diff --git a/clusters/cl01tl/applications/searxng/Chart.yaml b/clusters/cl01tl/applications/searxng/Chart.yaml new file mode 100644 index 000000000..ccb621979 --- /dev/null +++ b/clusters/cl01tl/applications/searxng/Chart.yaml @@ -0,0 +1,25 @@ +apiVersion: v2 +name: searxng +version: 1.0.0 +description: Searxng +keywords: + - searxng + - search +home: https://wiki.alexlebens.dev/doc/searxng- +sources: + - https://github.com/searxng/searxng + - https://github.com/valkey-io/valkey + - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template + - https://github.com/bitnami/charts/tree/main/bitnami/valkey +maintainers: + - name: alexlebens +dependencies: + - name: app-template + alias: searxng + repository: https://bjw-s.github.io/helm-charts/ + version: 3.7.1 + - name: valkey + version: 2.4.0 + repository: https://charts.bitnami.com/bitnami +icon: https://cdn.jsdelivr.net/gh/selfhst/icons/svg/searxng.svg +appVersion: 1.0.0 diff --git a/clusters/cl01tl/applications/searxng/templates/external-secret.yaml b/clusters/cl01tl/applications/searxng/templates/external-secret.yaml new file mode 100644 index 000000000..7351e83bb --- /dev/null +++ b/clusters/cl01tl/applications/searxng/templates/external-secret.yaml @@ -0,0 +1,30 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: searxng-api-config-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: searxng-config-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: settings.yml + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/searxng/api/config + metadataPolicy: None + property: settings.yml + - secretKey: limiter.toml + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/searxng/api/config + metadataPolicy: None + property: limiter.toml diff --git a/clusters/cl01tl/applications/searxng/templates/http-route.yaml b/clusters/cl01tl/applications/searxng/templates/http-route.yaml new file mode 100644 index 000000000..fed325660 --- /dev/null +++ b/clusters/cl01tl/applications/searxng/templates/http-route.yaml @@ -0,0 +1,30 @@ +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: http-route-searxng + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: http-route-searxng + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - searxng.alexlebens.net + rules: + - matches: + - path: + type: PathPrefix + value: / + backendRefs: + - group: '' + kind: Service + name: searxng-browser + port: 80 + weight: 100 diff --git a/clusters/cl01tl/applications/searxng/values.yaml b/clusters/cl01tl/applications/searxng/values.yaml new file mode 100644 index 000000000..4dfb1f17b --- /dev/null +++ b/clusters/cl01tl/applications/searxng/values.yaml @@ -0,0 +1,126 @@ +searxng: + controllers: + api: + type: deployment + replicas: 1 + strategy: Recreate + revisionHistoryLimit: 3 + containers: + main: + image: + repository: docker.io/searxng/searxng + tag: 2025.1.26-70f1b6500 + pullPolicy: IfNotPresent + env: + - name: SEARXNG_BASE_URL + value: http://searxng-api.searxng:8080 + - name: SEARXNG_QUERY_URL + value: http://searxng-api.searxng:8080/search?q= + - name: SEARXNG_HOSTNAME + value: searxng-api.searxng + - name: UWSGI_WORKERS + value: 4 + - name: UWSGI_THREADS + value: 4 + - name: ENABLE_RAG_WEB_SEARCH + value: true + - name: RAG_WEB_SEARCH_ENGINE + value: searxng + - name: RAG_WEB_SEARCH_RESULT_COUNT + value: 3 + - name: RAG_WEB_SEARCH_CONCURRENT_REQUESTS + value: 10 + resources: + requests: + cpu: 10m + memory: 256Mi + browser: + type: deployment + replicas: 1 + strategy: Recreate + revisionHistoryLimit: 3 + containers: + main: + image: + repository: docker.io/searxng/searxng + tag: 2025.1.26-70f1b6500 + pullPolicy: IfNotPresent + env: + - name: SEARXNG_BASE_URL + value: https://searxng.alexlebens.net/ + - name: SEARXNG_QUERY_URL + value: https://searxng.alexlebens.net/search?q= + - name: SEARXNG_HOSTNAME + value: searxng.alexlebens.net + - name: SEARXNG_REDIS_URL + value: redis://searxng-valkey-primary.searxng:6379/0 + - name: UWSGI_WORKERS + value: 4 + - name: UWSGI_THREADS + value: 4 + resources: + requests: + cpu: 10m + memory: 256Mi + serviceAccount: + create: true + service: + api: + controller: api + ports: + mail: + port: 8080 + targetPort: 8080 + protocol: HTTP + browser: + controller: browser + ports: + mail: + port: 80 + targetPort: 8080 + protocol: HTTP + persistence: + config: + enabled: true + type: secret + name: searxng-api-config-secret + advancedMounts: + api: + main: + - path: /etc/searxng/settings.yml + readOnly: true + mountPropagation: None + subPath: settings.yml + - path: /etc/searxng/limiter.toml + readOnly: true + mountPropagation: None + subPath: limiter.toml + api-data: + storageClass: ceph-block + accessMode: ReadWriteOnce + size: 5Gi + advancedMounts: + api: + main: + - path: /etc/searxng + readOnly: false + browser-data: + storageClass: ceph-block + accessMode: ReadWriteOnce + size: 5Gi + advancedMounts: + browser: + main: + - path: /etc/searxng + readOnly: false +valkey: + architecture: standalone + auth: + enabled: false + usePasswordFiles: false + primary: + persistence: + enabled: false + replica: + persistence: + enabled: false