alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 4 Actions Activity

tmp/booklore (#5034)
All checks were successful
lint-test-docker / lint-docker-compose (push) Successful in 23s
Details
lint-test-helm / lint-helm (push) Successful in 26s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 2m37s
Details

Browse Source 
Reviewed-on: #5034
This commit was merged in pull request #5034.
This commit is contained in:
Alex Lebens
2026-03-24 03:44:24 +00:00
parent e20bc4b2cf
commit 36ac6266ca
15 changed files with 6 additions and 589 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
clusters/cl01tl/helm/blocky/values.yaml
View File

@@ -108,7 +108,6 @@ blocky:
authentik IN CNAME traefik-cl01tl
backrest IN CNAME traefik-cl01tl
bazarr IN CNAME traefik-cl01tl
booklore IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl
code-server IN CNAME traefik-cl01tl
dawarich IN CNAME traefik-cl01tl

15
clusters/cl01tl/helm/booklore/Chart.lock
View File

@@ -1,15 +0,0 @@
dependencies:
- name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2
- name: mariadb-cluster
repository: https://helm.mariadb.com/mariadb-operator
version: 26.3.0
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
digest: sha256:e65fa008c652092da5431e9780eb2a87c944298a12e58e432efad61c9e826da5
generated: "2026-03-14T23:57:22.721295098Z"

36
clusters/cl01tl/helm/booklore/Chart.yaml
View File

@@ -1,36 +0,0 @@
apiVersion: v2
name: booklore
version: 1.0.0
description: booklore
keywords:
- booklore
- grimmory
- books
home: https://wiki.alexlebens.dev/
sources:
- https://github.com/booklore-app/BookLore
- https://github.com/grimmory-tools/grimmory
- https://github.com/booklore-app/booklore/pkgs/container/booklore
- https://github.com/grimmory-tools/grimmory/pkgs/container/grimmory
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: booklore
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2
- name: mariadb-cluster
version: 26.3.0
repository: https://helm.mariadb.com/mariadb-operator
- name: volsync-target
alias: volsync-target-config
version: 0.8.0
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-data
version: 0.8.0
repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/booklore.png
# renovate: datasource=github-releases depName=grimmory-tools/grimmory
appVersion: v2.3.0

104
clusters/cl01tl/helm/booklore/templates/external-secret.yaml
View File

@@ -1,104 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: booklore-database-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-database-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: password
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/booklore/database
metadataPolicy: None
property: password
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: booklore-data-replication-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-data-replication-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: psk.txt
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/booklore/replication
metadataPolicy: None
property: psk.txt
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: booklore-mariadb-cluster-backup-secret-external
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-mariadb-cluster-backup-secret-external
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: access
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/mariadb-backups
metadataPolicy: None
property: access
- secretKey: secret
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/mariadb-backups
metadataPolicy: None
property: secret
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: booklore-mariadb-cluster-backup-secret-garage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-mariadb-cluster-backup-secret-garage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: access
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/mariadb-backups
metadataPolicy: None
property: access
- secretKey: secret
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/mariadb-backups
metadataPolicy: None
property: secret

13
clusters/cl01tl/helm/booklore/templates/namespace.yaml
View File

@@ -1,13 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: booklore
annotations:
volsync.backube/privileged-movers: "true"
labels:
app.kubernetes.io/name: booklore
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/warn: privileged

36
clusters/cl01tl/helm/booklore/templates/persistent-volume-claim.yaml
View File

@@ -1,36 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: booklore-books-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-books-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: booklore-books-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: booklore-books-import-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-books-import-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: booklore-books-import-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi

48
clusters/cl01tl/helm/booklore/templates/persistent-volume.yaml
View File

@@ -1,48 +0,0 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: booklore-books-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-books-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Books
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: booklore-books-import-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-books-import-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Books Import
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac

249
clusters/cl01tl/helm/booklore/values.yaml
View File

@@ -1,249 +0,0 @@
booklore:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: ghcr.io/grimmory-tools/grimmory
tag: v2.3.0
pullPolicy: IfNotPresent
env:
- name: TZ
value: America/Chicago
- name: USER_ID
value: 1000
- name: GROUP_ID
value: 1000
- name: DATABASE_URL
value: jdbc:mariadb://booklore-mariadb-cluster-primary.booklore:3306/booklore
- name: DATABASE_USERNAME
value: booklore
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: booklore-database-secret
key: password
- name: BOOKLORE_PORT
value: 6060
- name: SWAGGER_ENABLED
value: false
resources:
requests:
cpu: 50m
memory: 128Mi
service:
main:
controller: main
ports:
http:
port: 80
targetPort: 6060
protocol: HTTP
route:
main:
kind: HTTPRoute
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- booklore.alexlebens.net
rules:
- backendRefs:
- group: ''
kind: Service
name: booklore
port: 80
weight: 100
matches:
- path:
type: PathPrefix
value: /
persistence:
config:
forceRename: booklore-config
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 5Gi
retain: true
advancedMounts:
main:
main:
- path: /app/data
readOnly: false
data:
forceRename: booklore-data
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 10Gi
retain: true
advancedMounts:
main:
main:
- path: /data
readOnly: false
books-import:
type: emptyDir
advancedMounts:
main:
main:
- path: /bookdrop
readOnly: false
ingest:
existingClaim: booklore-books-import-nfs-storage
advancedMounts:
main:
main:
- path: /bookdrop/ingest
readOnly: false
mariadb-cluster:
mariadb:
rootPasswordSecretKeyRef:
generate: false
name: booklore-database-secret
key: password
storage:
size: 5Gi
replicas: 3
galera:
enabled: true
bootstrapFrom:
s3:
bucket: mariadb-backups-b230a2f5aecf080a4b372c08
prefix: cl01tl/booklore
endpoint: nyc3.digitaloceanspaces.com
region: us-east-1
accessKeyIdSecretKeyRef:
name: booklore-mariadb-cluster-backup-secret-external
key: access
secretAccessKeySecretKeyRef:
name: booklore-mariadb-cluster-backup-secret-external
key: secret
tls:
enabled: true
backupContentType: Physical
databases:
- name: booklore
characterSet: utf8
collate: utf8_general_ci
cleanupPolicy: Delete
requeueInterval: 10h
users:
- name: booklore
passwordSecretKeyRef:
name: booklore-database-secret
key: password
host: '%'
cleanupPolicy: Delete
requeueInterval: 10h
retryInterval: 30s
grants:
- name: booklore
privileges:
- "ALL PRIVILEGES"
database: "booklore"
table: "*"
username: booklore
grantOption: true
host: '%'
cleanupPolicy: Delete
requeueInterval: 10h
retryInterval: 30s
physicalBackups:
- name: backup-external
schedule:
cron: "0 0 * * 0"
suspend: false
immediate: true
compression: gzip
maxRetention: 2160h
successfulJobsHistoryLimit: 1
storage:
s3:
bucket: mariadb-backups-b230a2f5aecf080a4b372c08
prefix: cl01tl/booklore
endpoint: nyc3.digitaloceanspaces.com
region: us-east-1
accessKeyIdSecretKeyRef:
name: booklore-mariadb-cluster-backup-secret-external
key: access
secretAccessKeySecretKeyRef:
name: booklore-mariadb-cluster-backup-secret-external
key: secret
tls:
enabled: true
- name: backup-remote
schedule:
cron: "0 0 * * 0"
suspend: false
immediate: true
compression: gzip
maxRetention: 2160h
successfulJobsHistoryLimit: 1
storage:
s3:
bucket: mariadb-backups
prefix: cl01tl/booklore
endpoint: garage-ps10rp.boreal-beaufort.ts.net:3900
region: us-east-1
accessKeyIdSecretKeyRef:
name: booklore-mariadb-cluster-backup-secret-garage
key: access
secretAccessKeySecretKeyRef:
name: booklore-mariadb-cluster-backup-secret-garage
key: secret
tls:
enabled: true
- name: backup-garage
schedule:
cron: "0 0 * * *"
suspend: false
immediate: true
compression: gzip
maxRetention: 360h
successfulJobsHistoryLimit: 1
storage:
s3:
bucket: mariadb-backups
prefix: cl01tl/booklore
endpoint: garage-main.garage:3900
region: us-east-1
accessKeyIdSecretKeyRef:
name: booklore-mariadb-cluster-backup-secret-garage
key: access
secretAccessKeySecretKeyRef:
name: booklore-mariadb-cluster-backup-secret-garage
key: secret
volsync-target-config:
pvcTarget: booklore-config
local:
enabled: true
schedule: 12 8 * * *
remote:
enabled: true
schedule: 12 9 * * *
external:
enabled: true
schedule: 12 10 * * *
volsync-target-data:
pvcTarget: booklore-data
local:
enabled: true
schedule: 14 8 * * *
restic:
cacheCapacity: 10Gi
remote:
enabled: true
schedule: 14 9 * * *
restic:
cacheCapacity: 10Gi
external:
enabled: true
schedule: 14 10 * * *
restic:
cacheCapacity: 10Gi

3
clusters/cl01tl/helm/gatus/values.yaml
View File

@@ -164,9 +164,6 @@ gatus:
- name: foldergram
url: https://foldergram.alexlebens.net
<<: *defaults
- name: booklore
url: https://booklore.alexlebens.net
<<: *defaults
- name: grimmory
url: https://grimmory.alexlebens.net
<<: *defaults

57
clusters/cl01tl/helm/grimmory/templates/external-secret.yaml
View File

@@ -84,60 +84,3 @@ spec:
remoteRef:
key: /garage/home-infra/mariadb-backups
property: secret
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: booklore-config-backup-secret-local
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-config-backup-secret-local
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
engineVersion: v2
mergePolicy: Merge
data:
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/booklore/booklore-config"
data:
- remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/garage-local
metadataPolicy: None
property: BUCKET_ENDPOINT
secretKey: BUCKET_ENDPOINT
- remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/garage-local
metadataPolicy: None
property: RESTIC_PASSWORD
secretKey: RESTIC_PASSWORD
- remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_REGION
secretKey: AWS_DEFAULT_REGION
- remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_KEY_ID
secretKey: AWS_ACCESS_KEY_ID
- remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_SECRET_KEY
secretKey: AWS_SECRET_ACCESS_KEY

19
clusters/cl01tl/helm/grimmory/templates/replication-destination.yaml
View File

@@ -1,19 +0,0 @@
apiVersion: volsync.backube/v1alpha1
kind: ReplicationDestination
metadata:
name: grimmory-config-restore
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: grimmory-config-restore
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
trigger:
manual: restore-once
restic:
repository: booklore-config-backup-secret-local
destinationPVC: grimmory-config
copyMethod: Snapshot
moverSecurityContext:
runAsUser: 0
runAsGroup: 0

4
clusters/cl01tl/helm/shelfmark/templates/external-secret.yaml
View File

@@ -12,14 +12,14 @@ spec:
kind: ClusterSecretStore
name: vault
data:
- secretKey: booklore-user
- secretKey: grimmory-user
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/shelfmark/booklore
metadataPolicy: None
property: user
- secretKey: booklore-password
- secretKey: grimmory-password
remoteRef:
conversionStrategy: Default
decodingStrategy: None

8
clusters/cl01tl/helm/shelfmark/values.yaml
View File

@@ -17,7 +17,7 @@ shelfmark:
- name: DOCKERMODE
value: true
- name: CALIBRE_WEB_URL
value: https://booklore.alexlebens.net
value: https://grimmory.alexlebens.net
- name: AUDIOBOOK_LIBRARY_URL
value: https://audiobookshelf.alexlebens.net
- name: SEARCH_MODE
@@ -29,17 +29,17 @@ shelfmark:
- name: BOOKS_OUTPUT_MODE
value: booklore
- name: BOOKLORE_HOST
value: http://booklore.booklore:80
value: http://grimmory.grimmory:80
- name: BOOKLORE_USERNAME
valueFrom:
secretKeyRef:
name: shelfmark-config-secret
key: booklore-user
key: grimmory-user
- name: BOOKLORE_PASSWORD
valueFrom:
secretKeyRef:
name: shelfmark-config-secret
key: booklore-password
key: grimmory-password
- name: BOOKLORE_DESTINATION
value: library
- name: BOOKLORE_LIBRARY_ID

1
hosts/ps08rp/blocky/config.yml
View File

@@ -85,7 +85,6 @@ customDNS:
authentik IN CNAME traefik-cl01tl
backrest IN CNAME traefik-cl01tl
bazarr IN CNAME traefik-cl01tl
booklore IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl
code-server IN CNAME traefik-cl01tl
dawarich IN CNAME traefik-cl01tl

1
hosts/ps09rp/blocky/config.yml
View File

@@ -106,7 +106,6 @@ customDNS:
authentik IN CNAME traefik-cl01tl
backrest IN CNAME traefik-cl01tl
bazarr IN CNAME traefik-cl01tl
booklore IN CNAME traefik-cl01tl
ceph IN CNAME traefik-cl01tl
code-server IN CNAME traefik-cl01tl
dawarich IN CNAME traefik-cl01tl