From 153a0455a97c41ff48d45e89ccceb8e6e3d9d783 Mon Sep 17 00:00:00 2001
From: Alex Lebens <alexanderlebens@gmail.com>
Date: Mon, 10 Mar 2025 17:32:52 -0500
Subject: [PATCH] add home assistant

---
 .../applications/home-assistant/Chart.yaml    | 23 ++++++
 .../templates/external-secret.yaml            | 30 ++++++++
 .../home-assistant/templates/http-route.yaml  | 62 ++++++++++++++++
 .../templates/service-monitor.yaml            | 24 +++++++
 .../applications/home-assistant/values.yaml   | 71 +++++++++++++++++++
 .../cl01tl/applications/homepage/values.yaml  |  6 +-
 clusters/cl01tl/services/blocky/values.yaml   |  2 +
 hosts/ps08rp/blocky/config.yml                |  2 +
 hosts/ps09rp/blocky/config.yml                |  2 +
 9 files changed, 219 insertions(+), 3 deletions(-)
 create mode 100644 clusters/cl01tl/applications/home-assistant/Chart.yaml
 create mode 100644 clusters/cl01tl/applications/home-assistant/templates/external-secret.yaml
 create mode 100644 clusters/cl01tl/applications/home-assistant/templates/http-route.yaml
 create mode 100644 clusters/cl01tl/applications/home-assistant/templates/service-monitor.yaml
 create mode 100644 clusters/cl01tl/applications/home-assistant/values.yaml

diff --git a/clusters/cl01tl/applications/home-assistant/Chart.yaml b/clusters/cl01tl/applications/home-assistant/Chart.yaml
new file mode 100644
index 000000000..1d722b05b
--- /dev/null
+++ b/clusters/cl01tl/applications/home-assistant/Chart.yaml
@@ -0,0 +1,23 @@
+apiVersion: v2
+name: home-assistant
+version: 1.0.0
+description: Home Assistant
+keywords:
+  - home-assistant
+  - home
+  - automation
+home: https://wiki.alexlebens.dev/doc/home-assistant-
+sources:
+  - https://www.home-assistant.io/
+  - https://github.com/home-assistant/core
+  - https://github.com/home-assistant/core/pkgs/container/home-assistant
+  - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template
+maintainers:
+  - name: alexlebens
+dependencies:
+  - name: app-template
+    alias: home-assistant
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 3.7.2
+icon: https://cdn.jsdelivr.net/gh/selfhst/icons/webp/home-assistant.webp
+appVersion: 2025.3.1
diff --git a/clusters/cl01tl/applications/home-assistant/templates/external-secret.yaml b/clusters/cl01tl/applications/home-assistant/templates/external-secret.yaml
new file mode 100644
index 000000000..f5ecd7365
--- /dev/null
+++ b/clusters/cl01tl/applications/home-assistant/templates/external-secret.yaml
@@ -0,0 +1,30 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: home-assistant-code-server-password-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: home-assistant-code-server-password-secret
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: PASSWORD
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/home-assistant/code-server/auth
+        metadataPolicy: None
+        property: PASSWORD
+    - secretKey: SUDO_PASSWORD
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/home-assistant/code-server/auth
+        metadataPolicy: None
+        property: SUDO_PASSWORD
diff --git a/clusters/cl01tl/applications/home-assistant/templates/http-route.yaml b/clusters/cl01tl/applications/home-assistant/templates/http-route.yaml
new file mode 100644
index 000000000..c0bb8e2bf
--- /dev/null
+++ b/clusters/cl01tl/applications/home-assistant/templates/http-route.yaml
@@ -0,0 +1,62 @@
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: http-route-home-assistant
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: http-route-home-assistant
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  parentRefs:
+    - group: gateway.networking.k8s.io
+      kind: Gateway
+      name: traefik-gateway
+      namespace: traefik
+  hostnames:
+    - home-assistant.alexlebens.net
+  rules:
+    - matches:
+      - path:
+          type: PathPrefix
+          value: /
+      backendRefs:
+        - group: ''
+          kind: Service
+          name: home-assistant-main
+          port: 80
+          weight: 100
+
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: http-route-home-assistant-code-server
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: http-route-home-assistant-code-server
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  parentRefs:
+    - group: gateway.networking.k8s.io
+      kind: Gateway
+      name: traefik-gateway
+      namespace: traefik
+  hostnames:
+    - home-assistant-code-server.alexlebens.net
+  rules:
+    - matches:
+      - path:
+          type: PathPrefix
+          value: /
+      backendRefs:
+        - group: ''
+          kind: Service
+          name: home-assistant-code-server
+          port: 8443
+          weight: 100
diff --git a/clusters/cl01tl/applications/home-assistant/templates/service-monitor.yaml b/clusters/cl01tl/applications/home-assistant/templates/service-monitor.yaml
new file mode 100644
index 000000000..53d3f5484
--- /dev/null
+++ b/clusters/cl01tl/applications/home-assistant/templates/service-monitor.yaml
@@ -0,0 +1,24 @@
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: home-assistant
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: home-assistant
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: metrics
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: home-assistant
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  endpoints:
+    - port: 80
+      interval: 3m
+      scrapeTimeout: 1m
+      path: /api/prometheus
+      bearerTokenSecret:
+        name: secretName
+        key: secretKey
diff --git a/clusters/cl01tl/applications/home-assistant/values.yaml b/clusters/cl01tl/applications/home-assistant/values.yaml
new file mode 100644
index 000000000..cef8c61b2
--- /dev/null
+++ b/clusters/cl01tl/applications/home-assistant/values.yaml
@@ -0,0 +1,71 @@
+home-assistant:
+  controllers:
+    main:
+      type: deployment
+      replicas: 1
+      strategy: Recreate
+      revisionHistoryLimit: 3
+      containers:
+        main:
+          image:
+            repository: ghcr.io/home-assistant/home-assistant
+            tag: 2025.3.1
+            pullPolicy: IfNotPresent
+          env:
+            - name: TZ
+              value: US/Central
+          resources:
+            requests:
+              cpu: 1
+              memory: 2Gi
+        code-server:
+          image:
+            repository: ghcr.io/linuxserver/code-server
+            tag: 4.97.2@sha256:3d1f7bd7399b4b54622e580a7f14afd6886ff698fc11dd1978afd04cc6e7b529
+            pullPolicy: IfNotPresent
+          env:
+            - name: TZ
+              value: US/Central
+            - name: PUID
+              value: 1000
+            - name: PGID
+              value: 1000
+            - name: DEFAULT_WORKSPACE
+              value: /config
+          envFrom:
+            - secretRef:
+                name: home-assistant-code-server-password-secret
+          resources:
+            requests:
+              cpu: 10m
+              memory: 128Mi
+  serviceAccount:
+    create: true
+  service:
+    main:
+      controller: main
+      ports:
+        http:
+          port: 80
+          targetPort: 8123
+          protocol: TCP
+    code-server:
+      controller: main
+      ports:
+        http:
+          port: 8443
+          targetPort: 8443
+          protocol: HTTP
+  persistence:
+    config:
+      storageClass: ceph-block
+      accessMode: ReadWriteOnce
+      size: 5Gi
+      advancedMounts:
+        main:
+          main:
+            - path: /config
+              readOnly: false
+          code-server:
+            - path: /config/home-assistant
+              readOnly: false
diff --git a/clusters/cl01tl/applications/homepage/values.yaml b/clusters/cl01tl/applications/homepage/values.yaml
index 7bd36e9e1..1da0ec8de 100644
--- a/clusters/cl01tl/applications/homepage/values.yaml
+++ b/clusters/cl01tl/applications/homepage/values.yaml
@@ -202,7 +202,7 @@ homepage:
                   icon: sh-home-assistant.svg
                   description: Home Assistant
                   href: https://home-assistant.alexlebens.net
-                  siteMonitor: http://home-assistant.home-assistant:8123
+                  siteMonitor: http://home-assistant-main.home-assistant:80
                   statusStyle: dot
               - AI:
                   icon: sh-ollama-light.svg
@@ -268,8 +268,8 @@ homepage:
               - IDE (Home Assistant):
                   icon: sh-visual-studio-code.svg
                   description: Edit config for Home Assistant
-                  href: https://home-assistant-codeserver.alexlebens.net
-                  siteMonitor: http://home-assistant.home-assistant:8443
+                  href: https://home-assistant-code-server.alexlebens.net
+                  siteMonitor: http://home-assistant-code-server.home-assistant:8443
                   statusStyle: dot
               - Continuous Deployment:
                   icon: sh-argo-cd.svg
diff --git a/clusters/cl01tl/services/blocky/values.yaml b/clusters/cl01tl/services/blocky/values.yaml
index 8c9e996b8..a91cccf12 100644
--- a/clusters/cl01tl/services/blocky/values.yaml
+++ b/clusters/cl01tl/services/blocky/values.yaml
@@ -116,6 +116,8 @@ blocky:
               harbor                          IN      CNAME   traefik-cl01tl
               headlamp                        IN      CNAME   traefik-cl01tl
               home                            IN      CNAME   traefik-cl01tl
+              home-assistant                  IN      CNAME   traefik-cl01tl
+              home-assistant-code-server      IN      CNAME   traefik-cl01tl
               hubble                          IN      CNAME   traefik-cl01tl
               immich                          IN      CNAME   traefik-cl01tl
               jellyfin                        IN      CNAME   traefik-cl01tl
diff --git a/hosts/ps08rp/blocky/config.yml b/hosts/ps08rp/blocky/config.yml
index 7c1ae3289..58275463c 100644
--- a/hosts/ps08rp/blocky/config.yml
+++ b/hosts/ps08rp/blocky/config.yml
@@ -89,6 +89,8 @@ customDNS:
     harbor                          IN      CNAME   traefik-cl01tl
     headlamp                        IN      CNAME   traefik-cl01tl
     home                            IN      CNAME   traefik-cl01tl
+    home-assistant                  IN      CNAME   traefik-cl01tl
+    home-assistant-code-server      IN      CNAME   traefik-cl01tl
     hubble                          IN      CNAME   traefik-cl01tl
     immich                          IN      CNAME   traefik-cl01tl
     jellyfin                        IN      CNAME   traefik-cl01tl
diff --git a/hosts/ps09rp/blocky/config.yml b/hosts/ps09rp/blocky/config.yml
index 7c1ae3289..58275463c 100644
--- a/hosts/ps09rp/blocky/config.yml
+++ b/hosts/ps09rp/blocky/config.yml
@@ -89,6 +89,8 @@ customDNS:
     harbor                          IN      CNAME   traefik-cl01tl
     headlamp                        IN      CNAME   traefik-cl01tl
     home                            IN      CNAME   traefik-cl01tl
+    home-assistant                  IN      CNAME   traefik-cl01tl
+    home-assistant-code-server      IN      CNAME   traefik-cl01tl
     hubble                          IN      CNAME   traefik-cl01tl
     immich                          IN      CNAME   traefik-cl01tl
     jellyfin                        IN      CNAME   traefik-cl01tl