From f358ee6c91372202b31c5cff4162616b1343b174 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 13:29:49 -0800 Subject: [PATCH 01/13] Fix ArgoCD icon name in Homepage annotation Dashboard Icons uses argo-cd.png (with hyphen), not argocd.png Co-Authored-By: Claude Opus 4.5 --- argocd/manifests/argocd/service-tailscale.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/argocd/manifests/argocd/service-tailscale.yaml b/argocd/manifests/argocd/service-tailscale.yaml index d75b326..23ff8f1 100644 --- a/argocd/manifests/argocd/service-tailscale.yaml +++ b/argocd/manifests/argocd/service-tailscale.yaml @@ -14,7 +14,7 @@ metadata: gethomepage.dev/enabled: "true" gethomepage.dev/name: "ArgoCD" gethomepage.dev/group: "Infrastructure" - gethomepage.dev/icon: "argocd.png" + gethomepage.dev/icon: "argo-cd.png" gethomepage.dev/description: "GitOps CD" gethomepage.dev/href: "https://argocd.ops.eblu.me" gethomepage.dev/pod-selector: "app.kubernetes.io/name=argocd-server" -- 2.50.1 (Apple Git-155) From a423b9aa0485abc15cd921e876b94da5400f576d Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 13:33:52 -0800 Subject: [PATCH 02/13] Add borgmatic backup status widget to Homepage Displays time since last backup using prometheusmetric widget querying Prometheus for borgmatic_last_archive_timestamp Co-Authored-By: Claude Opus 4.5 --- argocd/manifests/homepage/values.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/argocd/manifests/homepage/values.yaml b/argocd/manifests/homepage/values.yaml index 4c07899..70a840c 100644 --- a/argocd/manifests/homepage/values.yaml +++ b/argocd/manifests/homepage/values.yaml @@ -44,6 +44,18 @@ config: href: https://nas.ops.eblu.me icon: synology description: NAS dashboard + - Borgmatic: + href: https://grafana.ops.eblu.me/d/borgmatic + icon: borgmatic + description: Backup system + widget: + type: prometheusmetric + url: https://prometheus.ops.eblu.me + metrics: + - label: Last backup + query: time() - borgmatic_last_archive_timestamp + format: + type: duration # External bookmarks bookmarks: -- 2.50.1 (Apple Git-155) From 4b13bb7ff9389d7ef1d4695c7423f87bdfd946a1 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 13:35:32 -0800 Subject: [PATCH 03/13] Add archive size metric to borgmatic widget Shows deduplicated repository size alongside time since last backup Co-Authored-By: Claude Opus 4.5 --- argocd/manifests/homepage/values.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/argocd/manifests/homepage/values.yaml b/argocd/manifests/homepage/values.yaml index 70a840c..1aab563 100644 --- a/argocd/manifests/homepage/values.yaml +++ b/argocd/manifests/homepage/values.yaml @@ -56,6 +56,10 @@ config: query: time() - borgmatic_last_archive_timestamp format: type: duration + - label: Archive size + query: borgmatic_repo_deduplicated_size_bytes + format: + type: bytes # External bookmarks bookmarks: -- 2.50.1 (Apple Git-155) From 55c906b362d69db4c3a52b6ac2380f92b54a8024 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 13:42:47 -0800 Subject: [PATCH 04/13] Add disk usage metrics to Sifaka NAS widget Shows used and total space from /Volumes/backups mount Co-Authored-By: Claude Opus 4.5 --- argocd/manifests/homepage/values.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/argocd/manifests/homepage/values.yaml b/argocd/manifests/homepage/values.yaml index 1aab563..129c12f 100644 --- a/argocd/manifests/homepage/values.yaml +++ b/argocd/manifests/homepage/values.yaml @@ -44,6 +44,18 @@ config: href: https://nas.ops.eblu.me icon: synology description: NAS dashboard + widget: + type: prometheusmetric + url: https://prometheus.ops.eblu.me + metrics: + - label: Used + query: node_filesystem_size_bytes{mountpoint="/Volumes/backups"} - node_filesystem_avail_bytes{mountpoint="/Volumes/backups"} + format: + type: bytes + - label: Total + query: node_filesystem_size_bytes{mountpoint="/Volumes/backups"} + format: + type: bytes - Borgmatic: href: https://grafana.ops.eblu.me/d/borgmatic icon: borgmatic -- 2.50.1 (Apple Git-155) From bee85d70ed17411695ac0475378f13eb0bd7cc6f Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 14:05:12 -0800 Subject: [PATCH 05/13] Enable Grafana panel embedding and public dashboards - allow_embedding: true - allows iframe embedding - cookie_samesite: lax - fixes session cookies in iframes - public_dashboards: enabled - per-dashboard public sharing via UI Public dashboard settings persist in SQLite DB on PVC. Co-Authored-By: Claude Opus 4.5 --- argocd/manifests/grafana/values.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/argocd/manifests/grafana/values.yaml b/argocd/manifests/grafana/values.yaml index 402439c..976ed5c 100644 --- a/argocd/manifests/grafana/values.yaml +++ b/argocd/manifests/grafana/values.yaml @@ -25,6 +25,15 @@ persistence: grafana.ini: server: root_url: https://grafana.tail8d86e.ts.net + security: + # Allow embedding panels in iframes (for Homepage dashboard) + allow_embedding: true + # Required for iframe session cookies + cookie_samesite: lax + # Public dashboards - selectively share specific dashboards without auth + # Enable per-dashboard via Share > Public Dashboard in Grafana UI + public_dashboards: + enabled: true analytics: check_for_updates: false reporting_enabled: false -- 2.50.1 (Apple Git-155) From 0c09177d087590f3d0b05a01ad12edc890e3237c Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 14:11:29 -0800 Subject: [PATCH 06/13] Enable anonymous auth for Grafana iframe embeds Public dashboards don't support template variables or PostgreSQL datasources, so anonymous auth is required for Homepage embeds. Security relies on Tailscale ACLs - see zk grafana card. Co-Authored-By: Claude Opus 4.5 --- argocd/manifests/grafana/values.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/argocd/manifests/grafana/values.yaml b/argocd/manifests/grafana/values.yaml index 976ed5c..3cb4c80 100644 --- a/argocd/manifests/grafana/values.yaml +++ b/argocd/manifests/grafana/values.yaml @@ -30,10 +30,12 @@ grafana.ini: allow_embedding: true # Required for iframe session cookies cookie_samesite: lax - # Public dashboards - selectively share specific dashboards without auth - # Enable per-dashboard via Share > Public Dashboard in Grafana UI - public_dashboards: + auth.anonymous: + # WARNING: All dashboards readable without login + # Security relies on Tailscale ACLs - only tailnet members can reach Grafana + # Required for iframe embeds with template variables and non-Prometheus datasources enabled: true + org_role: Viewer analytics: check_for_updates: false reporting_enabled: false -- 2.50.1 (Apple Git-155) From e1be32f2d89e64a39906d2c275468907c7a1440c Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 14:17:03 -0800 Subject: [PATCH 07/13] Add Grafana iframe embed for Tesla battery chart Test embed of TeslaMate charge level panel using anonymous auth Co-Authored-By: Claude Opus 4.5 --- argocd/manifests/homepage/values.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/argocd/manifests/homepage/values.yaml b/argocd/manifests/homepage/values.yaml index 129c12f..fb87035 100644 --- a/argocd/manifests/homepage/values.yaml +++ b/argocd/manifests/homepage/values.yaml @@ -73,6 +73,14 @@ config: format: type: bytes + # Metrics group - Grafana panel embeds + - Metrics: + - Tesla Battery: + widget: + type: iframe + src: https://grafana.ops.eblu.me/d-solo/WopVO_mgz/tesla-charge-level?orgId=1&from=now-2d&to=now&timezone=browser&var-car_id=1&var-base_url=https://tesla.ops.eblu.me&var-bucket_width=7200&panelId=2&theme=dark + classes: h-40 + # External bookmarks bookmarks: - Admin: @@ -106,6 +114,8 @@ config: layout: Host Services: style: column + Metrics: + style: row Apps: style: column Observability: -- 2.50.1 (Apple Git-155) From 51072fcdd0c427b8f54e7cdfe11502861a7b970c Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 14:26:07 -0800 Subject: [PATCH 08/13] Add Tesla temperature gauges to Homepage metrics - Increase battery chart height to h-96 - Add outside temp gauge (panelId=8) - Add inside temp gauge (panelId=9) Co-Authored-By: Claude Opus 4.5 --- argocd/manifests/homepage/values.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/argocd/manifests/homepage/values.yaml b/argocd/manifests/homepage/values.yaml index fb87035..0acaf46 100644 --- a/argocd/manifests/homepage/values.yaml +++ b/argocd/manifests/homepage/values.yaml @@ -79,6 +79,16 @@ config: widget: type: iframe src: https://grafana.ops.eblu.me/d-solo/WopVO_mgz/tesla-charge-level?orgId=1&from=now-2d&to=now&timezone=browser&var-car_id=1&var-base_url=https://tesla.ops.eblu.me&var-bucket_width=7200&panelId=2&theme=dark + classes: h-96 + - Outside Temp: + widget: + type: iframe + src: https://grafana.ops.eblu.me/d-solo/kOuP_Fggz/tesla-overview?orgId=1&from=now-24h&to=now&timezone=browser&var-car_id=1&var-length_unit=mi&var-temp_unit=F&var-preferred_range=rated&var-base_url=https://tesla.ops.eblu.me&refresh=30s&panelId=8&theme=dark + classes: h-40 + - Inside Temp: + widget: + type: iframe + src: https://grafana.ops.eblu.me/d-solo/kOuP_Fggz/tesla-overview?orgId=1&from=now-24h&to=now&timezone=browser&var-car_id=1&var-length_unit=mi&var-temp_unit=F&var-preferred_range=rated&var-base_url=https://tesla.ops.eblu.me&refresh=30s&panelId=9&theme=dark classes: h-40 # External bookmarks -- 2.50.1 (Apple Git-155) From 8aea01ed8cdb4652be6daed253e948111a007ee6 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 14:30:57 -0800 Subject: [PATCH 09/13] Fix temp gauges: use car_id=All and add width constraint Co-Authored-By: Claude Opus 4.5 --- argocd/manifests/homepage/values.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/argocd/manifests/homepage/values.yaml b/argocd/manifests/homepage/values.yaml index 0acaf46..6fb080b 100644 --- a/argocd/manifests/homepage/values.yaml +++ b/argocd/manifests/homepage/values.yaml @@ -83,13 +83,13 @@ config: - Outside Temp: widget: type: iframe - src: https://grafana.ops.eblu.me/d-solo/kOuP_Fggz/tesla-overview?orgId=1&from=now-24h&to=now&timezone=browser&var-car_id=1&var-length_unit=mi&var-temp_unit=F&var-preferred_range=rated&var-base_url=https://tesla.ops.eblu.me&refresh=30s&panelId=8&theme=dark - classes: h-40 + src: https://grafana.ops.eblu.me/d-solo/kOuP_Fggz/tesla-overview?orgId=1&from=now-24h&to=now&timezone=browser&var-car_id=All&var-length_unit=mi&var-temp_unit=F&var-preferred_range=rated&var-base_url=https://tesla.ops.eblu.me&refresh=30s&panelId=8&theme=dark + classes: h-40 w-48 - Inside Temp: widget: type: iframe - src: https://grafana.ops.eblu.me/d-solo/kOuP_Fggz/tesla-overview?orgId=1&from=now-24h&to=now&timezone=browser&var-car_id=1&var-length_unit=mi&var-temp_unit=F&var-preferred_range=rated&var-base_url=https://tesla.ops.eblu.me&refresh=30s&panelId=9&theme=dark - classes: h-40 + src: https://grafana.ops.eblu.me/d-solo/kOuP_Fggz/tesla-overview?orgId=1&from=now-24h&to=now&timezone=browser&var-car_id=All&var-length_unit=mi&var-temp_unit=F&var-preferred_range=rated&var-base_url=https://tesla.ops.eblu.me&refresh=30s&panelId=9&theme=dark + classes: h-40 w-48 # External bookmarks bookmarks: -- 2.50.1 (Apple Git-155) From 91e78ff6a51516e2c41d7a930d9c8135e1553b3f Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 14:32:03 -0800 Subject: [PATCH 10/13] Constrain Tesla battery chart width to w-72 (~288px) Co-Authored-By: Claude Opus 4.5 --- argocd/manifests/homepage/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/argocd/manifests/homepage/values.yaml b/argocd/manifests/homepage/values.yaml index 6fb080b..c45f78e 100644 --- a/argocd/manifests/homepage/values.yaml +++ b/argocd/manifests/homepage/values.yaml @@ -79,7 +79,7 @@ config: widget: type: iframe src: https://grafana.ops.eblu.me/d-solo/WopVO_mgz/tesla-charge-level?orgId=1&from=now-2d&to=now&timezone=browser&var-car_id=1&var-base_url=https://tesla.ops.eblu.me&var-bucket_width=7200&panelId=2&theme=dark - classes: h-96 + classes: h-96 w-72 - Outside Temp: widget: type: iframe -- 2.50.1 (Apple Git-155) From 5c6cddba0dfea93097bcfcc672d46757ea0e3ba2 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 14:41:14 -0800 Subject: [PATCH 11/13] Revert Grafana iframe embedding attempt Iframe approach didn't work well: - Homepage iframe widget only supports height, not width constraints - Some panels fail to load even with anonymous auth - Reverted to authenticated-only Grafana access Co-Authored-By: Claude Opus 4.5 --- argocd/manifests/grafana/values.yaml | 12 ++---------- argocd/manifests/homepage/values.yaml | 20 -------------------- 2 files changed, 2 insertions(+), 30 deletions(-) diff --git a/argocd/manifests/grafana/values.yaml b/argocd/manifests/grafana/values.yaml index 3cb4c80..f38cd03 100644 --- a/argocd/manifests/grafana/values.yaml +++ b/argocd/manifests/grafana/values.yaml @@ -26,16 +26,8 @@ grafana.ini: server: root_url: https://grafana.tail8d86e.ts.net security: - # Allow embedding panels in iframes (for Homepage dashboard) - allow_embedding: true - # Required for iframe session cookies - cookie_samesite: lax - auth.anonymous: - # WARNING: All dashboards readable without login - # Security relies on Tailscale ACLs - only tailnet members can reach Grafana - # Required for iframe embeds with template variables and non-Prometheus datasources - enabled: true - org_role: Viewer + # Embedding disabled - iframe approach didn't work well for Homepage + allow_embedding: false analytics: check_for_updates: false reporting_enabled: false diff --git a/argocd/manifests/homepage/values.yaml b/argocd/manifests/homepage/values.yaml index c45f78e..129c12f 100644 --- a/argocd/manifests/homepage/values.yaml +++ b/argocd/manifests/homepage/values.yaml @@ -73,24 +73,6 @@ config: format: type: bytes - # Metrics group - Grafana panel embeds - - Metrics: - - Tesla Battery: - widget: - type: iframe - src: https://grafana.ops.eblu.me/d-solo/WopVO_mgz/tesla-charge-level?orgId=1&from=now-2d&to=now&timezone=browser&var-car_id=1&var-base_url=https://tesla.ops.eblu.me&var-bucket_width=7200&panelId=2&theme=dark - classes: h-96 w-72 - - Outside Temp: - widget: - type: iframe - src: https://grafana.ops.eblu.me/d-solo/kOuP_Fggz/tesla-overview?orgId=1&from=now-24h&to=now&timezone=browser&var-car_id=All&var-length_unit=mi&var-temp_unit=F&var-preferred_range=rated&var-base_url=https://tesla.ops.eblu.me&refresh=30s&panelId=8&theme=dark - classes: h-40 w-48 - - Inside Temp: - widget: - type: iframe - src: https://grafana.ops.eblu.me/d-solo/kOuP_Fggz/tesla-overview?orgId=1&from=now-24h&to=now&timezone=browser&var-car_id=All&var-length_unit=mi&var-temp_unit=F&var-preferred_range=rated&var-base_url=https://tesla.ops.eblu.me&refresh=30s&panelId=9&theme=dark - classes: h-40 w-48 - # External bookmarks bookmarks: - Admin: @@ -124,8 +106,6 @@ config: layout: Host Services: style: column - Metrics: - style: row Apps: style: column Observability: -- 2.50.1 (Apple Git-155) From 7ae1a4c03b10e597b7b79b961dd155493f139697 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 14:54:04 -0800 Subject: [PATCH 12/13] Add OpenWeatherMap weather widget to Homepage - ExternalSecret pulls API key from 1Password - Widget shows weather for Camano area - Uses imperial units with 15min cache Co-Authored-By: Claude Opus 4.5 --- .../external-secret-openweathermap.yaml | 20 +++++++++++++++++++ argocd/manifests/homepage/values.yaml | 12 +++++++++++ 2 files changed, 32 insertions(+) create mode 100644 argocd/manifests/homepage/external-secret-openweathermap.yaml diff --git a/argocd/manifests/homepage/external-secret-openweathermap.yaml b/argocd/manifests/homepage/external-secret-openweathermap.yaml new file mode 100644 index 0000000..d65c9a1 --- /dev/null +++ b/argocd/manifests/homepage/external-secret-openweathermap.yaml @@ -0,0 +1,20 @@ +# ExternalSecret for OpenWeatherMap API key +# Used by Homepage weather widget +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: homepage-openweathermap + namespace: homepage +spec: + refreshInterval: 1h + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-blumeops + target: + name: homepage-openweathermap + creationPolicy: Owner + data: + - secretKey: apikey + remoteRef: + key: OpenWeatherMap + property: credential diff --git a/argocd/manifests/homepage/values.yaml b/argocd/manifests/homepage/values.yaml index 129c12f..9cd0336 100644 --- a/argocd/manifests/homepage/values.yaml +++ b/argocd/manifests/homepage/values.yaml @@ -27,6 +27,11 @@ ingress: env: - name: HOMEPAGE_ALLOWED_HOSTS value: "go.tail8d86e.ts.net,go.ops.eblu.me" + - name: HOMEPAGE_VAR_OPENWEATHERMAP_API_KEY + valueFrom: + secretKeyRef: + name: homepage-openweathermap + key: apikey config: # Host services (non-k8s, on indri or LAN) @@ -89,6 +94,13 @@ config: # Widgets on the page # Note: Kubernetes widget disabled - requires metrics-server widgets: + - openweathermap: + label: Camano + latitude: 48.18235 + longitude: -122.52590 + units: imperial + apiKey: "{{HOMEPAGE_VAR_OPENWEATHERMAP_API_KEY}}" + cache: 15 - search: provider: custom url: https://kagi.com/search?q= -- 2.50.1 (Apple Git-155) From a8ea20f76f83876e7845c24d20acc296f0eeefb0 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 30 Jan 2026 14:57:12 -0800 Subject: [PATCH 13/13] Add extra manifests source to Homepage app Allows ExternalSecrets and other manifests in the homepage directory Co-Authored-By: Claude Opus 4.5 --- argocd/apps/homepage.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/argocd/apps/homepage.yaml b/argocd/apps/homepage.yaml index 4521eaf..1748990 100644 --- a/argocd/apps/homepage.yaml +++ b/argocd/apps/homepage.yaml @@ -12,6 +12,7 @@ metadata: spec: project: default sources: + # Helm chart - repoURL: https://jameswynn.github.io/helm-charts chart: homepage targetRevision: 2.1.0 @@ -19,9 +20,16 @@ spec: releaseName: homepage valueFiles: - $values/argocd/manifests/homepage/values.yaml + # Values file reference - repoURL: ssh://forgejo@forge.ops.eblu.me:2222/eblume/blumeops.git targetRevision: main ref: values + # Extra manifests (ExternalSecrets, etc) + - repoURL: ssh://forgejo@forge.ops.eblu.me:2222/eblume/blumeops.git + targetRevision: main + path: argocd/manifests/homepage + directory: + exclude: "values.yaml" destination: server: https://kubernetes.default.svc namespace: homepage -- 2.50.1 (Apple Git-155)