diff --git a/clusters/cl01tl/applications/homepage/values.yaml b/clusters/cl01tl/applications/homepage/values.yaml index 551042dc6..db0ee9390 100644 --- a/clusters/cl01tl/applications/homepage/values.yaml +++ b/clusters/cl01tl/applications/homepage/values.yaml @@ -228,12 +228,6 @@ homepage: href: https://penpot-cl01tl.boreal-beaufort.ts.net siteMonitor: http://penpot-frontend.penpot:80 statusStyle: dot - - Media Tracker: - icon: sh-ryot.png - description: Ryot - href: https://ryot-cl01tl.boreal-beaufort.ts.net - siteMonitor: http://ryot.ryot:80 - statusStyle: dot - Code: - Code (Public): icon: sh-gitea.svg diff --git a/clusters/cl01tl/applications/ryot/Chart.yaml b/clusters/cl01tl/applications/ryot/Chart.yaml deleted file mode 100644 index c23dfae1b..000000000 --- a/clusters/cl01tl/applications/ryot/Chart.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v2 -name: ryot -version: 1.0.0 -description: Ryot -keywords: - - ryot - - tracker -home: https://wiki.alexlebens.dev/doc/ryot-hIylymbPGj -sources: - - https://github.com/IgnisDa/ryot - - https://github.com/minio/operator - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/ignisda/ryot/pkgs/container/ryot - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/minio/operator/tree/master/helm/tenant - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: app-template - alias: ryot - repository: https://bjw-s.github.io/helm-charts/ - version: 3.6.0 - - name: tenant - version: 6.0.4 - alias: minio - repository: https://operator.min.io/ - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.0.0 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/IgnisDa/ryot/main/docs/logo.png -appVersion: v7.12.2 diff --git a/clusters/cl01tl/applications/ryot/templates/external-secret.yaml b/clusters/cl01tl/applications/ryot/templates/external-secret.yaml deleted file mode 100644 index fe0af4cd8..000000000 --- a/clusters/cl01tl/applications/ryot/templates/external-secret.yaml +++ /dev/null @@ -1,218 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ryot-key-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ryot-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: google_books - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ryot/key - metadataPolicy: None - property: google_books - - secretKey: tmdb - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ryot/key - metadataPolicy: None - property: tmdb - - secretKey: listennotes - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ryot/key - metadataPolicy: None - property: listennotes - - secretKey: admin_token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ryot/key - metadataPolicy: None - property: admin_token - - secretKey: jwt_secret - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ryot/key - metadataPolicy: None - property: jwt_secret - - secretKey: twitch_client_id - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ryot/key - metadataPolicy: None - property: twitch_client_id - - secretKey: twitch_client_secret - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ryot/key - metadataPolicy: None - property: twitch_client_secret - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ryot-oidc-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ryot-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: client_id - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/ryot - metadataPolicy: None - property: client - - secretKey: client_secret - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/ryot - metadataPolicy: None - property: secret - - secretKey: issuer_url - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /authentik/oidc/ryot - metadataPolicy: None - property: issuer_url - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ryot-minio-user-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ryot-minio-user-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ryot/minio/auth - metadataPolicy: None - property: AWS_ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ryot/minio/auth - metadataPolicy: None - property: AWS_SECRET_ACCESS_KEY - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ryot-minio-root-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ryot-minio-root-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.env - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ryot/minio/config - metadataPolicy: None - property: root-config.env - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ryot-minio-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ryot-minio-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.env - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ryot/minio/config - metadataPolicy: None - property: config.env - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ryot-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ryot-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/cl01tl/applications/ryot/values.yaml b/clusters/cl01tl/applications/ryot/values.yaml deleted file mode 100644 index 1f1c87ce2..000000000 --- a/clusters/cl01tl/applications/ryot/values.yaml +++ /dev/null @@ -1,215 +0,0 @@ -ryot: - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: ghcr.io/ignisda/ryot - tag: v7.14.0 - pullPolicy: IfNotPresent - env: - - name: TZ - value: US/Central - - name: AUDIO_BOOKS_AUDIBLE_LOCAL - value: us - - name: BOOKS_GOOGLE_BOOKS_API_KEY - valueFrom: - secretKeyRef: - name: ryot-key-secret - key: google_books - - name: BOOKS_OPENLIBRARY_COVER_IMAGE_SIZE - value: "M" - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: ryot-postgresql-17-cluster-app - key: uri - - name: DISABLE_TELEMETRY - value: true - - name: FILE_STORAGE_S3_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: ryot-minio-user-secret - key: AWS_ACCESS_KEY_ID - - name: FILE_STORAGE_S3_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: ryot-minio-user-secret - key: AWS_SECRET_ACCESS_KEY - - name: FILE_STORAGE_S3_BUCKET_NAME - value: ryot - - name: FILE_STORAGE_S3_REGION - value: us-east-1 - - name: FILE_STORAGE_S3_URL - value: https://ryot-storage-cl01tl.boreal-beaufort.ts.net - - name: FRONTEND_DASHBOARD_MESSAGE - value: Ryot - - name: FRONTEND_OIDC_BUTTON_LABEL - value: Authentik Login - - name: FRONTEND_URL - value: https://ryot-cl01tl.boreal-beaufort.ts.net - - name: INTEGRATION_SYNC_EVERY_MINUTES - value: 5 - - name: MEDIA_MONITORING_REMOVE_AFTER_DAYS - value: 30 - - name: MOVIES_AND_SHOWS_TMDB_ACCESS_TOKEN - valueFrom: - secretKeyRef: - name: ryot-key-secret - key: tmdb - - name: MOVIES_AND_SHOWS_TMDB_LOCALE - value: en - - name: PODCASTS_ITUNES_LOCALE - value: en_us - - name: PODCASTS_LISTENNOTES_API_TOKEN - valueFrom: - secretKeyRef: - name: ryot-key-secret - key: listennotes - - name: SCHEDULER_RATE_LIMIT_NUM - value: 5 - - name: SERVER_ADMIN_ACCESS_TOKEN - valueFrom: - secretKeyRef: - name: ryot-key-secret - key: admin_token - - name: SERVER_OIDC_CLIENT_ID - valueFrom: - secretKeyRef: - name: ryot-oidc-secret - key: client_id - - name: SERVER_OIDC_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: ryot-oidc-secret - key: client_secret - - name: SERVER_OIDC_ISSUER_URL - valueFrom: - secretKeyRef: - name: ryot-oidc-secret - key: issuer_url - - name: SERVER_DISABLE_BACKGROUND_JOBS - value: false - - name: SERVER_GRAPHQL_PLAYGROUND_ENABLED - value: true - - name: SERVER_MAX_FILE_SIZE - value: 70 - - name: SERVER_PROGRESS_UPDATE_THRESHOLD - value: 2 - - name: SERVER_SLEEP_BEFORE_STARTUP_SECONDS - value: 0 - - name: USERS_ALLOW_REGISTRATION - value: true - - name: USERS_DISABLE_LOCAL_AUTH - value: false - - name: USERS_JWT_SECRET - valueFrom: - secretKeyRef: - name: ryot-key-secret - key: jwt_secret - - name: USERS_TOKEN_VALID_FOR_DAYS - value: 90 - - name: VIDEO_GAMES_IGDB_IMAGE_SIZE - value: t_original - - name: VIDEO_GAMES_TWITCH_CLIENT_ID - valueFrom: - secretKeyRef: - name: ryot-key-secret - key: twitch_client_id - - name: VIDEO_GAMES_TWITCH_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: ryot-key-secret - key: twitch_client_secret - resources: - requests: - cpu: 100m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 80 - targetPort: 8000 - protocol: HTTP - ingress: - tailscale: - enabled: true - className: tailscale - hosts: - - host: ryot-cl01tl - paths: - - path: / - pathType: Prefix - service: - name: ryot - port: 80 - tls: - - hosts: - - ryot-cl01tl -minio: - existingSecret: - name: ryot-minio-root-secret - tenant: - name: minio-ryot - configuration: - name: ryot-minio-config-secret - pools: - - servers: 3 - name: pool - volumesPerServer: 2 - size: 10Gi - storageClassName: ceph-block - mountPath: /export - subPath: /data - metrics: - enabled: true - port: 9000 - protocol: http - certificate: - requestAutoCert: false - ingress: - api: - enabled: true - ingressClassName: tailscale - annotations: - tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true" - tls: - - secretName: ryot-storage-cl01tl - hosts: - - ryot-storage-cl01tl - host: ryot-storage-cl01tl - path: / - pathType: Prefix - console: - enabled: true - ingressClassName: tailscale - tls: - - secretName: minio-ryot-cl01tl - hosts: - - minio-ryot-cl01tl - host: minio-ryot-cl01tl - path: / - pathType: Prefix -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/ryot/ryot-postgresql-17-cluster - endpointCredentials: ryot-postgresql-17-cluster-backup-secret - backupIndex: 1