eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
83 releases 160 tags
  • v1.15.1 2bd1611ac1

    BlumeOps v1.15.1 Stable

    eblume released this 2026-03-28 09:15:18 -07:00 | 285 commits to main since this release

    BlumeOps release v1.15.1

    What's Changed

    Features

    • Add Tor Snowflake proxy on ringtail as a systemd service to support anti-censorship efforts.
    • Add offsite backup for immich photo library to BorgBase, running daily at 4 AM from indri via sifaka SMB mount.
    • Add QArt Tuner — a Go tool that generates QR codes whose data modules form a recognizable image, with an interactive web UI for parameter tuning. Based on the QArt technique by Russ Cox. Lives in utils/qart/.

    Infrastructure

    • Migrate Forgejo from Homebrew to source build with mcquack LaunchAgent, matching the pattern used by zot, caddy, and alloy. Upgrades to v14.0.3 (7 security fixes including PKCE bypass and OAuth scope bypass).
    • Add borgmatic pg_dump backups for authentik and immich databases. Authentik uses the existing blumeops-pg cluster on port 5432. Immich requires a new borgmatic role on the immich-pg cluster, a Tailscale service, and Caddy L4 proxy on port 5433.
    • Upgrade External Secrets Operator from v1.3.2 to v2.2.0 and migrate from Helm chart to static kustomize manifests.
    • Add post-deploy maintenance docs and generation pruning task for ringtail.
    • Fix Immich Helm values: resource limits and probe timeouts were silently ignored due to wrong value keys. Resources now actually apply to pods, and liveness/readiness probe timeouts increased from 1s to 5s to prevent kubelet from killing pods during ML inference.
    • Reduce PodNotReady alert lookback window from 5m to 60s to clear faster after rollouts.
    • Tighten ArgoCDAppOutOfSync alert: reduce pending duration from 30m to 5m and lookback window from 5m to 1m so alerts clear faster after sync.
    • Update ringtail flake inputs (nixpkgs, home-manager).
    • Upgrade Homepage dashboard from v1.10.1 to v1.11.0
    • Upgrade nvidia-device-plugin from v0.18.2 to v0.19.0

    Documentation

    • Review and fix CV service doc (correct URL, forge domain, container tag link) and add private forge repo review guidance to review-services process.
    • Review tailscale-setup tutorial: fix macOS install steps, add --accept-routes tip, correct tag name, add ACL apply instructions, add [[tailscale-operator]] cross-reference.

    Miscellaneous

    • Add preserve/* branch prefix exclusion to branch-cleanup task; document Pyroscope profiling work and blockers in observability reference.

    Documentation

    Download docs-v1.15.1.tar.gz and configure the quartz container with:

    DOCS_RELEASE_URL=https://forge.eblu.me/eblume/blumeops/releases/download/v1.15.1/docs-v1.15.1.tar.gz
    Downloads