Build local containers for k8s services (#61)

## Summary - Move devpi Dockerfile from argocd/manifests to containers/devpi/ - Add containers for: transmission, teslamate, miniflux, kiwix-serve, kubectl - Update all k8s deployments to use local images (registry.ops.eblu.me/blumeops/*) - All containers use v1.0.0 tag for initial release ## Containers Added | Container | Source | Notes | |-----------|--------|-------| | devpi | python:3.12-slim | Existing, moved to containers/ | | kubectl | alpine + download | For zim-watcher CronJob | | miniflux | Go build from source | v2.2.16 | | kiwix-serve | Download pre-built binary | v3.8.1 | | transmission | alpine + apk install | Simpler than linuxserver image | | teslamate | Elixir build from source | v2.2.0 | ## Deployment and Testing - [ ] Build and tag devpi-v1.0.0 - [ ] Build and tag kubectl-v1.0.0 - [ ] Build and tag miniflux-v1.0.0 - [ ] Build and tag kiwix-serve-v1.0.0 - [ ] Build and tag transmission-v1.0.0 - [ ] Build and tag teslamate-v1.0.0 - [ ] Sync ArgoCD apps and verify services 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/61
2026-01-25 21:35:57 -08:00 · 2026-01-25 21:35:57 -08:00 · c8b655f177
commit c8b655f177
parent ea42362b6f
15 changed files with 306 additions and 9 deletions
--- a/containers/teslamate/Dockerfile
+++ b/containers/teslamate/Dockerfile
@ -0,0 +1,78 @@
+# TeslaMate - Tesla data logger
+# Based on upstream Dockerfile
+
+ARG TESLAMATE_VERSION=v2.2.0
+
+FROM elixir:1.18-otp-26 AS builder
+
+ARG TESLAMATE_VERSION
+
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+
+RUN apt-get update \
+    && apt-get install -y ca-certificates curl gnupg git \
+    && mkdir -p /etc/apt/keyrings \
+    && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key \
+     | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
+    && NODE_MAJOR=22 \
+    && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" \
+     | tee /etc/apt/sources.list.d/nodesource.list \
+    && apt-get update \
+    && apt-get install nodejs -y \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN mix local.rebar --force && \
+    mix local.hex --force
+
+# Clone specific version
+RUN git clone --depth 1 --branch ${TESLAMATE_VERSION} \
+    https://github.com/teslamate-org/teslamate.git /opt/app
+
+ENV MIX_ENV=prod
+WORKDIR /opt/app
+
+RUN mix deps.get --only $MIX_ENV
+RUN mix deps.compile
+
+RUN npm ci --prefix ./assets --progress=false --no-audit --loglevel=error
+RUN mix assets.deploy
+
+RUN mix compile
+RUN SKIP_LOCALE_DOWNLOAD=true mix release --path /opt/built
+
+# Runtime image
+FROM debian:bookworm-slim AS app
+
+ENV LANG=C.UTF-8 \
+    SRTM_CACHE=/opt/app/.srtm_cache \
+    HOME=/opt/app
+
+WORKDIR $HOME
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+        libodbc2 \
+        libsctp1 \
+        libssl3 \
+        libstdc++6 \
+        netcat-openbsd \
+        tini \
+        tzdata \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/* \
+    && groupadd --gid 10001 --system nonroot \
+    && useradd --uid 10000 --system --gid nonroot --home-dir /home/nonroot --shell /sbin/nologin nonroot \
+    && chown -R nonroot:nonroot .
+
+COPY entrypoint.sh /
+COPY --from=builder /opt/built .
+RUN chmod 555 /entrypoint.sh && \
+    chown -R nonroot:nonroot . && \
+    mkdir $SRTM_CACHE
+
+USER nonroot:nonroot
+
+EXPOSE 4000
+
+ENTRYPOINT ["tini", "--", "/bin/dash", "/entrypoint.sh"]
+CMD ["bin/teslamate", "start"]
--- a/containers/teslamate/entrypoint.sh
+++ b/containers/teslamate/entrypoint.sh
@ -0,0 +1,23 @@
+#!/usr/bin/env dash
+set -e
+
+: "${DATABASE_HOST:="127.0.0.1"}"
+: "${DATABASE_PORT:=5432}"
+: "${ULIMIT_MAX_NOFILE:=65536}"
+
+# prevent memory bloat in some misconfigured versions of Docker/containerd
+# where the nofiles limit is very large. 0 means don't set it.
+if test "${ULIMIT_MAX_NOFILE}" != 0 && test "$(ulimit -n)" -gt "${ULIMIT_MAX_NOFILE}"; then
+	ulimit -n "${ULIMIT_MAX_NOFILE}"
+fi
+
+# wait until Postgres is ready
+while ! nc -z "${DATABASE_HOST}" "${DATABASE_PORT}" 2>/dev/null; do
+	echo waiting for postgres at "${DATABASE_HOST}":"${DATABASE_PORT}"
+	sleep 1s
+done
+
+# apply migrations
+bin/teslamate eval "TeslaMate.Release.migrate"
+
+exec "$@"