diff --git a/clusters/standby/applications/audiobookshelf/Chart.yaml b/clusters/standby/applications/audiobookshelf/Chart.yaml deleted file mode 100644 index 6bc77354b..000000000 --- a/clusters/standby/applications/audiobookshelf/Chart.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v2 -name: audiobookshelf -version: 1.0.0 -description: Audiobookshelf -keywords: - - audiobookshelf - - books - - podcasts - - audiobooks -home: https://wiki.alexlebens.dev/doc/audiobookshelf-uNciuFjzDw -sources: - - https://github.com/advplyr/audiobookshelf - - https://github.com/advplyr/audiobookshelf/pkgs/container/audiobookshelf - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: audiobookshelf - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/audiobookshelf.png -appVersion: 2.17.5 diff --git a/clusters/standby/applications/audiobookshelf/templates/external-secret.yaml b/clusters/standby/applications/audiobookshelf/templates/external-secret.yaml deleted file mode 100644 index aa540f2e8..000000000 --- a/clusters/standby/applications/audiobookshelf/templates/external-secret.yaml +++ /dev/null @@ -1,116 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: audiobookshelf-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: audiobookshelf-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/audiobookshelf/audiobookshelf-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: audiobookshelf-metadata-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: audiobookshelf-metadata-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/audiobookshelf/audiobookshelf-metadata" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key diff --git a/clusters/standby/applications/audiobookshelf/templates/persistent-volume-claim.yaml b/clusters/standby/applications/audiobookshelf/templates/persistent-volume-claim.yaml deleted file mode 100644 index 888e53646..000000000 --- a/clusters/standby/applications/audiobookshelf/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,40 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: audiobookshelf-nfs-storage-backup - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: audiobookshelf-nfs-storage-backup - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeMode: Filesystem - storageClassName: nfs-client - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: audiobookshelf-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: audiobookshelf-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: audiobookshelf-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/audiobookshelf/templates/persistent-volume.yaml b/clusters/standby/applications/audiobookshelf/templates/persistent-volume.yaml deleted file mode 100644 index 6ab16dee3..000000000 --- a/clusters/standby/applications/audiobookshelf/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: audiobookshelf-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: audiobookshelf-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/audiobookshelf/templates/replication-source.yaml b/clusters/standby/applications/audiobookshelf/templates/replication-source.yaml deleted file mode 100644 index 7005e464c..000000000 --- a/clusters/standby/applications/audiobookshelf/templates/replication-source.yaml +++ /dev/null @@ -1,56 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: audiobookshelf-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: audiobookshelf-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: audiobookshelf-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: audiobookshelf-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot - ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: audiobookshelf-metadata-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: audiobookshelf-metadata-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: audiobookshelf-metadata - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: audiobookshelf-metadata-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/audiobookshelf/values.yaml b/clusters/standby/applications/audiobookshelf/values.yaml deleted file mode 100644 index ea9ac1ae2..000000000 --- a/clusters/standby/applications/audiobookshelf/values.yaml +++ /dev/null @@ -1,80 +0,0 @@ -audiobookshelf: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/advplyr/audiobookshelf - tag: 2.19.2 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - resources: - requests: - cpu: 10m - memory: 128Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 80 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: audiobookshelf-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: audiobookshelf - port: 80 - tls: - - hosts: - - audiobookshelf-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 2Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - metadata: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 10Gi - retain: true - advancedMounts: - main: - main: - - path: /metadata - readOnly: false - backup: - existingClaim: audiobookshelf-nfs-storage-backup - advancedMounts: - main: - main: - - path: /metadata/backups - readOnly: false - audiobooks: - existingClaim: audiobookshelf-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store/ - readOnly: false diff --git a/clusters/standby/applications/calibre-web-automated/Chart.yaml b/clusters/standby/applications/calibre-web-automated/Chart.yaml deleted file mode 100644 index c608e8e3f..000000000 --- a/clusters/standby/applications/calibre-web-automated/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v2 -name: calibre-web-automated -version: 1.0.0 -description: Calibre Web Automated -keywords: - - calibre-web-automated - - books -home: https://wiki.alexlebens.dev/doc/calibre-web-automated-1SMf1jPFsb -sources: - - https://github.com/crocodilestick/Calibre-Web-Automator - - https://hub.docker.com/r/crocodilestick/calibre-web-automated - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: calibre-web-automated - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/calibre-web.png -appVersion: V2.1.2 diff --git a/clusters/standby/applications/calibre-web-automated/templates/external-secret.yaml b/clusters/standby/applications/calibre-web-automated/templates/external-secret.yaml deleted file mode 100644 index 191997cb9..000000000 --- a/clusters/standby/applications/calibre-web-automated/templates/external-secret.yaml +++ /dev/null @@ -1,82 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: calibre-web-automated-gmail-config - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: calibre-web-automated-gmail-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: gmail.json - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/calibre-web/gmail - metadataPolicy: None - property: gmail.json - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: calibre-web-automated-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: calibre-web-automated-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/calibre-web-automated/calibre-web-automated-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key diff --git a/clusters/standby/applications/calibre-web-automated/templates/persistent-volume-claim.yaml b/clusters/standby/applications/calibre-web-automated/templates/persistent-volume-claim.yaml deleted file mode 100644 index a237c684f..000000000 --- a/clusters/standby/applications/calibre-web-automated/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,40 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: calibre-web-automated-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: calibre-web-automated-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: calibre-web-automated-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi - ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: calibre-web-automated-ingest-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: calibre-web-automated-ingest-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: calibre-web-automated-ingest-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/calibre-web-automated/templates/persistent-volume.yaml b/clusters/standby/applications/calibre-web-automated/templates/persistent-volume.yaml deleted file mode 100644 index 4428541b9..000000000 --- a/clusters/standby/applications/calibre-web-automated/templates/persistent-volume.yaml +++ /dev/null @@ -1,52 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: calibre-web-automated-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: calibre-web-automated-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage/Calibre - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac - ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: calibre-web-automated-ingest-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: calibre-web-automated-ingest-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage/Calibre Import - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/calibre-web-automated/templates/replication-source.yaml b/clusters/standby/applications/calibre-web-automated/templates/replication-source.yaml deleted file mode 100644 index 08bb412f7..000000000 --- a/clusters/standby/applications/calibre-web-automated/templates/replication-source.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: calibre-web-automated-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: calibre-web-automated-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: calibre-web-automated-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: calibre-web-automated-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 1000 - runAsGroup: 100 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/calibre-web-automated/values.yaml b/clusters/standby/applications/calibre-web-automated/values.yaml deleted file mode 100644 index 02cc454ad..000000000 --- a/clusters/standby/applications/calibre-web-automated/values.yaml +++ /dev/null @@ -1,151 +0,0 @@ -calibre-web-automated: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: crocodilestick/calibre-web-automated - tag: V2.1.2@sha256:64cc0b6a563ef626c0f905792d6be976251149b30ee1e7fb49d60ef3ee966cb6 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 100 - - name: DOCKER_MODS - value: lscr.io/linuxserver/mods:universal-calibre-v7.23.0 - resources: - requests: - cpu: 100m - memory: 256Mi - downloader: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/calibrain/calibre-web-automated-book-downloader - tag: latest@sha256:29757639bff2263a0de383e6b4855b09457e6c5944f41e934247bbb9bec5c8b7 - pullPolicy: IfNotPresent - env: - - name: FLASK_PORT - value: 8084 - - name: UID - value: 1000 - - name: GID - value: 100 - - name: USE_CF_BYPASS - value: true - - name: CLOUDFLARE_PROXY_URL - value: http://localhost:8000 - - name: INGEST_DIR - value: /cwa-book-ingest - - name: BOOK_LANGUAGE - value: end - resources: - requests: - cpu: 10m - memory: 256Mi - bypass: - image: - repository: ghcr.io/sarperavci/cloudflarebypassforscraping - tag: latest@sha256:e937223b9321168efec4ce4b60958d399b6dde37791ea6dc67d05b057c0f167e - pullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 128Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 8083 - targetPort: 8083 - protocol: HTTP - downloader: - controller: downloader - ports: - http: - port: 8084 - targetPort: 8084 - protocol: HTTP - ingress: - tailscale-main: - enabled: true - className: tailscale - hosts: - - host: calibre-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: calibre-web-automated-main - port: 8083 - tls: - - hosts: - - calibre-cl01tl - tailscale-downloader: - enabled: true - className: tailscale - hosts: - - host: calibre-downloader-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: calibre-web-automated-downloader - port: 8084 - tls: - - hosts: - - calibre-downloader-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 5Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - gmail: - enabled: true - type: secret - name: calibre-web-automated-gmail-config - advancedMounts: - main: - main: - - path: /app/calibre-web/gmail.json - readOnly: true - mountPropagation: None - subPath: gmail.json - books: - existingClaim: calibre-web-automated-nfs-storage - advancedMounts: - main: - main: - - path: /calibre-library - readOnly: false - ingest: - existingClaim: calibre-web-automated-ingest-nfs-storage - advancedMounts: - main: - main: - - path: /cwa-book-ingest - readOnly: false - downloader: - main: - - path: /cwa-book-ingest - readOnly: false diff --git a/clusters/standby/applications/checkrr/Chart.yaml b/clusters/standby/applications/checkrr/Chart.yaml deleted file mode 100644 index 68007114a..000000000 --- a/clusters/standby/applications/checkrr/Chart.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: v2 -name: checkrr -version: 1.0.0 -description: Checkrr -keywords: - - checkrr - - servarr - - healthchecks -home: https://wiki.alexlebens.dev/doc/checkrr -sources: - - https://github.com/aetaric/checkrr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: checkrr - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 -appVersion: v3.4.0 diff --git a/clusters/standby/applications/checkrr/templates/external-secret.yaml b/clusters/standby/applications/checkrr/templates/external-secret.yaml deleted file mode 100644 index 2843f04d1..000000000 --- a/clusters/standby/applications/checkrr/templates/external-secret.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: checkrr-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: checkrr-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: checkrr.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/checkrr - metadataPolicy: None - property: checkrr.yaml diff --git a/clusters/standby/applications/checkrr/templates/persistent-volume-claim.yaml b/clusters/standby/applications/checkrr/templates/persistent-volume-claim.yaml deleted file mode 100644 index dbf595e38..000000000 --- a/clusters/standby/applications/checkrr/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: checkrr-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: checkrr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: checkrr-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/checkrr/templates/persistent-volume.yaml b/clusters/standby/applications/checkrr/templates/persistent-volume.yaml deleted file mode 100644 index d4fac2d8f..000000000 --- a/clusters/standby/applications/checkrr/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: checkrr-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: checkrr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/checkrr/values.yaml b/clusters/standby/applications/checkrr/values.yaml deleted file mode 100644 index 21f1b5bcc..000000000 --- a/clusters/standby/applications/checkrr/values.yaml +++ /dev/null @@ -1,92 +0,0 @@ -checkrr: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - initContainers: - init-create-db: - securityContext: - runAsUser: 0 - image: - repository: busybox - tag: 1.37.0 - pullPolicy: IfNotPresent - command: - - /bin/sh - - -ec - - | - if [ ! -f /app/checkrr.db ]; then - touch /app/checkrr.db; - fi; - resources: - requests: - cpu: 100m - memory: 128Mi - containers: - main: - image: - repository: aetaric/checkrr - tag: 3.4.0 - pullPolicy: IfNotPresent - resources: - requests: - cpu: 2 - memory: 512Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 8585 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: checkrr-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: checkrr - port: 80 - tls: - - hosts: - - checkrr-cl01tl - persistence: - config: - enabled: true - type: secret - name: checkrr-config-secret - advancedMounts: - main: - main: - - path: /etc/checkrr.yaml - readOnly: true - mountPropagation: None - subPath: checkrr.yaml - db: - storageClass: ceph-block-delete - accessMode: ReadWriteOnce - size: 5Gi - advancedMounts: - main: - init-create-db: - - path: /app - readOnly: false - main: - - path: /app - readOnly: false - media: - existingClaim: checkrr-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store - readOnly: false diff --git a/clusters/standby/applications/code-server/Chart.yaml b/clusters/standby/applications/code-server/Chart.yaml deleted file mode 100644 index 5d7e5f27a..000000000 --- a/clusters/standby/applications/code-server/Chart.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: v2 -name: code-server -version: 1.0.0 -description: Code Server -keywords: - - code-server - - code - - ide -home: https://wiki.alexlebens.dev/doc/code-server-1WziinqCFS -sources: - - https://github.com/coder/code-server - - https://github.com/cloudflare/cloudflared - - https://hub.docker.com/r/linuxserver/code-server - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/tree/main/charts/cloudflared -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: code-server - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: cloudflared - alias: cloudflared - repository: http://alexlebens.github.io/helm-charts - version: 1.13.0 -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/code-server.png -appVersion: 4.96.1 diff --git a/clusters/standby/applications/code-server/templates/external-secret.yaml b/clusters/standby/applications/code-server/templates/external-secret.yaml deleted file mode 100644 index bfd61e68d..000000000 --- a/clusters/standby/applications/code-server/templates/external-secret.yaml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: codeserver-password-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: codeserver-password-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/code-server/auth - metadataPolicy: None - property: PASSWORD - - secretKey: SUDO_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/code-server/auth - metadataPolicy: None - property: SUDO_PASSWORD - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: code-server-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: code-server-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/codeserver - metadataPolicy: None - property: token diff --git a/clusters/standby/applications/code-server/templates/persistent-volume-claim.yaml b/clusters/standby/applications/code-server/templates/persistent-volume-claim.yaml deleted file mode 100644 index 198804928..000000000 --- a/clusters/standby/applications/code-server/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: code-server-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: code-server-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeMode: Filesystem - storageClassName: nfs-client - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/code-server/values.yaml b/clusters/standby/applications/code-server/values.yaml deleted file mode 100644 index d3ce8c6e6..000000000 --- a/clusters/standby/applications/code-server/values.yaml +++ /dev/null @@ -1,49 +0,0 @@ -code-server: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/linuxserver/code-server - tag: 4.96.4@sha256:11f009e81643d28f4527e3aa23f64bcd672be5ec2046be46c84755c82b5ad471 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 1000 - - name: DEFAULT_WORKSPACE - value: /config - envFrom: - - secretRef: - name: codeserver-password-secret - resources: - requests: - cpu: 10m - memory: 128Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 8443 - targetPort: 8443 - protocol: HTTP - persistence: - config: - existingClaim: code-server-nfs-storage - advancedMounts: - main: - main: - - path: /config - readOnly: false -cloudflared: - existingSecretName: code-server-cloudflared-secret diff --git a/clusters/standby/applications/directus/Chart.yaml b/clusters/standby/applications/directus/Chart.yaml deleted file mode 100644 index 9f44a7e2b..000000000 --- a/clusters/standby/applications/directus/Chart.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: v2 -name: directus -version: 1.0.0 -description: Directus -keywords: - - directus - - cms -home: https://wiki.alexlebens.dev/doc/directus-EvV9wese9H -sources: - - https://github.com/directus/directus - - https://github.com/minio/operator - - https://github.com/valkey-io/valkey - - https://github.com/cloudflare/cloudflared - - https://github.com/cloudnative-pg/cloudnative-pg - - https://hub.docker.com/r/directus/directus - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/minio/operator/tree/master/helm/tenant - - https://github.com/bitnami/charts/tree/main/bitnami/valkey - - https://github.com/alexlebens/helm-charts/charts/cloudflared - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: directus - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: tenant - alias: minio - version: 7.0.0 - repository: https://operator.min.io/ - - name: valkey - version: 2.2.3 - repository: https://charts.bitnami.com/bitnami - - name: cloudflared - alias: cloudflared-directus - repository: http://alexlebens.github.io/helm-charts - version: 1.13.0 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/directus.png -appVersion: 11.3.2 diff --git a/clusters/standby/applications/directus/templates/external-secret.yaml b/clusters/standby/applications/directus/templates/external-secret.yaml deleted file mode 100644 index 139334d52..000000000 --- a/clusters/standby/applications/directus/templates/external-secret.yaml +++ /dev/null @@ -1,272 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: directus-config - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: admin-email - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/directus/config - metadataPolicy: None - property: admin-email - - secretKey: admin-password - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/directus/config - metadataPolicy: None - property: admin-password - - secretKey: secret - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/directus/config - metadataPolicy: None - property: secret - - secretKey: key - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/directus/config - metadataPolicy: None - property: key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: directus-valkey-config - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-valkey-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: user - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/directus/valkey - metadataPolicy: None - property: user - - secretKey: password - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/directus/valkey - metadataPolicy: None - property: password - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: directus-oidc-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: OIDC_CLIENT_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/directus - metadataPolicy: None - property: client - - secretKey: OIDC_CLIENT_SECRET - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/directus - metadataPolicy: None - property: secret - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: directus-minio-user-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-minio-user-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/directus/minio/auth - metadataPolicy: None - property: AWS_ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/directus/minio/auth - metadataPolicy: None - property: AWS_SECRET_ACCESS_KEY - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: directus-minio-root-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-minio-root-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.env - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/directus/minio/config - metadataPolicy: None - property: root-config.env - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: directus-minio-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-minio-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.env - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/directus/minio/config - metadataPolicy: None - property: config.env - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: directus-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/directus - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: directus-minio-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-minio-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/directus-minio - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: directus-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/directus/values.yaml b/clusters/standby/applications/directus/values.yaml deleted file mode 100644 index 12dfc7bed..000000000 --- a/clusters/standby/applications/directus/values.yaml +++ /dev/null @@ -1,205 +0,0 @@ -directus: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: directus/directus - tag: 11.4.1 - pullPolicy: IfNotPresent - env: - - name: PUBLIC_URL - value: https://directus.alexlebens.dev - - name: WEBSOCKETS_ENABLED - value: true - - name: ADMIN_EMAIL - valueFrom: - secretKeyRef: - name: directus-config - key: admin-email - - name: ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: directus-config - key: admin-password - - name: SECRET - valueFrom: - secretKeyRef: - name: directus-config - key: secret - - name: KEY - valueFrom: - secretKeyRef: - name: directus-config - key: key - - name: DB_CLIENT - value: postgres - - name: DB_HOST - valueFrom: - secretKeyRef: - name: directus-postgresql-17-cluster-app - key: host - - name: DB_DATABASE - valueFrom: - secretKeyRef: - name: directus-postgresql-17-cluster-app - key: dbname - - name: DB_PORT - valueFrom: - secretKeyRef: - name: directus-postgresql-17-cluster-app - key: port - - name: DB_USER - valueFrom: - secretKeyRef: - name: directus-postgresql-17-cluster-app - key: user - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: directus-postgresql-17-cluster-app - key: password - - name: REDIS_ENABLED - value: true - - name: REDIS_HOST - value: directus-valkey-primary - - name: REDIS_PORT - value: 6379 - - name: REDIS_USERNAME - valueFrom: - secretKeyRef: - name: directus-valkey-config - key: user - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: directus-valkey-config - key: password - - name: STORAGE_LOCATIONS - value: s3 - - name: STORAGE_S3_DRIVER - value: s3 - - name: STORAGE_S3_KEY - valueFrom: - secretKeyRef: - name: directus-minio-user-secret - key: AWS_ACCESS_KEY_ID - - name: STORAGE_S3_SECRET - valueFrom: - secretKeyRef: - name: directus-minio-user-secret - key: AWS_SECRET_ACCESS_KEY - - name: STORAGE_S3_BUCKET - value: directus - - name: STORAGE_S3_REGION - value: us-east-1 - - name: STORAGE_S3_ENDPOINT - value: http://minio.directus:80 - - name: STORAGE_S3_FORCE_PATH_STYLE - value: "true" - - name: AUTH_PROVIDERS - value: AUTHENTIK - - name: AUTH_AUTHENTIK_DRIVER - value: openid - - name: AUTH_AUTHENTIK_CLIENT_ID - valueFrom: - secretKeyRef: - name: directus-oidc-secret - key: OIDC_CLIENT_ID - - name: AUTH_AUTHENTIK_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: directus-oidc-secret - key: OIDC_CLIENT_SECRET - - name: AUTH_AUTHENTIK_SCOPE - value: openid profile email - - name: AUTH_AUTHENTIK_ISSUER_URL - value: https://auth.alexlebens.dev/application/o/directus/.well-known/openid-configuration - - name: AUTH_AUTHENTIK_IDENTIFIER_KEY - value: email - - name: AUTH_AUTHENTIK_ALLOW_PUBLIC_REGISTRATION - value: true - - name: AUTH_AUTHENTIK_LABEL - value: Authentik Login - - name: TELEMETRY - value: false - resources: - requests: - cpu: 10m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 8055 - protocol: TCP -minio: - existingSecret: - name: directus-minio-root-secret - tenant: - name: minio-directus - configuration: - name: directus-minio-config-secret - pools: - - servers: 3 - name: pool - volumesPerServer: 2 - size: 10Gi - storageClassName: ceph-block - mountPath: /export - subPath: /data - metrics: - enabled: true - port: 9000 - protocol: http - certificate: - requestAutoCert: false - ingress: - console: - enabled: true - ingressClassName: tailscale - tls: - - secretName: minio-directus-cl01tl - hosts: - - minio-directus-cl01tl - host: minio-directus-cl01tl - path: / - pathType: Prefix -valkey: - architecture: standalone - auth: - enabled: true - existingSecret: directus-valkey-config - existingSecretPasswordKey: password - primary: - persistence: - enabled: false - replica: - persistence: - enabled: false -cloudflared-directus: - name: cloudflared-directus - existingSecretName: directus-cloudflared-secret -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster - endpointCredentials: directus-postgresql-17-cluster-backup-secret - backupIndex: 1 diff --git a/clusters/standby/applications/element-web/Chart.yaml b/clusters/standby/applications/element-web/Chart.yaml deleted file mode 100644 index 5980a1eb2..000000000 --- a/clusters/standby/applications/element-web/Chart.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v2 -name: element-web -version: 1.0.0 -description: Element Web -keywords: - - element-web - - chat - - matrix -home: https://wiki.alexlebens.dev/doc/element-web-R4dzXXspgr -sources: - - https://github.com/element-hq/element-web - - https://github.com/cloudflare/cloudflared - - https://hub.docker.com/r/vectorim/element-web - - https://gitlab.com/ananace/charts/-/tree/master/charts/element-web - - https://github.com/alexlebens/helm-charts/tree/main/charts/cloudflared -maintainers: - - name: alexlebens -dependencies: - - name: element-web - version: 1.4.2 - repository: https://ananace.gitlab.io/charts - - name: cloudflared - alias: cloudflared - repository: http://alexlebens.github.io/helm-charts - version: 1.13.0 -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/element.png -appVersion: v1.11.88 diff --git a/clusters/standby/applications/element-web/templates/external-secret.yaml b/clusters/standby/applications/element-web/templates/external-secret.yaml deleted file mode 100644 index 3e65c22ac..000000000 --- a/clusters/standby/applications/element-web/templates/external-secret.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: element-web-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: element-web-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/element - metadataPolicy: None - property: token diff --git a/clusters/standby/applications/element-web/values.yaml b/clusters/standby/applications/element-web/values.yaml deleted file mode 100644 index 4791d094b..000000000 --- a/clusters/standby/applications/element-web/values.yaml +++ /dev/null @@ -1,28 +0,0 @@ -element-web: - replicaCount: 1 - image: - repository: vectorim/element-web - tag: v1.11.92 - pullPolicy: IfNotPresent - defaultServer: - url: https://matrix.alexlebens.dev - name: alexlebens.dev - identity_url: https://alexlebens.dev - config: - disable_3pid_login: true - brand: "Alex Lebens" - branding: - welcome_background_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-2.jpg - auth_header_logo_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png - sso_redirect_options: - immediate: true - default_theme: dark - default_country_code: US - ingress: - enabled: false - resources: - requests: - cpu: 10m - memory: 128Mi -cloudflared: - existingSecretName: element-web-cloudflared-secret diff --git a/clusters/standby/applications/freshrss/Chart.yaml b/clusters/standby/applications/freshrss/Chart.yaml deleted file mode 100644 index 1c76ea214..000000000 --- a/clusters/standby/applications/freshrss/Chart.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v2 -name: freshrss -version: 1.0.0 -description: FreshRSS -keywords: - - freshrss - - rss -home: https://wiki.alexlebens.dev/doc/freshrss-W6nFVTmKJw -sources: - - https://github.com/FreshRSS/FreshRSS - - https://github.com/cloudflare/cloudflared - - https://github.com/cloudnative-pg/cloudnative-pg - - https://hub.docker.com/r/freshrss/freshrss - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/tree/main/charts/cloudflared - - https://github.com/alexlebens/helm-charts/tree/main/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: freshrss - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: cloudflared - alias: cloudflared - repository: http://alexlebens.github.io/helm-charts - version: 1.13.0 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/freshrss.png -appVersion: 1.24.3 diff --git a/clusters/standby/applications/freshrss/templates/external-secret.yaml b/clusters/standby/applications/freshrss/templates/external-secret.yaml deleted file mode 100644 index 2d67309e0..000000000 --- a/clusters/standby/applications/freshrss/templates/external-secret.yaml +++ /dev/null @@ -1,192 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: freshrss-install-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: freshrss-install-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ADMIN_EMAIL - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/freshrss/config - metadataPolicy: None - property: ADMIN_EMAIL - - secretKey: ADMIN_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/freshrss/config - metadataPolicy: None - property: ADMIN_PASSWORD - - secretKey: ADMIN_API_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/freshrss/config - metadataPolicy: None - property: ADMIN_API_PASSWORD - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: freshrss-oidc-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: OIDC_CLIENT_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/freshrss - metadataPolicy: None - property: client - - secretKey: OIDC_CLIENT_SECRET - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/freshrss - metadataPolicy: None - property: secret - - secretKey: OIDC_CLIENT_CRYPTO_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/freshrss - metadataPolicy: None - property: crypto-key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: freshrss-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: freshrss-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/freshrss - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: freshrss-data-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: freshrss-data-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/freshrss/freshrss-data" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: freshrss-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/freshrss/templates/replication-source.yaml b/clusters/standby/applications/freshrss/templates/replication-source.yaml deleted file mode 100644 index c458c6db0..000000000 --- a/clusters/standby/applications/freshrss/templates/replication-source.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: freshrss-data-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: freshrss-data-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: freshrss-data - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: freshrss-data-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: - - 44 - - 100 - - 109 - - 65539 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/freshrss/values.yaml b/clusters/standby/applications/freshrss/values.yaml deleted file mode 100644 index b1d94f89e..000000000 --- a/clusters/standby/applications/freshrss/values.yaml +++ /dev/null @@ -1,132 +0,0 @@ -freshrss: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: freshrss/freshrss - tag: 1.25.0 - pullPolicy: IfNotPresent - env: - - name: PGID - value: "568" - - name: PUID - value: "568" - - name: TZ - value: US/Central - - name: FRESHRSS_ENV - value: production - - name: CRON_MIN - value: 13,43 - - name: BASE_URL - value: https://rss.alexlebens.dev - - name: DB_HOST - valueFrom: - secretKeyRef: - name: freshrss-postgresql-17-cluster-app - key: host - - name: DB_BASE - valueFrom: - secretKeyRef: - name: freshrss-postgresql-17-cluster-app - key: dbname - - name: DB_USER - valueFrom: - secretKeyRef: - name: freshrss-postgresql-17-cluster-app - key: user - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: freshrss-postgresql-17-cluster-app - key: password - - name: FRESHRSS_INSTALL - value: | - --api-enabled - --base-url $(BASE_URL) - --db-base $(DB_BASE) - --db-host $(DB_HOST) - --db-password $(DB_PASSWORD) - --db-type pgsql - --db-user $(DB_USER) - --auth-type http_auth - --default-user admin - --language en - - name: FRESHRSS_USER - value: | - --api-password $(ADMIN_API_PASSWORD) - --email $(ADMIN_EMAIL) - --language en - --password $(ADMIN_PASSWORD) - --user admin - - name: OIDC_ENABLED - value: 1 - - name: OIDC_PROVIDER_METADATA_URL - value: https://auth.alexlebens.dev/application/o/freshrss/.well-known/openid-configuration - - name: OIDC_X_FORWARDED_HEADERS - value: X-Forwarded-Port X-Forwarded-Proto X-Forwarded-Host - - name: OIDC_SCOPES - value: openid email profile - - name: OIDC_REMOTE_USER_CLAIM - value: preferred_username - envFrom: - - secretRef: - name: freshrss-oidc-secret - - secretRef: - name: freshrss-install-secret - resources: - requests: - cpu: 10m - memory: 128Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 80 - protocol: HTTP - persistence: - data: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 5Gi - retain: true - advancedMounts: - main: - main: - - path: /var/www/FreshRSS/data - readOnly: false - extensions: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 1Gi - retain: true - advancedMounts: - main: - main: - - path: /var/www/FreshRSS/extensions - readOnly: false -cloudflared: - existingSecretName: freshrss-cloudflared-secret -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster - endpointCredentials: freshrss-postgresql-17-cluster-backup-secret - backupIndex: 1 diff --git a/clusters/standby/applications/hoarder/Chart.yaml b/clusters/standby/applications/hoarder/Chart.yaml deleted file mode 100644 index 4b5be0739..000000000 --- a/clusters/standby/applications/hoarder/Chart.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: v2 -name: hoarder -version: 1.0.0 -description: Hoarder -keywords: - - hoarder - - bookmarks -home: https://wiki.alexlebens.dev/doc/hoarder- -sources: - - https://github.com/hoarder-app/hoarder - - https://github.com/cloudflare/cloudflared - - https://github.com/meilisearch/meilisearch - - https://github.com/hoarder-app/hoarder/pkgs/container/hoarder - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/tree/main/charts/cloudflared - - https://github.com/meilisearch/meilisearch-kubernetes/tree/main/charts/meilisearch -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: hoarder - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: meilisearch - version: 0.11.0 - repository: https://meilisearch.github.io/meilisearch-kubernetes - - name: cloudflared - alias: cloudflared - repository: http://alexlebens.github.io/helm-charts - version: 1.13.0 -icon: https://cdn.jsdelivr.net/gh/selfhst/icons/svg/hoarder.svg -appVersion: 0.19.0 diff --git a/clusters/standby/applications/hoarder/templates/external-secret.yaml b/clusters/standby/applications/hoarder/templates/external-secret.yaml deleted file mode 100644 index ce3c52b2f..000000000 --- a/clusters/standby/applications/hoarder/templates/external-secret.yaml +++ /dev/null @@ -1,164 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: hoarder-key-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: hoarder-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: key - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/hoarder/key - metadataPolicy: None - property: key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: hoarder-oidc-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: hoarder-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: AUTHENTIK_CLIENT_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/hoarder - metadataPolicy: None - property: client - - secretKey: AUTHENTIK_CLIENT_SECRET - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/hoarder - metadataPolicy: None - property: secret - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: hoarder-meilisearch-master-key-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: hoarder-meilisearch-master-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: meilisearch - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: MEILI_MASTER_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/hoarder/meilisearch - metadataPolicy: None - property: MEILI_MASTER_KEY - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: hoarder-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: hoarder-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/hoarder - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: hoarder-data-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: hoarder-data-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/hoarder/hoarder-data" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key diff --git a/clusters/standby/applications/hoarder/templates/replication-source.yaml b/clusters/standby/applications/hoarder/templates/replication-source.yaml deleted file mode 100644 index 62ff26769..000000000 --- a/clusters/standby/applications/hoarder/templates/replication-source.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: hoarder-data-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: hoarder-data-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: hoarder-data - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: hoarder-data-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/hoarder/values.yaml b/clusters/standby/applications/hoarder/values.yaml deleted file mode 100644 index bda9ae561..000000000 --- a/clusters/standby/applications/hoarder/values.yaml +++ /dev/null @@ -1,128 +0,0 @@ -hoarder: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/hoarder-app/hoarder - tag: 0.22.0 - pullPolicy: IfNotPresent - env: - - name: DATA_DIR - value: /data - - name: NEXTAUTH_URL - value: https://hoarder.alexlebens.dev/ - - name: NEXTAUTH_SECRET - valueFrom: - secretKeyRef: - name: hoarder-key-secret - key: key - - name: MEILI_ADDR - value: http://hoarder-meilisearch.hoarder:7700 - - name: MEILI_MASTER_KEY - valueFrom: - secretKeyRef: - name: hoarder-meilisearch-master-key-secret - key: MEILI_MASTER_KEY - - name: BROWSER_WEB_URL - value: http://hoarder.hoarder:9222 - - name: DISABLE_SIGNUPS - value: true - - name: OAUTH_PROVIDER_NAME - value: "Authentik" - - name: OAUTH_WELLKNOWN_URL - value: https://auth.alexlebens.dev/application/o/hoarder/.well-known/openid-configuration - - name: OAUTH_SCOPE - value: "openid email profile" - - name: OAUTH_CLIENT_ID - valueFrom: - secretKeyRef: - name: hoarder-oidc-secret - key: AUTHENTIK_CLIENT_ID - - name: OAUTH_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: hoarder-oidc-secret - key: AUTHENTIK_CLIENT_SECRET - - name: OLLAMA_BASE_URL - value: http://ollama-server-1.ollama:11434 - - name: OLLAMA_KEEP_ALIVE - value: 5m - - name: INFERENCE_TEXT_MODEL - value: llama3.1:8b - - name: INFERENCE_IMAGE_MODEL - value: llama3.2-vision:11b - - name: EMBEDDING_TEXT_MODEL - value: mxbai-embed-large - - name: INFERENCE_JOB_TIMEOUT_SEC - value: 720 - resources: - requests: - cpu: 10m - memory: 256Mi - chrome: - image: - repository: gcr.io/zenika-hub/alpine-chrome - tag: 124 - pullPolicy: IfNotPresent - args: - - --no-sandbox - - --disable-gpu - - --disable-dev-shm-usage - - --remote-debugging-address=0.0.0.0 - - --remote-debugging-port=9222 - - --hide-scrollbars - resources: - requests: - cpu: 10m - memory: 128Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 3000 - targetPort: 3000 - protocol: HTTP - chrome: - port: 9222 - targetPort: 9222 - protocol: HTTP - persistence: - data: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 10Gi - retain: true - advancedMounts: - main: - main: - - path: /data - readOnly: false -meilisearch: - environment: - MEILI_NO_ANALYTICS: true - MEILI_ENV: production - auth: - existingMasterKeySecret: hoarder-meilisearch-master-key-secret - service: - type: ClusterIP - port: 7700 - persistence: - enabled: true - storageClass: ceph-block - size: 10Gi - resources: - requests: - cpu: 10m - memory: 128Mi - serviceMonitor: - enabled: true -cloudflared: - existingSecretName: hoarder-cloudflared-secret diff --git a/clusters/standby/applications/immich/Chart.yaml b/clusters/standby/applications/immich/Chart.yaml deleted file mode 100644 index 47910a0c5..000000000 --- a/clusters/standby/applications/immich/Chart.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: v2 -name: immich -version: 1.0.0 -description: Immich -keywords: - - immich - - photos -home: https://wiki.alexlebens.dev/doc/immich-AVxvAWeWQ5 -sources: - - https://github.com/immich-app/immich - - https://github.com/valkey-io/valkey - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/bitnami/charts/tree/main/bitnami/valkey - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: immich - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: valkey - version: 2.2.3 - repository: https://charts.bitnami.com/bitnami - - name: postgres-cluster - alias: postgres-16-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/immich-app/immich/main/design/immich-logo.svg -appVersion: v1.123.0 diff --git a/clusters/standby/applications/immich/templates/external-secrets.yaml b/clusters/standby/applications/immich/templates/external-secrets.yaml deleted file mode 100644 index ebe30c599..000000000 --- a/clusters/standby/applications/immich/templates/external-secrets.yaml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: immich-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: config - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: immich-config.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/immich/config - metadataPolicy: None - property: immich-config.yaml - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: immich-postgresql-16-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich-postgresql-16-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/immich/templates/persistent-volume-claim.yaml b/clusters/standby/applications/immich/templates/persistent-volume-claim.yaml deleted file mode 100644 index 1cdc938d9..000000000 --- a/clusters/standby/applications/immich/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: immich-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: immich-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/immich/templates/persistent-volume.yaml b/clusters/standby/applications/immich/templates/persistent-volume.yaml deleted file mode 100644 index 9a7c071c2..000000000 --- a/clusters/standby/applications/immich/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: immich-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage/Immich - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/immich/templates/service-monitor.yaml b/clusters/standby/applications/immich/templates/service-monitor.yaml deleted file mode 100644 index 353c1c2f2..000000000 --- a/clusters/standby/applications/immich/templates/service-monitor.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: immich - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: immich - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: metrics-api - interval: 3m - scrapeTimeout: 1m - path: /metrics - - port: metrics-ms - interval: 3m - scrapeTimeout: 1m - path: /metrics diff --git a/clusters/standby/applications/immich/values.yaml b/clusters/standby/applications/immich/values.yaml deleted file mode 100644 index 79441a18c..000000000 --- a/clusters/standby/applications/immich/values.yaml +++ /dev/null @@ -1,250 +0,0 @@ -immich: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/immich-app/immich-server - tag: v1.125.7 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: IMMICH_TELEMETRY_INCLUDE - value: all - - name: IMMICH_CONFIG_FILE - value: /config/immich-config.yaml - - name: IMMICH_MACHINE_LEARNING_URL - value: http://immich-machine-learning.immich:3003 - - name: REDIS_HOSTNAME - value: immich-valkey-primary - - name: DB_VECTOR_EXTENSION - value: pgvecto.rs - - name: DB_HOSTNAME - valueFrom: - secretKeyRef: - name: immich-postgresql-16-cluster-app - key: host - - name: DB_DATABASE_NAME - valueFrom: - secretKeyRef: - name: immich-postgresql-16-cluster-app - key: dbname - - name: DB_PORT - valueFrom: - secretKeyRef: - name: immich-postgresql-16-cluster-app - key: port - - name: DB_USERNAME - valueFrom: - secretKeyRef: - name: immich-postgresql-16-cluster-app - key: user - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: immich-postgresql-16-cluster-app - key: password - probes: - liveness: - enabled: true - custom: true - spec: - httpGet: - path: /api/server/ping - port: 2283 - initialDelaySeconds: 0 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 3 - readiness: - enabled: true - custom: true - spec: - httpGet: - path: /api/server/ping - port: 2283 - initialDelaySeconds: 0 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 3 - startup: - enabled: true - custom: true - spec: - httpGet: - path: /api/server/ping - port: 2283 - initialDelaySeconds: 0 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 30 - resources: - requests: - gpu.intel.com/i915: 1 - cpu: 10m - memory: 512Mi - limits: - gpu.intel.com/i915: 1 - cpu: 2 - machine-learning: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/immich-app/immich-machine-learning - tag: v1.125.7 - pullPolicy: IfNotPresent - env: - - name: TRANSFORMERS_CACHE - value: /cache - probes: - liveness: - enabled: true - custom: true - spec: - httpGet: - path: /ping - port: 3003 - initialDelaySeconds: 0 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 3 - readiness: - enabled: true - custom: true - spec: - httpGet: - path: /ping - port: 3003 - initialDelaySeconds: 0 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 3 - startup: - enabled: false - resources: - requests: - gpu.intel.com/i915: 1 - cpu: 10m - memory: 256Mi - limits: - gpu.intel.com/i915: 1 - cpu: 8 - memory: 10Gi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 2283 - targetPort: 2283 - protocol: TCP - metrics-api: - port: 8081 - targetPort: 8081 - protocol: TCP - metrics-ms: - port: 8082 - targetPort: 8082 - protocol: TCP - machine-learning: - controller: machine-learning - ports: - http: - port: 3003 - targetPort: 3003 - protocol: TCP - ingress: - main: - enabled: true - className: tailscale - hosts: - - host: immich-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: immich-main - port: 2283 - tls: - - hosts: - - immich-cl01tl - persistence: - config: - enabled: true - type: secret - name: immich-config-secret - advancedMounts: - main: - main: - - path: /config/immich-config.yaml - readOnly: true - mountPropagation: None - subPath: immich-config.yaml - media: - existingClaim: immich-nfs-storage - advancedMounts: - main: - main: - - path: /usr/src/app/upload - readOnly: false - cache: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 10Gi - retain: true - advancedMounts: - machine-learning: - main: - - path: /cache - readOnly: false -valkey: - architecture: standalone - auth: - enabled: false - primary: - persistence: - enabled: false - replica: - persistence: - enabled: false -postgres-16-cluster: - # Tensorchord - #--- https://github.com/immich-app/immich/discussions/9060 - #--- https://docs.pgvecto.rs/admin/kubernetes.html - #--- https://github.com/tensorchord/cloudnative-pgvecto.rs - type: tensorchord - mode: standalone - cluster: - image: - repository: ghcr.io/tensorchord/cloudnative-pgvecto.rs - tag: 16.3-v0.2.1 - walStorage: - storageClass: local-path - storage: - storageClass: local-path - resources: - requests: - memory: 384Mi - cpu: 200m - monitoring: - enabled: true - postgresql: - parameters: - shared_buffers: 256MB - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-16-cluster - endpointCredentials: immich-postgresql-16-cluster-backup-secret - backupIndex: 1 diff --git a/clusters/standby/applications/jellyfin/Chart.yaml b/clusters/standby/applications/jellyfin/Chart.yaml deleted file mode 100644 index 1f5cceca9..000000000 --- a/clusters/standby/applications/jellyfin/Chart.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v2 -name: jellyfin -version: 1.0.0 -description: Jellyfin -keywords: - - jellyfin - - media - - movies - - tv shows - - books - - music -home: https://wiki.alexlebens.dev/doc/jellyfin-li98lrEiuA -sources: - - https://github.com/jellyfin/jellyfin - - https://github.com/jellyfin/jellyfin-vue - - https://hub.docker.com/r/jellyfin/jellyfin - - https://github.com/jellyfin/jellyfin-vue/pkgs/container/jellyfin-vue - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: jellyfin - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/jellyfin.png -appVersion: 10.10.3 diff --git a/clusters/standby/applications/jellyfin/templates/external-secret.yaml b/clusters/standby/applications/jellyfin/templates/external-secret.yaml deleted file mode 100644 index ec6dfb58e..000000000 --- a/clusters/standby/applications/jellyfin/templates/external-secret.yaml +++ /dev/null @@ -1,57 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: jellyfin-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: jellyfin-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/jellyfin/jellyfin-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key diff --git a/clusters/standby/applications/jellyfin/templates/persistent-volume-claim.yaml b/clusters/standby/applications/jellyfin/templates/persistent-volume-claim.yaml deleted file mode 100644 index fa5cd762f..000000000 --- a/clusters/standby/applications/jellyfin/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,40 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: jellyfin-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: jellyfin-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: jellyfin-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi - ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: jellyfin-youtube-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: jellyfin-youtube-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: jellyfin-youtube-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadOnlyMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/jellyfin/templates/persistent-volume.yaml b/clusters/standby/applications/jellyfin/templates/persistent-volume.yaml deleted file mode 100644 index aa051e830..000000000 --- a/clusters/standby/applications/jellyfin/templates/persistent-volume.yaml +++ /dev/null @@ -1,52 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: jellyfin-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: jellyfin-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac - ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: jellyfin-youtube-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: jellyfin-youtube-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadOnlyMany - nfs: - path: /volume2/Storage/YouTube - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/jellyfin/templates/replication-source.yaml b/clusters/standby/applications/jellyfin/templates/replication-source.yaml deleted file mode 100644 index 61a68c568..000000000 --- a/clusters/standby/applications/jellyfin/templates/replication-source.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: jellyfin-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: jellyfin-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: jellyfin-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: jellyfin-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/jellyfin/values.yaml b/clusters/standby/applications/jellyfin/values.yaml deleted file mode 100644 index 834ea18c3..000000000 --- a/clusters/standby/applications/jellyfin/values.yaml +++ /dev/null @@ -1,124 +0,0 @@ -jellyfin: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/jellyfin/jellyfin - tag: 10.10.5 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: JELLYFIN_hostwebclient - value: true - - name: JELLYFIN_PublishedServerUrl - value: https://jellyfin-cl01tl.boreal-beaufort.ts.net/ - resources: - requests: - gpu.intel.com/i915: 1 - cpu: 1 - memory: 2Gi - limits: - gpu.intel.com/i915: 1 - cpu: 4 - vue: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/jellyfin/jellyfin-vue - tag: unstable.2025-01-30.8e8cba9 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - resources: - requests: - cpu: 10m - memory: 128Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 8096 - protocol: HTTP - vue: - controller: vue - ports: - http: - port: 80 - targetPort: 80 - protocol: HTTP - ingress: - tailscale-main: - enabled: true - className: tailscale - hosts: - - host: jellyfin-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: jellyfin-main - port: 80 - tls: - - hosts: - - jellyfin-cl01tl - tailscale-vue: - enabled: true - className: tailscale - hosts: - - host: jellyfin-vue-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: jellyfin-vue - port: 80 - tls: - - hosts: - - jellyfin-vue-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 60Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - cache: - type: emptyDir - advancedMounts: - main: - main: - - path: /cache - readOnly: false - media: - existingClaim: jellyfin-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store - readOnly: false - youtube: - existingClaim: jellyfin-youtube-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/youtube - readOnly: true diff --git a/clusters/standby/applications/jellystat/Chart.yaml b/clusters/standby/applications/jellystat/Chart.yaml deleted file mode 100644 index 75fc3eeac..000000000 --- a/clusters/standby/applications/jellystat/Chart.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v2 -name: jellystat -version: 1.0.0 -description: Jellystat -keywords: - - jellystat - - jellyfin -home: https://wiki.alexlebens.dev/doc/jellystat-0FixP7GqGZ -sources: - - https://github.com/CyferShepard/Jellystat - - https://github.com/cloudnative-pg/cloudnative-pg - - https://hub.docker.com/r/cyfershepard/jellystat - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: jellystat - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/jellystat.png -appVersion: 1.1.1 diff --git a/clusters/standby/applications/jellystat/templates/external-secret.yaml b/clusters/standby/applications/jellystat/templates/external-secret.yaml deleted file mode 100644 index d27179410..000000000 --- a/clusters/standby/applications/jellystat/templates/external-secret.yaml +++ /dev/null @@ -1,128 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: jellystat-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: jellystat-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: secret-key - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/jellystat - metadataPolicy: None - property: secret-key - - secretKey: user - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/jellystat - metadataPolicy: None - property: user - - secretKey: password - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/jellystat - metadataPolicy: None - property: password - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: jellystat-data-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: jellystat-data-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/jellystat/jellystat-data" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: jellystat-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: jellystat-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/jellystat/templates/replication-source.yaml b/clusters/standby/applications/jellystat/templates/replication-source.yaml deleted file mode 100644 index 83a3479c6..000000000 --- a/clusters/standby/applications/jellystat/templates/replication-source.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: jellystat-data-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: jellystat-data-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: jellystat-data - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: jellystat-data-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/jellystat/values.yaml b/clusters/standby/applications/jellystat/values.yaml deleted file mode 100644 index 1d50a5a6c..000000000 --- a/clusters/standby/applications/jellystat/values.yaml +++ /dev/null @@ -1,112 +0,0 @@ -jellystat: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: cyfershepard/jellystat - tag: 1.1.3 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: JWT_SECRET - valueFrom: - secretKeyRef: - name: jellystat-secret - key: secret-key - - name: JS_USER - valueFrom: - secretKeyRef: - name: jellystat-secret - key: user - - name: JS_PASSWORD - valueFrom: - secretKeyRef: - name: jellystat-secret - key: password - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: jellystat-postgresql-17-cluster-app - key: username - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: jellystat-postgresql-17-cluster-app - key: password - - name: POSTGRES_DB - valueFrom: - secretKeyRef: - name: jellystat-postgresql-17-cluster-app - key: dbname - - name: POSTGRES_IP - valueFrom: - secretKeyRef: - name: jellystat-postgresql-17-cluster-app - key: host - - name: POSTGRES_PORT - valueFrom: - secretKeyRef: - name: jellystat-postgresql-17-cluster-app - key: port - resources: - requests: - cpu: 10m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 3000 - targetPort: 3000 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: jellystat-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: jellystat - port: 3000 - tls: - - hosts: - - jellystat-cl01tl - persistence: - data: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 5Gi - retain: true - advancedMounts: - main: - main: - - path: /app/backend/backup-data - readOnly: false -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster - endpointCredentials: jellystat-postgresql-17-cluster-backup-secret - backupIndex: 1 - retentionPolicy: "7d" diff --git a/clusters/standby/applications/lidarr2/Chart.yaml b/clusters/standby/applications/lidarr2/Chart.yaml deleted file mode 100644 index c8ccb7eaa..000000000 --- a/clusters/standby/applications/lidarr2/Chart.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: v2 -name: lidarr2 -version: 1.0.0 -description: Lidarr -keywords: - - lidarr - - servarr - - music - - metrics -home: https://wiki.alexlebens.dev/doc/lidarr-BIqpxux60p -sources: - - https://github.com/Lidarr/Lidarr - - https://github.com/linuxserver/docker-lidarr - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/onedr0p/exportarr/pkgs/container/exportarr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: lidarr2 - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/lidarr.png -appVersion: 2.8.2 diff --git a/clusters/standby/applications/lidarr2/templates/external-secret.yaml b/clusters/standby/applications/lidarr2/templates/external-secret.yaml deleted file mode 100644 index 6714938d1..000000000 --- a/clusters/standby/applications/lidarr2/templates/external-secret.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: lidarr2-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: lidarr2-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/lidarr2/lidarr2-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: lidarr2-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: lidarr2-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/lidarr2/templates/persistent-volume-claim.yaml b/clusters/standby/applications/lidarr2/templates/persistent-volume-claim.yaml deleted file mode 100644 index b71516dc2..000000000 --- a/clusters/standby/applications/lidarr2/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: lidarr2-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: lidarr2-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: lidarr2-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/lidarr2/templates/persistent-volume.yaml b/clusters/standby/applications/lidarr2/templates/persistent-volume.yaml deleted file mode 100644 index 54f1429ad..000000000 --- a/clusters/standby/applications/lidarr2/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: lidarr2-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: lidarr2-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/lidarr2/templates/prometheus-rule.yaml b/clusters/standby/applications/lidarr2/templates/prometheus-rule.yaml deleted file mode 100644 index afddfd1ad..000000000 --- a/clusters/standby/applications/lidarr2/templates/prometheus-rule.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: lidarr2 - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: lidarr2 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - groups: - - name: lidarr2 - rules: - - alert: ExportarrAbsent - annotations: - description: Lidarr Exportarr has disappeared from Prometheus - service discovery. - summary: Exportarr is down. - expr: | - absent(up{job=~".*lidarr2.*"} == 1) - for: 5m - labels: - severity: critical - - alert: LidarrDown - annotations: - description: Lidarr service is down. - summary: Lidarr is down. - expr: | - lidarr_system_status{job=~".*lidarr2.*"} == 0 - for: 5m - labels: - severity: critical diff --git a/clusters/standby/applications/lidarr2/templates/replication-source.yaml b/clusters/standby/applications/lidarr2/templates/replication-source.yaml deleted file mode 100644 index 40cef815f..000000000 --- a/clusters/standby/applications/lidarr2/templates/replication-source.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: lidarr2-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: lidarr2-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: lidarr2-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: lidarr2-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/lidarr2/templates/service-monitor.yaml b/clusters/standby/applications/lidarr2/templates/service-monitor.yaml deleted file mode 100644 index d1d72554a..000000000 --- a/clusters/standby/applications/lidarr2/templates/service-monitor.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: lidarr2 - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: lidarr2 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: lidarr2 - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: metrics - interval: 3m - scrapeTimeout: 1m - path: /metrics diff --git a/clusters/standby/applications/lidarr2/values.yaml b/clusters/standby/applications/lidarr2/values.yaml deleted file mode 100644 index fa5785ec8..000000000 --- a/clusters/standby/applications/lidarr2/values.yaml +++ /dev/null @@ -1,143 +0,0 @@ -lidarr2: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - pod: - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - containers: - main: - image: - repository: ghcr.io/linuxserver/lidarr - tag: version-2.8.2.4493@sha256:108ecf0fcbd8f77b6e8a513be6f3446feb47666dd1b45ea360569e9aac0960e4 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 1000 - probes: - liveness: - enabled: true - custom: true - spec: - exec: - command: - - /usr/bin/env - - bash - - -c - - curl --fail localhost:8686/api/v1/system/status?apiKey=`IFS=\> && while - read -d \< E C; do if [[ $E = "ApiKey" ]]; then echo $C; fi; done < /config/config.xml` - failureThreshold: 5 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - resources: - requests: - cpu: 100m - memory: 256Mi - metrics: - image: - repository: ghcr.io/onedr0p/exportarr - tag: v2.0.1 - pullPolicy: IfNotPresent - args: ["lidarr"] - env: - - name: URL - value: http://localhost - - name: CONFIG - value: /config/config.xml - - name: PORT - value: 9792 - - name: ENABLE_ADDITIONAL_METRICS - value: false - - name: ENABLE_UNKNOWN_QUEUE_ITEMS - value: false - resources: - requests: - cpu: 100m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 8686 - protocol: HTTP - metrics: - port: 9792 - targetPort: 9792 - protocol: TCP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: lidarr-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: lidarr2 - port: 80 - tls: - - hosts: - - lidarr-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 10Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - metrics: - - path: /config - readOnly: true - media: - existingClaim: lidarr2-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store - readOnly: false -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - resources: - requests: - memory: 1Gi - cpu: 200m - monitoring: - enabled: true - bootstrap: - initdb: - postInitSQL: - - CREATE DATABASE "lidarr-main" OWNER "app"; - - CREATE DATABASE "lidarr-log" OWNER "app"; - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster - endpointCredentials: lidarr2-postgresql-17-cluster-backup-secret - backupIndex: 1 - retentionPolicy: "7d" diff --git a/clusters/standby/applications/lidatube/Chart.yaml b/clusters/standby/applications/lidatube/Chart.yaml deleted file mode 100644 index 3e8ad18d9..000000000 --- a/clusters/standby/applications/lidatube/Chart.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v2 -name: lidatube -version: 1.0.0 -description: LidaTube -keywords: - - lidatube - - music - - yt-dlp -home: https://wiki.alexlebens.dev/doc/lidatube-Rm5ioxwcaS -sources: - - https://github.com/TheWicklowWolf/LidaTube - - https://registry.hub.docker.com/r/thewicklowwolf/lidatube - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: lidatube - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 -icon: https://raw.githubusercontent.com/TheWicklowWolf/LidaTube/main/src/static/lidatube.png -appVersion: 0.2.9 diff --git a/clusters/standby/applications/lidatube/templates/external-secret.yaml b/clusters/standby/applications/lidatube/templates/external-secret.yaml deleted file mode 100644 index 02cfb7c9a..000000000 --- a/clusters/standby/applications/lidatube/templates/external-secret.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: lidatube-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: lidatube-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: lidarr_api_key - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/lidarr2/key - metadataPolicy: None - property: key diff --git a/clusters/standby/applications/lidatube/templates/persistent-volume-claim.yaml b/clusters/standby/applications/lidatube/templates/persistent-volume-claim.yaml deleted file mode 100644 index 5e496bed9..000000000 --- a/clusters/standby/applications/lidatube/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: lidatube-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: lidatube-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: lidatube-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/lidatube/templates/persistent-volume.yaml b/clusters/standby/applications/lidatube/templates/persistent-volume.yaml deleted file mode 100644 index d44ab178e..000000000 --- a/clusters/standby/applications/lidatube/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: lidatube-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: lidatube-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage/Music - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/lidatube/values.yaml b/clusters/standby/applications/lidatube/values.yaml deleted file mode 100644 index c6adcee12..000000000 --- a/clusters/standby/applications/lidatube/values.yaml +++ /dev/null @@ -1,82 +0,0 @@ -lidatube: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - pod: - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - containers: - main: - image: - repository: thewicklowwolf/lidatube - tag: 0.2.15 - pullPolicy: IfNotPresent - env: - - name: PUID - value: 1000 - - name: PGID - value: 1000 - - name: lidarr_address - value: http://lidarr2.lidarr2:80 - - name: lidarr_api_key - valueFrom: - secretKeyRef: - name: lidatube-secret - key: lidarr_api_key - - name: sleep_interval - value: 360 - - name: sync_schedule - value: 4 - - name: attempt_lidarr_import - value: true - resources: - requests: - cpu: 10m - memory: 128Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 5000 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: lidatube-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: lidatube - port: 80 - tls: - - hosts: - - lidatube-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 5Gi - retain: true - advancedMounts: - main: - main: - - path: /lidatube/config - readOnly: false - music: - existingClaim: lidatube-nfs-storage - advancedMounts: - main: - main: - - path: /lidatube/downloads - readOnly: false diff --git a/clusters/standby/applications/outline/Chart.yaml b/clusters/standby/applications/outline/Chart.yaml deleted file mode 100644 index 915bde24b..000000000 --- a/clusters/standby/applications/outline/Chart.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: v2 -name: outline -version: 1.0.0 -description: Outline -keywords: - - outline - - wiki - - documentation -home: https://wiki.alexlebens.dev/doc/outline-JOaS8Mn0Bt -sources: - - https://github.com/outline/outline - - https://github.com/minio/operator - - https://github.com/valkey-io/valkey - - https://github.com/cloudflare/cloudflared - - https://github.com/cloudnative-pg/cloudnative-pg - - https://hub.docker.com/r/outlinewiki/outline - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/minio/operator/tree/master/helm/tenant - - https://github.com/bitnami/charts/tree/main/bitnami/valkey - - https://github.com/alexlebens/helm-charts/charts/cloudflared - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: outline - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: tenant - alias: minio - version: 7.0.0 - repository: https://operator.min.io/ - - name: valkey - version: 2.2.3 - repository: https://charts.bitnami.com/bitnami - - name: cloudflared - alias: cloudflared-outline - repository: http://alexlebens.github.io/helm-charts - version: 1.13.0 - - name: cloudflared - alias: cloudflared-minio - repository: http://alexlebens.github.io/helm-charts - version: 1.13.0 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/outline.png -appVersion: 0.81.1 diff --git a/clusters/standby/applications/outline/templates/external-secret.yaml b/clusters/standby/applications/outline/templates/external-secret.yaml deleted file mode 100644 index a66d3f967..000000000 --- a/clusters/standby/applications/outline/templates/external-secret.yaml +++ /dev/null @@ -1,226 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: outline-key-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: outline-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: secret-key - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/outline/key - metadataPolicy: None - property: secret-key - - secretKey: utils-key - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/outline/key - metadataPolicy: None - property: utils-key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: outline-oidc-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: outline-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: client - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/outline - metadataPolicy: None - property: client - - secretKey: secret - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/outline - metadataPolicy: None - property: secret - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: outline-minio-user-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: outline-minio-user-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/outline/minio/auth - metadataPolicy: None - property: AWS_ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/outline/minio/auth - metadataPolicy: None - property: AWS_SECRET_ACCESS_KEY - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: outline-minio-root-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: outline-minio-root-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.env - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/outline/minio/config - metadataPolicy: None - property: root-config.env - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: outline-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: outline-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/outline - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: outline-minio-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: outline-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/outline-minio - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: outline-minio-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: outline-minio-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.env - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/outline/minio/config - metadataPolicy: None - property: config.env - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: outline-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: outline-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/outline/values.yaml b/clusters/standby/applications/outline/values.yaml deleted file mode 100644 index bec57d75a..000000000 --- a/clusters/standby/applications/outline/values.yaml +++ /dev/null @@ -1,208 +0,0 @@ -outline: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: outlinewiki/outline - tag: 0.81.1 - pullPolicy: IfNotPresent - env: - - name: NODE_ENV - value: production - - name: URL - value: https://wiki.alexlebens.dev - - name: PORT - value: 3000 - - name: SECRET_KEY - valueFrom: - secretKeyRef: - name: outline-key-secret - key: secret-key - - name: UTILS_SECRET - valueFrom: - secretKeyRef: - name: outline-key-secret - key: utils-key - - name: POSTGRES_USERNAME - valueFrom: - secretKeyRef: - name: outline-postgresql-17-cluster-app - key: username - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: outline-postgresql-17-cluster-app - key: password - - name: POSTGRES_DATABASE_NAME - valueFrom: - secretKeyRef: - name: outline-postgresql-17-cluster-app - key: dbname - - name: POSTGRES_DATABASE_HOST - valueFrom: - secretKeyRef: - name: outline-postgresql-17-cluster-app - key: host - - name: POSTGRES_DATABASE_PORT - valueFrom: - secretKeyRef: - name: outline-postgresql-17-cluster-app - key: port - - name: DATABASE_URL - value: postgres://$(POSTGRES_USERNAME):$(POSTGRES_PASSWORD)@$(POSTGRES_DATABASE_HOST):$(POSTGRES_DATABASE_PORT)/$(POSTGRES_DATABASE_NAME) - - name: DATABASE_URL_TEST - value: postgres://$(POSTGRES_USERNAME):$(POSTGRES_PASSWORD)@$(POSTGRES_DATABASE_HOST):$(POSTGRES_DATABASE_PORT)/$(POSTGRES_DATABASE_NAME)-test - - name: DATABASE_CONNECTION_POOL_MIN - value: "2" - - name: DATABASE_CONNECTION_POOL_MAX - value: "20" - - name: PGSSLMODE - value: disable - - name: REDIS_URL - value: redis://outline-valkey-primary.outline:6379 - - name: FILE_STORAGE - value: s3 - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: outline-minio-user-secret - key: AWS_ACCESS_KEY_ID - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: outline-minio-user-secret - key: AWS_SECRET_ACCESS_KEY - - name: AWS_REGION - value: us-east-1 - - name: AWS_S3_UPLOAD_BUCKET_NAME - value: outline - - name: AWS_S3_UPLOAD_BUCKET_URL - value: https://outline-storage.alexlebens.dev/outline - - name: AWS_S3_ACCELERATE_URL - value: https://outline-storage.alexlebens.dev/outline - - name: AWS_S3_FORCE_PATH_STYLE - value: false - - name: AWS_S3_ACL - value: private - - name: FILE_STORAGE_UPLOAD_MAX_SIZE - value: "26214400" - - name: FORCE_HTTPS - value: false - - name: ENABLE_UPDATES - value: false - - name: WEB_CONCURRENCY - value: 1 - - name: FILE_STORAGE_IMPORT_MAX_SIZE - value: 5120000 - - name: LOG_LEVEL - value: info - - name: DEFAULT_LANGUAGE - value: en_US - - name: RATE_LIMITER_ENABLED - value: false - - name: DEVELOPMENT_UNSAFE_INLINE_CSP - value: false - - name: OIDC_CLIENT_ID - valueFrom: - secretKeyRef: - name: outline-oidc-secret - key: client - - name: OIDC_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: outline-oidc-secret - key: secret - - name: OIDC_AUTH_URI - value: https://auth.alexlebens.dev/application/o/authorize/ - - name: OIDC_TOKEN_URI - value: https://auth.alexlebens.dev/application/o/token/ - - name: OIDC_USERINFO_URI - value: https://auth.alexlebens.dev/application/o/userinfo/ - - name: OIDC_USERNAME_CLAIM - value: email - - name: OIDC_DISPLAY_NAME - value: Authentik - - name: OIDC_SCOPES - value: openid profile email - resources: - requests: - cpu: 10m - memory: 512Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 3000 - targetPort: 3000 - protocol: HTTP -minio: - existingSecret: - name: outline-minio-root-secret - tenant: - name: minio-outline - configuration: - name: outline-minio-config-secret - pools: - - servers: 3 - name: pool - volumesPerServer: 2 - size: 10Gi - storageClassName: ceph-block - mountPath: /export - subPath: /data - metrics: - enabled: true - port: 9000 - protocol: http - certificate: - requestAutoCert: false - ingress: - console: - enabled: true - ingressClassName: tailscale - tls: - - secretName: minio-outline-cl01tl - hosts: - - minio-outline-cl01tl - host: minio-outline-cl01tl - path: / - pathType: Prefix -valkey: - architecture: standalone - auth: - enabled: false - primary: - persistence: - enabled: false - replica: - persistence: - enabled: false -cloudflared-outline: - existingSecretName: outline-cloudflared-secret - name: cloudflared-outline -cloudflared-minio: - existingSecretName: outline-minio-cloudflared-secret - name: cloudflared-minio -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster - endpointCredentials: outline-postgresql-17-cluster-backup-secret - backupIndex: 1 diff --git a/clusters/standby/applications/overseerr/Chart.yaml b/clusters/standby/applications/overseerr/Chart.yaml deleted file mode 100644 index cb00e50a7..000000000 --- a/clusters/standby/applications/overseerr/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v2 -name: overseerr -version: 1.0.0 -description: Overseerr -keywords: - - overseer - - media - - request -home: https://wiki.alexlebens.dev/doc/overseerr-pCUN6XnGR5 -sources: - - https://github.com/sct/overseerr - - https://github.com/sct/overseerr/pkgs/container/overseerr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template -maintainers: - - name: alexlebens -dependencies: - - name: app-template - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/overseerr.png -appVersion: 1.33.2 diff --git a/clusters/standby/applications/overseerr/templates/external-secret.yaml b/clusters/standby/applications/overseerr/templates/external-secret.yaml deleted file mode 100644 index 57061203c..000000000 --- a/clusters/standby/applications/overseerr/templates/external-secret.yaml +++ /dev/null @@ -1,57 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: overseerr-main-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: overseerr-main-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/overseerr/overseerr-main" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key diff --git a/clusters/standby/applications/overseerr/templates/replication-source.yaml b/clusters/standby/applications/overseerr/templates/replication-source.yaml deleted file mode 100644 index 71b3834aa..000000000 --- a/clusters/standby/applications/overseerr/templates/replication-source.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: overseerr-main-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: overseerr-main-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: overseerr-main - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: overseerr-main-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/overseerr/values.yaml b/clusters/standby/applications/overseerr/values.yaml deleted file mode 100644 index 97fb3afd8..000000000 --- a/clusters/standby/applications/overseerr/values.yaml +++ /dev/null @@ -1,56 +0,0 @@ -app-template: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/sct/overseerr - tag: 1.33.2 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - resources: - requests: - cpu: 10m - memory: 512Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 5055 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: overseerr-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: overseerr - port: 80 - tls: - - hosts: - - overseerr-cl01tl - persistence: - main: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 10Gi - retain: true - advancedMounts: - main: - main: - - path: /app/config - readOnly: false diff --git a/clusters/standby/applications/photoview/Chart.yaml b/clusters/standby/applications/photoview/Chart.yaml deleted file mode 100644 index 26a69c9e8..000000000 --- a/clusters/standby/applications/photoview/Chart.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: v2 -name: photoview -version: 1.0.0 -description: Photoview -keywords: - - photoview - - pictures -home: https://wiki.alexlebens.dev/doc/photoview-WSRscnhpwv -sources: - - https://github.com/immich-app/immich - - https://github.com/valkey-io/valkey - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/bitnami/charts/tree/main/bitnami/valkey - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: photoview - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/photoview.png -appVersion: 2.4.0 diff --git a/clusters/standby/applications/photoview/templates/external-secrets.yaml b/clusters/standby/applications/photoview/templates/external-secrets.yaml deleted file mode 100644 index 6fac32ec5..000000000 --- a/clusters/standby/applications/photoview/templates/external-secrets.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: photoview-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: photoview-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/photoview/templates/persistent-volume-claim.yaml b/clusters/standby/applications/photoview/templates/persistent-volume-claim.yaml deleted file mode 100644 index 191161483..000000000 --- a/clusters/standby/applications/photoview/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: photoview-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: photoview-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: photoview-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/photoview/templates/persistent-volume.yaml b/clusters/standby/applications/photoview/templates/persistent-volume.yaml deleted file mode 100644 index bcf22883d..000000000 --- a/clusters/standby/applications/photoview/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: photoview-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: photoview-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage/Pictures - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/photoview/values.yaml b/clusters/standby/applications/photoview/values.yaml deleted file mode 100644 index eee775805..000000000 --- a/clusters/standby/applications/photoview/values.yaml +++ /dev/null @@ -1,111 +0,0 @@ -photoview: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - initContainers: - init-chmod-data: - securityContext: - runAsUser: 0 - image: - repository: busybox - tag: 1.37.0 - pullPolicy: IfNotPresent - command: - - /bin/sh - - -ec - - | - /bin/chown -R 999:999 /app/cache - resources: - requests: - cpu: 100m - memory: 128Mi - containers: - main: - image: - repository: photoview/photoview - tag: 2.4.0 - pullPolicy: IfNotPresent - env: - - name: PHOTOVIEW_DATABASE_DRIVER - value: postgres - - name: PHOTOVIEW_POSTGRES_URL - valueFrom: - secretKeyRef: - name: photoview-postgresql-17-cluster-app - key: uri - - name: PHOTOVIEW_MEDIA_CACHE - value: /app/cache - - name: PHOTOVIEW_VIDEO_HARDWARE_ACCELERATION - value: qsv - resources: - requests: - gpu.intel.com/i915: 1 - cpu: 10m - memory: 512Mi - limits: - gpu.intel.com/i915: 1 - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 80 - protocol: HTTP - ingress: - main: - enabled: true - className: tailscale - hosts: - - host: photoview-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: photoview - port: 80 - tls: - - hosts: - - photoview-cl01tl - persistence: - media: - existingClaim: photoview-nfs-storage - advancedMounts: - main: - main: - - path: /photos - readOnly: true - cache: - storageClass: ceph-block-delete - accessMode: ReadWriteOnce - size: 10Gi - retain: false - advancedMounts: - main: - init-chmod-data: - - path: /app/cache - readOnly: false - main: - - path: /app/cache - readOnly: false -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - backup: - enabled: false - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster - endpointCredentials: photoview-postgresql-17-cluster-backup-secret - backupIndex: 1 - retentionPolicy: "7d" diff --git a/clusters/standby/applications/prowlarr/Chart.yaml b/clusters/standby/applications/prowlarr/Chart.yaml deleted file mode 100644 index 8d63291d1..000000000 --- a/clusters/standby/applications/prowlarr/Chart.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v2 -name: prowlarr -version: 1.0.0 -description: Prowlarr -keywords: - - prowlarr - - servarr - - trackers -home: https://wiki.alexlebens.dev/doc/prowlarr-ERparmlGES -sources: - - https://github.com/Prowlarr/Prowlarr - - https://github.com/onedr0p/containers/pkgs/container/prowlarr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: prowlarr - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/prowlarr.png -appVersion: 1.28.2.4885 diff --git a/clusters/standby/applications/prowlarr/templates/external-secret.yaml b/clusters/standby/applications/prowlarr/templates/external-secret.yaml deleted file mode 100644 index 36a950ba8..000000000 --- a/clusters/standby/applications/prowlarr/templates/external-secret.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: prowlarr-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: prowlarr-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/prowlarr/prowlarr-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: lidarr2-postgresql-16-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: lidarr2-postgresql-16-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /aws/keys/cl01tl-lidarr-postgresql - metadataPolicy: None - property: access_key - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /aws/keys/cl01tl-lidarr-postgresql - metadataPolicy: None - property: secret_key diff --git a/clusters/standby/applications/prowlarr/templates/replication-source.yaml b/clusters/standby/applications/prowlarr/templates/replication-source.yaml deleted file mode 100644 index 27c7d17f8..000000000 --- a/clusters/standby/applications/prowlarr/templates/replication-source.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: prowlarr-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: prowlarr-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: prowlarr-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: prowlarr-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: - - 44 - - 100 - - 109 - - 65539 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/prowlarr/values.yaml b/clusters/standby/applications/prowlarr/values.yaml deleted file mode 100644 index 683fce3b6..000000000 --- a/clusters/standby/applications/prowlarr/values.yaml +++ /dev/null @@ -1,84 +0,0 @@ -prowlarr: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - pod: - securityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: - - 44 - - 100 - - 109 - - 65539 - containers: - main: - image: - repository: ghcr.io/onedr0p/prowlarr - tag: 1.30.2.4939 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - probes: - liveness: - enabled: false - custom: true - spec: - exec: - command: - - /usr/bin/env - - bash - - -c - - curl --fail localhost:8686/api/v1/system/status?apiKey=`IFS=\> && while - read -d \< E C; do if [[ $E = "ApiKey" ]]; then echo $C; fi; done < /config/config.xml` - failureThreshold: 5 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - resources: - requests: - cpu: 10m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 9696 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: prowlarr-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: prowlarr - port: 80 - tls: - - hosts: - - prowlarr-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 1Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false diff --git a/clusters/standby/applications/radarr5-4k/Chart.yaml b/clusters/standby/applications/radarr5-4k/Chart.yaml deleted file mode 100644 index bf3507b12..000000000 --- a/clusters/standby/applications/radarr5-4k/Chart.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: v2 -name: radarr5-4k -version: 1.0.0 -description: Radarr v5 4K -keywords: - - radarr - - servarr - - movies - - 4k - - metrics -home: https://wiki.alexlebens.dev/doc/radarr-T6nPLajWDP -sources: - - https://github.com/Radarr/Radarr - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/onedr0p/containers/pkgs/container/radarr - - https://github.com/onedr0p/exportarr/pkgs/container/exportarr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: radarr5-4k - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/radarr.png -appVersion: 5.16.3 diff --git a/clusters/standby/applications/radarr5-4k/templates/external-secret.yaml b/clusters/standby/applications/radarr5-4k/templates/external-secret.yaml deleted file mode 100644 index f673941b3..000000000 --- a/clusters/standby/applications/radarr5-4k/templates/external-secret.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: radarr5-4k-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-4k-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/radarr5-4k/radarr5-4k-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: radarr5-4k-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-4k-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/radarr5-4k/templates/persistent-volume-claim.yaml b/clusters/standby/applications/radarr5-4k/templates/persistent-volume-claim.yaml deleted file mode 100644 index c816361fb..000000000 --- a/clusters/standby/applications/radarr5-4k/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: radarr5-4k-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-4k-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: radarr5-4k-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/radarr5-4k/templates/persistent-volume.yaml b/clusters/standby/applications/radarr5-4k/templates/persistent-volume.yaml deleted file mode 100644 index 37cdb0dc6..000000000 --- a/clusters/standby/applications/radarr5-4k/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: radarr5-4k-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/radarr5-4k/templates/prometheus-rule.yaml b/clusters/standby/applications/radarr5-4k/templates/prometheus-rule.yaml deleted file mode 100644 index cbbde00cf..000000000 --- a/clusters/standby/applications/radarr5-4k/templates/prometheus-rule.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: radarr5-4k - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-4k - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - groups: - - name: radarr5-4k - rules: - - alert: ExportarrAbsent - annotations: - description: Radarr5 4K Exportarr has disappeared from Prometheus - service discovery. - summary: Exportarr is down. - expr: | - absent(up{job=~".*radarr5_4k.*"} == 1) - for: 5m - labels: - severity: critical - - alert: Radarr54kDown - annotations: - description: Radarr5 4K service is down. - summary: Radarr5 4K is down. - expr: | - radarr5_4k_system_status{job=~".*radarr5_4k.*"} == 0 - for: 5m - labels: - severity: critical diff --git a/clusters/standby/applications/radarr5-4k/templates/replication-source.yaml b/clusters/standby/applications/radarr5-4k/templates/replication-source.yaml deleted file mode 100644 index 4ffbbdd91..000000000 --- a/clusters/standby/applications/radarr5-4k/templates/replication-source.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: radarr5-4k-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-4k-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: radarr5-4k-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: radarr5-4k-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/radarr5-4k/templates/service-monitor.yaml b/clusters/standby/applications/radarr5-4k/templates/service-monitor.yaml deleted file mode 100644 index 5e85f38ff..000000000 --- a/clusters/standby/applications/radarr5-4k/templates/service-monitor.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: radarr5-4k - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-4k - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: radarr5-4k - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: metrics - interval: 3m - scrapeTimeout: 1m - path: /metrics diff --git a/clusters/standby/applications/radarr5-4k/values.yaml b/clusters/standby/applications/radarr5-4k/values.yaml deleted file mode 100644 index 5071c224b..000000000 --- a/clusters/standby/applications/radarr5-4k/values.yaml +++ /dev/null @@ -1,141 +0,0 @@ -radarr5-4k: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - pod: - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - containers: - main: - image: - repository: ghcr.io/linuxserver/radarr - tag: 5.18.4@sha256:b2d2bc9bafb76073d96142bda07ea90c6d6afd9207fe4ff2d4f9d3b50fcdbd76 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 1000 - probes: - liveness: - enabled: false - custom: true - spec: - exec: - command: - - /usr/bin/env - - bash - - -c - - curl --fail localhost:7878/api/v1/system/status?apiKey=`IFS=\> && while - read -d \< E C; do if [[ $E = "ApiKey" ]]; then echo $C; fi; done < /config/config.xml` - failureThreshold: 5 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - resources: - requests: - cpu: 100m - memory: 256Mi - metrics: - image: - repository: ghcr.io/onedr0p/exportarr - tag: v2.0.1 - pullPolicy: IfNotPresent - args: ["radarr"] - env: - - name: URL - value: http://localhost - - name: CONFIG - value: /config/config.xml - - name: PORT - value: 9793 - - name: ENABLE_ADDITIONAL_METRICS - value: false - - name: ENABLE_UNKNOWN_QUEUE_ITEMS - value: false - resources: - requests: - cpu: 10m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 7878 - protocol: HTTP - metrics: - port: 9793 - targetPort: 9793 - protocol: TCP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: radarr-4k-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: radarr5-4k - port: 80 - tls: - - hosts: - - radarr-4k-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 20Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - metrics: - - path: /config - readOnly: true - media: - existingClaim: radarr5-4k-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store - readOnly: false -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - bootstrap: - initdb: - database: app - owner: app - postInitSQL: - - CREATE DATABASE "radarr-main" OWNER "app"; - - CREATE DATABASE "radarr-log" OWNER "app"; - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster - endpointCredentials: radarr5-4k-postgresql-17-cluster-backup-secret - backupIndex: 1 - retentionPolicy: "7d" diff --git a/clusters/standby/applications/radarr5-anime/Chart.yaml b/clusters/standby/applications/radarr5-anime/Chart.yaml deleted file mode 100644 index 97088cd19..000000000 --- a/clusters/standby/applications/radarr5-anime/Chart.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: v2 -name: radarr5-anime -version: 1.0.0 -description: Radarr v5 Anime -keywords: - - radarr - - servarr - - movies - - anime - - metrics -home: https://wiki.alexlebens.dev/doc/radarr-T6nPLajWDP -sources: - - https://github.com/Radarr/Radarr - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/linuxserver/docker-radarr - - https://github.com/onedr0p/exportarr/pkgs/container/exportarr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: radarr5-anime - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/radarr.png -appVersion: 5.16.3 diff --git a/clusters/standby/applications/radarr5-anime/templates/external-secret.yaml b/clusters/standby/applications/radarr5-anime/templates/external-secret.yaml deleted file mode 100644 index c6c21a332..000000000 --- a/clusters/standby/applications/radarr5-anime/templates/external-secret.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: radarr5-anime-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-anime-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/radarr5-anime/radarr5-anime-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: radarr5-anime-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-anime-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/radarr5-anime/templates/persistent-volume-claim.yaml b/clusters/standby/applications/radarr5-anime/templates/persistent-volume-claim.yaml deleted file mode 100644 index 8ec11e013..000000000 --- a/clusters/standby/applications/radarr5-anime/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: radarr5-anime-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-anime-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: radarr5-anime-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/radarr5-anime/templates/persistent-volume.yaml b/clusters/standby/applications/radarr5-anime/templates/persistent-volume.yaml deleted file mode 100644 index bd1c7857c..000000000 --- a/clusters/standby/applications/radarr5-anime/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: radarr5-anime-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/radarr5-anime/templates/prometheus-rule.yaml b/clusters/standby/applications/radarr5-anime/templates/prometheus-rule.yaml deleted file mode 100644 index 6bf49e8e9..000000000 --- a/clusters/standby/applications/radarr5-anime/templates/prometheus-rule.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: radarr5-anime - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-anime - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - groups: - - name: radarr5-anime - rules: - - alert: ExportarrAbsent - annotations: - description: Radarr5 Anime Exportarr has disappeared from Prometheus - service discovery. - summary: Exportarr is down. - expr: | - absent(up{job=~".*radarr5_anime.*"} == 1) - for: 5m - labels: - severity: critical - - alert: Radarr5animeDown - annotations: - description: Radarr5 Anime service is down. - summary: Radarr5 Anime is down. - expr: | - radarr5_anime_system_status{job=~".*radarr5_anime.*"} == 0 - for: 5m - labels: - severity: critical diff --git a/clusters/standby/applications/radarr5-anime/templates/replication-source.yaml b/clusters/standby/applications/radarr5-anime/templates/replication-source.yaml deleted file mode 100644 index 6da95ce0c..000000000 --- a/clusters/standby/applications/radarr5-anime/templates/replication-source.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: radarr5-anime-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-anime-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: radarr5-anime-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: radarr5-anime-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - moverSecurityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/radarr5-anime/templates/service-monitor.yaml b/clusters/standby/applications/radarr5-anime/templates/service-monitor.yaml deleted file mode 100644 index 0a53e8c68..000000000 --- a/clusters/standby/applications/radarr5-anime/templates/service-monitor.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: radarr5-anime - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-anime - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: radarr5-anime - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: metrics - interval: 3m - scrapeTimeout: 1m - path: /metrics diff --git a/clusters/standby/applications/radarr5-anime/values.yaml b/clusters/standby/applications/radarr5-anime/values.yaml deleted file mode 100644 index cdb4759bc..000000000 --- a/clusters/standby/applications/radarr5-anime/values.yaml +++ /dev/null @@ -1,139 +0,0 @@ -radarr5-anime: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - pod: - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - containers: - main: - image: - repository: ghcr.io/linuxserver/radarr - tag: 5.18.4@sha256:b2d2bc9bafb76073d96142bda07ea90c6d6afd9207fe4ff2d4f9d3b50fcdbd76 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 1000 - probes: - liveness: - enabled: false - custom: true - spec: - exec: - command: - - /usr/bin/env - - bash - - -c - - curl --fail localhost:7878/api/v1/system/status?apiKey=`IFS=\> && while - read -d \< E C; do if [[ $E = "ApiKey" ]]; then echo $C; fi; done < /config/config.xml` - failureThreshold: 5 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - resources: - requests: - cpu: 10m - memory: 256Mi - metrics: - image: - repository: ghcr.io/onedr0p/exportarr - tag: v2.0.1 - pullPolicy: IfNotPresent - args: ["radarr"] - env: - - name: URL - value: http://localhost - - name: CONFIG - value: /config/config.xml - - name: PORT - value: 9793 - - name: ENABLE_ADDITIONAL_METRICS - value: false - - name: ENABLE_UNKNOWN_QUEUE_ITEMS - value: false - resources: - requests: - cpu: 100m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 7878 - protocol: HTTP - metrics: - port: 9793 - targetPort: 9793 - protocol: TCP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: radarr-anime-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: radarr5-anime - port: 80 - tls: - - hosts: - - radarr-anime-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 20Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - metrics: - - path: /config - readOnly: true - media: - existingClaim: radarr5-anime-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store - readOnly: false -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - bootstrap: - initdb: - database: app - owner: app - postInitSQL: - - CREATE DATABASE "radarr-main" OWNER "app"; - - CREATE DATABASE "radarr-log" OWNER "app"; - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster - endpointCredentials: radarr5-anime-postgresql-17-cluster-backup-secret - backupIndex: 1 - retentionPolicy: "7d" diff --git a/clusters/standby/applications/radarr5-standup/Chart.yaml b/clusters/standby/applications/radarr5-standup/Chart.yaml deleted file mode 100644 index f4c249eeb..000000000 --- a/clusters/standby/applications/radarr5-standup/Chart.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: v2 -name: radarr5-standup -version: 1.0.0 -description: Radarr v5 Stand Up -keywords: - - radarr - - servarr - - standup - - metrics -home: https://wiki.alexlebens.dev/doc/radarr-T6nPLajWDP -sources: - - https://github.com/Radarr/Radarr - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/linuxserver/docker-radarr - - https://github.com/onedr0p/exportarr/pkgs/container/exportarr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: radarr5-standup - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/radarr.png -appVersion: 5.16.3 diff --git a/clusters/standby/applications/radarr5-standup/templates/external-secret.yaml b/clusters/standby/applications/radarr5-standup/templates/external-secret.yaml deleted file mode 100644 index e2121db2a..000000000 --- a/clusters/standby/applications/radarr5-standup/templates/external-secret.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: radarr5-standup-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-standup-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/radarr5-standup/radarr5-standup-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: radarr5-standup-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-standup-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/radarr5-standup/templates/persistent-volume-claim.yaml b/clusters/standby/applications/radarr5-standup/templates/persistent-volume-claim.yaml deleted file mode 100644 index de0e783bd..000000000 --- a/clusters/standby/applications/radarr5-standup/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: radarr5-standup-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-standup-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: radarr5-standup-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/radarr5-standup/templates/persistent-volume.yaml b/clusters/standby/applications/radarr5-standup/templates/persistent-volume.yaml deleted file mode 100644 index 6eda67f3a..000000000 --- a/clusters/standby/applications/radarr5-standup/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: radarr5-standup-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/radarr5-standup/templates/prometheus-rule.yaml b/clusters/standby/applications/radarr5-standup/templates/prometheus-rule.yaml deleted file mode 100644 index 104f6b351..000000000 --- a/clusters/standby/applications/radarr5-standup/templates/prometheus-rule.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: radarr5-standup - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-standup - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - groups: - - name: radarr5-standup - rules: - - alert: ExportarrAbsent - annotations: - description: Radarr5 Stand Up Exportarr has disappeared from Prometheus - service discovery. - summary: Exportarr is down. - expr: | - absent(up{job=~".*radarr5_standup.*"} == 1) - for: 5m - labels: - severity: critical - - alert: Radarr5StandUpDown - annotations: - description: Radarr5 Stand Up service is down. - summary: Radarr5 Stand Up is down. - expr: | - radarr5_standup_system_status{job=~".*radarr5_standup.*"} == 0 - for: 5m - labels: - severity: critical diff --git a/clusters/standby/applications/radarr5-standup/templates/replication-source.yaml b/clusters/standby/applications/radarr5-standup/templates/replication-source.yaml deleted file mode 100644 index 4f2654ed3..000000000 --- a/clusters/standby/applications/radarr5-standup/templates/replication-source.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: radarr5-standup-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-standup-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: radarr5-standup-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: radarr5-standup-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/radarr5-standup/templates/service-monitor.yaml b/clusters/standby/applications/radarr5-standup/templates/service-monitor.yaml deleted file mode 100644 index b26da20ac..000000000 --- a/clusters/standby/applications/radarr5-standup/templates/service-monitor.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: radarr5-standup - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-standup - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: radarr5-standup - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: metrics - interval: 3m - scrapeTimeout: 1m - path: /metrics diff --git a/clusters/standby/applications/radarr5-standup/values.yaml b/clusters/standby/applications/radarr5-standup/values.yaml deleted file mode 100644 index a76f877e7..000000000 --- a/clusters/standby/applications/radarr5-standup/values.yaml +++ /dev/null @@ -1,139 +0,0 @@ -radarr5-standup: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - pod: - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - containers: - main: - image: - repository: ghcr.io/linuxserver/radarr - tag: 5.18.4@sha256:b2d2bc9bafb76073d96142bda07ea90c6d6afd9207fe4ff2d4f9d3b50fcdbd76 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 1000 - probes: - liveness: - enabled: false - custom: true - spec: - exec: - command: - - /usr/bin/env - - bash - - -c - - curl --fail localhost:7878/api/v1/system/status?apiKey=`IFS=\> && while - read -d \< E C; do if [[ $E = "ApiKey" ]]; then echo $C; fi; done < /config/config.xml` - failureThreshold: 5 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - resources: - requests: - cpu: 10m - memory: 256Mi - metrics: - image: - repository: ghcr.io/onedr0p/exportarr - tag: v2.0.1 - pullPolicy: IfNotPresent - args: ["radarr"] - env: - - name: URL - value: http://localhost - - name: CONFIG - value: /config/config.xml - - name: PORT - value: 9793 - - name: ENABLE_ADDITIONAL_METRICS - value: false - - name: ENABLE_UNKNOWN_QUEUE_ITEMS - value: false - resources: - requests: - cpu: 100m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 7878 - protocol: HTTP - metrics: - port: 9793 - targetPort: 9793 - protocol: TCP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: radarr-standup-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: radarr5-standup - port: 80 - tls: - - hosts: - - radarr-standup-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 20Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - metrics: - - path: /config - readOnly: true - media: - existingClaim: radarr5-standup-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store - readOnly: false -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - bootstrap: - initdb: - database: app - owner: app - postInitSQL: - - CREATE DATABASE "radarr-main" OWNER "app"; - - CREATE DATABASE "radarr-log" OWNER "app"; - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster - endpointCredentials: radarr5-standup-postgresql-17-cluster-backup-secret - backupIndex: 1 - retentionPolicy: "7d" diff --git a/clusters/standby/applications/radarr5/Chart.yaml b/clusters/standby/applications/radarr5/Chart.yaml deleted file mode 100644 index f05df3720..000000000 --- a/clusters/standby/applications/radarr5/Chart.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: v2 -name: radarr5 -version: 1.0.0 -description: Radarr v5 -keywords: - - radarr - - servarr - - movies - - metrics -home: https://wiki.alexlebens.dev/doc/radarr-T6nPLajWDP -sources: - - https://github.com/Radarr/Radarr - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/onedr0p/containers/pkgs/container/radarr - - https://github.com/onedr0p/exportarr/pkgs/container/exportarr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: radarr5 - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/radarr.png -appVersion: 5.16.3.9541 diff --git a/clusters/standby/applications/radarr5/templates/external-secret.yaml b/clusters/standby/applications/radarr5/templates/external-secret.yaml deleted file mode 100644 index 5d6f367f7..000000000 --- a/clusters/standby/applications/radarr5/templates/external-secret.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: radarr5-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/radarr5/radarr5-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: radarr5-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/radarr5/templates/persistent-volume-claim.yaml b/clusters/standby/applications/radarr5/templates/persistent-volume-claim.yaml deleted file mode 100644 index e11dd4fe2..000000000 --- a/clusters/standby/applications/radarr5/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: radarr5-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: radarr5-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/radarr5/templates/persistent-volume.yaml b/clusters/standby/applications/radarr5/templates/persistent-volume.yaml deleted file mode 100644 index d8c05c56d..000000000 --- a/clusters/standby/applications/radarr5/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: radarr5-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/radarr5/templates/prometheus-rule.yaml b/clusters/standby/applications/radarr5/templates/prometheus-rule.yaml deleted file mode 100644 index fc59c8796..000000000 --- a/clusters/standby/applications/radarr5/templates/prometheus-rule.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: radarr5 - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - groups: - - name: radarr5 - rules: - - alert: ExportarrAbsent - annotations: - description: Radarr5 Exportarr has disappeared from Prometheus - service discovery. - summary: Exportarr is down. - expr: | - absent(up{job=~".*radarr5.*"} == 1) - for: 5m - labels: - severity: critical - - alert: Radarr5Down - annotations: - description: Radarr5 service is down. - summary: Radarr5 is down. - expr: | - radarr5_system_status{job=~".*radarr5.*"} == 0 - for: 5m - labels: - severity: critical diff --git a/clusters/standby/applications/radarr5/templates/replication-source.yaml b/clusters/standby/applications/radarr5/templates/replication-source.yaml deleted file mode 100644 index a20c47b0b..000000000 --- a/clusters/standby/applications/radarr5/templates/replication-source.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: radarr5-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: radarr5-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: radarr5-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/radarr5/templates/service-monitor.yaml b/clusters/standby/applications/radarr5/templates/service-monitor.yaml deleted file mode 100644 index a03a62d55..000000000 --- a/clusters/standby/applications/radarr5/templates/service-monitor.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: radarr5 - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: radarr5 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: radarr5 - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: metrics - interval: 3m - scrapeTimeout: 1m - path: /metrics diff --git a/clusters/standby/applications/radarr5/values.yaml b/clusters/standby/applications/radarr5/values.yaml deleted file mode 100644 index 3185baee1..000000000 --- a/clusters/standby/applications/radarr5/values.yaml +++ /dev/null @@ -1,145 +0,0 @@ -radarr5: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - pod: - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - containers: - main: - image: - repository: ghcr.io/linuxserver/radarr - tag: 5.18.4@sha256:b2d2bc9bafb76073d96142bda07ea90c6d6afd9207fe4ff2d4f9d3b50fcdbd76 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 1000 - probes: - liveness: - enabled: false - custom: true - spec: - exec: - command: - - /usr/bin/env - - bash - - -c - - curl --fail localhost:7878/api/v1/system/status?apiKey=`IFS=\> && while - read -d \< E C; do if [[ $E = "ApiKey" ]]; then echo $C; fi; done < /config/config.xml` - failureThreshold: 5 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - resources: - requests: - cpu: 100m - memory: 256Mi - metrics: - image: - repository: ghcr.io/onedr0p/exportarr - tag: v2.0.1 - pullPolicy: IfNotPresent - args: ["radarr"] - env: - - name: URL - value: http://localhost - - name: CONFIG - value: /config/config.xml - - name: PORT - value: 9793 - - name: ENABLE_ADDITIONAL_METRICS - value: false - - name: ENABLE_UNKNOWN_QUEUE_ITEMS - value: false - resources: - requests: - cpu: 100m - memory: 512Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 7878 - protocol: HTTP - metrics: - port: 9793 - targetPort: 9793 - protocol: TCP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: radarr-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: radarr5 - port: 80 - tls: - - hosts: - - radarr-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 20Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - metrics: - - path: /config - readOnly: true - media: - existingClaim: radarr5-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store - readOnly: false -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - resources: - requests: - memory: 1Gi - cpu: 200m - monitoring: - enabled: true - bootstrap: - initdb: - database: app - owner: app - postInitSQL: - - CREATE DATABASE "radarr-main" OWNER "app"; - - CREATE DATABASE "radarr-log" OWNER "app"; - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5/radarr5-postgresql-17-cluster - endpointCredentials: radarr5-postgresql-17-cluster-backup-secret - backupIndex: 1 - retentionPolicy: "7d" diff --git a/clusters/standby/applications/roundcube/Chart.yaml b/clusters/standby/applications/roundcube/Chart.yaml deleted file mode 100644 index 6e8cef579..000000000 --- a/clusters/standby/applications/roundcube/Chart.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v2 -name: roundcube -version: 1.0.0 -description: Roundcube -keywords: - - roundcube - - email -home: https://wiki.alexlebens.dev/doc/roundcube-miG1qbYSPs -sources: - - https://github.com/roundcube/roundcubemail - - https://github.com/cloudnative-pg/cloudnative-pg - - https://hub.docker.com/r/roundcube/roundcubemail - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: roundcube - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/roundcube.png -appVersion: 1.6.9 diff --git a/clusters/standby/applications/roundcube/templates/external-secret.yaml b/clusters/standby/applications/roundcube/templates/external-secret.yaml deleted file mode 100644 index 3d89c55ef..000000000 --- a/clusters/standby/applications/roundcube/templates/external-secret.yaml +++ /dev/null @@ -1,114 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: roundcube-key-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: roundcube-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: DES_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/roundcube/key - metadataPolicy: None - property: DES_KEY - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: roundcube-data-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: roundcube-data-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/roundcube/roundcube-data" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: roundcube-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: roundcube-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/roundcube/templates/replication-source.yaml b/clusters/standby/applications/roundcube/templates/replication-source.yaml deleted file mode 100644 index 52d011ca4..000000000 --- a/clusters/standby/applications/roundcube/templates/replication-source.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: roundcube-data-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: roundcube-data-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: roundcube-data - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: roundcube-data-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/roundcube/values.yaml b/clusters/standby/applications/roundcube/values.yaml deleted file mode 100644 index 9874f47a2..000000000 --- a/clusters/standby/applications/roundcube/values.yaml +++ /dev/null @@ -1,238 +0,0 @@ -roundcube: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: roundcube/roundcubemail - tag: 1.6.9-fpm-alpine - pullPolicy: IfNotPresent - env: - - name: ROUNDCUBEMAIL_DB_TYPE - value: pgsql - - name: ROUNDCUBEMAIL_DB_HOST - valueFrom: - secretKeyRef: - name: roundcube-postgresql-17-cluster-app - key: host - - name: ROUNDCUBEMAIL_DB_NAME - valueFrom: - secretKeyRef: - name: roundcube-postgresql-17-cluster-app - key: dbname - - name: ROUNDCUBEMAIL_DB_USER - valueFrom: - secretKeyRef: - name: roundcube-postgresql-17-cluster-app - key: user - - name: ROUNDCUBEMAIL_DB_PASSWORD - valueFrom: - secretKeyRef: - name: roundcube-postgresql-17-cluster-app - key: password - - name: ROUNDCUBEMAIL_DES_KEY - valueFrom: - secretKeyRef: - name: roundcube-key-secret - key: DES_KEY - - name: ROUNDCUBEMAIL_DEFAULT_HOST - value: stalwart.stalwart - - name: ROUNDCUBEMAIL_DEFAULT_PORT - value: 143 - - name: ROUNDCUBEMAIL_SMTP_SERVER - value: stalwart.stalwart - - name: ROUNDCUBEMAIL_SMTP_PORT - value: 25 - - name: ROUNDCUBEMAIL_SKIN - value: elastic - - name: ROUNDCUBEMAIL_PLUGINS - value: archive,zipdownload,newmail_notifier - resources: - requests: - cpu: 100m - memory: 256Mi - nginx: - image: - repository: nginx - tag: 1.27.4-alpine - pullPolicy: IfNotPresent - env: - - name: NGINX_HOST - value: mail.alexlebens.dev - - name: NGINX_PHP_CGI - value: roundcube.roundcube:9000 - resources: - requests: - cpu: 10m - memory: 128Mi - cleandb: - type: cronjob - cronjob: - suspend: false - concurrencyPolicy: Forbid - timeZone: US/Central - schedule: 0 4 * * * - startingDeadlineSeconds: 90 - successfulJobsHistory: 3 - failedJobsHistory: 3 - backoffLimit: 3 - parallelism: 1 - containers: - backup: - image: - repository: roundcube/roundcubemail - tag: 1.6.9-fpm-alpine - pullPolicy: IfNotPresent - env: - - name: ROUNDCUBEMAIL_DB_TYPE - value: pgsql - - name: ROUNDCUBEMAIL_DB_HOST - valueFrom: - secretKeyRef: - name: roundcube-postgresql-17-cluster-app - key: host - - name: ROUNDCUBEMAIL_DB_NAME - valueFrom: - secretKeyRef: - name: roundcube-postgresql-17-cluster-app - key: dbname - - name: ROUNDCUBEMAIL_DB_USER - valueFrom: - secretKeyRef: - name: roundcube-postgresql-17-cluster-app - key: user - - name: ROUNDCUBEMAIL_DB_PASSWORD - valueFrom: - secretKeyRef: - name: roundcube-postgresql-17-cluster-app - key: password - - name: ROUNDCUBEMAIL_DES_KEY - valueFrom: - secretKeyRef: - name: roundcube-key-secret - key: DES_KEY - - name: ROUNDCUBEMAIL_DEFAULT_HOST - value: tls://stalwart.stalwart - - name: ROUNDCUBEMAIL_SMTP_SERVER - value: tls://stalwart.stalwart - - name: ROUNDCUBEMAIL_SKIN - value: elastic - - name: ROUNDCUBEMAIL_PLUGINS - value: archive,zipdownload,newmail_notifier - args: - - bin/cleandb.sh - resources: - requests: - cpu: 100m - memory: 128Mi - serviceAccount: - create: true - configMaps: - config: - enabled: true - data: - default.conf: | - server { - listen 80 default_server; - server_name _; - root /var/www/html; - - location / { - try_files $uri /index.php$is_args$args; - } - - location ~ \.php(/|$) { - try_files $uri =404; - fastcgi_pass roundcube:9000; - fastcgi_read_timeout 300; - proxy_read_timeout 300; - fastcgi_split_path_info ^(.+\.php)(/.*)$; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; - fastcgi_param DOCUMENT_ROOT $realpath_root; - internal; - } - - client_max_body_size 6m; - - error_log /var/log/nginx/error.log; - access_log /var/log/nginx/access.log; - } - service: - main: - controller: main - ports: - mail: - port: 9000 - targetPort: 9000 - protocol: HTTP - web: - port: 80 - targetPort: 80 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: mail-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: roundcube - port: 80 - tls: - - hosts: - - mail-cl01tl - persistence: - data: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 5Gi - retain: true - advancedMounts: - main: - main: - - path: /var/www/html - readOnly: false - nginx: - - path: /var/www/html - readOnly: false - temp: - type: emptyDir - advancedMounts: - main: - main: - - path: /tmp/roundcube-temp - readOnly: false - config: - enabled: true - type: configMap - name: roundcube-config - advancedMounts: - main: - nginx: - - path: /etc/nginx/conf.d/default.conf - readOnly: true - mountPropagation: None - subPath: default.conf -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/roundcube/roundcube-postgresql-17-cluster - endpointCredentials: roundcube-postgresql-17-cluster-backup-secret - backupIndex: 1 diff --git a/clusters/standby/applications/site-profile/Chart.yaml b/clusters/standby/applications/site-profile/Chart.yaml deleted file mode 100644 index 19a21d054..000000000 --- a/clusters/standby/applications/site-profile/Chart.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: v2 -name: site-profile -version: 1.0.0 -description: Site Profile -keywords: - - site-profile - - astro -home: https://wiki.alexlebens.dev/doc/site-profile-uoqXo94Yzd -sources: - - https://github.com/alexlebens/site-profile - - https://github.com/withastro/astro - - https://github.com/cloudflare/cloudflared - - https://github.com/alexlebens/site-profile/pkgs/container/site-profile - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/charts/cloudflared -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: site-profile - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: cloudflared - alias: cloudflared-site - repository: http://alexlebens.github.io/helm-charts - version: 1.13.0 -icon: https://d21zlbwtcn424f.cloudfront.net/icon_white.png -appVersion: 0.5.5 diff --git a/clusters/standby/applications/site-profile/templates/external-secret.yaml b/clusters/standby/applications/site-profile/templates/external-secret.yaml deleted file mode 100644 index 94e0e0f0e..000000000 --- a/clusters/standby/applications/site-profile/templates/external-secret.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: site-profile-cloudflared-api-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: site-profile-cloudflared-api-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/site-profile - metadataPolicy: None - property: token diff --git a/clusters/standby/applications/site-profile/values.yaml b/clusters/standby/applications/site-profile/values.yaml deleted file mode 100644 index ab473959e..000000000 --- a/clusters/standby/applications/site-profile/values.yaml +++ /dev/null @@ -1,32 +0,0 @@ -site-profile: - global: - fullnameOverride: site-profile - controllers: - main: - type: deployment - replicas: 3 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/alexlebens/site-profile - tag: 0.6.2 - pullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 128Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 4321 - protocol: HTTP -cloudflared-site: - name: cloudflared-site - existingSecretName: site-profile-cloudflared-api-secret diff --git a/clusters/standby/applications/slskd/Chart.yaml b/clusters/standby/applications/slskd/Chart.yaml deleted file mode 100644 index 3c55fa832..000000000 --- a/clusters/standby/applications/slskd/Chart.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v2 -name: slskd -version: 1.0.0 -description: slskd -keywords: - - slskd - - soularr - - lidarr - - music -home: https://wiki.alexlebens.dev/doc/slskd-v4Hfaqh48C -sources: - - https://github.com/slskd/slskd - - https://github.com/mrusse/soularr - - https://hub.docker.com/r/slskd/slskd - - https://hub.docker.com/r/mrusse08/soularr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: slskd - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 -icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/slskd.png -appVersion: 0.22.1 diff --git a/clusters/standby/applications/slskd/templates/external-secret.yaml b/clusters/standby/applications/slskd/templates/external-secret.yaml deleted file mode 100644 index 430622c14..000000000 --- a/clusters/standby/applications/slskd/templates/external-secret.yaml +++ /dev/null @@ -1,73 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: slskd-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: slskd-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: slskd.yml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/slskd/config - metadataPolicy: None - property: slskd.yml - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: soularr-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: soularr-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.ini - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/slskd/soularr - metadataPolicy: None - property: config.ini - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: slskd-wireguard-conf - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: slskd-wireguard-conf - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: private-key - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /protonvpn - metadataPolicy: None - property: private-key diff --git a/clusters/standby/applications/slskd/templates/persistent-volume-claim.yaml b/clusters/standby/applications/slskd/templates/persistent-volume-claim.yaml deleted file mode 100644 index b8f35601b..000000000 --- a/clusters/standby/applications/slskd/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: slskd-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: slskd-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: slskd-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/slskd/templates/persistent-volume.yaml b/clusters/standby/applications/slskd/templates/persistent-volume.yaml deleted file mode 100644 index 98f4ce748..000000000 --- a/clusters/standby/applications/slskd/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: slskd-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: slskd-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/slskd/templates/service-monitor.yaml b/clusters/standby/applications/slskd/templates/service-monitor.yaml deleted file mode 100644 index bed1fd152..000000000 --- a/clusters/standby/applications/slskd/templates/service-monitor.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: slskd - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: slskd - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: slskd - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: http - interval: 3m - scrapeTimeout: 1m - path: /metrics diff --git a/clusters/standby/applications/slskd/values.yaml b/clusters/standby/applications/slskd/values.yaml deleted file mode 100644 index afde8cd07..000000000 --- a/clusters/standby/applications/slskd/values.yaml +++ /dev/null @@ -1,170 +0,0 @@ -slskd: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - initContainers: - init-sysctl: - image: - repository: busybox - tag: 1.37.0 - pullPolicy: IfNotPresent - securityContext: - privileged: True - resources: - requests: - cpu: 100m - memory: 128Mi - command: - - /bin/sh - args: - - -ec - - | - sysctl -w net.ipv4.ip_forward=1; - sysctl -w net.ipv6.conf.all.disable_ipv6=1 - containers: - main: - image: - repository: slskd/slskd - tag: 0.22.2 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 1000 - - name: SLSKD_UMASK - value: 000 - resources: - requests: - cpu: 100m - memory: 512Mi - gluetun: - image: - repository: ghcr.io/qdm12/gluetun - tag: v3.40.0@sha256:2b42bfa046757145a5155acece417b65b4443c8033fb88661a8e9dcf7fda5a00 - pullPolicy: IfNotPresent - env: - - name: VPN_SERVICE_PROVIDER - value: protonvpn - - name: VPN_TYPE - value: wireguard - - name: WIREGUARD_PRIVATE_KEY - valueFrom: - secretKeyRef: - name: slskd-wireguard-conf - key: private-key - - name: VPN_PORT_FORWARDING - value: "on" - - name: PORT_FORWARD_ONLY - value: "on" - - name: FIREWALL_OUTBOUND_SUBNETS - value: 192.168.1.0/24,10.244.0.0/16 - - name: FIREWALL_INPUT_PORTS - value: 5030,50300 - - name: DOT - value: "off" - securityContext: - privileged: True - capabilities: - add: - - NET_ADMIN - - SYS_MODULE - resources: - requests: - squat.ai/tun: "1" - cpu: 10m - memory: 128Mi - limits: - squat.ai/tun: "1" - soularr: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - pod: - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - containers: - main: - image: - repository: mrusse08/soularr - tag: latest@sha256:11187ea58ea7b3686f4a2d328e721a5a8ca4d5815c43d90e9d67f5c61ca275c8 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 1000 - - name: SCRIPT_INTERVAL - value: 300 - resources: - requests: - cpu: 100m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 5030 - targetPort: 5030 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: slskd-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: slskd - port: 5030 - tls: - - hosts: - - slskd-cl01tl - persistence: - slskd-config: - enabled: true - type: secret - name: slskd-config-secret - advancedMounts: - main: - main: - - path: /app/slskd.yml - readOnly: true - mountPropagation: None - subPath: slskd.yml - soularr-config: - enabled: true - type: secret - name: soularr-config-secret - advancedMounts: - soularr: - main: - - path: /data/config.ini - readOnly: true - mountPropagation: None - subPath: config.ini - data: - existingClaim: slskd-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store - readOnly: false - soularr: - main: - - path: /mnt/store - readOnly: false diff --git a/clusters/standby/applications/sonarr4-4k/Chart.yaml b/clusters/standby/applications/sonarr4-4k/Chart.yaml deleted file mode 100644 index 76a5bc0a6..000000000 --- a/clusters/standby/applications/sonarr4-4k/Chart.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: v2 -name: sonarr4-4k -version: 1.0.0 -description: Sonarr v4 4K -keywords: - - sonarr - - servarr - - tv shows - - 4k - - metrics -home: https://wiki.alexlebens.dev/doc/sonarr-AvJLY9PxEy -sources: - - https://github.com/Sonarr/Sonarr - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/onedr0p/containers/pkgs/container/sonarr - - https://github.com/onedr0p/exportarr/pkgs/container/exportarr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: sonarr4-4k - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/sonarr.png -appVersion: 4.0.11 diff --git a/clusters/standby/applications/sonarr4-4k/templates/external-secret.yaml b/clusters/standby/applications/sonarr4-4k/templates/external-secret.yaml deleted file mode 100644 index bde770fd3..000000000 --- a/clusters/standby/applications/sonarr4-4k/templates/external-secret.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: sonarr4-4k-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-4k-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/sonarr4-4k/sonarr4-4k-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: sonarr4-4k-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-4k-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/sonarr4-4k/templates/persistent-volume-claim.yaml b/clusters/standby/applications/sonarr4-4k/templates/persistent-volume-claim.yaml deleted file mode 100644 index c453fe08c..000000000 --- a/clusters/standby/applications/sonarr4-4k/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: sonarr4-4k-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-4k-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: sonarr4-4k-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/sonarr4-4k/templates/persistent-volume.yaml b/clusters/standby/applications/sonarr4-4k/templates/persistent-volume.yaml deleted file mode 100644 index 91261233e..000000000 --- a/clusters/standby/applications/sonarr4-4k/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: sonarr4-4k-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-4k-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/sonarr4-4k/templates/prometheus-rule.yaml b/clusters/standby/applications/sonarr4-4k/templates/prometheus-rule.yaml deleted file mode 100644 index 495a5eedf..000000000 --- a/clusters/standby/applications/sonarr4-4k/templates/prometheus-rule.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: sonarr4-4k - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-4k - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - groups: - - name: sonarr4-4k - rules: - - alert: ExportarrAbsent - annotations: - description: Sonarr4 4K Exportarr has disappeared from Prometheus - service discovery. - summary: Exportarr is down. - expr: | - absent(up{job=~".*sonarr4_4k.*"} == 1) - for: 5m - labels: - severity: critical - - alert: Sonarr44KDown - annotations: - description: Sonarr4 4K service is down. - summary: Sonarr4 4K is down. - expr: | - sonarr4_4k_system_status{job=~".*sonarr4_4k.*"} == 0 - for: 5m - labels: - severity: critical diff --git a/clusters/standby/applications/sonarr4-4k/templates/replication-source.yaml b/clusters/standby/applications/sonarr4-4k/templates/replication-source.yaml deleted file mode 100644 index ca33329e5..000000000 --- a/clusters/standby/applications/sonarr4-4k/templates/replication-source.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: sonarr4-4k-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-4k-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: sonarr4-4k-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: sonarr4-4k-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - moverSecurityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: - - 44 - - 100 - - 109 - - 65539 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/sonarr4-4k/templates/service-monitor.yaml b/clusters/standby/applications/sonarr4-4k/templates/service-monitor.yaml deleted file mode 100644 index 978aabc59..000000000 --- a/clusters/standby/applications/sonarr4-4k/templates/service-monitor.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: sonarr4-4k - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-4k - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: sonarr4-4k - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: metrics - interval: 3m - scrapeTimeout: 1m - path: /metrics diff --git a/clusters/standby/applications/sonarr4-4k/values.yaml b/clusters/standby/applications/sonarr4-4k/values.yaml deleted file mode 100644 index 0f2d3c030..000000000 --- a/clusters/standby/applications/sonarr4-4k/values.yaml +++ /dev/null @@ -1,144 +0,0 @@ -sonarr4-4k: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - pod: - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: - - 44 - - 100 - - 109 - - 65539 - containers: - main: - image: - repository: ghcr.io/linuxserver/sonarr - tag: 4.0.13@sha256:28d9dcbc846aed74bd47dc90305e016183443ddc3dfa3e8bcac268fc653a6e5e - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 1000 - probes: - liveness: - enabled: false - custom: true - spec: - exec: - command: - - /usr/bin/env - - bash - - -c - - curl --fail localhost:8989/api/v1/system/status?apiKey=`IFS=\> && while - read -d \< E C; do if [[ $E = "ApiKey" ]]; then echo $C; fi; done < /config/config.xml` - failureThreshold: 5 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - resources: - requests: - cpu: 10m - memory: 256Mi - metrics: - image: - repository: ghcr.io/onedr0p/exportarr - tag: v2.0.1 - pullPolicy: IfNotPresent - args: ["sonarr"] - env: - - name: URL - value: http://localhost - - name: CONFIG - value: /config/config.xml - - name: PORT - value: 9794 - - name: ENABLE_ADDITIONAL_METRICS - value: false - - name: ENABLE_UNKNOWN_QUEUE_ITEMS - value: false - resources: - requests: - cpu: 100m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 8989 - protocol: HTTP - metrics: - port: 9794 - targetPort: 9794 - protocol: TCP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: sonarr-4k-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: sonarr4-4k - port: 80 - tls: - - hosts: - - sonarr-4k-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 20Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - metrics: - - path: /config - readOnly: true - media: - existingClaim: sonarr4-4k-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store - readOnly: false -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - bootstrap: - initdb: - database: app - owner: app - postInitSQL: - - CREATE DATABASE "sonarr-main" OWNER "app"; - - CREATE DATABASE "sonarr-log" OWNER "app"; - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/sonarr4-4k/sonarr4-4k-postgresql-17-cluster - endpointCredentials: sonarr4-4k-postgresql-17-cluster-backup-secret - backupIndex: 1 - retentionPolicy: "7d" diff --git a/clusters/standby/applications/sonarr4-anime/Chart.yaml b/clusters/standby/applications/sonarr4-anime/Chart.yaml deleted file mode 100644 index cbf5ed052..000000000 --- a/clusters/standby/applications/sonarr4-anime/Chart.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: v2 -name: sonarr4-anime -version: 1.0.0 -description: Sonarr v4 Anime -keywords: - - sonarr - - servarr - - anime - - metrics -home: https://wiki.alexlebens.dev/doc/sonarr-AvJLY9PxEy -sources: - - https://github.com/Sonarr/Sonarr - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/onedr0p/containers/pkgs/container/sonarr - - https://github.com/onedr0p/exportarr/pkgs/container/exportarr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: sonarr4-anime - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/sonarr.png -appVersion: 4.0.11 diff --git a/clusters/standby/applications/sonarr4-anime/templates/external-secret.yaml b/clusters/standby/applications/sonarr4-anime/templates/external-secret.yaml deleted file mode 100644 index 17026ef0f..000000000 --- a/clusters/standby/applications/sonarr4-anime/templates/external-secret.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: sonarr4-anime-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-anime-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/sonarr4-anime/sonarr4-anime-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: sonarr4-anime-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-anime-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/sonarr4-anime/templates/persistent-volume-claim.yaml b/clusters/standby/applications/sonarr4-anime/templates/persistent-volume-claim.yaml deleted file mode 100644 index b910b945a..000000000 --- a/clusters/standby/applications/sonarr4-anime/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: sonarr4-anime-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-anime-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: sonarr4-anime-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/sonarr4-anime/templates/persistent-volume.yaml b/clusters/standby/applications/sonarr4-anime/templates/persistent-volume.yaml deleted file mode 100644 index b6e30e25f..000000000 --- a/clusters/standby/applications/sonarr4-anime/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: sonarr4-anime-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-anime-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/sonarr4-anime/templates/prometheus-rule.yaml b/clusters/standby/applications/sonarr4-anime/templates/prometheus-rule.yaml deleted file mode 100644 index b98739676..000000000 --- a/clusters/standby/applications/sonarr4-anime/templates/prometheus-rule.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: sonarr4-anime - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-anime - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - groups: - - name: sonarr4-anime - rules: - - alert: ExportarrAbsent - annotations: - description: Sonarr4 Anime Exportarr has disappeared from Prometheus - service discovery. - summary: Exportarr is down. - expr: | - absent(up{job=~".*sonarr4_anime.*"} == 1) - for: 5m - labels: - severity: critical - - alert: Sonarr4AnimeDown - annotations: - description: Sonarr4 Anime service is down. - summary: Sonarr4 Anime is down. - expr: | - sonarr4_anime_system_status{job=~".*sonarr4_anime.*"} == 0 - for: 5m - labels: - severity: critical diff --git a/clusters/standby/applications/sonarr4-anime/templates/replication-source.yaml b/clusters/standby/applications/sonarr4-anime/templates/replication-source.yaml deleted file mode 100644 index 13a24b3ec..000000000 --- a/clusters/standby/applications/sonarr4-anime/templates/replication-source.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: sonarr4-anime-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-anime-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: sonarr4-anime-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: sonarr4-anime-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - moverSecurityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: - - 44 - - 100 - - 109 - - 65539 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/sonarr4-anime/templates/service-monitor.yaml b/clusters/standby/applications/sonarr4-anime/templates/service-monitor.yaml deleted file mode 100644 index 41ff7864b..000000000 --- a/clusters/standby/applications/sonarr4-anime/templates/service-monitor.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: sonarr4-anime - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-anime - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: sonarr4-anime - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: metrics - interval: 3m - scrapeTimeout: 1m - path: /metrics diff --git a/clusters/standby/applications/sonarr4-anime/values.yaml b/clusters/standby/applications/sonarr4-anime/values.yaml deleted file mode 100644 index f114ffd2b..000000000 --- a/clusters/standby/applications/sonarr4-anime/values.yaml +++ /dev/null @@ -1,144 +0,0 @@ -sonarr4-anime: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - pod: - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: - - 44 - - 100 - - 109 - - 65539 - containers: - main: - image: - repository: ghcr.io/linuxserver/sonarr - tag: 4.0.13@sha256:28d9dcbc846aed74bd47dc90305e016183443ddc3dfa3e8bcac268fc653a6e5e - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 1000 - probes: - liveness: - enabled: false - custom: true - spec: - exec: - command: - - /usr/bin/env - - bash - - -c - - curl --fail localhost:8989/api/v1/system/status?apiKey=`IFS=\> && while - read -d \< E C; do if [[ $E = "ApiKey" ]]; then echo $C; fi; done < /config/config.xml` - failureThreshold: 5 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - resources: - requests: - cpu: 10m - memory: 256Mi - metrics: - image: - repository: ghcr.io/onedr0p/exportarr - tag: v2.0.1 - pullPolicy: IfNotPresent - args: ["sonarr"] - env: - - name: URL - value: http://localhost - - name: CONFIG - value: /config/config.xml - - name: PORT - value: 9794 - - name: ENABLE_ADDITIONAL_METRICS - value: false - - name: ENABLE_UNKNOWN_QUEUE_ITEMS - value: false - resources: - requests: - cpu: 100m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 8989 - protocol: HTTP - metrics: - port: 9794 - targetPort: 9794 - protocol: TCP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: sonarr-anime-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: sonarr4-anime - port: 80 - tls: - - hosts: - - sonarr-anime-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 20Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - metrics: - - path: /config - readOnly: true - media: - existingClaim: sonarr4-anime-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store - readOnly: false -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - bootstrap: - initdb: - database: app - owner: app - postInitSQL: - - CREATE DATABASE "sonarr-main" OWNER "app"; - - CREATE DATABASE "sonarr-log" OWNER "app"; - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/sonarr4-anime/sonarr4-anime-postgresql-17-cluster - endpointCredentials: sonarr4-anime-postgresql-17-cluster-backup-secret - backupIndex: 1 - retentionPolicy: "7d" diff --git a/clusters/standby/applications/sonarr4/Chart.yaml b/clusters/standby/applications/sonarr4/Chart.yaml deleted file mode 100644 index 6a8c844a8..000000000 --- a/clusters/standby/applications/sonarr4/Chart.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: v2 -name: sonarr4 -version: 1.0.0 -description: Sonarr v4 -keywords: - - sonarr - - servarr - - tv shows - - metrics -home: https://wiki.alexlebens.dev/doc/sonarr-AvJLY9PxEy -sources: - - https://github.com/Sonarr/Sonarr - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/onedr0p/containers/pkgs/container/sonarr - - https://github.com/onedr0p/exportarr/pkgs/container/exportarr - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: sonarr4 - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/sonarr.png -appVersion: 4.0.11.2680 diff --git a/clusters/standby/applications/sonarr4/templates/external-secret.yaml b/clusters/standby/applications/sonarr4/templates/external-secret.yaml deleted file mode 100644 index 3ef23c1b6..000000000 --- a/clusters/standby/applications/sonarr4/templates/external-secret.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: sonarr4-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/sonarr4/sonarr4-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: sonarr4-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/sonarr4/templates/persistent-volume-claim.yaml b/clusters/standby/applications/sonarr4/templates/persistent-volume-claim.yaml deleted file mode 100644 index 9d4e06d17..000000000 --- a/clusters/standby/applications/sonarr4/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: sonarr4-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: sonarr4-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/sonarr4/templates/persistent-volume.yaml b/clusters/standby/applications/sonarr4/templates/persistent-volume.yaml deleted file mode 100644 index 82edb5205..000000000 --- a/clusters/standby/applications/sonarr4/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: sonarr4-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/sonarr4/templates/prometheus-rule.yaml b/clusters/standby/applications/sonarr4/templates/prometheus-rule.yaml deleted file mode 100644 index d260b61e9..000000000 --- a/clusters/standby/applications/sonarr4/templates/prometheus-rule.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: sonarr4 - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - groups: - - name: sonarr4 - rules: - - alert: ExportarrAbsent - annotations: - description: Sonarr4 Exportarr has disappeared from Prometheus - service discovery. - summary: Exportarr is down. - expr: | - absent(up{job=~".*sonarr4.*"} == 1) - for: 5m - labels: - severity: critical - - alert: Sonarr4Down - annotations: - description: Sonarr4 service is down. - summary: Sonarr4 is down. - expr: | - sonarr4_system_status{job=~".*sonarr4.*"} == 0 - for: 5m - labels: - severity: critical diff --git a/clusters/standby/applications/sonarr4/templates/replication-source.yaml b/clusters/standby/applications/sonarr4/templates/replication-source.yaml deleted file mode 100644 index 5f76e4a04..000000000 --- a/clusters/standby/applications/sonarr4/templates/replication-source.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: sonarr4-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: sonarr4-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: sonarr4-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - moverSecurityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: - - 44 - - 100 - - 109 - - 65539 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/sonarr4/templates/service-monitor.yaml b/clusters/standby/applications/sonarr4/templates/service-monitor.yaml deleted file mode 100644 index a86d6fc63..000000000 --- a/clusters/standby/applications/sonarr4/templates/service-monitor.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: sonarr4 - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr4 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: sonarr4 - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: metrics - interval: 3m - scrapeTimeout: 1m - path: /metrics diff --git a/clusters/standby/applications/sonarr4/values.yaml b/clusters/standby/applications/sonarr4/values.yaml deleted file mode 100644 index 647dd9097..000000000 --- a/clusters/standby/applications/sonarr4/values.yaml +++ /dev/null @@ -1,147 +0,0 @@ -sonarr4: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - pod: - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: - - 44 - - 100 - - 109 - - 65539 - containers: - main: - image: - repository: ghcr.io/linuxserver/sonarr - tag: 4.0.13@sha256:28d9dcbc846aed74bd47dc90305e016183443ddc3dfa3e8bcac268fc653a6e5e - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: 1000 - - name: PGID - value: 1000 - probes: - liveness: - enabled: false - custom: true - spec: - exec: - command: - - /usr/bin/env - - bash - - -c - - curl --fail localhost:8989/api/v1/system/status?apiKey=`IFS=\> && while - read -d \< E C; do if [[ $E = "ApiKey" ]]; then echo $C; fi; done < /config/config.xml` - failureThreshold: 5 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - resources: - requests: - cpu: 100m - memory: 256Mi - metrics: - image: - repository: ghcr.io/onedr0p/exportarr - tag: v2.0.1 - pullPolicy: IfNotPresent - args: ["sonarr"] - env: - - name: URL - value: http://localhost - - name: CONFIG - value: /config/config.xml - - name: PORT - value: 9794 - - name: ENABLE_ADDITIONAL_METRICS - value: false - - name: ENABLE_UNKNOWN_QUEUE_ITEMS - value: false - resources: - requests: - cpu: 100m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 8989 - protocol: HTTP - metrics: - port: 9794 - targetPort: 9794 - protocol: TCP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: sonarr-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: sonarr4 - port: 80 - tls: - - hosts: - - sonarr-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 20Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - metrics: - - path: /config - readOnly: true - media: - existingClaim: sonarr4-nfs-storage - advancedMounts: - main: - main: - - path: /mnt/store - readOnly: false -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - resources: - requests: - memory: 512Mi - monitoring: - enabled: true - bootstrap: - initdb: - database: app - owner: app - postInitSQL: - - CREATE DATABASE "sonarr-main" OWNER "app"; - - CREATE DATABASE "sonarr-log" OWNER "app"; - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/sonarr4/sonarr4-postgresql-17-cluster - endpointCredentials: sonarr4-postgresql-17-cluster-backup-secret - backupIndex: 1 - retentionPolicy: "7d" diff --git a/clusters/standby/applications/tautulli/Chart.yaml b/clusters/standby/applications/tautulli/Chart.yaml deleted file mode 100644 index ea4aab6c1..000000000 --- a/clusters/standby/applications/tautulli/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v2 -name: tautulli -version: 1.0.0 -description: Tautulli -keywords: - - tautulli - - plex -home: https://wiki.alexlebens.dev/doc/tautulli-7FKi7SM33K -sources: - - https://github.com/Tautulli/Tautulli - - https://github.com/Tautulli/Tautulli/pkgs/container/tautulli - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: tautulli - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/tautulli.png -appVersion: v2.15.0 diff --git a/clusters/standby/applications/tautulli/templates/external-secret.yaml b/clusters/standby/applications/tautulli/templates/external-secret.yaml deleted file mode 100644 index 92cbd847d..000000000 --- a/clusters/standby/applications/tautulli/templates/external-secret.yaml +++ /dev/null @@ -1,57 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: tautulli-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: tautulli-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/tautulli/tautulli-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key diff --git a/clusters/standby/applications/tautulli/templates/replication-source.yaml b/clusters/standby/applications/tautulli/templates/replication-source.yaml deleted file mode 100644 index a95d8e802..000000000 --- a/clusters/standby/applications/tautulli/templates/replication-source.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: tautulli-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: tautulli-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: tautulli-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: tautulli-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/tautulli/values.yaml b/clusters/standby/applications/tautulli/values.yaml deleted file mode 100644 index 5db3a436f..000000000 --- a/clusters/standby/applications/tautulli/values.yaml +++ /dev/null @@ -1,164 +0,0 @@ -tautulli: - controllers: - main: - type: deployment - annotations: - reloader.stakater.com/auto: "true" - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/tautulli/tautulli - tag: v2.15.1 - pullPolicy: IfNotPresent - env: - - name: PUID - value: 1001 - - name: GUID - value: 1001 - - name: TZ - value: US/Central - resources: - requests: - cpu: 10m - memory: 128Mi - serviceAccount: - create: true - configMaps: - scripts: - enabled: true - data: - select_tmdb_poster.py: | - #!/usr/bin/env python - # -*- coding: utf-8 -*- - - ''' - Description: Selects the default TMDB poster if no poster is selected - or the current poster is from Gracenote. - Author: /u/SwiftPanda16 - Requires: plexapi - Usage: - * Change the posters for an entire library: - python select_tmdb_poster.py --library "Movies" - - * Change the poster for a specific item: - python select_tmdb_poster.py --rating_key 1234 - - * By default locked posters are skipped. To update locked posters: - python select_tmdb_poster.py --library "Movies" --include_locked - - Tautulli script trigger: - * Notify on recently added - Tautulli script conditions: - * Filter which media to select the poster. Examples: - [ Media Type | is | movie ] - Tautulli script arguments: - * Recently Added: - --rating_key {rating_key} - ''' - - import argparse - import os - import plexapi.base - from plexapi.server import PlexServer - plexapi.base.USER_DONT_RELOAD_FOR_KEYS.add('fields') - - - # Environmental Variables - PLEX_URL = os.getenv('PLEX_URL') - PLEX_TOKEN = os.getenv('PLEX_TOKEN') - - - def select_tmdb_poster_library(library, include_locked=False): - for item in library.all(includeGuids=False): - # Only reload for fields - item.reload(**{k: 0 for k, v in item._INCLUDES.items()}) - select_tmdb_poster_item(item, include_locked=include_locked) - - - def select_tmdb_poster_item(item, include_locked=False): - if item.isLocked('thumb') and not include_locked: # PlexAPI 4.5.10 - print(f"Locked poster for {item.title}. Skipping.") - return - - posters = item.posters() - selected_poster = next((p for p in posters if p.selected), None) - - if selected_poster is None: - print(f"WARNING: No poster selected for {item.title}.") - else: - skipping = ' Skipping.' if selected_poster.provider != 'gracenote' else '' - print(f"Poster provider is '{selected_poster.provider}' for {item.title}.{skipping}") - - if posters and (selected_poster is None or selected_poster.provider == 'gracenote'): - # Fallback to first poster if no TMDB posters are available - tmdb_poster = next((p for p in posters if p.provider == 'tmdb'), posters[0]) - # Selecting the poster automatically locks it - tmdb_poster.select() - print(f"Selected {tmdb_poster.provider} poster for {item.title}.") - - - if __name__ == '__main__': - parser = argparse.ArgumentParser() - parser.add_argument('--rating_key', type=int) - parser.add_argument('--library') - parser.add_argument('--include_locked', action='store_true') - opts = parser.parse_args() - - plex = PlexServer(PLEX_URL, PLEX_TOKEN) - - if opts.rating_key: - item = plex.fetchItem(opts.rating_key) - select_tmdb_poster_item(item, opts.include_locked) - elif opts.library: - library = plex.library.section(opts.library) - select_tmdb_poster_library(library, opts.include_locked) - else: - print("No --rating_key or --library specified. Exiting.") - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 8181 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: tautulli-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: tautulli - port: 80 - tls: - - hosts: - - tautulli-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 5Gi - retain: true - advancedMounts: - main: - main: - - path: /config - readOnly: false - scripts: - enabled: true - type: configMap - name: tautulli-scripts - advancedMounts: - main: - main: - - path: /config/scripts/select_tmdb_poster.py - readOnly: true - mountPropagation: None - subPath: select_tmdb_poster.py diff --git a/clusters/standby/applications/tdarr/Chart.yaml b/clusters/standby/applications/tdarr/Chart.yaml deleted file mode 100644 index cd5f222ba..000000000 --- a/clusters/standby/applications/tdarr/Chart.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v2 -name: tdarr -version: 1.0.0 -description: Tdarr -keywords: - - tdarr - - video - - transcode - - healthchecks -home: https://wiki.alexlebens.dev/doc/tdarr-DlUb9r2tdL -sources: - - https://github.com/HaveAGitGat/Tdarr - - https://github.com/homeylab/tdarr-exporter - - https://github.com/haveagitgat/Tdarr/pkgs/container/tdarr - - https://hub.docker.com/r/homeylab/tdarr-exporter - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/homeylab/helm-charts/tree/main/charts/tdarr-exporter -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: tdarr - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: tdarr-exporter - version: 1.1.6 - repository: https://homeylab.github.io/helm-charts/ -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/tdarr.png -appVersion: 2.27.02 diff --git a/clusters/standby/applications/tdarr/templates/external-secret.yaml b/clusters/standby/applications/tdarr/templates/external-secret.yaml deleted file mode 100644 index 1ed4178ff..000000000 --- a/clusters/standby/applications/tdarr/templates/external-secret.yaml +++ /dev/null @@ -1,116 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: tdarr-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: tdarr-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/tdarr/tdarr-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: tdarr-server-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: tdarr-server-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/tdarr/tdarr-server" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key diff --git a/clusters/standby/applications/tdarr/templates/persistent-volume-claim.yaml b/clusters/standby/applications/tdarr/templates/persistent-volume-claim.yaml deleted file mode 100644 index 937d2940c..000000000 --- a/clusters/standby/applications/tdarr/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: tdarr-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: tdarr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: tdarr-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/tdarr/templates/persistent-volume.yaml b/clusters/standby/applications/tdarr/templates/persistent-volume.yaml deleted file mode 100644 index 04c0409ea..000000000 --- a/clusters/standby/applications/tdarr/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: tdarr-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: tdarr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/tdarr/templates/replication-source.yaml b/clusters/standby/applications/tdarr/templates/replication-source.yaml deleted file mode 100644 index c1da21fe9..000000000 --- a/clusters/standby/applications/tdarr/templates/replication-source.yaml +++ /dev/null @@ -1,56 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: tdarr-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: tdarr-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: tdarr-config - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: tdarr-config-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot - ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: tdarr-server-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: tdarr-server-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: tdarr-server - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: tdarr-server-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/tdarr/values.yaml b/clusters/standby/applications/tdarr/values.yaml deleted file mode 100644 index 18b9ea53b..000000000 --- a/clusters/standby/applications/tdarr/values.yaml +++ /dev/null @@ -1,174 +0,0 @@ -tdarr: - controllers: - server: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/haveagitgat/tdarr - tag: 2.31.02 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: "1001" - - name: PGID - value: "1001" - - name: UMASK_SET - value: "002" - - name: ffmpegVersion - value: "6" - - name: internalNode - value: "false" - - name: inContainer - value: "true" - - name: nodeName - value: tdarr-server - - name: serverIP - value: 0.0.0.0 - - name: serverPort - value: "8266" - - name: webUIPort - value: "8265" - resources: - requests: - cpu: 200m - memory: 1Gi - node: - type: daemonset - revisionHistoryLimit: 3 - pod: - nodeSelector: - intel.feature.node.kubernetes.io/gpu: "true" - containers: - main: - image: - repository: ghcr.io/haveagitgat/tdarr_node - tag: 2.31.02 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: PUID - value: "1001" - - name: PGID - value: "1001" - - name: UMASK_SET - value: "002" - - name: ffmpegVersion - value: "6" - - name: inContainer - value: "true" - - name: nodeName - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: serverIP - value: tdarr-api - - name: serverPort - value: "8266" - resources: - limits: - gpu.intel.com/i915: 1 - cpu: 2000m - requests: - gpu.intel.com/i915: 1 - cpu: 10m - memory: 512Mi - serviceAccount: - create: true - service: - api: - controller: server - ports: - http: - port: 8266 - targetPort: 8266 - protocol: HTTP - web: - controller: server - ports: - http: - port: 8265 - targetPort: 8265 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: tdarr-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: tdarr-web - port: 8265 - tls: - - hosts: - - tdarr-cl01tl - persistence: - config: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 50Gi - retain: true - advancedMounts: - server: - main: - - path: /app/configs - readOnly: false - server: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 50Gi - retain: true - advancedMounts: - server: - main: - - path: /app/server - readOnly: false - server-cache: - type: emptyDir - advancedMounts: - server: - main: - - path: /tcache - readOnly: false - node-cache: - type: emptyDir - advancedMounts: - node: - main: - - path: /tcache - readOnly: false - media: - existingClaim: tdarr-nfs-storage - advancedMounts: - server: - main: - - path: /mnt/store - readOnly: true - node: - main: - - path: /mnt/store - readOnly: true -tdarr-exporter: - image: - name: homeylab/tdarr-exporter - tag: 1.4.2 - metrics: - serviceMonitor: - enabled: true - settings: - config: - url: http://tdarr-web.tdarr:8265 - verify_ssl: false - resources: - requests: - cpu: 100m - memory: 256Mi diff --git a/clusters/standby/applications/tubearchivist/Chart.yaml b/clusters/standby/applications/tubearchivist/Chart.yaml deleted file mode 100644 index 83431cb5f..000000000 --- a/clusters/standby/applications/tubearchivist/Chart.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: v2 -name: tubearchivist -version: 1.0.0 -description: Tube Archivist -keywords: - - tubearchivist - - download - - video - - youtube -home: https://wiki.alexlebens.dev/doc/tube-archivist-Bv6xCDKPM5 -sources: - - https://github.com/tubearchivist/tubearchivist - - https://github.com/elastic/elasticsearch - - https://github.com/redis/redis - - https://hub.docker.com/r/bbilly1/tubearchivist - - https://hub.docker.com/r/redis/redis-stack-server - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/bitnami/charts/tree/main/bitnami/redis - - https://github.com/bitnami/charts/tree/main/bitnami/elasticsearch -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: tubearchivist - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: elasticsearch - version: 21.4.5 - repository: https://charts.bitnami.com/bitnami - - name: redis - version: 19.6.4 - repository: https://charts.bitnami.com/bitnami -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/tube-archivist.png -appVersion: v0.4.11 diff --git a/clusters/standby/applications/tubearchivist/templates/external-secret.yaml b/clusters/standby/applications/tubearchivist/templates/external-secret.yaml deleted file mode 100644 index 20f84be3c..000000000 --- a/clusters/standby/applications/tubearchivist/templates/external-secret.yaml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: tubearchivist-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ELASTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/tubearchivist/env - metadataPolicy: None - property: ELASTIC_PASSWORD - - secretKey: TA_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/tubearchivist/env - metadataPolicy: None - property: TA_PASSWORD - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: tubearchivist-elasticsearch-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ELASTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/tubearchivist/env - metadataPolicy: None - property: ELASTIC_PASSWORD diff --git a/clusters/standby/applications/tubearchivist/templates/persistent-volume-claim.yaml b/clusters/standby/applications/tubearchivist/templates/persistent-volume-claim.yaml deleted file mode 100644 index 66f3958ff..000000000 --- a/clusters/standby/applications/tubearchivist/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: tubearchivist-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: tubearchivist-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeName: tubearchivist-nfs-storage - storageClassName: nfs-client - accessModes: - - ReadWriteMany - resources: - requests: - storage: 1Gi diff --git a/clusters/standby/applications/tubearchivist/templates/persistent-volume.yaml b/clusters/standby/applications/tubearchivist/templates/persistent-volume.yaml deleted file mode 100644 index 719c64ea6..000000000 --- a/clusters/standby/applications/tubearchivist/templates/persistent-volume.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: tubearchivist-nfs-storage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: tubearchivist-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-client - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - nfs: - path: /volume2/Storage/YouTube - server: synologybond.alexlebens.net - mountOptions: - - vers=4 - - minorversion=1 - - noac diff --git a/clusters/standby/applications/tubearchivist/values.yaml b/clusters/standby/applications/tubearchivist/values.yaml deleted file mode 100644 index 10c748a09..000000000 --- a/clusters/standby/applications/tubearchivist/values.yaml +++ /dev/null @@ -1,139 +0,0 @@ -tubearchivist: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: bbilly1/tubearchivist - tag: v0.4.13 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: HOST_UID - value: 1000 - - name: HOST_GID - value: 1000 - - name: ES_URL - value: http://tubearchivist-elasticsearch:9200 - - name: REDIS_HOST - value: tubearchivist-redis-headless - - name: TA_HOST - value: tubearchivist-cl01tl.boreal-beaufort.ts.net tubearchivist.tubearchivist - - name: TA_USERNAME - value: admin - envFrom: - - secretRef: - name: tubearchivist-config-secret - probes: - liveness: - enabled: true - custom: true - spec: - exec: - command: - - /usr/bin/env - - bash - - -c - - curl --fail http://localhost:8000/health - failureThreshold: 5 - initialDelaySeconds: 60 - periodSeconds: 30 - successThreshold: 1 - timeoutSeconds: 10 - resources: - requests: - cpu: 10m - memory: 1Gi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 8000 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: tubearchivist-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: tubearchivist - port: 80 - tls: - - hosts: - - tubearchivist-cl01tl - persistence: - data: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 20Gi - retain: true - advancedMounts: - main: - main: - - path: /cache - readOnly: false - youtube: - existingClaim: tubearchivist-nfs-storage - advancedMounts: - main: - main: - - path: /youtube - readOnly: false -redis: - image: - repository: redis/redis-stack-server - tag: 7.2.0-v13 - architecture: standalone - auth: - enabled: false - commonConfiguration: |- - # Enable AOF https://redis.io/topics/persistence#append-only-file - appendonly yes - # Disable RDB persistence, AOF persistence already enabled. - save "" - # Enable Redis Json module - loadmodule /opt/redis-stack/lib/rejson.so -elasticsearch: - global: - storageClass: ceph-block - extraEnvVars: - - name: discovery.type - value: single-node - - name: xpack.security.enabled - value: "true" - extraEnvVarsSecret: tubearchivist-elasticsearch-secret - extraConfig: - path: - repo: /usr/share/elasticsearch/data/snapshot - extraVolumes: - - name: snapshot - nfs: - path: /volume2/Storage/TubeArchivist - server: synologybond.alexlebens.net - extraVolumeMounts: - - name: snapshot - mountPath: /usr/share/elasticsearch/data/snapshot - snapshotRepoPath: /usr/share/elasticsearch/data/snapshot - master: - masterOnly: false - replicaCount: 1 - data: - replicaCount: 0 - coordinating: - replicaCount: 0 - ingest: - enabled: false - replicaCount: 0 diff --git a/clusters/standby/applications/vaultwarden/Chart.yaml b/clusters/standby/applications/vaultwarden/Chart.yaml deleted file mode 100644 index cd81ccea6..000000000 --- a/clusters/standby/applications/vaultwarden/Chart.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: v2 -name: vaultwarden -version: 1.0.0 -description: Vaultwarden -keywords: - - vaultwarden - - bitwarden - - password -home: https://wiki.alexlebens.dev/doc/vaultwarden-HFX1rsTgMD -sources: - - https://github.com/dani-garcia/vaultwarden - - https://github.com/cloudflare/cloudflared - - https://github.com/cloudnative-pg/cloudnative-pg - - https://hub.docker.com/r/vaultwarden/server - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/tree/main/charts/cloudflared - - https://github.com/alexlebens/helm-charts/tree/main/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: vaultwarden - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.1 - - name: cloudflared - alias: cloudflared - repository: http://alexlebens.github.io/helm-charts - version: 1.13.0 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/vaultwarden.png -appVersion: 1.32.6 diff --git a/clusters/standby/applications/vaultwarden/templates/external-secret.yaml b/clusters/standby/applications/vaultwarden/templates/external-secret.yaml deleted file mode 100644 index f4a9c136d..000000000 --- a/clusters/standby/applications/vaultwarden/templates/external-secret.yaml +++ /dev/null @@ -1,114 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: vaultwarden-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: vaultwarden-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/vaultwarden - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: vaultwarden-data-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: vaultwarden-data-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/vaultwarden/vaultwarden-data" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: vaultwarden-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: vaultwarden-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/standby/applications/vaultwarden/templates/replication-source.yaml b/clusters/standby/applications/vaultwarden/templates/replication-source.yaml deleted file mode 100644 index 020fdab47..000000000 --- a/clusters/standby/applications/vaultwarden/templates/replication-source.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: vaultwarden-data-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: vaultwarden-data-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: vaultwarden-data - trigger: - schedule: 0 0 */3 * * - restic: - pruneIntervalDays: 14 - repository: vaultwarden-data-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 1 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/standby/applications/vaultwarden/values.yaml b/clusters/standby/applications/vaultwarden/values.yaml deleted file mode 100644 index f649763e4..000000000 --- a/clusters/standby/applications/vaultwarden/values.yaml +++ /dev/null @@ -1,67 +0,0 @@ -vaultwarden: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: vaultwarden/server - tag: 1.33.2 - pullPolicy: IfNotPresent - env: - - name: DOMAIN - value: https://passwords.alexlebens.dev - - name: SIGNUPS_ALLOWED - value: "false" - - name: INVITATIONS_ALLOWED - value: "false" - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: vaultwarden-postgresql-17-cluster-app - key: uri - resources: - requests: - cpu: 10m - memory: 128Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 80 - protocol: HTTP - persistence: - data: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 5Gi - retain: true - advancedMounts: - main: - main: - - path: /data - readOnly: false -cloudflared: - existingSecretName: vaultwarden-cloudflared-secret -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/vaultwarden/vaultwarden-postgresql-17-cluster - endpointCredentials: vaultwarden-postgresql-17-cluster-backup-secret - backupIndex: 1