rename: homelab-gateway → telegram-gateway

Aligns the project name with the public URL (tg.arcodange.fr) and the Arcodange organization conventions. The 'homelab-gateway' name was too generic. Touches: chart name + helpers, image registry path, Go module path, secret/configmap names, deployment mountPath, all docs.
2026-05-09 12:35:03 +02:00
parent ee832de089
commit 13dc7aee13
15 changed files with 68 additions and 68 deletions
--- a/DEPLOY.md
+++ b/DEPLOY.md
@@ -1,10 +1,10 @@
-# Deploy `homelab-gateway` — Phase 1 (echo bot)
+# Deploy `telegram-gateway` — Phase 1 (echo bot)

 Procédure end-to-end pour mettre le gateway en ligne avec un bot
 `arcodange_factory_bot` (slug interne `factory`).

 > Phase 1 simplifiée : **pas de Vault**. Le `Secret` k8s
-> `homelab-gateway-bots` est créé manuellement avec `kubectl create secret`.
+> `telegram-gateway-bots` est créé manuellement avec `kubectl create secret`.
 > La migration vers Vault Secrets Operator se fait plus tard (Phase 2+) via
 > `vault.enabled: true` dans `chart/values.yaml`.

@@ -12,7 +12,7 @@ Procédure end-to-end pour mettre le gateway en ligne avec un bot

 ## 1. Pré-requis

- Repo Gitea déjà créé : `arcodange/homelab-gateway`
+- Repo Gitea déjà créé : `arcodange/telegram-gateway`
 - Bot Telegram déjà créé via @BotFather : `@arcodange_factory_bot`
  - Token : `8737289837:…` (en variable d'env, jamais committé)
  - chat_id : récupéré via [@userinfobot](https://t.me/userinfobot)
@@ -23,17 +23,17 @@ Procédure end-to-end pour mettre le gateway en ligne avec un bot
 ## 2. Push du repo (déclenche le build Docker)

 ```bash
-cd /Users/gabrielradureau/Work/Vibe/homelab_gateway
+cd /Users/gabrielradureau/Work/Vibe/telegram-gateway
 git init
 git add .
 git commit -m "Phase 1 MVP — echo bot factory"
 git branch -M main
-git remote add origin ssh://git@192.168.1.202:2222/arcodange/homelab-gateway.git
+git remote add origin ssh://git@192.168.1.202:2222/arcodange/telegram-gateway.git
 git push -u origin main
 ```

 Gitea Actions build l'image et la pousse :
-`gitea.arcodange.lab/arcodange/homelab-gateway:latest`.
+`gitea.arcodange.lab/arcodange/telegram-gateway:latest`.

 ## 3. Créer le `Secret` k8s avec le token + secret_token

@@ -43,9 +43,9 @@ SECRET=$(openssl rand -hex 32)

 # Le namespace est créé par ArgoCD si absent — on le crée explicitement avant
 # pour pouvoir y poser le Secret tout de suite.
-kubectl create namespace homelab-gateway --dry-run=client -o yaml | kubectl apply -f -
+kubectl create namespace telegram-gateway --dry-run=client -o yaml | kubectl apply -f -

-kubectl -n homelab-gateway create secret generic homelab-gateway-bots \
+kubectl -n telegram-gateway create secret generic telegram-gateway-bots \
  --from-literal=BOT_FACTORY_TOKEN='8737289837:AAEVIygazfxgqJTxaxOh3X-mEoKaV7Rw1Gw' \
  --from-literal=BOT_FACTORY_SECRET="$SECRET"

@@ -60,15 +60,15 @@ echo "secret_token = $SECRET"

 ## 4. Activer l'Application ArgoCD

-L'entrée `homelab-gateway` est ajoutée dans
+L'entrée `telegram-gateway` est ajoutée dans
 `/Users/gabrielradureau/Work/Arcodange/factory/argocd/values.yaml` (PR
 ouverte). Une fois la PR mergée :

 ```bash
-kubectl -n argocd get app homelab-gateway -w
+kubectl -n argocd get app telegram-gateway -w
 # attends Healthy + Synced
-kubectl -n homelab-gateway logs deploy/homelab-gateway -f
-# attends "homelab-gateway listening on :8080 (1 bot(s) loaded)"
+kubectl -n telegram-gateway logs deploy/telegram-gateway -f
+# attends "telegram-gateway listening on :8080 (1 bot(s) loaded)"

 # Smoke
 curl -I https://tg.arcodange.fr/healthz   # → 200
@@ -79,7 +79,7 @@ curl -I https://tg.arcodange.fr/healthz   # → 200
 ```bash
 export BOT_FACTORY_TOKEN='8737289837:AAEVIygazfxgqJTxaxOh3X-mEoKaV7Rw1Gw'
 export BOT_FACTORY_SECRET="$SECRET"     # même valeur qu'à l'étape 3
-cd /Users/gabrielradureau/Work/Vibe/homelab_gateway
+cd /Users/gabrielradureau/Work/Vibe/telegram-gateway
 make setwebhook SLUG=factory BASE_URL=https://tg.arcodange.fr
 # → "webhook set: url=https://tg.arcodange.fr/bot/factory pending=0 last_err=\"\""
 ```
@@ -100,8 +100,8 @@ Pour le test `/echo coucou` répond `coucou`.

 | Symptôme | Action |
 |---|---|
-| Pod `CreateContainerConfigError` | Le Secret `homelab-gateway-bots` manque. Le créer (étape 3). |
-| Pod `CrashLoopBackOff` "no bots in /etc/…/bots.yaml" | ConfigMap pas généré ou mal monté. `kubectl get cm -n homelab-gateway -o yaml`. |
+| Pod `CreateContainerConfigError` | Le Secret `telegram-gateway-bots` manque. Le créer (étape 3). |
+| Pod `CrashLoopBackOff` "no bots in /etc/…/bots.yaml" | ConfigMap pas généré ou mal monté. `kubectl get cm -n telegram-gateway -o yaml`. |
 | `curl https://tg.arcodange.fr/healthz` → 502/504 | Ingress pas encore propagé OU le pod n'est pas Ready. `kubectl describe ingress` + `kubectl describe pod`. |
 | `setWebhook` → `Wrong response from the webhook: 401` | `BOT_FACTORY_SECRET` côté Secret ≠ celui passé à setWebhook. Régénérer + recréer le Secret avec `kubectl delete && create`. |
 | Webhook accepté mais pas de réponse Telegram | `kubectl logs` côté gateway → erreur sendMessage. Token bot invalide (révoqué via @BotFather ?) ou rate-limit Telegram. |
@@ -112,6 +112,6 @@ Pour le test `/echo coucou` répond `coucou`.
 - Phase 3 : handlers `shell` / `script` / `ollama` async, retry quand le
  Macbook Ollama est endormi.
 - Phase 4 : passage à Vault (toggle `vault.enabled: true` + provisionner
-  `kvv2/homelab-gateway/config`), Wake-on-LAN, multi-provider.
+  `kvv2/telegram-gateway/config`), Wake-on-LAN, multi-provider.

 Plan complet : `~/.claude/plans/pour-les-notifications-on-inherited-seal.md`.
--- a/4
+++ b/4
@@ -1,6 +1,6 @@
 SHELL := /bin/bash
-APP   := homelab-gateway
-IMAGE := gitea.arcodange.lab/arcodange-org/$(APP)
+APP   := telegram-gateway
+IMAGE := gitea.arcodange.lab/arcodange/$(APP)
 TAG   ?= dev

 .PHONY: build test vet tidy run docker push setwebhook deletewebhook
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# homelab-gateway
+# telegram-gateway

 Telegram **webhook gateway** for the Arcodange home lab. Replaces polling-based
 bots (e.g. those scheduled in Cowork) with direct webhook delivery from
@@ -13,7 +13,7 @@ See the design doc at `~/.claude/plans/pour-les-notifications-on-inherited-seal.
 ## Architecture (current)

 ```
-Telegram → Cloudflare Tunnel (tg.arcodange.fr) → Service homelab-gateway:8080
+Telegram → Cloudflare Tunnel (tg.arcodange.fr) → Service telegram-gateway:8080
        → /bot/<slug> → secret_token check → handler dispatch → Bot API sendMessage
 ```

@@ -55,19 +55,19 @@ make deletewebhook SLUG=factory
 ## Configuration

 - **Routing** (non-secret): YAML at `$CONFIG_PATH` (default
-  `/etc/homelab-gateway/bots.yaml`, mounted from a ConfigMap in cluster).
+  `/etc/telegram-gateway/bots.yaml`, mounted from a ConfigMap in cluster).
 - **Secrets**: per-bot env vars `BOT_<UPPER_SLUG>_TOKEN`,
  `BOT_<UPPER_SLUG>_SECRET`. Sourced from Vault path
-  `kvv2/homelab-gateway/config` via Vault Secrets Operator.
+  `kvv2/telegram-gateway/config` via Vault Secrets Operator.

 ## Cluster deploy

- Image: `gitea.arcodange.lab/arcodange/homelab-gateway:<tag>`
+- Image: `gitea.arcodange.lab/arcodange/telegram-gateway:<tag>`
 - Helm chart: `chart/`
- ArgoCD app: `homelab-gateway` (in `factory/argocd/values.yaml`)
+- ArgoCD app: `telegram-gateway` (in `factory/argocd/values.yaml`)
 - Public URL: `https://tg.arcodange.fr` (Cloudflare déjà configuré pour
  router `*.arcodange.fr` vers le home lab → Traefik route par Host)
- Secrets Phase 1 : `kubectl create secret generic homelab-gateway-bots …`
+- Secrets Phase 1 : `kubectl create secret generic telegram-gateway-bots …`
  (sans Vault). Migration vers Vault Secrets Operator en Phase 2+ via
  `vault.enabled: true` dans `chart/values.yaml`.

--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
-name: homelab-gateway
-description: Telegram webhook gateway for the Arcodange home lab
+name: telegram-gateway
+description: Telegram webhook gateway for the Arcodange home lab (tg.arcodange.fr)
 type: application
 version: 0.1.0
 appVersion: "0.1.0"
--- a/chart/templates/_helpers.tpl
+++ b/chart/templates/_helpers.tpl
@@ -1,14 +1,14 @@
 {{/*
 Expand the name of the chart.
 */}}
-{{- define "homelab-gateway.name" -}}
+{{- define "telegram-gateway.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}

 {{/*
 Create a default fully qualified app name.
 */}}
-{{- define "homelab-gateway.fullname" -}}
+{{- define "telegram-gateway.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
@@ -24,16 +24,16 @@ Create a default fully qualified app name.
 {{/*
 Chart name + version label value.
 */}}
-{{- define "homelab-gateway.chart" -}}
+{{- define "telegram-gateway.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}

 {{/*
 Common labels.
 */}}
-{{- define "homelab-gateway.labels" -}}
-helm.sh/chart: {{ include "homelab-gateway.chart" . }}
-{{ include "homelab-gateway.selectorLabels" . }}
+{{- define "telegram-gateway.labels" -}}
+helm.sh/chart: {{ include "telegram-gateway.chart" . }}
+{{ include "telegram-gateway.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
@@ -43,17 +43,17 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{/*
 Selector labels.
 */}}
-{{- define "homelab-gateway.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "homelab-gateway.name" . }}
+{{- define "telegram-gateway.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "telegram-gateway.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}

 {{/*
 Service account name.
 */}}
-{{- define "homelab-gateway.serviceAccountName" -}}
+{{- define "telegram-gateway.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
-{{- default (include "homelab-gateway.fullname" .) .Values.serviceAccount.name }}
+{{- default (include "telegram-gateway.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
--- a/chart/templates/configmap.yaml
+++ b/chart/templates/configmap.yaml
@@ -1,10 +1,10 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: {{ include "homelab-gateway.fullname" . }}-bots
+  name: {{ include "telegram-gateway.fullname" . }}-bots
  namespace: {{ .Release.Namespace }}
  labels:
-    {{- include "homelab-gateway.labels" . | nindent 4 }}
+    {{- include "telegram-gateway.labels" . | nindent 4 }}
 data:
  bots.yaml: |
    bots:
--- a/chart/templates/deployment.yaml
+++ b/chart/templates/deployment.yaml
@@ -1,10 +1,10 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ include "homelab-gateway.fullname" . }}
+  name: {{ include "telegram-gateway.fullname" . }}
  namespace: {{ .Release.Namespace }}
  labels:
-    {{- include "homelab-gateway.labels" . | nindent 4 }}
+    {{- include "telegram-gateway.labels" . | nindent 4 }}
 spec:
  revisionHistoryLimit: 3
  {{- if not .Values.autoscaling.enabled }}
@@ -12,7 +12,7 @@ spec:
  {{- end }}
  selector:
    matchLabels:
-      {{- include "homelab-gateway.selectorLabels" . | nindent 6 }}
+      {{- include "telegram-gateway.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      annotations:
@@ -21,7 +21,7 @@ spec:
        {{- toYaml . | nindent 8 }}
        {{- end }}
      labels:
-        {{- include "homelab-gateway.labels" . | nindent 8 }}
+        {{- include "telegram-gateway.labels" . | nindent 8 }}
        {{- with .Values.podLabels }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
@@ -30,7 +30,7 @@ spec:
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
-      serviceAccountName: {{ include "homelab-gateway.serviceAccountName" . }}
+      serviceAccountName: {{ include "telegram-gateway.serviceAccountName" . }}
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
      containers:
@@ -39,12 +39,12 @@ spec:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          args: ["serve", "--config", "/etc/homelab-gateway/bots.yaml", "--addr", ":{{ .Values.service.port }}"]
+          args: ["serve", "--config", "/etc/telegram-gateway/bots.yaml", "--addr", ":{{ .Values.service.port }}"]
          env:
            - name: LISTEN_ADDR
              value: ":{{ .Values.service.port }}"
            - name: CONFIG_PATH
-              value: /etc/homelab-gateway/bots.yaml
+              value: /etc/telegram-gateway/bots.yaml
          envFrom:
            - secretRef:
                name: {{ .Values.secret.name }}
@@ -60,14 +60,14 @@ spec:
            {{- toYaml .Values.resources | nindent 12 }}
          volumeMounts:
            - name: bots-config
-              mountPath: /etc/homelab-gateway
+              mountPath: /etc/telegram-gateway
              readOnly: true
            - name: tmp
              mountPath: /tmp
      volumes:
        - name: bots-config
          configMap:
-            name: {{ include "homelab-gateway.fullname" . }}-bots
+            name: {{ include "telegram-gateway.fullname" . }}-bots
        - name: tmp
          emptyDir: {}
      {{- with .Values.nodeSelector }}
--- a/chart/templates/ingress.yaml
+++ b/chart/templates/ingress.yaml
@@ -2,10 +2,10 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: {{ include "homelab-gateway.fullname" . }}
+  name: {{ include "telegram-gateway.fullname" . }}
  namespace: {{ .Release.Namespace }}
  labels:
-    {{- include "homelab-gateway.labels" . | nindent 4 }}
+    {{- include "telegram-gateway.labels" . | nindent 4 }}
  {{- with .Values.ingress.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
@@ -28,7 +28,7 @@ spec:
            pathType: {{ .pathType }}
            backend:
              service:
-                name: {{ include "homelab-gateway.fullname" $ }}
+                name: {{ include "telegram-gateway.fullname" $ }}
                port:
                  number: {{ $.Values.service.port }}
          {{- end }}
--- a/chart/templates/service.yaml
+++ b/chart/templates/service.yaml
@@ -1,10 +1,10 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ include "homelab-gateway.fullname" . }}
+  name: {{ include "telegram-gateway.fullname" . }}
  namespace: {{ .Release.Namespace }}
  labels:
-    {{- include "homelab-gateway.labels" . | nindent 4 }}
+    {{- include "telegram-gateway.labels" . | nindent 4 }}
 spec:
  type: {{ .Values.service.type }}
  ports:
@@ -13,4 +13,4 @@ spec:
      protocol: TCP
      name: http
  selector:
-    {{- include "homelab-gateway.selectorLabels" . | nindent 4 }}
+    {{- include "telegram-gateway.selectorLabels" . | nindent 4 }}
--- a/chart/templates/serviceaccount.yaml
+++ b/chart/templates/serviceaccount.yaml
@@ -2,10 +2,10 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ include "homelab-gateway.serviceAccountName" . }}
+  name: {{ include "telegram-gateway.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
  labels:
-    {{- include "homelab-gateway.labels" . | nindent 4 }}
+    {{- include "telegram-gateway.labels" . | nindent 4 }}
  {{- with .Values.serviceAccount.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
--- a/chart/templates/vaultauth.yaml
+++ b/chart/templates/vaultauth.yaml
@@ -5,13 +5,13 @@ metadata:
  name: auth
  namespace: {{ .Release.Namespace }}
  labels:
-    {{- include "homelab-gateway.labels" . | nindent 4 }}
+    {{- include "telegram-gateway.labels" . | nindent 4 }}
 spec:
  method: kubernetes
  mount: kubernetes
  kubernetes:
    role: {{ .Values.vault.role }}
-    serviceAccount: {{ include "homelab-gateway.serviceAccountName" . }}
+    serviceAccount: {{ include "telegram-gateway.serviceAccountName" . }}
    audiences:
      - vault
 {{- end }}
--- a/chart/templates/vaultsecret.yaml
+++ b/chart/templates/vaultsecret.yaml
@@ -5,7 +5,7 @@ metadata:
  name: bots-secrets
  namespace: {{ .Release.Namespace }}
  labels:
-    {{- include "homelab-gateway.labels" . | nindent 4 }}
+    {{- include "telegram-gateway.labels" . | nindent 4 }}
 spec:
  type: kv-v2
  mount: {{ .Values.vault.mount }}
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -1,7 +1,7 @@
 replicaCount: 1

 image:
-  repository: gitea.arcodange.lab/arcodange/homelab-gateway
+  repository: gitea.arcodange.lab/arcodange/telegram-gateway
  pullPolicy: Always
  tag: ""

@@ -85,18 +85,18 @@ bots:
    handler: echo

 # k8s Secret consumed by `envFrom`. Phase 1: create it manually with kubectl.
-#   kubectl -n homelab-gateway create secret generic homelab-gateway-bots \
+#   kubectl -n telegram-gateway create secret generic telegram-gateway-bots \
 #     --from-literal=BOT_FACTORY_TOKEN=…   --from-literal=BOT_FACTORY_SECRET=…
 secret:
-  name: homelab-gateway-bots
+  name: telegram-gateway-bots

 # Vault Secrets Operator integration (Phase 2+). When enabled, VSO writes the
-# secret named `secret.name` automatically from `kvv2/homelab-gateway/config`.
+# secret named `secret.name` automatically from `kvv2/telegram-gateway/config`.
 vault:
  enabled: false
-  role: homelab-gateway
+  role: telegram-gateway
  mount: kvv2
-  path: homelab-gateway/config
+  path: telegram-gateway/config
  refreshAfter: 30s

 nodeSelector:
--- a/go.mod
+++ b/go.mod
@@ -1,4 +1,4 @@
-module github.com/arcodange-org/homelab-gateway
+module github.com/arcodange/telegram-gateway

 go 1.23

--- a/main.go
+++ b/main.go
@@ -13,7 +13,7 @@ import (
 )

 const defaultListenAddr = ":8080"
-const defaultConfigPath = "/etc/homelab-gateway/bots.yaml"
+const defaultConfigPath = "/etc/telegram-gateway/bots.yaml"

 func main() {
 	subcmd := ""
@@ -62,7 +62,7 @@ func runServer() {
 	defer stop()

 	go func() {
-		log.Printf("homelab-gateway listening on %s (%d bot(s) loaded)", *addr, registry.Count())
+		log.Printf("telegram-gateway listening on %s (%d bot(s) loaded)", *addr, registry.Count())
 		if err := srv.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) {
 			log.Fatalf("server: %v", err)
 		}