Rename tline to porthole

README.md

@@ -10,13 +10,13 @@ Porthole: timeline media library (Next.js web + worker), backed by Postgres/Redi
   - set `images.web.repository/tag` and `images.worker.repository/tag`
   - set `global.tailscale.tailnetFQDN` (recommended), or set `app.minio.publicEndpointTs` (must be `https://minio.<tailnet-fqdn>`)
 
-- Render locally: `helm template porthole helm/tline -f your-values.yaml --namespace porthole`
+- Render locally: `helm template porthole helm/porthole -f your-values.yaml --namespace porthole`
 
-- Install (to `porthole` namespace): `helm upgrade --install porthole helm/tline -f your-values.yaml --namespace porthole`
+- Install (to `porthole` namespace): `helm upgrade --install porthole helm/porthole -f your-values.yaml --namespace porthole`
 
 ## ArgoCD
 
-A ready-to-apply ArgoCD `Application` manifest is included at `argocd/tline-application.yaml` (it deploys the Helm release name `porthole`).
+A ready-to-apply ArgoCD `Application` manifest is included at `argocd/porthole-application.yaml` (it deploys the Helm release name `porthole`).
 
 Reference example (deploys into the `porthole` namespace; the Helm chart itself does not hardcode a namespace):
 
@@ -31,7 +31,7 @@ spec:
   source:
     repoURL: git@gitea-gitea-ssh.taildb3494.ts.net:will/porthole.git
     targetRevision: main
-    path: helm/tline
+    path: helm/porthole
     helm:
       releaseName: porthole
       valueFiles:
@@ -42,7 +42,7 @@ spec:
       #   - name: global.tailscale.tailnetFQDN
       #     value: tailxyz.ts.net
        #   - name: images.web.repository
-      #     value: registry.lan:5000/tline-web
+       #     value: registry.lan:5000/porthole-web
       #   - name: images.web.tag
       #     value: dev
   destination:
@@ -89,25 +89,25 @@ This repo is a Bun monorepo, but container builds use Docker Buildx.
   - Your Docker daemon is configured to allow that registry as an insecure registry.
 
 - Create/use a buildx builder (one-time):
-  - `docker buildx create --name tline --use`
+  - `docker buildx create --name porthole --use`
 
 - Build + push **web** (Next standalone):
   - `REGISTRY=registry.lan:5000 TAG=dev`
-  - `docker buildx build --platform linux/amd64,linux/arm64 -f apps/web/Dockerfile -t "$REGISTRY/tline-web:$TAG" --push .`
+  - `docker buildx build --platform linux/amd64,linux/arm64 -f apps/web/Dockerfile -t "$REGISTRY/porthole-web:$TAG" --push .`
   - Notes:
     - The Dockerfile uses `bun install --frozen-lockfile` and copies all workspace `package.json` files first to keep Bun from mutating `bun.lock`.
     - Runtime entrypoint comes from Next standalone output (the image runs `node app/apps/web/server.js`).
 
 - Build + push **worker** (includes `ffmpeg` + `exiftool`):
   - `REGISTRY=registry.lan:5000 TAG=dev`
-  - `docker buildx build --platform linux/amd64,linux/arm64 -f apps/worker/Dockerfile -t "$REGISTRY/tline-worker:$TAG" --push .`
+  - `docker buildx build --platform linux/amd64,linux/arm64 -f apps/worker/Dockerfile -t "$REGISTRY/porthole-worker:$TAG" --push .`
   - Notes:
     - The Dockerfile uses `bun install --frozen-lockfile --production` and also copies all workspace `package.json` files first for stable `workspace:*` resolution.
 
 - Then set Helm values:
-  - `images.web.repository: registry.lan:5000/tline-web`
+  - `images.web.repository: registry.lan:5000/porthole-web`
   - `images.web.tag: dev`
-  - `images.worker.repository: registry.lan:5000/tline-worker`
+  - `images.worker.repository: registry.lan:5000/porthole-worker`
   - `images.worker.tag: dev`
 
 ### Private registry auth (optional)
@@ -167,7 +167,7 @@ This chart assumes you label nodes like:
 - Pi 5 nodes: `node-class=compute`
 - Pi 3 node: `node-class=tiny`
 
-The default scheduling in `helm/tline/values.yaml` pins heavy pods to `node-class=compute`.
+The default scheduling in `helm/porthole/values.yaml` pins heavy pods to `node-class=compute`.
 
 Example `values.yaml` you can start from:
 
@@ -181,10 +181,10 @@ secrets:
 
 images:
   web:
-    repository: registry.lan:5000/tline-web
+    repository: registry.lan:5000/porthole-web
     tag: dev
   worker:
-    repository: registry.lan:5000/tline-worker
+    repository: registry.lan:5000/porthole-worker
     tag: dev
 
 global:

argocd/porthole-application.yaml

@@ -8,7 +8,7 @@ spec:
   source:
     repoURL: git@gitea-ssh.gitea.svc:will/porthole.git
     targetRevision: main
-    path: helm/tline
+    path: helm/porthole
     helm:
       releaseName: porthole
       valueFiles:

helm/porthole/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v2
-name: tline
+name: porthole
 description: Timeline media library (porthole)
 type: application
 version: 0.1.0

helm/porthole/templates/_helpers.tpl

@@ -105,8 +105,11 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 {{- $label = .Values.minio.tailscaleServiceS3.hostnameLabel -}}
 {{- end -}}
 {{- printf "https://%s.%s" $label .Values.global.tailscale.tailnetFQDN -}}
+{{- else if .Values.minio.enabled -}}
+{{- $svc := include "tline.componentName" (dict "Values" .Values "Chart" .Chart "Release" .Release "component" "minio") -}}
+{{- printf "http://%s:%d" $svc (.Values.minio.service.s3Port | int) -}}
 {{- else -}}
-{{- fail "app.minio.publicEndpointTs is required (or set global.tailscale.tailnetFQDN to derive it)" -}}
+{{- fail "app.minio.publicEndpointTs is required when minio.enabled=false and no tailscale tailnetFQDN is set" -}}
 {{- end -}}
 {{- end -}}
 

helm/porthole/templates/secret.yaml.tpl

@@ -1,4 +1,12 @@
 {{- if not .Values.secrets.existingSecret -}}
+{{- $existing := lookup "v1" "Secret" .Release.Namespace (include "tline.secretName" .) -}}
+{{- $existingData := dict -}}
+{{- if $existing -}}
+{{- $existingData = (get $existing "data") | default dict -}}
+{{- end -}}
+{{- $pgPassB64 := (get $existingData "POSTGRES_PASSWORD") | default (randAlphaNum 32 | b64enc) -}}
+{{- $minioKeyB64 := (get $existingData "MINIO_ACCESS_KEY_ID") | default (randAlphaNum 20 | b64enc) -}}
+{{- $minioSecretB64 := (get $existingData "MINIO_SECRET_ACCESS_KEY") | default (randAlphaNum 40 | b64enc) -}}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -7,9 +15,9 @@ metadata:
 {{ include "tline.labels" . | indent 4 }}
 type: Opaque
 data:
-  POSTGRES_PASSWORD: {{ required "secrets.postgres.password is required" .Values.secrets.postgres.password | b64enc }}
+  POSTGRES_PASSWORD: {{ .Values.secrets.postgres.password | default ($pgPassB64 | b64dec) | b64enc }}
-  MINIO_ACCESS_KEY_ID: {{ required "secrets.minio.accessKeyId is required" .Values.secrets.minio.accessKeyId | b64enc }}
+  MINIO_ACCESS_KEY_ID: {{ .Values.secrets.minio.accessKeyId | default ($minioKeyB64 | b64dec) | b64enc }}
-  MINIO_SECRET_ACCESS_KEY: {{ required "secrets.minio.secretAccessKey is required" .Values.secrets.minio.secretAccessKey | b64enc }}
+  MINIO_SECRET_ACCESS_KEY: {{ .Values.secrets.minio.secretAccessKey | default ($minioSecretB64 | b64dec) | b64enc }}
 {{- end }}
 
 {{- if .Values.registrySecret.create -}}

helm/porthole/values.yaml

@@ -28,7 +28,7 @@ scheduling:
 
 app:
   name: porthole
-  queueName: tline
+  queueName: porthole
 
   # Optional overrides when bringing your own services.
   databaseUrl: "" # defaults to in-chart Postgres when empty
@@ -45,9 +45,9 @@ secrets:
   existingSecret: "" # if set, chart will not create secrets
 
   postgres:
-    user: tline
+    user: porthole
     password: "" # REQUIRED if not using existingSecret
-    database: tline
+    database: porthole
 
   minio:
     accessKeyId: "" # REQUIRED if not using existingSecret
@@ -55,12 +55,14 @@ secrets:
 
 images:
   web:
-    repository: ""
+    # Default is a local/in-cluster registry example; override for your environment.
-    tag: ""
+    repository: registry.lan:5000/porthole-web
+    tag: dev
     pullPolicy: IfNotPresent
   worker:
-    repository: ""
+    # Default is a local/in-cluster registry example; override for your environment.
-    tag: ""
+    repository: registry.lan:5000/porthole-worker
+    tag: dev
     pullPolicy: IfNotPresent
   postgres:
     repository: postgres

package.json

@@ -1,5 +1,5 @@
 {
-  "name": "tline",
+  "name": "porthole",
   "private": true,
   "version": "0.0.0",
   "description": "Timeline media library (porthole)",

packages/queue/src/index.ts

@@ -5,7 +5,7 @@ import IORedis from "ioredis";
 
 const envSchema = z.object({
   REDIS_URL: z.string().min(1).default("redis://localhost:6379"),
-  QUEUE_NAME: z.string().min(1).default("tline")
+  QUEUE_NAME: z.string().min(1).default("porthole")
 });
 
 export const jobNameSchema = z.enum([