronjobs/backups/.env.d/secrets
  files:
    - BORG_KEY=cronjobs/backups/.env.d/borg_key
    - SSH_ID_RSA=cronjobs/backups/.env.d/id_rsa
 generatorOptions:
  disableNameSuffixHash: true
--- a/deploy/backups/backup-secrets.yaml
+++ b/deploy/backups/backup-secrets.yaml
@@ -1,17 +0,0 @@
 apiVersion: v1
 kind: Secret
 metadata:
  name: gitea-backup-secret
  namespace: git-limbosolutions-com
 type: Opaque
 stringData:
  pbs_repository: ${PBS_REPOSITORY}
  pbs_password: ${PBS_PASSWORD}
  pbs_fingerprint: ${PBS_FINGERPRINT}
  borg_repo: ${BORG_REPO}
  borg_passphrase: ${BORG_PASSPHRASE}
  offsite_target_folder: ${OFFSITE_TARGET_FOLDER}
  #SSH_ID_RSA: ""
  #BORG_KEY: ""
--- a/deploy/helm/.env.example
+++ b/deploy/helm/.env.example
@@ -0,0 +1,15 @@
 APP_HELM_VALUE_VALKEY_GLOBAL_PASSWORD="????"
 APP_HELM_VALUE_POSTGRESQL_AUTH_POSTGRESPASSWORD="????"
 APP_HELM_VALUE_POSTGRESQL_AUTH_PASSWORD="????"
 APP_HELM_VALUE_POSTGRESQL_AUTH_DATABASE="????"
 APP_HELM_VALUE_POSTGRESQL_AUTH_USERNAME="????"
 APP_HELM_VALUE_GITEA_ADMIN_USERNAME="????"
 APP_HELM_VALUE_GITEA_ADMIN_PASSWORD="????"
 APP_HELM_VALUE_GITEA_ADMIN_EMAIL="????"
 APP_HELM_VALUE_GITEA_CONFIG_OAUTH2_JWT_SECRET="????"
 APP_HELM_VALUE_GITEA_CONFIG_SERVER_LFS_JWT_SECRET="????"
 APP_HELM_VALUE_GITEA_CONFIG_SECURITY_SECRET_KEY="????"
 APP_HELM_VALUE_GITEA_CONFIG_SECURITY_REVERSE_PROXY_TRUSTED_PROXIES="????"
 APP_HELM_VALUE_GITEA_CONFIG_SECURITY_INTERNAL_TOKEN="????"
 APP_HELM_VALUE_GITEA_CONFIG_SECURITY_PASSWORD_HASH_ALGO="????"
 APP_HELM_VALUE_GITEA_CONFIG_SERVICE_OAUTH2_JWT_SECRET="????"
--- a/deploy/helm/values.yaml
+++ b/deploy/helm/values.yaml
@@ -15,7 +15,7 @@ valkey:
  architecture: standalone
  global:
    valkey:
-      password: "????"
+      password: "???"
  master:
    count: 1
    service:
@@ -31,8 +31,6 @@ postgresql:
    imagePullPolicy: IfNotPresent
  global:
    postgresql:
      # volumePermissions:
      #   enabled: true
      auth:
        postgresPassword: "???"
        password: "???"
@@ -40,7 +38,7 @@ postgresql:
        username: "???"
      service:
        ports:
-          postgresql: "???"
+          postgresql: 5432
  primary:
    persistence:
      size: 10Gi
@@ -60,13 +58,18 @@ service:
      port: 2222
      annotations:
        metallb.universe.tf/allow-shared-ip: test
-
+  http:
    clusterIP: ""   # empty string → Kubernetes assigns a routable ClusterIP
    type: ClusterIP
    port: 3000
 gitea:
  admin:
    username: "???"
    password: "???"
    email: "???"
  config:
    oauth2:
      JWT_SECRET: "???"
    actions:
      ENABLED: true
    database:
@@ -79,7 +82,6 @@ gitea:
    server:
      DOMAIN: git.limbosolutions.com
      SSH_DOMAIN: git.limbosolutions.com
      #HTTP_PORT: 3000
      ROOT_URL: https://git.limbosolutions.com
      DISABLE_SSH: false
      SSH_PORT: 2222
@@ -98,15 +100,15 @@ gitea:
      ####
    service:
-      DISABLE_REGISTRATION: "???"
+      DISABLE_REGISTRATION: true
-      REQUIRE_SIGNIN_VIEW: "???"
+      REQUIRE_SIGNIN_VIEW: false
-      REGISTER_EMAIL_CONFIRM: "???"
+      REGISTER_EMAIL_CONFIRM: false
-      ENABLE_NOTIFY_MAIL: "???"
+      ENABLE_NOTIFY_MAIL: false
-      ALLOW_ONLY_EXTERNAL_REGISTRATION: "???"
+      ALLOW_ONLY_EXTERNAL_REGISTRATION: false
-      ENABLE_CAPTCHA: "???"
+      ENABLE_CAPTCHA: true
-      DEFAULT_KEEP_EMAIL_PRIVATE : "???"
+      DEFAULT_KEEP_EMAIL_PRIVATE : true
-      DEFAULT_ALLOW_CREATE_ORGANIZATION: "???"
+      DEFAULT_ALLOW_CREATE_ORGANIZATION: true
-      DEFAULT_ENABLE_TIMETRACKING: "???"
+      DEFAULT_ENABLE_TIMETRACKING:  true
      NO_REPLY_ADDRESS: noreply.localhost
      oauth2:
          JWT_SECRET: "???"
@@ -114,15 +116,15 @@ gitea:
      ENABLED: false
    openid:
-      ENABLE_OPENID_SIGNIN: true
+      ENABLE_OPENID_SIGNIN: false
-      ENABLE_OPENID_SIGNUP: true
+      ENABLE_OPENID_SIGNUP: false
    security:
      INSTALL_LOCK: true
      SECRET_KEY: "???"
      REVERSE_PROXY_LIMIT: 1
-      REVERSE_PROXY_TRUSTED_PROXIES:
+      REVERSE_PROXY_TRUSTED_PROXIES: "???"
      INTERNAL_TOKEN: "???"
      PASSWORD_HASH_ALGO: "???"
@@ -139,8 +141,9 @@ ingress:
        - path: /
          pathType: Prefix
  tls:
-    - secretName: limbosolutions-com-secret-tls
+    - secretName: limbosolutions-com-tls
      hosts:
       - "git.limbosolutions.com"
--- a/deploy/infra/cd-service-account-rbac.yaml
+++ b/deploy/infra/cd-service-account-rbac.yaml
@@ -0,0 +1,43 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  namespace: git-limbosolutions-com
  name: continuous-deploy
 rules:
 - apiGroups: [""]
  resources: ["pods", "services", "secrets", "configmaps", "persistentvolumeclaims", "endpoints", "serviceaccounts"]
  verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]
 - apiGroups: ["apps"]
  resources: ["deployments", "statefulsets"]
  verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]
 - apiGroups: ["batch"]
  resources: ["cronjobs", "jobs"]
  verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
 - apiGroups: ["networking.k8s.io"]
  resources: ["networkpolicies", "ingresses"]
  verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
 - apiGroups: ["policy"]
  resources: ["poddisruptionbudgets"]
  verbs: ["get", "list", "watch", "update", "patch"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: continuous-deploy
  namespace:  git-limbosolutions-com
 subjects:
 - kind: ServiceAccount
  name: continuous-deploy
  namespace: git-limbosolutions-com
 roleRef:
  kind: Role
  name: continuous-deploy
  apiGroup: rbac.authorization.k8s.io
--- a/deploy/infra/cd-service-account-token.yaml
+++ b/deploy/infra/cd-service-account-token.yaml
@@ -0,0 +1,8 @@
 apiVersion: v1
 kind: Secret
 metadata:
  name: continuous-deploy
  annotations:
    kubernetes.io/service-account.name: continuous-deploy
 type: kubernetes.io/service-account-token
--- a/deploy/infra/cd-service-account.yaml
+++ b/deploy/infra/cd-service-account.yaml
@@ -0,0 +1,6 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: continuous-deploy
  namespace: git-limbosolutions-com
--- a/deploy/infra/kustomization.yaml
+++ b/deploy/infra/kustomization.yaml
@@ -0,0 +1,8 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - namespace.yaml
  - cd-service-account.yaml
  - cd-service-account-token.yaml
  - cd-service-account-rbac.yaml
--- a/deploy/infra/namespace.yaml
+++ b/deploy/infra/namespace.yaml
@@ -0,0 +1,6 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: git-limbosolutions-com
  labels:
    name: git-limbosolutions-com
--- a/deploy/ops/bork-backup-sidekick/pod.yaml
+++ b/deploy/ops/bork-backup-sidekick/pod.yaml
@@ -1,13 +1,13 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: borgbackup-sidekick
+  name: borg-backup-sidekick
  namespace: git-limbosolutions-com
  labels:
-    app: borgbackup-sidekick
+    app: borg-backup-sidekick
 spec:
  containers:
-      - name: borgbackup-sidekick
+      - name: borg-backup-sidekick
        image: git.limbosolutions.com/kb/borg-backup:latest
        imagePullPolicy: Always
        resources:
@@ -45,17 +45,17 @@ spec:
        volumeMounts:
-        - name: gitea-backup-secret
+        - name: gitea-backup-secrets
          mountPath: /root/.ssh/id_rsa
          subPath: ssh_id_rsa
          readOnly: true
-        - name: gitea-backup-secret
+        - name: gitea-backup-secrets
          mountPath: /app/borg/key
          subPath: borg_key
  volumes:
-    - name: gitea-backup-secret
+    - name: gitea-backup-secrets
      secret:
-        secretName: gitea-backup-secret
+        secretName: gitea-backup
        defaultMode: 0600
--- a/deploy/setup.sh
+++ b/deploy/setup.sh
@@ -1,9 +0,0 @@
 helm repo add gitea-charts https://dl.gitea.com/charts/
 helm repo update
 helm upgrade --install gitea gitea-charts/gitea \
 --values ./values.yaml \
 --values ./values.private.yaml \
 --namespace=git-limbosolutions-com
 kubectl apply -f ./ssh-ingress.yaml
--- a/deploy/ssh-ingress.yaml
+++ b/deploy/ssh-ingress.yaml
@@ -1,17 +0,0 @@
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRouteTCP
 metadata:
  name: git-limbosolutions-com-ssh-ingress
  namespace: git-limbosolutions-com
 spec:
  entryPoints:
    - ssh-git
  routes:
    - match: HostSNI(`*`)
      services:
        - name: gitea-ssh
          port: 2222
          weight: 10
          terminationDelay: 90000
          proxyProtocol:
            version: 1
--- a/docs/act-runner.md
+++ b/docs/act-runner.md
@@ -18,7 +18,7 @@ curl -fsSL https://get.docker.com -o get-docker.sh
 sh ./get-docker.sh
 ```
-### act tunner
+### act runner
 ```bash
 nano setup-act-runners.sh
--- a/docs/backups.md
+++ b/docs/backups.md
@@ -1,14 +1,27 @@
 # borgbackup sidekick
 **Create borgbackup-sidekick pod:**
 ```bash
 kubectl apply -f deploy/ops/borg-backup-sidekick/pod.yaml
 ```
 **Remove borgbackup-sidekick pod:**
 ```bash
 # delete the sidekick pod after use
 kubectl delete pod -l app=borg-backup-sidekick
 ```
 ```bash
 # attach to borgbackup-sidekick
-POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}')
+POD_NAME=$(kubectl get pod -l app=borg-backup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}')
 kubectl exec -it ${POD_NAME}  -- bash
 ```
 ```bash
 # list borg repo
-POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}')
+POD_NAME=$(kubectl get pod -l app=borg-backup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}')
 kubectl exec -it ${POD_NAME} -- bash -c "\
 borg list ${BORG_REPO} \
 "
@@ -16,39 +29,8 @@ borg list ${BORG_REPO} \
 ```bash
 # get borg info
-POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}')
+POD_NAME=$(kubectl get pod -l app=borg-backup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}')
 kubectl exec -it ${POD_NAME} -- bash -c "\
 borg info ${BORG_REPO}\
 "
 ```
 ```bash
 POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}')
 # Check if repository size is greater than 4GB
 kubectl exec -it ${POD_NAME} -- bash -c "\
 MAX_SIZE=\$((4 * 1024 * 1024 * 1024))
 SIZE_IN_BYTES=\$(\${BORG_RSH} mf@backupsrv01.dev.lan \"du -b ~/borg-repos/git.limbosolutions.com --max-depth=0 | cut -f1 \") && \
 echo \"Repository size: \$((SIZE_IN_BYTES / 1024 / 1024)) MB\" && \
 if [ \$SIZE_IN_BYTES -gt \$MAX_SIZE ]; then \
   echo 'Repository size exceeds \$MAX_SIZE'; \
   exit 1; \
 else \
   echo 'Repository size is within limits for offsite sync'; \
 fi \
 "
 ```
 **Create borgbackup-sidekick pod:**
 ```bash
 kubectl apply -f ../deploy/backups/borgbackup-sidekick.yaml
 ```
 **Remove borgbackup-sidekick pod:**
 ```bash
 # delete the sidekick pod after use
 kubectl delete pod -l app=borgbackup-sidekick
 ```
--- a/ops-scripts/apply-app.sh
+++ b/ops-scripts/apply-app.sh
@@ -0,0 +1,36 @@
 #/bin/bash
 kubectl kustomize deploy/app | kubectl apply -f -
 if [ -f "deploy/helm/.env" ]; then
  # Export all variables from the file
  echo "export variables from file helm/.env" 
  set -a
  . deploy/helm/.env
  set +a
 fi
 if [ -n "${APP_HELM_VALUE_GITEA_ADMIN_USERNAME:-}" ]; then
  echo "Executing helm deploy."
    helm repo add gitea-charts https://dl.gitea.com/charts/
    helm repo update
    helm upgrade --install gitea gitea-charts/gitea --version 12.4.0 \
    --values deploy/helm/values.yaml \
    --set valkey.global.valkey.password=${APP_HELM_VALUE_VALKEY_GLOBAL_PASSWORD} \
    --set postgresql.global.postgresql.auth.postgresPassword=${APP_HELM_VALUE_POSTGRESQL_AUTH_POSTGRESPASSWORD} \
    --set postgresql.global.postgresql.auth.password=${APP_HELM_VALUE_POSTGRESQL_AUTH_PASSWORD} \
    --set postgresql.global.postgresql.auth.database=${APP_HELM_VALUE_POSTGRESQL_AUTH_DATABASE} \
    --set postgresql.global.postgresql.auth.username=${APP_HELM_VALUE_POSTGRESQL_AUTH_USERNAME} \
    --set gitea.admin.username=${APP_HELM_VALUE_GITEA_ADMIN_USERNAME} \
    --set gitea.admin.password=${APP_HELM_VALUE_GITEA_ADMIN_PASSWORD} \
    --set gitea.admin.email=${APP_HELM_VALUE_GITEA_ADMIN_EMAIL} \
    --set gitea.config.oauth2.JWT_SECRET=${APP_HELM_VALUE_GITEA_CONFIG_OAUTH2_JWT_SECRET} \
    --set gitea.config.server.LFS_JWT_SECRET=${APP_HELM_VALUE_GITEA_CONFIG_SERVER_LFS_JWT_SECRET} \
    --set gitea.config.security.SECRET_KEY=${APP_HELM_VALUE_GITEA_CONFIG_SECURITY_SECRET_KEY} \
    --set gitea.config.security.REVERSE_PROXY_TRUSTED_PROXIES=${APP_HELM_VALUE_GITEA_CONFIG_SECURITY_REVERSE_PROXY_TRUSTED_PROXIES} \
    --set gitea.config.security.INTERNAL_TOKEN=${APP_HELM_VALUE_GITEA_CONFIG_SECURITY_INTERNAL_TOKEN} \
    --set gitea.config.security.PASSWORD_HASH_ALGO=${APP_HELM_VALUE_GITEA_CONFIG_SECURITY_PASSWORD_HASH_ALGO} \
    --set gitea.config.service.oauth2.JWT_SECRET=${APP_HELM_VALUE_GITEA_CONFIG_SERVICE_OAUTH2_JWT_SECRET} \
    --namespace=git-limbosolutions-com
 fi
--- a/ops-scripts/apply-infra.sh
+++ b/ops-scripts/apply-infra.sh
@@ -0,0 +1,7 @@
 #!/bin/bash
 set -e
 echo "Executing infra deploy."
 kubectl kustomize deploy/infra | kubectl apply -f -
Author	SHA1	Message	Date
Márcio Fernandes	f5df6a63db	backups added resources limits, set offsite backup size limit to 15GB All checks were successful / continuous-deploy (push) Successful in 6s Details	2025-12-04 01:16:24 +00:00
Márcio Fernandes	82f60d8371	cd: enable cron job, set helm chart to version 12.4.0 Some checks failed / continuous-deploy (push) Failing after 14m59s Details	2025-11-29 14:19:57 +00:00
Márcio Fernandes	05b76ffcf6	rename dev-scripts to ops-scripts All checks were successful / continuous-deploy (push) Successful in 4s Details	2025-11-29 14:12:29 +00:00
Márcio Fernandes	858da097f9	fix: cd clean up and working All checks were successful / continuous-deploy (push) Successful in 5s Details	2025-11-29 12:53:23 +00:00
Márcio Fernandes	c78ef18b20	fix: cd missing files All checks were successful / continuous-deploy (push) Successful in 5s Details	2025-11-29 12:50:57 +00:00
Márcio Fernandes	766866158f	fix: cd relative paths Some checks failed / continuous-deploy (push) Failing after 3s Details	2025-11-29 12:48:10 +00:00
Márcio Fernandes	1bbb18418e	fix cd shell Some checks failed / continuous-deploy (push) Failing after 3s Details	2025-11-29 12:46:27 +00:00
Márcio Fernandes	550f0585eb	continuous deploy Some checks failed / continuous-deploy (push) Failing after 3s Details	2025-11-29 12:43:42 +00:00
Márcio Fernandes	d4609cd13e	modified: README.md All checks were successful / continuous-deploy (push) Successful in 3s Details	2025-11-29 11:30:41 +00:00
Márcio Fernandes	cd0c3876ed	fix: deploy/app, added continuos-deploy gitea workflow template	2025-11-29 11:28:14 +00:00
Márcio Fernandes	26a8867587	fix: RBAC so continuous deploy service account can run helm upgrade	2025-11-29 04:39:41 +00:00
Márcio Fernandes	f32d574347	added continuous-deploy service account and RBAC	2025-11-29 04:10:40 +00:00
Márcio Fernandes	d0d8331e9a	deploy scripts & helm review: Secrets values from set instead on values, cd pre; add kustomization for infra	2025-11-29 03:45:25 +00:00
Márcio Fernandes	ee4afed826	fix: backups jobs and better documentation	2025-11-27 23:52:49 +00:00
Márcio Fernandes	b82d26f01d	borg backup sidekick review	2025-11-25 04:58:31 +00:00
Márcio Fernandes	8e1b41ef36	add deploy/app/cronjobs/.env./*.examples	2025-11-25 04:35:02 +00:00
Márcio Fernandes	2177535881	kubernetes: normalization secrets names	2025-11-25 04:22:40 +00:00
Márcio Fernandes	aa3f8f824b	start using kubernetes Kustomization, prep for continuous deploy	2025-11-25 04:13:47 +00:00
Márcio Fernandes	a23cbcdf93	repo refactoring continuous-deploy prep	2025-11-23 22:03:49 +00:00
Márcio Fernandes	fc1d941dde	some clean up	2025-11-23 21:18:35 +00:00
Márcio Fernandes	95070d9ac6	changed dev container it.limbosolutions.com/mylimbo/devcontainers/devops:latest	2025-11-23 20:56:58 +00:00
Márcio Fernandes	2404b15139	modified: .devcontainer/devcontainer.json	2025-11-19 23:26:35 +00:00
Márcio Fernandes	b65d14381a	dev container revision - using custom image - git.limbosolutions.com/mylimbo/devcontainers/devops:latest	2025-11-19 20:57:08 +00:00
Márcio Fernandes	04e5296521	dev container: proof of custom docker file	2025-10-13 21:53:51 +00:00