feat: add more
This commit is contained in:
@@ -12,3 +12,10 @@ Selector labels
|
|||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
NFS names
|
||||||
|
*/}}
|
||||||
|
{{- define "custom.storageNfsName" -}}
|
||||||
|
medialyze-nfs-storage
|
||||||
|
{{- end -}}
|
||||||
|
|||||||
@@ -1,13 +1,13 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: medialyze-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: medialyze-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: medialyze-nfs-storage
|
volumeName: {{ include "custom.storageNfsName" . }}
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
|
|||||||
@@ -1,10 +1,10 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: medialyze-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: medialyze-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
|
|||||||
@@ -12,3 +12,10 @@ Selector labels
|
|||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
NFS names
|
||||||
|
*/}}
|
||||||
|
{{- define "custom.storageNfsName" -}}
|
||||||
|
music-grabber-nfs-storage
|
||||||
|
{{- end -}}
|
||||||
|
|||||||
@@ -1,60 +1,29 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: music-grabber-config-secret
|
name: music-grabber-config
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: music-grabber-config-secret
|
app.kubernetes.io/name: music-grabber-config
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: vault
|
name: openbao
|
||||||
data:
|
data:
|
||||||
- secretKey: navidrome-user
|
- secretKey: navidrome-user
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/navidrome/admin
|
key: /cl01tl/navidrome/users/admin
|
||||||
property: user
|
property: user
|
||||||
- secretKey: navidrome-password
|
- secretKey: navidrome-password
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/navidrome/admin
|
key: /cl01tl/navidrome/users/admin
|
||||||
property: password
|
property: password
|
||||||
- secretKey: slskd-user
|
- secretKey: slskd-user
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/slskd/auth
|
key: /cl01tl/slskd/users/slskd
|
||||||
property: user
|
property: user
|
||||||
- secretKey: slskd-password
|
- secretKey: slskd-password
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/slskd/auth
|
key: /cl01tl/slskd/users/slskd
|
||||||
property: password
|
property: password
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: music-grabber-wireguard-conf
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: music-grabber-wireguard-conf
|
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: private-key
|
|
||||||
remoteRef:
|
|
||||||
key: /airvpn/conf/cl01tl
|
|
||||||
property: private-key
|
|
||||||
- secretKey: preshared-key
|
|
||||||
remoteRef:
|
|
||||||
key: /airvpn/conf/cl01tl
|
|
||||||
property: preshared-key
|
|
||||||
- secretKey: addresses
|
|
||||||
remoteRef:
|
|
||||||
key: /airvpn/conf/cl01tl
|
|
||||||
property: addresses
|
|
||||||
- secretKey: input-ports
|
|
||||||
remoteRef:
|
|
||||||
key: /airvpn/conf/cl01tl
|
|
||||||
property: input-ports
|
|
||||||
|
|||||||
@@ -1,13 +1,13 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: music-grabber-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: music-grabber-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: music-grabber-nfs-storage
|
volumeName: {{ include "custom.storageNfsName" . }}
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
|
|||||||
@@ -1,10 +1,10 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: music-grabber-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: music-grabber-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
|
|||||||
@@ -12,3 +12,19 @@ Selector labels
|
|||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
NFS names
|
||||||
|
*/}}
|
||||||
|
{{- define "custom.storageMusicNfsName" -}}
|
||||||
|
navidrome-music-nfs-storage
|
||||||
|
{{- end -}}
|
||||||
|
{{- define "custom.storageMusicYoutubeNfsName" -}}
|
||||||
|
navidrome-music-youtube-nfs-storage
|
||||||
|
{{- end -}}
|
||||||
|
{{- define "custom.storageMusicGrabberNfsName" -}}
|
||||||
|
navidrome-music-grabber-nfs-storage
|
||||||
|
{{- end -}}
|
||||||
|
{{- define "custom.storageMusicSingleNfsName" -}}
|
||||||
|
navidrome-music-single-nfs-storage
|
||||||
|
{{- end -}}
|
||||||
|
|||||||
@@ -1,13 +1,13 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: navidrome-music-nfs-storage
|
name: {{ include "custom.storageMusicNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: navidrome-music-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageMusicNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: navidrome-music-nfs-storage
|
volumeName: {{ include "custom.storageMusicNfsName" . }}
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
@@ -19,13 +19,13 @@ spec:
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: navidrome-music-youtube-nfs-storage
|
name: {{ include "custom.storageMusicYoutubeNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: navidrome-music-youtube-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageMusicYoutubeNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: navidrome-music-youtube-nfs-storage
|
volumeName: {{ include "custom.storageMusicYoutubeNfsName" . }}
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
@@ -37,13 +37,13 @@ spec:
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: navidrome-music-grabber-nfs-storage
|
name: {{ include "custom.storageMusicGrabberNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: navidrome-music-grabber-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageMusicGrabberNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: navidrome-music-grabber-nfs-storage
|
volumeName: {{ include "custom.storageMusicGrabberNfsName" . }}
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
@@ -55,13 +55,13 @@ spec:
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: navidrome-music-single-nfs-storage
|
name: {{ include "custom.storageMusicSingleNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: navidrome-music-single-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageMusicSingleNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: navidrome-music-single-nfs-storage
|
volumeName: {{ include "custom.storageMusicSingleNfsName" . }}
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
|
|||||||
@@ -1,10 +1,10 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: navidrome-music-nfs-storage
|
name: {{ include "custom.storageMusicNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: navidrome-music-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageMusicNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
@@ -25,10 +25,10 @@ spec:
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: navidrome-music-youtube-nfs-storage
|
name: {{ include "custom.storageMusicYoutubeNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: navidrome-music-youtube-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageMusicYoutubeNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
@@ -49,10 +49,10 @@ spec:
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: navidrome-music-grabber-nfs-storage
|
name: {{ include "custom.storageMusicGrabberNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: navidrome-music-grabber-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageMusicGrabberNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
@@ -73,10 +73,10 @@ spec:
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: navidrome-music-single-nfs-storage
|
name: {{ include "custom.storageMusicSingleNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: navidrome-music-single-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageMusicSingleNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
|
|||||||
@@ -1,9 +1,9 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Namespace
|
kind: Namespace
|
||||||
metadata:
|
metadata:
|
||||||
name: node-feature-discovery
|
name: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: node-feature-discovery
|
app.kubernetes.io/name: {{ .Release.Namespace }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
pod-security.kubernetes.io/audit: privileged
|
pod-security.kubernetes.io/audit: privileged
|
||||||
pod-security.kubernetes.io/enforce: privileged
|
pod-security.kubernetes.io/enforce: privileged
|
||||||
|
|||||||
@@ -1,17 +1,17 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: ntfy-config-secret
|
name: ntfy-config
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: ntfy-config-secret
|
app.kubernetes.io/name: ntfy-config
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: vault
|
name: openbao
|
||||||
data:
|
data:
|
||||||
- secretKey: attachment-cache-dir
|
- secretKey: attachment-cache-dir
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/home-infra/ntfy-attachments
|
key: /garage/home-infra/ntfy-attachments
|
||||||
property: attachment-cache-dir
|
property: S3_URI
|
||||||
|
|||||||
@@ -29,7 +29,7 @@ ntfy:
|
|||||||
- name: NTFY_ATTACHMENT_CACHE_DIR
|
- name: NTFY_ATTACHMENT_CACHE_DIR
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: ntfy-config-secret
|
name: ntfy-config
|
||||||
key: attachment-cache-dir
|
key: attachment-cache-dir
|
||||||
- name: NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT
|
- name: NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT
|
||||||
value: 10G
|
value: 10G
|
||||||
|
|||||||
Reference in New Issue
Block a user