init

2024-05-22 12:49:28 -05:00
commit 35b77bb0df
219 changed files with 9997 additions and 0 deletions
--- a/clusters/cl01tl/applications/home-assistant/Chart.yaml
+++ b/clusters/cl01tl/applications/home-assistant/Chart.yaml
@@ -0,0 +1,11 @@
+apiVersion: v2
+name: home-assistant
+version: 1.0.0
+sources:
+  - https://github.com/home-assistant
+  - https://github.com/alexlebens/helm-charts/tree/main/charts/home-assistant
+dependencies:
+  - name: home-assistant
+    version: 0.1.15
+    repository: http://alexlebens.github.io/helm-charts
+appVersion: v2024.5.3
--- a/clusters/cl01tl/applications/home-assistant/templates/external-secret.yaml
+++ b/clusters/cl01tl/applications/home-assistant/templates/external-secret.yaml
@@ -0,0 +1,48 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: home-assistant-codeserver-password-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: {{ .Release.Name }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: SUDO_PASSWORD
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /home-assistant/auth
+        metadataPolicy: None
+        property: SUDO_PASSWORD
+
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: home-assistant-token-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: {{ .Release.Name }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: bearerToken
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /home-assistant/auth
+        metadataPolicy: None
+        property: bearerToken
--- a/clusters/cl01tl/applications/home-assistant/values.yaml
+++ b/clusters/cl01tl/applications/home-assistant/values.yaml
@@ -0,0 +1,46 @@
+home-assistant:
+  deployment:
+    env:
+      TZ: US/Central
+  ingressRoute:
+    enabled: true
+    host: homeassistant.alexlebens.net
+    authentik:
+      outpost: authentik-outpost-proxy
+      namespace: authentik
+  metrics:
+    enabled: true
+    serviceMonitor:
+      bearerTokenSecret:
+        name: home-assistant-token-secret
+        key: bearerToken
+    prometheusRule:
+      enabled: true
+      rules:
+        - alert: HomeAssistantAbsent
+          annotations:
+            description: Home Assistant has disappeared from Prometheus service discovery.
+            summary: Home Assistant is down.
+          expr: |
+            absent(up{job=~".*home-assistant.*"} == 1)
+          for: 5m
+          labels:
+            severity: critical
+  persistence:
+    config:
+      storageClassName: ceph-block
+      storageSize: 1Gi
+  codeserver:
+    enabled: true
+    env:
+      TZ: US/Central
+      DEFAULT_WORKSPACE: /config
+    envFrom:
+      - secretRef:
+          name: home-assistant-codeserver-password-secret
+    ingressRoute:
+      enabled: true
+      host: homeassistant-codeserver.alexlebens.net
+      authentik:
+        outpost: authentik-outpost-proxy
+        namespace: authentik