From 68fcfcb8838c94b8b0315f52b777418d6b723b3b Mon Sep 17 00:00:00 2001
From: Arthur <arthur@arthurvardevanyan.com>
Date: Sun, 11 Feb 2024 16:17:10 -0500
Subject: [PATCH] fix: Stackrox DB Net Policy Fix

---
 kubernetes/homeassistant/base/statefulset.yaml                | 2 +-
 kubernetes/nextcloud/base/cronjob.yaml                        | 2 +-
 kubernetes/nextcloud/base/preview-cronjob.yaml                | 2 +-
 kubernetes/nextcloud/base/statefulset.yaml                    | 2 +-
 kubernetes/quay/base/postgres/clair/network-policy.yaml       | 4 ++--
 kubernetes/quay/base/postgres/quay/network-policy.yaml        | 4 ++--
 kubernetes/stackrox-central/base/postgres/network-policy.yaml | 2 +-
 kubernetes/stackrox-central/base/postgres/postgres.yaml       | 4 ++--
 kubernetes/unifi-network-application/base/statefulset.yaml    | 2 +-
 9 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/kubernetes/homeassistant/base/statefulset.yaml b/kubernetes/homeassistant/base/statefulset.yaml
index cf64d9e48..7786d36d8 100644
--- a/kubernetes/homeassistant/base/statefulset.yaml
+++ b/kubernetes/homeassistant/base/statefulset.yaml
@@ -46,7 +46,7 @@ spec:
             value: "1"
       containers:
         - name: homeassistant
-          image: homeassistant/home-assistant:2024.1.4@sha256:b5bcbcad4669e4e6b3ef7d7c8c841268d06c0eb83ad6b64aaca12cb85e9e204c
+          image: homeassistant/home-assistant:2024.2.1@sha256:5808ca4b75d89950a705119370198c53f83ab7de3c3632e2948e1305d27d649d
           securityContext:
             allowPrivilegeEscalation: true
             seccompProfile:
diff --git a/kubernetes/nextcloud/base/cronjob.yaml b/kubernetes/nextcloud/base/cronjob.yaml
index 503be5c24..1aad10058 100644
--- a/kubernetes/nextcloud/base/cronjob.yaml
+++ b/kubernetes/nextcloud/base/cronjob.yaml
@@ -51,7 +51,7 @@ spec:
                 claimName: nextcloud-data
           containers:
             - name: nextcloud-cron
-              image: nextcloud:28.0.1-apache@sha256:3d17745d388ac65fe0572ff3f1e45a868ad6c8e74ea98e03762feda9f0603fff
+              image: nextcloud:28.0.2-apache@sha256:0d231d59967d997141be8016c41df5e05f03137abbf741a8f0be2c0a8af80cf6
               command:
                 - /bin/sh
                 - "-c"
diff --git a/kubernetes/nextcloud/base/preview-cronjob.yaml b/kubernetes/nextcloud/base/preview-cronjob.yaml
index 09d63a134..7dd51260c 100644
--- a/kubernetes/nextcloud/base/preview-cronjob.yaml
+++ b/kubernetes/nextcloud/base/preview-cronjob.yaml
@@ -52,7 +52,7 @@ spec:
             runAsUser: 33
           containers:
             - name: nextcloud-preview
-              image: nextcloud:28.0.1-apache@sha256:3d17745d388ac65fe0572ff3f1e45a868ad6c8e74ea98e03762feda9f0603fff
+              image: nextcloud:28.0.2-apache@sha256:0d231d59967d997141be8016c41df5e05f03137abbf741a8f0be2c0a8af80cf6
               command:
                 - /bin/sh
                 - -c
diff --git a/kubernetes/nextcloud/base/statefulset.yaml b/kubernetes/nextcloud/base/statefulset.yaml
index eb12722f0..b678e755b 100644
--- a/kubernetes/nextcloud/base/statefulset.yaml
+++ b/kubernetes/nextcloud/base/statefulset.yaml
@@ -43,7 +43,7 @@ spec:
         runAsUser: 33
       containers:
         - name: nextcloud
-          image: nextcloud:28.0.1-apache@sha256:3d17745d388ac65fe0572ff3f1e45a868ad6c8e74ea98e03762feda9f0603fff
+          image: nextcloud:28.0.2-apache@sha256:0d231d59967d997141be8016c41df5e05f03137abbf741a8f0be2c0a8af80cf6
           securityContext:
             runAsGroup: 33
             runAsUser: 33
diff --git a/kubernetes/quay/base/postgres/clair/network-policy.yaml b/kubernetes/quay/base/postgres/clair/network-policy.yaml
index d7cc61dea..818364b9a 100644
--- a/kubernetes/quay/base/postgres/clair/network-policy.yaml
+++ b/kubernetes/quay/base/postgres/clair/network-policy.yaml
@@ -45,7 +45,7 @@ spec:
     - from:
         - namespaceSelector:
             matchLabels:
-              kubernetes.io/metadata.name: postgres
+              kubernetes.io/metadata.name: quay
           podSelector:
             matchLabels:
               postgres-operator.crunchydata.com/cluster: clair
@@ -53,7 +53,7 @@ spec:
     - to:
         - namespaceSelector:
             matchLabels:
-              kubernetes.io/metadata.name: postgres
+              kubernetes.io/metadata.name: quay
           podSelector:
             matchLabels:
               postgres-operator.crunchydata.com/cluster: clair
diff --git a/kubernetes/quay/base/postgres/quay/network-policy.yaml b/kubernetes/quay/base/postgres/quay/network-policy.yaml
index 30e5b106d..252cf1d91 100644
--- a/kubernetes/quay/base/postgres/quay/network-policy.yaml
+++ b/kubernetes/quay/base/postgres/quay/network-policy.yaml
@@ -57,7 +57,7 @@ spec:
     - from:
         - namespaceSelector:
             matchLabels:
-              kubernetes.io/metadata.name: postgres
+              kubernetes.io/metadata.name: quay
           podSelector:
             matchLabels:
               postgres-operator.crunchydata.com/cluster: quay
@@ -65,7 +65,7 @@ spec:
     - to:
         - namespaceSelector:
             matchLabels:
-              kubernetes.io/metadata.name: postgres
+              kubernetes.io/metadata.name: quay
           podSelector:
             matchLabels:
               postgres-operator.crunchydata.com/cluster: quay
diff --git a/kubernetes/stackrox-central/base/postgres/network-policy.yaml b/kubernetes/stackrox-central/base/postgres/network-policy.yaml
index f83286319..177db3cf0 100644
--- a/kubernetes/stackrox-central/base/postgres/network-policy.yaml
+++ b/kubernetes/stackrox-central/base/postgres/network-policy.yaml
@@ -44,7 +44,7 @@ spec:
     - from:
         - namespaceSelector:
             matchLabels:
-              kubernetes.io/metadata.name: postgres
+              kubernetes.io/metadata.name: stackrox
           podSelector:
             matchLabels:
               postgres-operator.crunchydata.com/cluster: stackrox
diff --git a/kubernetes/stackrox-central/base/postgres/postgres.yaml b/kubernetes/stackrox-central/base/postgres/postgres.yaml
index 258b59773..33cf9156a 100644
--- a/kubernetes/stackrox-central/base/postgres/postgres.yaml
+++ b/kubernetes/stackrox-central/base/postgres/postgres.yaml
@@ -1,6 +1,6 @@
 # StackroxDB Tweak
 # alter user stackrox createdb;
-# alter user stackrox superuser
+# alter user stackrox superuser;
 # PSQL 15 Public Scheme Tweak
 # \c stackrox
 # GRANT CREATE ON SCHEMA public TO stackrox;
@@ -65,7 +65,7 @@ spec:
           - ReadWriteOnce
         resources:
           requests:
-            storage: 15Gi
+            storage: 5Gi
       name: ""
       replicas: 2
       resources:
diff --git a/kubernetes/unifi-network-application/base/statefulset.yaml b/kubernetes/unifi-network-application/base/statefulset.yaml
index d8c93abb7..bcedfbbe3 100644
--- a/kubernetes/unifi-network-application/base/statefulset.yaml
+++ b/kubernetes/unifi-network-application/base/statefulset.yaml
@@ -25,7 +25,7 @@ spec:
       serviceAccountName: unifi-network-application
       containers:
         - name: unifi-network-application
-          image: linuxserver/unifi-network-application:8.0.28@sha256:e673a6100ef8de6ec5e3d8b7bd48f1d1940466f74801048c046a471f5219f551
+          image: linuxserver/unifi-network-application:8.0.28-ls28@sha256:53b3734cad2a2c18297a2e4e17c29dec05061767f3187561c3ed483b4762fedc
           securityContext:
             runAsNonRoot: false
             privileged: true