alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

remove home assistant

Browse Source
This commit is contained in:
Alex Lebens
2024-05-30 18:04:55 -05:00
parent 0871d0a835
commit b6c601a457
7 changed files with 0 additions and 280 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
clusters/cl01tl/applications/home-assistant/templates/external-secret.yaml
View File

@@ -1,48 +0,0 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: home-assistant-codeserver-password-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: home-assistant-codeserver-password-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: SUDO_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/home-assistant/auth
metadataPolicy: None
property: password
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: home-assistant-token-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: home-assistant-token-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: bearerToken
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/home-assistant/auth
metadataPolicy: None
property: bearerToken

68
clusters/cl01tl/applications/home-assistant/templates/ingress-route.yaml
View File

@@ -1,68 +0,0 @@
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: home-assistant
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: home-assistant
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`homeassistant.alexlebens.net`)
middlewares:
- name: "authentik-{{ .Release.Name }}"
namespace: authentik
priority: 10
services:
- kind: Service
name: home-assistant
port: 8123
- kind: Rule
match: Host(`homeassistant.alexlebens.net`) && PathPrefix(`/outpost.goauthentik.io/`)
priority: 15
services:
- kind: Service
name: authentik-outpost-proxy
port: 9000
namespace: authentik
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: home-assistant-codeserver
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: home-assistant-codeserver
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`homeassistant-codeserver.alexlebens.net`)
middlewares:
- name: "authentik-{{ .Release.Name }}"
namespace: authentik
priority: 10
services:
- kind: Service
name: home-assistant
port: 8443
- kind: Rule
match: Host(`homeassistant-codeserver.alexlebens.net`) && PathPrefix(`/outpost.goauthentik.io/`)"
priority: 15
services:
- kind: Service
name: authentik-outpost-proxy
port: 9000
namespace: authentik

27
clusters/cl01tl/applications/home-assistant/templates/middleware.yaml
View File

@@ -1,27 +0,0 @@
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: "authentik-{{ .Release.Name }}"
namespace: authentik
labels:
app.kubernetes.io/name: "authentik-{{ .Release.Name }}"
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: auth
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
forwardAuth:
address: http://authentik-outpost-proxy.authentik:9000/outpost.goauthentik.io/auth/traefik
trustForwardHeader: true
authResponseHeaders:
- X-authentik-username
- X-authentik-groups
- X-authentik-email
- X-authentik-name
- X-authentik-uid
- X-authentik-jwt
- X-authentik-meta-jwks
- X-authentik-meta-outpost
- X-authentik-meta-provider
- X-authentik-meta-app
- X-authentik-meta-version

24
clusters/cl01tl/applications/home-assistant/templates/prometheus-rule.yaml
View File

@@ -1,24 +0,0 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: home-assistant
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: home-assistant
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: metrics
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
groups:
- name: home-assistant
rules:
- alert: HomeAssistantAbsent
annotations:
description: Home Assistant has disappeared from Prometheus service discovery.
summary: Home Assistant is down.
expr: |
absent(up{job=~".*home-assistant.*"} == 1)
for: 5m
labels:
severity: critical

24
clusters/cl01tl/applications/home-assistant/templates/service-monitor.yaml
View File

@@ -1,24 +0,0 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: home-assistant
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: home-assistant
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: metrics
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
selector:
matchLabels:
app.kubernetes.io/name: home-assistant
app.kubernetes.io/instance: {{ .Release.Name }}
endpoints:
- port: http
interval: 1m
scrapeTimeout: 30s
path: /api/prometheus
bearerTokenSecret:
name: home-assistant-token-secret
key: bearerToken