From 8446e04d52b82db0e928c81460fee429894e3cde Mon Sep 17 00:00:00 2001
From: j37hr0 <jethro.cotton3@gmail.com>
Date: Mon, 4 May 2026 20:42:13 +1200
Subject: [PATCH] fixes

---
 apps/kimai/values.yaml             |  3 +-
 infrastructure/haproxy/values.yaml | 84 +++++++++++++++---------------
 2 files changed, 44 insertions(+), 43 deletions(-)

diff --git a/apps/kimai/values.yaml b/apps/kimai/values.yaml
index f2767b6..477122e 100644
--- a/apps/kimai/values.yaml
+++ b/apps/kimai/values.yaml
@@ -11,7 +11,8 @@ ingress:
       secretName: wildcard-numbergoup-coza-tls
 
 updateStrategy:
-  type: Recreate
+  type: RollingUpdate
+  rollingUpdate: {}
 
 persistence:
   enabled: true
diff --git a/infrastructure/haproxy/values.yaml b/infrastructure/haproxy/values.yaml
index c85a33a..bb484f0 100644
--- a/infrastructure/haproxy/values.yaml
+++ b/infrastructure/haproxy/values.yaml
@@ -1,55 +1,55 @@
 service:
-	type: NodePort
-	nodePorts:
-		http: 30080
-		https: 30443
+  type: NodePort
+  nodePorts:
+    http: 30080
+    https: 30443
 
 extraVolumes:
-	- name: tls-source
-		secret:
-			secretName: wildcard-jethrocotton-com-tls
-	- name: tls-pem
-		emptyDir: {}
+  - name: tls-source
+    secret:
+      secretName: wildcard-jethrocotton-com-tls
+  - name: tls-pem
+    emptyDir: {}
 
 initContainers:
-	- name: build-tls-pem
-		image: busybox:1.36
-		command:
-			- /bin/sh
-			- -ec
-			- |
-				cat /certs/tls.crt /certs/tls.key > /tls/tls.pem
-		volumeMounts:
-			- name: tls-source
-				mountPath: /certs
-				readOnly: true
-			- name: tls-pem
-				mountPath: /tls
+  - name: build-tls-pem
+    image: busybox:1.36
+    command:
+      - /bin/sh
+      - -ec
+      - |
+        cat /certs/tls.crt /certs/tls.key > /tls/tls.pem
+    volumeMounts:
+      - name: tls-source
+        mountPath: /certs
+        readOnly: true
+      - name: tls-pem
+        mountPath: /tls
 
 extraVolumeMounts:
-	- name: tls-pem
-		mountPath: /usr/local/etc/ssl
+  - name: tls-pem
+    mountPath: /usr/local/etc/ssl
 
 config: |
-	global
-		log stdout format raw local0
-		maxconn 1024
+  global
+    log stdout format raw local0
+    maxconn 1024
 
-	defaults
-		log global
-		timeout client 60s
-		timeout connect 10s
-		timeout server 60s
+  defaults
+    log global
+    timeout client 60s
+    timeout connect 10s
+    timeout server 60s
 
-	frontend fe_http
-		bind :80
-		http-request redirect scheme https code 301 if !{ ssl_fc }
+  frontend fe_http
+    bind :80
+    http-request redirect scheme https code 301 if !{ ssl_fc }
 
-	frontend fe_https
-		bind :443 ssl crt /usr/local/etc/ssl/tls.pem
-		acl host_forgejo hdr(host) -i forgejo.jethrocotton.com
-		use_backend be_forgejo if host_forgejo
-		default_backend be_forgejo
+  frontend fe_https
+    bind :443 ssl crt /usr/local/etc/ssl/tls.pem
+    acl host_forgejo hdr(host) -i forgejo.jethrocotton.com
+    use_backend be_forgejo if host_forgejo
+    default_backend be_forgejo
 
-	backend be_forgejo
-		server forgejo forgejo.forgejo.svc.cluster.local:80 check
+  backend be_forgejo
+    server forgejo forgejo.forgejo.svc.cluster.local:80 check