From 8282c9a8fbc9ad4be940ff55572c5509edbeb978 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Wed, 22 Apr 2026 17:44:05 -0500 Subject: [PATCH] feat: add more --- .../helm/medialyze/templates/_helpers.tpl | 7 +++ .../templates/persistent-volume-claim.yaml | 6 +-- .../templates/persistent-volume.yaml | 4 +- .../helm/music-grabber/templates/_helpers.tpl | 7 +++ .../templates/external-secret.yaml | 45 +++---------------- .../templates/persistent-volume-claim.yaml | 6 +-- .../templates/persistent-volume.yaml | 4 +- .../helm/navidrome/templates/_helpers.tpl | 16 +++++++ .../templates/persistent-volume-claim.yaml | 24 +++++----- .../templates/persistent-volume.yaml | 16 +++---- .../templates/namespace.yaml | 4 +- .../helm/ntfy/templates/external-secret.yaml | 8 ++-- clusters/cl01tl/helm/ntfy/values.yaml | 2 +- 13 files changed, 74 insertions(+), 75 deletions(-) diff --git a/clusters/cl01tl/helm/medialyze/templates/_helpers.tpl b/clusters/cl01tl/helm/medialyze/templates/_helpers.tpl index 10688fcef..aad537d7f 100644 --- a/clusters/cl01tl/helm/medialyze/templates/_helpers.tpl +++ b/clusters/cl01tl/helm/medialyze/templates/_helpers.tpl @@ -12,3 +12,10 @@ Selector labels app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} {{- end }} + +{{/* +NFS names +*/}} +{{- define "custom.storageNfsName" -}} +medialyze-nfs-storage +{{- end -}} diff --git a/clusters/cl01tl/helm/medialyze/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/medialyze/templates/persistent-volume-claim.yaml index ed0420367..7652a28b7 100644 --- a/clusters/cl01tl/helm/medialyze/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/medialyze/templates/persistent-volume-claim.yaml @@ -1,13 +1,13 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: medialyze-nfs-storage + name: {{ include "custom.storageNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: medialyze-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: - volumeName: medialyze-nfs-storage + volumeName: {{ include "custom.storageNfsName" . }} storageClassName: nfs-client accessModes: - ReadWriteMany diff --git a/clusters/cl01tl/helm/medialyze/templates/persistent-volume.yaml b/clusters/cl01tl/helm/medialyze/templates/persistent-volume.yaml index 9e1fee702..7ce8d62aa 100644 --- a/clusters/cl01tl/helm/medialyze/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/medialyze/templates/persistent-volume.yaml @@ -1,10 +1,10 @@ apiVersion: v1 kind: PersistentVolume metadata: - name: medialyze-nfs-storage + name: {{ include "custom.storageNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: medialyze-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain diff --git a/clusters/cl01tl/helm/music-grabber/templates/_helpers.tpl b/clusters/cl01tl/helm/music-grabber/templates/_helpers.tpl index 10688fcef..58941a9c9 100644 --- a/clusters/cl01tl/helm/music-grabber/templates/_helpers.tpl +++ b/clusters/cl01tl/helm/music-grabber/templates/_helpers.tpl @@ -12,3 +12,10 @@ Selector labels app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} {{- end }} + +{{/* +NFS names +*/}} +{{- define "custom.storageNfsName" -}} +music-grabber-nfs-storage +{{- end -}} diff --git a/clusters/cl01tl/helm/music-grabber/templates/external-secret.yaml b/clusters/cl01tl/helm/music-grabber/templates/external-secret.yaml index 9b8bc4164..26a893d94 100644 --- a/clusters/cl01tl/helm/music-grabber/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/music-grabber/templates/external-secret.yaml @@ -1,60 +1,29 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: music-grabber-config-secret + name: music-grabber-config namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: music-grabber-config-secret + app.kubernetes.io/name: music-grabber-config {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: navidrome-user remoteRef: - key: /cl01tl/navidrome/admin + key: /cl01tl/navidrome/users/admin property: user - secretKey: navidrome-password remoteRef: - key: /cl01tl/navidrome/admin + key: /cl01tl/navidrome/users/admin property: password - secretKey: slskd-user remoteRef: - key: /cl01tl/slskd/auth + key: /cl01tl/slskd/users/slskd property: user - secretKey: slskd-password remoteRef: - key: /cl01tl/slskd/auth + key: /cl01tl/slskd/users/slskd property: password - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: music-grabber-wireguard-conf - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: music-grabber-wireguard-conf - {{- include "custom.labels" . | nindent 4 }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: private-key - remoteRef: - key: /airvpn/conf/cl01tl - property: private-key - - secretKey: preshared-key - remoteRef: - key: /airvpn/conf/cl01tl - property: preshared-key - - secretKey: addresses - remoteRef: - key: /airvpn/conf/cl01tl - property: addresses - - secretKey: input-ports - remoteRef: - key: /airvpn/conf/cl01tl - property: input-ports diff --git a/clusters/cl01tl/helm/music-grabber/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/music-grabber/templates/persistent-volume-claim.yaml index 7d763994c..7652a28b7 100644 --- a/clusters/cl01tl/helm/music-grabber/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/music-grabber/templates/persistent-volume-claim.yaml @@ -1,13 +1,13 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: music-grabber-nfs-storage + name: {{ include "custom.storageNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: music-grabber-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: - volumeName: music-grabber-nfs-storage + volumeName: {{ include "custom.storageNfsName" . }} storageClassName: nfs-client accessModes: - ReadWriteMany diff --git a/clusters/cl01tl/helm/music-grabber/templates/persistent-volume.yaml b/clusters/cl01tl/helm/music-grabber/templates/persistent-volume.yaml index e07df3efe..7ce8d62aa 100644 --- a/clusters/cl01tl/helm/music-grabber/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/music-grabber/templates/persistent-volume.yaml @@ -1,10 +1,10 @@ apiVersion: v1 kind: PersistentVolume metadata: - name: music-grabber-nfs-storage + name: {{ include "custom.storageNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: music-grabber-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain diff --git a/clusters/cl01tl/helm/navidrome/templates/_helpers.tpl b/clusters/cl01tl/helm/navidrome/templates/_helpers.tpl index 10688fcef..0a655e976 100644 --- a/clusters/cl01tl/helm/navidrome/templates/_helpers.tpl +++ b/clusters/cl01tl/helm/navidrome/templates/_helpers.tpl @@ -12,3 +12,19 @@ Selector labels app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} {{- end }} + +{{/* +NFS names +*/}} +{{- define "custom.storageMusicNfsName" -}} +navidrome-music-nfs-storage +{{- end -}} +{{- define "custom.storageMusicYoutubeNfsName" -}} +navidrome-music-youtube-nfs-storage +{{- end -}} +{{- define "custom.storageMusicGrabberNfsName" -}} +navidrome-music-grabber-nfs-storage +{{- end -}} +{{- define "custom.storageMusicSingleNfsName" -}} +navidrome-music-single-nfs-storage +{{- end -}} diff --git a/clusters/cl01tl/helm/navidrome/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/navidrome/templates/persistent-volume-claim.yaml index b5df7437a..831b62f1c 100644 --- a/clusters/cl01tl/helm/navidrome/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/navidrome/templates/persistent-volume-claim.yaml @@ -1,13 +1,13 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: navidrome-music-nfs-storage + name: {{ include "custom.storageMusicNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: navidrome-music-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageMusicNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: - volumeName: navidrome-music-nfs-storage + volumeName: {{ include "custom.storageMusicNfsName" . }} storageClassName: nfs-client accessModes: - ReadWriteMany @@ -19,13 +19,13 @@ spec: apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: navidrome-music-youtube-nfs-storage + name: {{ include "custom.storageMusicYoutubeNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: navidrome-music-youtube-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageMusicYoutubeNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: - volumeName: navidrome-music-youtube-nfs-storage + volumeName: {{ include "custom.storageMusicYoutubeNfsName" . }} storageClassName: nfs-client accessModes: - ReadWriteMany @@ -37,13 +37,13 @@ spec: apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: navidrome-music-grabber-nfs-storage + name: {{ include "custom.storageMusicGrabberNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: navidrome-music-grabber-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageMusicGrabberNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: - volumeName: navidrome-music-grabber-nfs-storage + volumeName: {{ include "custom.storageMusicGrabberNfsName" . }} storageClassName: nfs-client accessModes: - ReadWriteMany @@ -55,13 +55,13 @@ spec: apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: navidrome-music-single-nfs-storage + name: {{ include "custom.storageMusicSingleNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: navidrome-music-single-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageMusicSingleNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: - volumeName: navidrome-music-single-nfs-storage + volumeName: {{ include "custom.storageMusicSingleNfsName" . }} storageClassName: nfs-client accessModes: - ReadWriteMany diff --git a/clusters/cl01tl/helm/navidrome/templates/persistent-volume.yaml b/clusters/cl01tl/helm/navidrome/templates/persistent-volume.yaml index 731881097..b4c08e52c 100644 --- a/clusters/cl01tl/helm/navidrome/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/navidrome/templates/persistent-volume.yaml @@ -1,10 +1,10 @@ apiVersion: v1 kind: PersistentVolume metadata: - name: navidrome-music-nfs-storage + name: {{ include "custom.storageMusicNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: navidrome-music-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageMusicNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain @@ -25,10 +25,10 @@ spec: apiVersion: v1 kind: PersistentVolume metadata: - name: navidrome-music-youtube-nfs-storage + name: {{ include "custom.storageMusicYoutubeNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: navidrome-music-youtube-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageMusicYoutubeNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain @@ -49,10 +49,10 @@ spec: apiVersion: v1 kind: PersistentVolume metadata: - name: navidrome-music-grabber-nfs-storage + name: {{ include "custom.storageMusicGrabberNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: navidrome-music-grabber-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageMusicGrabberNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain @@ -73,10 +73,10 @@ spec: apiVersion: v1 kind: PersistentVolume metadata: - name: navidrome-music-single-nfs-storage + name: {{ include "custom.storageMusicSingleNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: navidrome-music-single-nfs-storage + app.kubernetes.io/name: {{ include "custom.storageMusicSingleNfsName" . }} {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain diff --git a/clusters/cl01tl/helm/node-feature-discovery/templates/namespace.yaml b/clusters/cl01tl/helm/node-feature-discovery/templates/namespace.yaml index aeb455db5..bbbe36926 100644 --- a/clusters/cl01tl/helm/node-feature-discovery/templates/namespace.yaml +++ b/clusters/cl01tl/helm/node-feature-discovery/templates/namespace.yaml @@ -1,9 +1,9 @@ apiVersion: v1 kind: Namespace metadata: - name: node-feature-discovery + name: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: node-feature-discovery + app.kubernetes.io/name: {{ .Release.Namespace }} {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged diff --git a/clusters/cl01tl/helm/ntfy/templates/external-secret.yaml b/clusters/cl01tl/helm/ntfy/templates/external-secret.yaml index 7de6f187d..406a1b61d 100644 --- a/clusters/cl01tl/helm/ntfy/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/ntfy/templates/external-secret.yaml @@ -1,17 +1,17 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: ntfy-config-secret + name: ntfy-config namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: ntfy-config-secret + app.kubernetes.io/name: ntfy-config {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: attachment-cache-dir remoteRef: key: /garage/home-infra/ntfy-attachments - property: attachment-cache-dir + property: S3_URI diff --git a/clusters/cl01tl/helm/ntfy/values.yaml b/clusters/cl01tl/helm/ntfy/values.yaml index b3af80571..4bbe24305 100644 --- a/clusters/cl01tl/helm/ntfy/values.yaml +++ b/clusters/cl01tl/helm/ntfy/values.yaml @@ -29,7 +29,7 @@ ntfy: - name: NTFY_ATTACHMENT_CACHE_DIR valueFrom: secretKeyRef: - name: ntfy-config-secret + name: ntfy-config key: attachment-cache-dir - name: NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT value: 10G