From e104eae55e7e7197121b336dd197854140547491 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Tue, 21 Apr 2026 20:47:16 -0500 Subject: [PATCH] feat: convert many --- .../cl01tl/helm/actual/templates/_helpers.tpl | 14 ++ .../helm/authentik/templates/ingress.yaml | 4 +- .../cl01tl/helm/blocky/templates/_helpers.tpl | 14 ++ .../helm/cilium/templates/http-route.yaml | 4 +- .../cloudnative-pg/templates/_helpers.tpl | 14 ++ .../helm/coredns/templates/_helpers.tpl | 14 ++ .../templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 9 +- .../templates/namespace.yaml | 7 +- .../democratic-csi-synology-iscsi/values.yaml | 2 +- .../helm/descheduler/templates/_helpers.tpl | 14 ++ clusters/cl01tl/helm/directus/Chart.yaml | 2 +- .../helm/directus/templates/_helpers.tpl | 14 ++ .../directus/templates/external-secret.yaml | 133 ++++++++------- clusters/cl01tl/helm/directus/values.yaml | 4 +- .../elastic-operator/templates/_helpers.tpl | 14 ++ .../helm/element-web/templates/_helpers.tpl | 14 ++ .../cl01tl/helm/eraser/templates/_helpers.tpl | 14 ++ clusters/cl01tl/helm/excalidraw/Chart.yaml | 2 +- .../helm/excalidraw/templates/_helpers.tpl | 14 ++ clusters/cl01tl/helm/external-dns/Chart.yaml | 2 +- .../helm/external-dns/templates/_helpers.tpl | 14 ++ .../external-dns/templates/dns-endpoint.yaml | 36 ++++- .../templates/external-secret.yaml | 5 +- .../external-secrets/templates/_helpers.tpl | 14 ++ .../templates/cluster-role-binding.yaml | 5 +- .../templates/cluster-secret-store.yaml | 10 +- .../helm/foldergram/templates/_helpers.tpl | 21 +++ .../templates/persistent-volume-claim.yaml | 9 +- .../templates/persistent-volume.yaml | 7 +- .../helm/freshrss/templates/_helpers.tpl | 14 ++ .../freshrss/templates/external-secret.yaml | 32 ++-- clusters/cl01tl/helm/freshrss/values.yaml | 4 +- .../cl01tl/helm/garage/templates/_helpers.tpl | 14 ++ .../garage/templates/external-secret.yaml | 21 ++- .../cl01tl/helm/garage/templates/service.yaml | 5 +- clusters/cl01tl/helm/garage/values.yaml | 10 +- .../cl01tl/helm/gatus/templates/_helpers.tpl | 14 ++ .../helm/gatus/templates/external-secret.yaml | 22 ++- clusters/cl01tl/helm/gatus/values.yaml | 6 +- .../templates/_helpers.tpl | 14 ++ .../templates/namespace.yaml | 7 +- .../cl01tl/helm/gitea/templates/_helpers.tpl | 14 ++ .../helm/gitea/templates/config-map.yaml | 3 +- .../helm/gitea/templates/external-secret.yaml | 151 ++++-------------- .../helm/gitea/templates/http-route.yaml | 7 +- .../cl01tl/helm/gitea/templates/ingress.yaml | 9 +- .../helm/gitea/templates/namespace.yaml | 7 +- .../templates/persistent-volume-claim.yaml | 3 +- .../helm/gitea/templates/service-monitor.yaml | 3 +- .../helm/gitea/templates/tcp-route.yaml | 7 +- clusters/cl01tl/helm/gitea/values.yaml | 6 +- .../grafana-operator/templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 78 ++------- .../templates/grafana-dashboard.yaml | 126 +++++---------- .../templates/grafana-datasource.yaml | 6 +- .../templates/grafana-folder.yaml | 15 +- .../grafana-operator/templates/grafana.yaml | 11 +- .../helm/grimmory/templates/_helpers.tpl | 24 +++ .../grimmory/templates/external-secret.yaml | 43 ++--- .../helm/grimmory/templates/namespace.yaml | 12 +- .../templates/persistent-volume-claim.yaml | 18 +-- .../grimmory/templates/persistent-volume.yaml | 16 +- clusters/cl01tl/helm/grimmory/values.yaml | 4 +- .../cl01tl/helm/harbor/templates/_helpers.tpl | 14 ++ .../harbor/templates/external-secret.yaml | 27 ++-- clusters/cl01tl/helm/harbor/values.yaml | 8 +- .../helm/headlamp/templates/_helpers.tpl | 21 +++ .../templates/cluster-role-binding.yaml | 13 +- .../headlamp/templates/external-secret.yaml | 25 ++- .../headlamp/templates/service-account.yaml | 7 +- clusters/cl01tl/helm/headlamp/values.yaml | 6 +- .../home-assistant/templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 28 ++-- .../cl01tl/helm/home-assistant/values.yaml | 4 +- .../helm/homepage/templates/_helpers.tpl | 21 +++ .../templates/cluster-role-binding.yaml | 9 +- .../helm/homepage/templates/cluster-role.yaml | 7 +- .../homepage/templates/external-secret.yaml | 33 ++-- clusters/cl01tl/helm/homepage/values.yaml | 2 +- .../helm/houndarr/templates/_helpers.tpl | 14 ++ .../cl01tl/helm/immich/templates/_helpers.tpl | 14 ++ .../immich/templates/external-secrets.yaml | 18 --- .../templates/secret-provider-class.yaml | 18 +++ clusters/cl01tl/helm/immich/values.yaml | 16 +- .../templates/_helpers.tpl | 14 ++ .../templates/namespace.yaml | 7 +- .../helm/jellyfin/templates/_helpers.tpl | 24 +++ .../jellyfin/templates/external-secret.yaml | 22 ++- .../templates/persistent-volume-claim.yaml | 18 +-- .../jellyfin/templates/persistent-volume.yaml | 14 +- clusters/cl01tl/helm/jellyfin/values.yaml | 4 +- .../helm/jellystat/templates/_helpers.tpl | 14 ++ .../jellystat/templates/external-secret.yaml | 15 +- clusters/cl01tl/helm/jellystat/values.yaml | 6 +- .../helm/karakeep/templates/_helpers.tpl | 14 ++ .../karakeep/templates/external-secret.yaml | 12 +- .../cl01tl/helm/kiwix/templates/_helpers.tpl | 14 ++ .../templates/persistent-volume-claim.yaml | 3 +- .../kiwix/templates/persistent-volume.yaml | 3 +- .../cl01tl/helm/komodo/templates/_helpers.tpl | 14 ++ .../komodo/templates/external-secret.yaml | 6 +- .../templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 9 +- .../templates/namespace.yaml | 3 +- .../templates/scrape-config.yaml | 12 +- .../templates/_helpers.tpl | 14 ++ .../templates/cluster-role-binding.yaml | 3 +- .../templates/cluster-role.yaml | 6 +- .../templates/namespace.yaml | 3 +- .../templates/role-binding.yaml | 3 +- .../templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 3 +- .../helm/languagetool/templates/_helpers.tpl | 14 ++ .../helm/libation/templates/_helpers.tpl | 14 ++ .../templates/persistent-volume-claim.yaml | 3 +- .../libation/templates/persistent-volume.yaml | 3 +- .../cl01tl/helm/lidarr/templates/_helpers.tpl | 14 ++ .../helm/lidarr/templates/middleware.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../lidarr/templates/persistent-volume.yaml | 3 +- .../lidarr/templates/prometheus-rule.yaml | 3 +- .../templates/_helpers.tpl | 14 ++ .../templates/namespace.yaml | 3 +- .../cl01tl/helm/loki/templates/_helpers.tpl | 14 ++ .../cl01tl/helm/loki/templates/namespace.yaml | 3 +- .../mariadb-operator/templates/_helpers.tpl | 14 ++ .../matrix-synapse/templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 18 +-- .../templates/service-monitor.yaml | 3 +- .../helm/medialyze/templates/_helpers.tpl | 14 ++ .../templates/persistent-volume-claim.yaml | 3 +- .../templates/persistent-volume.yaml | 3 +- .../metrics-server/templates/_helpers.tpl | 14 ++ .../helm/music-grabber/templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 6 +- .../templates/persistent-volume-claim.yaml | 3 +- .../templates/persistent-volume.yaml | 3 +- .../helm/navidrome/templates/_helpers.tpl | 14 ++ .../templates/persistent-volume-claim.yaml | 12 +- .../templates/persistent-volume.yaml | 12 +- .../templates/_helpers.tpl | 14 ++ .../templates/namespace.yaml | 3 +- .../cl01tl/helm/ntfy/templates/_helpers.tpl | 14 ++ .../helm/ntfy/templates/external-secret.yaml | 3 +- .../cl01tl/helm/ollama/templates/_helpers.tpl | 14 ++ .../ollama/templates/external-secret.yaml | 6 +- .../helm/omni-tools/templates/_helpers.tpl | 14 ++ .../helm/openbao/templates/_helpers.tpl | 14 ++ .../openbao/templates/external-secret.yaml | 12 +- .../helm/openbao/templates/ingress.yaml | 3 +- .../helm/openbao/templates/namespace.yaml | 3 +- .../helm/outline/templates/_helpers.tpl | 14 ++ .../outline/templates/external-secret.yaml | 6 +- .../helm/paperless-ngx/templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 6 +- .../cl01tl/helm/plex/templates/_helpers.tpl | 14 ++ .../templates/persistent-volume-claim.yaml | 3 +- .../plex/templates/persistent-volume.yaml | 3 +- .../cl01tl/helm/postiz/templates/_helpers.tpl | 14 ++ .../postiz/templates/external-secret.yaml | 12 +- .../helm/postiz/templates/http-route.yaml | 3 +- .../helm/prowlarr/templates/_helpers.tpl | 14 ++ .../prowlarr/templates/external-secret.yaml | 3 +- .../helm/qbittorrent/templates/_helpers.tpl | 14 ++ .../qbittorrent/templates/config-map.yaml | 6 +- .../templates/external-secret.yaml | 9 +- .../helm/qbittorrent/templates/namespace.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../templates/persistent-volume.yaml | 3 +- .../helm/radarr-4k/templates/_helpers.tpl | 14 ++ .../helm/radarr-4k/templates/middleware.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../templates/persistent-volume.yaml | 3 +- .../radarr-4k/templates/prometheus-rule.yaml | 3 +- .../helm/radarr-anime/templates/_helpers.tpl | 14 ++ .../radarr-anime/templates/middleware.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../templates/persistent-volume.yaml | 3 +- .../templates/prometheus-rule.yaml | 3 +- .../radarr-standup/templates/_helpers.tpl | 14 ++ .../radarr-standup/templates/middleware.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../templates/persistent-volume.yaml | 3 +- .../templates/prometheus-rule.yaml | 3 +- .../cl01tl/helm/radarr/templates/_helpers.tpl | 14 ++ .../helm/radarr/templates/middleware.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../radarr/templates/persistent-volume.yaml | 3 +- .../radarr/templates/prometheus-rule.yaml | 3 +- .../cl01tl/helm/rclone/templates/_helpers.tpl | 14 ++ .../rclone/templates/external-secret.yaml | 24 +-- .../helm/reloader/templates/_helpers.tpl | 14 ++ .../helm/rook-ceph/templates/_helpers.tpl | 14 ++ .../helm/rook-ceph/templates/namespace.yaml | 3 +- .../helm/roundcube/templates/_helpers.tpl | 14 ++ .../roundcube/templates/external-secret.yaml | 3 +- .../cl01tl/helm/rybbit/templates/_helpers.tpl | 14 ++ .../rybbit/templates/external-secret.yaml | 3 +- .../helm/s3-exporter/templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 6 +- .../helm/searxng/templates/_helpers.tpl | 14 ++ .../searxng/templates/external-secret.yaml | 6 +- .../templates/_helpers.tpl | 14 ++ .../templates/namespace.yaml | 3 +- .../cl01tl/helm/seerr/templates/_helpers.tpl | 14 ++ .../helm/shelfmark/templates/_helpers.tpl | 14 ++ .../shelfmark/templates/external-secret.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 9 +- .../templates/persistent-volume.yaml | 9 +- .../helm/shelly-plug/templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 3 +- .../site-documentation/templates/_helpers.tpl | 14 ++ .../helm/site-profile/templates/_helpers.tpl | 14 ++ .../site-saralebens/templates/_helpers.tpl | 14 ++ .../cl01tl/helm/slskd/templates/_helpers.tpl | 14 ++ .../helm/slskd/templates/external-secret.yaml | 6 +- .../helm/slskd/templates/namespace.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../slskd/templates/persistent-volume.yaml | 3 +- .../templates/secret-provider-class.yaml | 3 +- clusters/cl01tl/helm/slskd/values.yaml | 3 + .../templates/_helpers.tpl | 14 ++ .../helm/sonarr-4k/templates/_helpers.tpl | 14 ++ .../helm/sonarr-4k/templates/middleware.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../templates/persistent-volume.yaml | 3 +- .../sonarr-4k/templates/prometheus-rule.yaml | 3 +- .../helm/sonarr-anime/templates/_helpers.tpl | 14 ++ .../sonarr-anime/templates/middleware.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../templates/persistent-volume.yaml | 3 +- .../templates/prometheus-rule.yaml | 3 +- .../cl01tl/helm/sonarr/templates/_helpers.tpl | 14 ++ .../helm/sonarr/templates/middleware.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../sonarr/templates/persistent-volume.yaml | 3 +- .../sonarr/templates/prometheus-rule.yaml | 3 +- .../helm/sparkyfitness/templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 6 +- .../speedtest-exporter/templates/_helpers.tpl | 14 ++ .../cl01tl/helm/stack/templates/_helpers.tpl | 14 ++ .../helm/stalwart/templates/_helpers.tpl | 14 ++ .../stalwart/templates/elasticsearch.yaml | 3 +- .../stalwart/templates/external-secret.yaml | 3 +- .../helm/stalwart/templates/namespace.yaml | 3 +- .../tailscale-operator/templates/_helpers.tpl | 14 ++ .../templates/connector.yaml | 3 +- .../templates/dns-config.yaml | 3 +- .../templates/external-secrets.yaml | 3 +- .../templates/namespace.yaml | 3 +- .../templates/proxy-class.yaml | 6 +- .../tailscale-operator/templates/service.yaml | 24 +-- .../cl01tl/helm/talos/templates/_helpers.tpl | 14 ++ .../cl01tl/helm/talos/templates/config.yaml | 3 +- .../helm/talos/templates/external-secret.yaml | 15 +- .../cl01tl/helm/talos/templates/secret.yaml | 3 +- .../helm/talos/templates/service-account.yaml | 3 +- .../cl01tl/helm/tdarr/templates/_helpers.tpl | 14 ++ .../templates/persistent-volume-claim.yaml | 3 +- .../tdarr/templates/persistent-volume.yaml | 3 +- .../helm/traefik/templates/_helpers.tpl | 14 ++ .../helm/traefik/templates/namespace.yaml | 3 +- .../helm/tubearchivist/templates/_helpers.tpl | 14 ++ .../templates/elasticsearch.yaml | 3 +- .../templates/external-secret.yaml | 9 +- .../tubearchivist/templates/namespace.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../templates/persistent-volume.yaml | 3 +- .../helm/unpackerr/templates/_helpers.tpl | 14 ++ .../unpackerr/templates/external-secret.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../templates/persistent-volume.yaml | 3 +- .../helm/unpoller/templates/_helpers.tpl | 14 ++ .../unpoller/templates/external-secret.yaml | 3 +- .../cl01tl/helm/vault/templates/_helpers.tpl | 14 ++ .../helm/vault/templates/config-map.yaml | 6 +- .../helm/vault/templates/external-secret.yaml | 27 ++-- .../helm/vault/templates/http-route.yaml | 3 +- .../cl01tl/helm/vault/templates/ingress.yaml | 3 +- .../templates/persistent-volume-claim.yaml | 3 +- .../helm/vaultwarden/templates/_helpers.tpl | 14 ++ .../templates/external-secret.yaml | 3 +- .../version-checker/templates/_helpers.tpl | 14 ++ .../templates/service-monitor.yaml | 3 +- .../helm/volsync/templates/_helpers.tpl | 14 ++ .../volsync/templates/prometheus-rule.yaml | 3 +- .../volsync/templates/service-monitor.yaml | 3 +- .../cl01tl/helm/whodb/templates/_helpers.tpl | 14 ++ .../helm/yamtrack/templates/_helpers.tpl | 14 ++ .../yamtrack/templates/external-secret.yaml | 6 +- .../cl01tl/helm/yubal/templates/_helpers.tpl | 14 ++ .../templates/persistent-volume-claim.yaml | 3 +- .../yubal/templates/persistent-volume.yaml | 3 +- 294 files changed, 2095 insertions(+), 1121 deletions(-) create mode 100644 clusters/cl01tl/helm/actual/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/blocky/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/cloudnative-pg/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/coredns/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/descheduler/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/directus/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/elastic-operator/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/element-web/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/eraser/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/excalidraw/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/external-dns/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/external-secrets/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/foldergram/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/freshrss/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/garage/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/gatus/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/generic-device-plugin/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/gitea/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/grafana-operator/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/grimmory/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/harbor/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/headlamp/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/home-assistant/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/homepage/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/houndarr/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/immich/templates/_helpers.tpl delete mode 100644 clusters/cl01tl/helm/immich/templates/external-secrets.yaml create mode 100644 clusters/cl01tl/helm/immich/templates/secret-provider-class.yaml create mode 100644 clusters/cl01tl/helm/intel-device-plugin/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/jellyfin/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/jellystat/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/karakeep/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/kiwix/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/komodo/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/kube-prometheus-stack/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/languagetool/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/libation/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/lidarr/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/local-path-provisioner/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/loki/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/mariadb-operator/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/matrix-synapse/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/medialyze/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/metrics-server/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/music-grabber/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/navidrome/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/node-feature-discovery/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/ntfy/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/ollama/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/omni-tools/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/openbao/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/outline/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/paperless-ngx/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/plex/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/postiz/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/prowlarr/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/qbittorrent/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/radarr-4k/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/radarr-anime/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/radarr-standup/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/radarr/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/rclone/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/reloader/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/rook-ceph/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/roundcube/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/rybbit/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/s3-exporter/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/searxng/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/secrets-store-csi-driver/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/seerr/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/shelfmark/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/shelly-plug/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/site-documentation/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/site-profile/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/site-saralebens/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/slskd/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/snapshot-controller/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/sonarr-4k/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/sonarr-anime/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/sonarr/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/sparkyfitness/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/speedtest-exporter/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/stack/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/stalwart/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/tailscale-operator/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/talos/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/tdarr/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/traefik/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/tubearchivist/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/unpackerr/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/unpoller/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/vault/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/vaultwarden/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/version-checker/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/volsync/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/whodb/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/yamtrack/templates/_helpers.tpl create mode 100644 clusters/cl01tl/helm/yubal/templates/_helpers.tpl diff --git a/clusters/cl01tl/helm/actual/templates/_helpers.tpl b/clusters/cl01tl/helm/actual/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/actual/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/authentik/templates/ingress.yaml b/clusters/cl01tl/helm/authentik/templates/ingress.yaml index d03d9b19e..d01d31233 100644 --- a/clusters/cl01tl/helm/authentik/templates/ingress.yaml +++ b/clusters/cl01tl/helm/authentik/templates/ingress.yaml @@ -5,8 +5,8 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: {{ .Release.Name }}-tailscale - tailscale.com/proxy-class: no-metrics {{- include "custom.labels" . | nindent 4 }} + tailscale.com/proxy-class: no-metrics annotations: tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true" spec: @@ -25,4 +25,4 @@ spec: service: name: authentik-server port: - number: 80 + name: http diff --git a/clusters/cl01tl/helm/blocky/templates/_helpers.tpl b/clusters/cl01tl/helm/blocky/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/blocky/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/cilium/templates/http-route.yaml b/clusters/cl01tl/helm/cilium/templates/http-route.yaml index f631ec670..d09970388 100644 --- a/clusters/cl01tl/helm/cilium/templates/http-route.yaml +++ b/clusters/cl01tl/helm/cilium/templates/http-route.yaml @@ -20,8 +20,6 @@ spec: type: PathPrefix value: / backendRefs: - - group: '' - kind: Service + - kind: Service name: hubble-ui port: 80 - weight: 100 diff --git a/clusters/cl01tl/helm/cloudnative-pg/templates/_helpers.tpl b/clusters/cl01tl/helm/cloudnative-pg/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/cloudnative-pg/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/coredns/templates/_helpers.tpl b/clusters/cl01tl/helm/coredns/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/coredns/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/_helpers.tpl b/clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/external-secret.yaml b/clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/external-secret.yaml index e456ca3e3..131c918fa 100644 --- a/clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/external-secret.yaml @@ -1,16 +1,15 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: synology-iscsi-config-secret + name: synology-iscsi-config namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: synology-iscsi-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: synology-iscsi-config + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: driver-config-file.yaml remoteRef: diff --git a/clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/namespace.yaml b/clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/namespace.yaml index 98cedb460..bbbe36926 100644 --- a/clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/namespace.yaml +++ b/clusters/cl01tl/helm/democratic-csi-synology-iscsi/templates/namespace.yaml @@ -1,11 +1,10 @@ apiVersion: v1 kind: Namespace metadata: - name: democratic-csi-synology-iscsi + name: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: democratic-csi-synology-iscsi - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ .Release.Namespace }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/democratic-csi-synology-iscsi/values.yaml b/clusters/cl01tl/helm/democratic-csi-synology-iscsi/values.yaml index afbeb6c8b..c6a66174f 100644 --- a/clusters/cl01tl/helm/democratic-csi-synology-iscsi/values.yaml +++ b/clusters/cl01tl/helm/democratic-csi-synology-iscsi/values.yaml @@ -3,7 +3,7 @@ democratic-csi: image: registry: ghcr.io/democratic-csi/democratic-csi tag: v1.9.5@@sha256:fc3b7d7ed3a616714139525075312758e23a5d425ffb539ad12c9bd20fb6001f - existingConfigSecret: synology-iscsi-config-secret + existingConfigSecret: synology-iscsi-config config: driver: synology-iscsi resources: diff --git a/clusters/cl01tl/helm/descheduler/templates/_helpers.tpl b/clusters/cl01tl/helm/descheduler/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/descheduler/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/directus/Chart.yaml b/clusters/cl01tl/helm/directus/Chart.yaml index da199fcc0..d6ca2c76d 100644 --- a/clusters/cl01tl/helm/directus/Chart.yaml +++ b/clusters/cl01tl/helm/directus/Chart.yaml @@ -5,7 +5,7 @@ description: Directus keywords: - directus - content-management-system -home: https://docs.alexlebens.dev/applications/descheduler/ +home: https://docs.alexlebens.dev/applications/directus/ sources: - https://github.com/directus/directus - https://github.com/directus/directus/pkgs/container/directus diff --git a/clusters/cl01tl/helm/directus/templates/_helpers.tpl b/clusters/cl01tl/helm/directus/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/directus/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/directus/templates/external-secret.yaml b/clusters/cl01tl/helm/directus/templates/external-secret.yaml index 89ddc81a8..40ae1bf5f 100644 --- a/clusters/cl01tl/helm/directus/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/directus/templates/external-secret.yaml @@ -5,13 +5,20 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: directus-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: + - secretKey: key + remoteRef: + key: /cl01tl/directus/key + property: key + - secretKey: secret + remoteRef: + key: /cl01tl/directus/key + property: secret - secretKey: admin-email remoteRef: key: /cl01tl/directus/config @@ -20,38 +27,6 @@ spec: remoteRef: key: /cl01tl/directus/config property: admin-password - - secretKey: secret - remoteRef: - key: /cl01tl/directus/config - property: secret - - secretKey: key - remoteRef: - key: /cl01tl/directus/config - property: key - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: directus-oidc-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: OIDC_CLIENT_ID - remoteRef: - key: /authentik/oidc/directus - property: client - - secretKey: OIDC_CLIENT_SECRET - remoteRef: - key: /authentik/oidc/directus - property: secret --- apiVersion: external-secrets.io/v1 @@ -61,18 +36,67 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: directus-metric-token - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: metric-token remoteRef: key: /cl01tl/directus/metrics property: metric-token +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: directus-valkey-config + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: directus-valkey-config + {{- include "custom.labels" . | nindent 4 }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: openbao + data: + - secretKey: user + remoteRef: + key: /cl01tl/directus/valkey + property: user + - secretKey: password + remoteRef: + key: /cl01tl/directus/valkey + property: password + - secretKey: default + remoteRef: + key: /cl01tl/directus/valkey + property: password + +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: directus-oidc-authentik + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: directus-oidc-authentik + {{- include "custom.labels" . | nindent 4 }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: openbao + data: + - secretKey: OIDC_CLIENT_ID + remoteRef: + key: /cl01tl/authentik/oidc/directus + property: client + - secretKey: OIDC_CLIENT_SECRET + remoteRef: + key: /cl01tl/authentik/oidc/directus + property: secret + --- apiVersion: external-secrets.io/v1 kind: ExternalSecret @@ -81,12 +105,11 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: directus-bucket-garage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: ACCESS_KEY_ID remoteRef: @@ -100,31 +123,3 @@ spec: remoteRef: key: /garage/home-infra/directus-assets property: ACCESS_REGION - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: directus-valkey-config - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-valkey-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: default - remoteRef: - key: /cl01tl/directus/valkey - property: password - - secretKey: user - remoteRef: - key: /cl01tl/directus/valkey - property: user - - secretKey: password - remoteRef: - key: /cl01tl/directus/valkey - property: password diff --git a/clusters/cl01tl/helm/directus/values.yaml b/clusters/cl01tl/helm/directus/values.yaml index 7d93e397b..547bac830 100644 --- a/clusters/cl01tl/helm/directus/values.yaml +++ b/clusters/cl01tl/helm/directus/values.yaml @@ -113,12 +113,12 @@ directus: - name: AUTH_AUTHENTIK_CLIENT_ID valueFrom: secretKeyRef: - name: directus-oidc-secret + name: directus-oidc-authentik key: OIDC_CLIENT_ID - name: AUTH_AUTHENTIK_CLIENT_SECRET valueFrom: secretKeyRef: - name: directus-oidc-secret + name: directus-oidc-authentik key: OIDC_CLIENT_SECRET - name: AUTH_AUTHENTIK_SCOPE value: openid profile email diff --git a/clusters/cl01tl/helm/elastic-operator/templates/_helpers.tpl b/clusters/cl01tl/helm/elastic-operator/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/elastic-operator/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/element-web/templates/_helpers.tpl b/clusters/cl01tl/helm/element-web/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/element-web/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/eraser/templates/_helpers.tpl b/clusters/cl01tl/helm/eraser/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/eraser/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/excalidraw/Chart.yaml b/clusters/cl01tl/helm/excalidraw/Chart.yaml index 13b45d2b3..9bb7d7006 100644 --- a/clusters/cl01tl/helm/excalidraw/Chart.yaml +++ b/clusters/cl01tl/helm/excalidraw/Chart.yaml @@ -5,7 +5,7 @@ description: Excalidraw keywords: - excalidraw - drawing -home: https://docs.alexlebens.dev/applications/eraser/ +home: https://docs.alexlebens.dev/applications/excalidraw/ sources: - https://github.com/excalidraw/excalidraw - https://hub.docker.com/r/excalidraw/excalidraw diff --git a/clusters/cl01tl/helm/excalidraw/templates/_helpers.tpl b/clusters/cl01tl/helm/excalidraw/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/excalidraw/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/external-dns/Chart.yaml b/clusters/cl01tl/helm/external-dns/Chart.yaml index 15964a1c9..435df565a 100644 --- a/clusters/cl01tl/helm/external-dns/Chart.yaml +++ b/clusters/cl01tl/helm/external-dns/Chart.yaml @@ -5,7 +5,7 @@ description: External DNS keywords: - external-dns - dns -home: https://docs.alexlebens.dev/applications/eraser/ +home: https://docs.alexlebens.dev/applications/external-dns/ sources: - https://github.com/kubernetes-sigs/external-dns - https://explore.ggcr.dev/?repo=registry.k8s.io%2Fexternal-dns%2Fexternal-dns diff --git a/clusters/cl01tl/helm/external-dns/templates/_helpers.tpl b/clusters/cl01tl/helm/external-dns/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/external-dns/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/external-dns/templates/dns-endpoint.yaml b/clusters/cl01tl/helm/external-dns/templates/dns-endpoint.yaml index dbdf10cb1..cd95d7784 100644 --- a/clusters/cl01tl/helm/external-dns/templates/dns-endpoint.yaml +++ b/clusters/cl01tl/helm/external-dns/templates/dns-endpoint.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: external-device-names - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: endpoints: # Unifi UDM @@ -48,8 +47,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: iot-device-names - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: endpoints: # Airgradient @@ -82,6 +80,18 @@ spec: recordType: A targets: - 10.230.0.100 + # HD Homerun + - dnsName: dv01hr.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.72 + # Pi KVM + - dnsName: dv02kv.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.71 --- apiVersion: externaldns.k8s.io/v1alpha1 @@ -91,8 +101,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: server-host-names - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: endpoints: # Unifi Gateway @@ -125,6 +134,18 @@ spec: recordType: A targets: - 10.232.1.52 + # Desktop + - dnsName: pd05wd.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.230.0.115 + # Laptop + - dnsName: pl02mc.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.230.0.105 --- apiVersion: externaldns.k8s.io/v1alpha1 @@ -134,8 +155,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: cluster-service-names - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: endpoints: # Treafik Proxy diff --git a/clusters/cl01tl/helm/external-dns/templates/external-secret.yaml b/clusters/cl01tl/helm/external-dns/templates/external-secret.yaml index 4cd51c9d8..b5916382d 100644 --- a/clusters/cl01tl/helm/external-dns/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/external-dns/templates/external-secret.yaml @@ -5,12 +5,11 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: external-dns-unifi-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: api-key remoteRef: diff --git a/clusters/cl01tl/helm/external-secrets/templates/_helpers.tpl b/clusters/cl01tl/helm/external-secrets/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/external-secrets/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/external-secrets/templates/cluster-role-binding.yaml b/clusters/cl01tl/helm/external-secrets/templates/cluster-role-binding.yaml index 13f08c206..135eedcd8 100644 --- a/clusters/cl01tl/helm/external-secrets/templates/cluster-role-binding.yaml +++ b/clusters/cl01tl/helm/external-secrets/templates/cluster-role-binding.yaml @@ -5,13 +5,12 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: external-secrets - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:auth-delegator subjects: - kind: ServiceAccount - name: external-secrets + name: {{ .Release.Name }} namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/helm/external-secrets/templates/cluster-secret-store.yaml b/clusters/cl01tl/helm/external-secrets/templates/cluster-secret-store.yaml index 7d8655375..ee0e0bff2 100644 --- a/clusters/cl01tl/helm/external-secrets/templates/cluster-secret-store.yaml +++ b/clusters/cl01tl/helm/external-secrets/templates/cluster-secret-store.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: provider: vault: @@ -26,8 +25,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: openbao - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: provider: vault: @@ -39,7 +37,7 @@ spec: mountPath: kubernetes role: external-secrets serviceAccountRef: - name: external-secrets - namespace: {{ .Release.Name }} + name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} audiences: - openbao diff --git a/clusters/cl01tl/helm/foldergram/templates/_helpers.tpl b/clusters/cl01tl/helm/foldergram/templates/_helpers.tpl new file mode 100644 index 000000000..d090d319c --- /dev/null +++ b/clusters/cl01tl/helm/foldergram/templates/_helpers.tpl @@ -0,0 +1,21 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} + +{{/* +NFS names +*/}} +{{- define "custom.storageNfsName" -}} +foldergram-pictures-collections-nfs-storage +{{- end -}} diff --git a/clusters/cl01tl/helm/foldergram/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/foldergram/templates/persistent-volume-claim.yaml index a863b188e..7652a28b7 100644 --- a/clusters/cl01tl/helm/foldergram/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/foldergram/templates/persistent-volume-claim.yaml @@ -1,14 +1,13 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: foldergram-pictures-collections-nfs-storage + name: {{ include "custom.storageNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: foldergram-pictures-collections-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.storageNfsName" . }} + {{- include "custom.labels" . | nindent 4 }} spec: - volumeName: foldergram-pictures-collections-nfs-storage + volumeName: {{ include "custom.storageNfsName" . }} storageClassName: nfs-client accessModes: - ReadWriteMany diff --git a/clusters/cl01tl/helm/foldergram/templates/persistent-volume.yaml b/clusters/cl01tl/helm/foldergram/templates/persistent-volume.yaml index 3d4030a9c..7aab31dbc 100644 --- a/clusters/cl01tl/helm/foldergram/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/foldergram/templates/persistent-volume.yaml @@ -1,12 +1,11 @@ apiVersion: v1 kind: PersistentVolume metadata: - name: foldergram-pictures-collections-nfs-storage + name: {{ include "custom.storageNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: foldergram-pictures-collections-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.storageNfsName" . }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/freshrss/templates/_helpers.tpl b/clusters/cl01tl/helm/freshrss/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/freshrss/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/freshrss/templates/external-secret.yaml b/clusters/cl01tl/helm/freshrss/templates/external-secret.yaml index 6242e333b..98f990ec5 100644 --- a/clusters/cl01tl/helm/freshrss/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/freshrss/templates/external-secret.yaml @@ -1,54 +1,52 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: freshrss-install-secret + name: freshrss-install-config namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: freshrss-install-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: freshrss-install-config + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: ADMIN_EMAIL remoteRef: key: /cl01tl/freshrss/config - property: ADMIN_EMAIL + property: admin-email - secretKey: ADMIN_PASSWORD remoteRef: key: /cl01tl/freshrss/config - property: ADMIN_PASSWORD + property: admin-password - secretKey: ADMIN_API_PASSWORD remoteRef: key: /cl01tl/freshrss/config - property: ADMIN_API_PASSWORD + property: admin-api-password --- apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: freshrss-oidc-secret + name: freshrss-oidc-authentik namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: freshrss-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: freshrss-oidc-authentik + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: OIDC_CLIENT_ID remoteRef: - key: /authentik/oidc/freshrss + key: /cl01tl/authentik/oidc/freshrss property: client - secretKey: OIDC_CLIENT_SECRET remoteRef: - key: /authentik/oidc/freshrss + key: /cl01tl/authentik/oidc/freshrss property: secret - secretKey: OIDC_CLIENT_CRYPTO_KEY remoteRef: - key: /authentik/oidc/freshrss - property: crypto-key + key: /cl01tl/freshrss/key + property: oidc-client-crypto-key diff --git a/clusters/cl01tl/helm/freshrss/values.yaml b/clusters/cl01tl/helm/freshrss/values.yaml index 48a808065..5779d5e89 100644 --- a/clusters/cl01tl/helm/freshrss/values.yaml +++ b/clusters/cl01tl/helm/freshrss/values.yaml @@ -73,9 +73,9 @@ freshrss: value: preferred_username envFrom: - secretRef: - name: freshrss-oidc-secret + name: freshrss-oidc-authentik - secretRef: - name: freshrss-install-secret + name: freshrss-install-config resources: requests: cpu: 1m diff --git a/clusters/cl01tl/helm/garage/templates/_helpers.tpl b/clusters/cl01tl/helm/garage/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/garage/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/garage/templates/external-secret.yaml b/clusters/cl01tl/helm/garage/templates/external-secret.yaml index 4b0367b9d..ad2f1e9f3 100644 --- a/clusters/cl01tl/helm/garage/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/garage/templates/external-secret.yaml @@ -1,26 +1,25 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: garage-token-secret + name: garage-token namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: garage-token-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: garage-token + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: GARAGE_RPC_SECRET remoteRef: - key: /cl01tl/garage/token - property: rpc + key: /cl01tl/garage/config + property: rpc-secret - secretKey: GARAGE_ADMIN_TOKEN remoteRef: - key: /cl01tl/garage/token - property: admin + key: /cl01tl/garage/config + property: admin-token - secretKey: GARAGE_METRICS_TOKEN remoteRef: - key: /cl01tl/garage/token - property: metric + key: /cl01tl/garage/config + property: metrics-token diff --git a/clusters/cl01tl/helm/garage/templates/service.yaml b/clusters/cl01tl/helm/garage/templates/service.yaml index da2290880..20e56c2d4 100644 --- a/clusters/cl01tl/helm/garage/templates/service.yaml +++ b/clusters/cl01tl/helm/garage/templates/service.yaml @@ -6,8 +6,7 @@ metadata: labels: app.kubernetes.io/name: garage-main app.kubernetes.io/service: garage-main - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: ports: - name: admin @@ -27,6 +26,6 @@ spec: protocol: TCP targetPort: 3902 selector: - app.kubernetes.io/instance: garage app.kubernetes.io/name: garage + app.kubernetes.io/instance: garage garage-type: server diff --git a/clusters/cl01tl/helm/garage/values.yaml b/clusters/cl01tl/helm/garage/values.yaml index 0ef80497b..6b3cc697b 100644 --- a/clusters/cl01tl/helm/garage/values.yaml +++ b/clusters/cl01tl/helm/garage/values.yaml @@ -24,7 +24,7 @@ garage: tag: v2.3.0@sha256:866bd13ed2038ba7e7190e840482bc27234c4afaf77be8cfa439ae088c1e4690 envFrom: - secretRef: - name: garage-token-secret + name: garage-token resources: requests: cpu: 10m @@ -53,7 +53,7 @@ garage: tag: v2.3.0@sha256:866bd13ed2038ba7e7190e840482bc27234c4afaf77be8cfa439ae088c1e4690 envFrom: - secretRef: - name: garage-token-secret + name: garage-token resources: requests: cpu: 10m @@ -82,7 +82,7 @@ garage: tag: v2.3.0@sha256:866bd13ed2038ba7e7190e840482bc27234c4afaf77be8cfa439ae088c1e4690 envFrom: - secretRef: - name: garage-token-secret + name: garage-token resources: requests: cpu: 10m @@ -104,7 +104,7 @@ garage: - name: API_ADMIN_KEY valueFrom: secretKeyRef: - name: garage-token-secret + name: garage-token key: GARAGE_ADMIN_TOKEN resources: requests: @@ -273,7 +273,7 @@ garage: scrapeTimeout: 2m path: /metrics bearerTokenSecret: - name: garage-token-secret + name: garage-token key: GARAGE_METRICS_TOKEN route: webui: diff --git a/clusters/cl01tl/helm/gatus/templates/_helpers.tpl b/clusters/cl01tl/helm/gatus/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/gatus/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/gatus/templates/external-secret.yaml b/clusters/cl01tl/helm/gatus/templates/external-secret.yaml index 194c26525..94af6f4f3 100644 --- a/clusters/cl01tl/helm/gatus/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/gatus/templates/external-secret.yaml @@ -1,42 +1,40 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: gatus-config-secret + name: gatus-config namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: gatus-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: NTFY_TOKEN remoteRef: - key: /ntfy/user/cl01tl + key: /cl01tl/ntfy/users/cl01tl property: token --- apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: gatus-oidc-secret + name: gatus-oidc-authentik namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gatus-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: gatus-oidc-authentik + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: OIDC_CLIENT_ID remoteRef: - key: /authentik/oidc/gatus + key: /cl01tl/authentik/oidc/gatus property: client - secretKey: OIDC_CLIENT_SECRET remoteRef: - key: /authentik/oidc/gatus + key: /cl01tl/authentik/oidc/gatus property: secret diff --git a/clusters/cl01tl/helm/gatus/values.yaml b/clusters/cl01tl/helm/gatus/values.yaml index edc40aa17..2f8ff8bdd 100644 --- a/clusters/cl01tl/helm/gatus/values.yaml +++ b/clusters/cl01tl/helm/gatus/values.yaml @@ -20,17 +20,17 @@ gatus: NTFY_TOKEN: valueFrom: secretKeyRef: - name: gatus-config-secret + name: gatus-config key: NTFY_TOKEN OIDC_CLIENT_ID: valueFrom: secretKeyRef: - name: gatus-oidc-secret + name: gatus-oidc-authentik key: OIDC_CLIENT_ID OIDC_CLIENT_SECRET: valueFrom: secretKeyRef: - name: gatus-oidc-secret + name: gatus-oidc-authentik key: OIDC_CLIENT_SECRET POSTGRES_USER: valueFrom: diff --git a/clusters/cl01tl/helm/generic-device-plugin/templates/_helpers.tpl b/clusters/cl01tl/helm/generic-device-plugin/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/generic-device-plugin/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/generic-device-plugin/templates/namespace.yaml b/clusters/cl01tl/helm/generic-device-plugin/templates/namespace.yaml index 294c34f86..bbbe36926 100644 --- a/clusters/cl01tl/helm/generic-device-plugin/templates/namespace.yaml +++ b/clusters/cl01tl/helm/generic-device-plugin/templates/namespace.yaml @@ -1,11 +1,10 @@ apiVersion: v1 kind: Namespace metadata: - name: generic-device-plugin + name: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: generic-device-plugin - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ .Release.Namespace }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/gitea/templates/_helpers.tpl b/clusters/cl01tl/helm/gitea/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/gitea/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/gitea/templates/config-map.yaml b/clusters/cl01tl/helm/gitea/templates/config-map.yaml index 5af39ccf4..1d9e4b225 100644 --- a/clusters/cl01tl/helm/gitea/templates/config-map.yaml +++ b/clusters/cl01tl/helm/gitea/templates/config-map.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: gitea-custom-templates - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} data: header.tmpl: | diff --git a/clusters/cl01tl/helm/gitea/templates/external-secret.yaml b/clusters/cl01tl/helm/gitea/templates/external-secret.yaml index 0d1a10cad..d8d420e45 100644 --- a/clusters/cl01tl/helm/gitea/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/gitea/templates/external-secret.yaml @@ -1,64 +1,15 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret -metadata: - name: gitea-admin-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: gitea-admin-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: username - remoteRef: - key: /cl01tl/gitea/auth/admin - property: username - - secretKey: password - remoteRef: - key: /cl01tl/gitea/auth/admin - property: password - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: gitea-oidc-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: gitea-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: secret - remoteRef: - key: /authentik/oidc/gitea - property: secret - - secretKey: key - remoteRef: - key: /authentik/oidc/gitea - property: client - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret metadata: name: gitea-runner-secret namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: gitea-runner-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: token remoteRef: @@ -69,80 +20,15 @@ spec: apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: gitea-renovate-secret + name: gitea-meilisearch-key namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-renovate-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: gitea-meilisearch-key + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault - data: - - secretKey: RENOVATE_ENDPOINT - remoteRef: - key: /cl01tl/gitea/renovate - property: RENOVATE_ENDPOINT - - secretKey: RENOVATE_GIT_AUTHOR - remoteRef: - key: /cl01tl/gitea/renovate - property: RENOVATE_GIT_AUTHOR - - secretKey: RENOVATE_TOKEN - remoteRef: - key: /cl01tl/gitea/renovate - property: RENOVATE_TOKEN - - secretKey: RENOVATE_GIT_PRIVATE_KEY - remoteRef: - key: /cl01tl/gitea/renovate - property: id_rsa - - secretKey: RENOVATE_GITHUB_COM_TOKEN - remoteRef: - key: /github/gitea-cl01tl - property: token - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: gitea-renovate-ssh-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: gitea-renovate-ssh-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config - remoteRef: - key: /cl01tl/gitea/renovate - property: ssh_config - - secretKey: id_rsa - remoteRef: - key: /cl01tl/gitea/renovate - property: id_rsa - - secretKey: id_rsa.pub - remoteRef: - key: /cl01tl/gitea/renovate - property: id_rsa.pub - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: gitea-meilisearch-master-key-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: gitea-meilisearch-master-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault + name: openbao target: template: mergePolicy: Merge @@ -153,4 +39,27 @@ spec: - secretKey: MEILI_MASTER_KEY remoteRef: key: /cl01tl/gitea/meilisearch - property: MEILI_MASTER_KEY + property: master-key + +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: gitea-oidc-authentik + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: gitea-oidc-authentik + {{- include "custom.labels" . | nindent 4 }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: openbao + data: + - secretKey: secret + remoteRef: + key: /cl01tl/authentik/oidc/gitea + property: secret + - secretKey: key + remoteRef: + key: /cl01tl/authentik/oidc/gitea + property: client diff --git a/clusters/cl01tl/helm/gitea/templates/http-route.yaml b/clusters/cl01tl/helm/gitea/templates/http-route.yaml index 3453592aa..5868434ca 100644 --- a/clusters/cl01tl/helm/gitea/templates/http-route.yaml +++ b/clusters/cl01tl/helm/gitea/templates/http-route.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: gitea - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: parentRefs: - group: gateway.networking.k8s.io @@ -21,8 +20,6 @@ spec: type: PathPrefix value: / backendRefs: - - group: '' - kind: Service + - kind: Service name: gitea-http port: 3000 - weight: 100 diff --git a/clusters/cl01tl/helm/gitea/templates/ingress.yaml b/clusters/cl01tl/helm/gitea/templates/ingress.yaml index b348af72a..1b69b4c72 100644 --- a/clusters/cl01tl/helm/gitea/templates/ingress.yaml +++ b/clusters/cl01tl/helm/gitea/templates/ingress.yaml @@ -1,12 +1,11 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: gitea-tailscale + name: {{ .Release.Name }}-tailscale namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-tailscale - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ .Release.Name }}-tailscale + {{- include "custom.labels" . | nindent 4 }} tailscale.com/proxy-class: no-metrics annotations: tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true" @@ -21,7 +20,7 @@ spec: http: paths: - path: / - pathType: ImplementationSpecific + pathType: Prefix backend: service: name: gitea-http diff --git a/clusters/cl01tl/helm/gitea/templates/namespace.yaml b/clusters/cl01tl/helm/gitea/templates/namespace.yaml index 16080cc7f..bbbe36926 100644 --- a/clusters/cl01tl/helm/gitea/templates/namespace.yaml +++ b/clusters/cl01tl/helm/gitea/templates/namespace.yaml @@ -1,11 +1,10 @@ apiVersion: v1 kind: Namespace metadata: - name: gitea + name: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ .Release.Namespace }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/gitea/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/gitea/templates/persistent-volume-claim.yaml index 635119e18..4185d4e83 100644 --- a/clusters/cl01tl/helm/gitea/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/gitea/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: gitea-themes-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeMode: Filesystem storageClassName: ceph-filesystem diff --git a/clusters/cl01tl/helm/gitea/templates/service-monitor.yaml b/clusters/cl01tl/helm/gitea/templates/service-monitor.yaml index e8e46ebba..640da55ef 100644 --- a/clusters/cl01tl/helm/gitea/templates/service-monitor.yaml +++ b/clusters/cl01tl/helm/gitea/templates/service-monitor.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: gitea - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: selector: matchLabels: diff --git a/clusters/cl01tl/helm/gitea/templates/tcp-route.yaml b/clusters/cl01tl/helm/gitea/templates/tcp-route.yaml index 5624c7428..519d9681f 100644 --- a/clusters/cl01tl/helm/gitea/templates/tcp-route.yaml +++ b/clusters/cl01tl/helm/gitea/templates/tcp-route.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: gitea-ssh - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: parentRefs: - group: gateway.networking.k8s.io @@ -16,8 +15,6 @@ spec: sectionName: ssh rules: - backendRefs: - - group: '' - kind: Service + - kind: Service name: gitea-ssh port: 22 - weight: 100 diff --git a/clusters/cl01tl/helm/gitea/values.yaml b/clusters/cl01tl/helm/gitea/values.yaml index 0d279bb3b..600bc28c2 100644 --- a/clusters/cl01tl/helm/gitea/values.yaml +++ b/clusters/cl01tl/helm/gitea/values.yaml @@ -59,7 +59,7 @@ gitea: oauth: - name: Authentik provider: openidConnect - existingSecret: gitea-oidc-secret + existingSecret: gitea-oidc-authentik autoDiscoverUrl: https://auth.alexlebens.dev/application/o/gitea/.well-known/openid-configuration iconUrl: https://goauthentik.io/img/icon.png scopes: "email profile" @@ -137,7 +137,7 @@ gitea: - name: GITEA__INDEXER__ISSUE_INDEXER_CONN_STR valueFrom: secretKeyRef: - name: gitea-meilisearch-master-key-secret + name: gitea-meilisearch-key key: ISSUE_INDEXER_CONN_STR valkey-cluster: enabled: false @@ -235,7 +235,7 @@ meilisearch: MEILI_ENV: production MEILI_EXPERIMENTAL_DUMPLESS_UPGRADE: true auth: - existingMasterKeySecret: gitea-meilisearch-master-key-secret + existingMasterKeySecret: gitea-meilisearch-key persistence: enabled: true storageClass: ceph-block diff --git a/clusters/cl01tl/helm/grafana-operator/templates/_helpers.tpl b/clusters/cl01tl/helm/grafana-operator/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/grafana-operator/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/grafana-operator/templates/external-secret.yaml b/clusters/cl01tl/helm/grafana-operator/templates/external-secret.yaml index a5d05c0b9..e67786dab 100644 --- a/clusters/cl01tl/helm/grafana-operator/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/grafana-operator/templates/external-secret.yaml @@ -1,98 +1,44 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: grafana-auth-secret + name: grafana-config namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: grafana-auth-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: grafana-config + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: admin-user remoteRef: - key: /cl01tl/grafana/auth + key: /cl01tl/grafana/config property: admin-user - secretKey: admin-password remoteRef: - key: /cl01tl/grafana/auth + key: /cl01tl/grafana/config property: admin-password --- apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: grafana-oauth-secret + name: grafana-oidc-authentik namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: grafana-oauth-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: grafana-oidc-authentik + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: AUTH_CLIENT_ID remoteRef: - key: /authentik/oidc/grafana + key: /cl01tl/authentik/oidc/grafana property: client - secretKey: AUTH_CLIENT_SECRET remoteRef: - key: /authentik/oidc/grafana + key: /cl01tl/authentik/oidc/grafana property: secret - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: grafana-operator-postgresql-18-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: grafana-operator-postgresql-18-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - key: /digital-ocean/home-infra/postgres-backups - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - key: /digital-ocean/home-infra/postgres-backups - property: secret - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: grafana-operator-postgresql-18-cluster-backup-secret-garage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: grafana-operator-postgresql-18-cluster-backup-secret-garage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - key: /garage/home-infra/postgres-backups - property: ACCESS_KEY_ID - - secretKey: ACCESS_SECRET_KEY - remoteRef: - key: /garage/home-infra/postgres-backups - property: ACCESS_SECRET_KEY - - secretKey: ACCESS_REGION - remoteRef: - key: /garage/home-infra/postgres-backups - property: ACCESS_REGION diff --git a/clusters/cl01tl/helm/grafana-operator/templates/grafana-dashboard.yaml b/clusters/cl01tl/helm/grafana-operator/templates/grafana-dashboard.yaml index 7d5961b84..a89e1da98 100644 --- a/clusters/cl01tl/helm/grafana-operator/templates/grafana-dashboard.yaml +++ b/clusters/cl01tl/helm/grafana-operator/templates/grafana-dashboard.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-ceph - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -24,8 +23,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-coredns - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -43,8 +41,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-etcd - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -62,8 +59,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-garage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -81,8 +77,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-loki - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -100,8 +95,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-node-full - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -119,8 +113,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-node-short - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -138,8 +131,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-pods - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -157,8 +149,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-argocd - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -176,8 +167,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-blocky - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -195,8 +185,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-cert-manager - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -214,8 +203,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-cloudnative-pg - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -233,8 +221,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-descheduler - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -252,8 +239,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-external-dns - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -271,8 +257,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-external-secrets - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -290,8 +275,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-gatus - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -309,8 +293,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-operator - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -328,8 +311,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-harbor - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -347,8 +329,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-speedtest-exporter - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -366,8 +347,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-spegel - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -385,8 +365,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-traefik - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -404,8 +383,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-tdarr - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -423,8 +401,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-unpoller - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -442,8 +419,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-version-checker-internal - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -461,8 +437,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-version-checker - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -480,8 +455,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-volsync - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -499,8 +473,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-s3 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -518,8 +491,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-authentik - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -537,8 +509,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-gitea - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -556,8 +527,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-ntfy - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -575,8 +545,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-openbao - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -594,8 +563,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-qbittorrent - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -613,8 +581,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-vault - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -632,8 +599,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-unpackerr - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -651,8 +617,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-airgradient - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -670,8 +635,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-server-power-consumption - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -689,8 +653,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-immich - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -708,8 +671,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-jellyfin - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -727,8 +689,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-navidrome - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -746,8 +707,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-radarr - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -765,8 +725,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-servarr - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -784,8 +743,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-dashboard-sonarr - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: diff --git a/clusters/cl01tl/helm/grafana-operator/templates/grafana-datasource.yaml b/clusters/cl01tl/helm/grafana-operator/templates/grafana-datasource.yaml index a664206ee..bfabee80d 100644 --- a/clusters/cl01tl/helm/grafana-operator/templates/grafana-datasource.yaml +++ b/clusters/cl01tl/helm/grafana-operator/templates/grafana-datasource.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-datasource-prometheus - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: datasource: name: Prometheus @@ -33,8 +32,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-datasource-loki - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: datasource: name: Loki diff --git a/clusters/cl01tl/helm/grafana-operator/templates/grafana-folder.yaml b/clusters/cl01tl/helm/grafana-operator/templates/grafana-folder.yaml index ca49f4867..ccede7615 100644 --- a/clusters/cl01tl/helm/grafana-operator/templates/grafana-folder.yaml +++ b/clusters/cl01tl/helm/grafana-operator/templates/grafana-folder.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-folder-application - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -40,8 +39,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-folder-iot - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -75,8 +73,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-folder-platform - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -110,8 +107,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-folder-service - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: @@ -145,8 +141,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-folder-system - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: instanceSelector: matchLabels: diff --git a/clusters/cl01tl/helm/grafana-operator/templates/grafana.yaml b/clusters/cl01tl/helm/grafana-operator/templates/grafana.yaml index 147936eac..758393146 100644 --- a/clusters/cl01tl/helm/grafana-operator/templates/grafana.yaml +++ b/clusters/cl01tl/helm/grafana-operator/templates/grafana.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grafana-main - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} app: grafana-main spec: config: @@ -66,22 +65,22 @@ spec: - name: AUTH_CLIENT_ID valueFrom: secretKeyRef: - name: grafana-oauth-secret + name: grafana-oidc-authentik key: AUTH_CLIENT_ID - name: AUTH_CLIENT_SECRET valueFrom: secretKeyRef: - name: grafana-oauth-secret + name: grafana-oidc-authentik key: AUTH_CLIENT_SECRET - name: ADMIN_USER valueFrom: secretKeyRef: - name: grafana-auth-secret + name: grafana-config key: admin-user - name: ADMIN_PASSWORD valueFrom: secretKeyRef: - name: grafana-auth-secret + name: grafana-config key: admin-password - name: DB_HOST valueFrom: diff --git a/clusters/cl01tl/helm/grimmory/templates/_helpers.tpl b/clusters/cl01tl/helm/grimmory/templates/_helpers.tpl new file mode 100644 index 000000000..8a45e9226 --- /dev/null +++ b/clusters/cl01tl/helm/grimmory/templates/_helpers.tpl @@ -0,0 +1,24 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} + +{{/* +NFS names +*/}} +{{- define "custom.booksNfsName" -}} +grimmory-books-nfs-storage +{{- end -}} +{{- define "custom.booksImportNfsName" -}} +grimmory-books-import-nfs-storage +{{- end -}} diff --git a/clusters/cl01tl/helm/grimmory/templates/external-secret.yaml b/clusters/cl01tl/helm/grimmory/templates/external-secret.yaml index 801fba13d..85ab951c9 100644 --- a/clusters/cl01tl/helm/grimmory/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/grimmory/templates/external-secret.yaml @@ -1,42 +1,21 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: grimmory-database-secret + name: grimmory-database-config namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: grimmory-database-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: grimmory-database-config + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: password remoteRef: key: /cl01tl/grimmory/database property: password ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: grimmory-data-replication-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: grimmory-data-replication-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: psk.txt - remoteRef: - key: /cl01tl/grimmory/replication - property: psk.txt - --- apiVersion: external-secrets.io/v1 kind: ExternalSecret @@ -45,12 +24,11 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grimmory-mariadb-cluster-backup-secret-external - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: access remoteRef: @@ -69,18 +47,17 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: grimmory-mariadb-cluster-backup-secret-garage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: access remoteRef: key: /garage/home-infra/mariadb-backups - property: access + property: ACCESS_KEY_ID - secretKey: secret remoteRef: key: /garage/home-infra/mariadb-backups - property: secret + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/helm/grimmory/templates/namespace.yaml b/clusters/cl01tl/helm/grimmory/templates/namespace.yaml index 7fb67e59e..f349a6b0d 100644 --- a/clusters/cl01tl/helm/grimmory/templates/namespace.yaml +++ b/clusters/cl01tl/helm/grimmory/templates/namespace.yaml @@ -1,13 +1,7 @@ apiVersion: v1 kind: Namespace metadata: - name: grimmory - annotations: - volsync.backube/privileged-movers: "true" + name: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: grimmory - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} - pod-security.kubernetes.io/audit: privileged - pod-security.kubernetes.io/enforce: privileged - pod-security.kubernetes.io/warn: privileged + app.kubernetes.io/name: {{ .Release.Namespace }} + {{- include "custom.labels" . | nindent 4 }} diff --git a/clusters/cl01tl/helm/grimmory/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/grimmory/templates/persistent-volume-claim.yaml index 18a0b7bb0..509d988c2 100644 --- a/clusters/cl01tl/helm/grimmory/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/grimmory/templates/persistent-volume-claim.yaml @@ -1,14 +1,13 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: grimmory-books-nfs-storage + name: {{ include "custom.booksNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: grimmory-books-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.booksNfsName" . }} + {{- include "custom.labels" . | nindent 4 }} spec: - volumeName: grimmory-books-nfs-storage + volumeName: {{ include "custom.booksNfsName" . }} storageClassName: nfs-client accessModes: - ReadWriteMany @@ -20,14 +19,13 @@ spec: apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: grimmory-books-import-nfs-storage + name: {{ include "custom.booksImportNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: grimmory-books-import-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.booksImportNfsName" . }} + {{- include "custom.labels" . | nindent 4 }} spec: - volumeName: grimmory-books-import-nfs-storage + volumeName: {{ include "custom.booksImportNfsName" . }} storageClassName: nfs-client accessModes: - ReadWriteMany diff --git a/clusters/cl01tl/helm/grimmory/templates/persistent-volume.yaml b/clusters/cl01tl/helm/grimmory/templates/persistent-volume.yaml index 3ec10052a..5670895ca 100644 --- a/clusters/cl01tl/helm/grimmory/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/grimmory/templates/persistent-volume.yaml @@ -1,12 +1,11 @@ apiVersion: v1 kind: PersistentVolume metadata: - name: grimmory-books-nfs-storage + name: {{ include "custom.booksNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: grimmory-books-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.booksNfsName" . }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client @@ -26,12 +25,11 @@ spec: apiVersion: v1 kind: PersistentVolume metadata: - name: grimmory-books-import-nfs-storage + name: {{ include "custom.booksImportNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: grimmory-books-import-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.booksImportNfsName" . }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client @@ -40,7 +38,7 @@ spec: accessModes: - ReadWriteMany nfs: - path: /volume2/Storage/Books Import + path: '/volume2/Storage/Books Import' server: synologybond.alexlebens.net mountOptions: - vers=4 diff --git a/clusters/cl01tl/helm/grimmory/values.yaml b/clusters/cl01tl/helm/grimmory/values.yaml index d0ba29d65..8d09eb481 100644 --- a/clusters/cl01tl/helm/grimmory/values.yaml +++ b/clusters/cl01tl/helm/grimmory/values.yaml @@ -27,7 +27,7 @@ grimmory: - name: DATABASE_PASSWORD valueFrom: secretKeyRef: - name: grimmory-database-secret + name: grimmory-database-config key: password - name: GRIMMORY_PORT value: 6060 @@ -98,7 +98,7 @@ mariadb-cluster: mariadb: rootPasswordSecretKeyRef: generate: false - name: grimmory-database-secret + name: grimmory-database-config key: password storage: size: 5Gi diff --git a/clusters/cl01tl/helm/harbor/templates/_helpers.tpl b/clusters/cl01tl/helm/harbor/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/harbor/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/harbor/templates/external-secret.yaml b/clusters/cl01tl/helm/harbor/templates/external-secret.yaml index 929669edf..e2b394fe7 100644 --- a/clusters/cl01tl/helm/harbor/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/harbor/templates/external-secret.yaml @@ -5,12 +5,11 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: harbor-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: HARBOR_ADMIN_PASSWORD remoteRef: @@ -18,12 +17,12 @@ spec: property: admin-password - secretKey: secretKey remoteRef: - key: /cl01tl/harbor/config - property: secretKey + key: /cl01tl/harbor/key + property: secret-key - secretKey: CSRF_KEY remoteRef: - key: /cl01tl/harbor/core - property: CSRF_KEY + key: /cl01tl/harbor/key + property: csrf-key - secretKey: secret remoteRef: key: /cl01tl/harbor/core @@ -39,24 +38,20 @@ spec: - secretKey: JOBSERVICE_SECRET remoteRef: key: /cl01tl/harbor/jobservice - property: JOBSERVICE_SECRET + property: secret - secretKey: REGISTRY_HTTP_SECRET remoteRef: key: /cl01tl/harbor/registry - property: REGISTRY_HTTP_SECRET - - secretKey: REGISTRY_REDIS_PASSWORD - remoteRef: - key: /cl01tl/harbor/registry - property: REGISTRY_REDIS_PASSWORD + property: http-secret - secretKey: REGISTRY_HTPASSWD remoteRef: key: /cl01tl/harbor/registry - property: REGISTRY_HTPASSWD + property: ht-passwd - secretKey: REGISTRY_CREDENTIAL_PASSWORD remoteRef: key: /cl01tl/harbor/registry - property: REGISTRY_CREDENTIAL_PASSWORD + property: credential-password - secretKey: REGISTRY_PASSWD remoteRef: key: /cl01tl/harbor/registry - property: REGISTRY_CREDENTIAL_PASSWORD + property: credential-password diff --git a/clusters/cl01tl/helm/harbor/values.yaml b/clusters/cl01tl/helm/harbor/values.yaml index 210985f6d..3179f922a 100644 --- a/clusters/cl01tl/helm/harbor/values.yaml +++ b/clusters/cl01tl/helm/harbor/values.yaml @@ -5,10 +5,10 @@ harbor: enabled: false route: parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik + group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik hosts: - harbor.alexlebens.net externalURL: https://harbor.alexlebens.net diff --git a/clusters/cl01tl/helm/headlamp/templates/_helpers.tpl b/clusters/cl01tl/helm/headlamp/templates/_helpers.tpl new file mode 100644 index 000000000..e8302c13f --- /dev/null +++ b/clusters/cl01tl/helm/headlamp/templates/_helpers.tpl @@ -0,0 +1,21 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} + +{{/* +ServiceAccount name +*/}} +{{- define "custom.serviceAccountName" -}} +headlamp-admin +{{- end -}} diff --git a/clusters/cl01tl/helm/headlamp/templates/cluster-role-binding.yaml b/clusters/cl01tl/helm/headlamp/templates/cluster-role-binding.yaml index dd86c1d66..2719a405e 100644 --- a/clusters/cl01tl/helm/headlamp/templates/cluster-role-binding.yaml +++ b/clusters/cl01tl/helm/headlamp/templates/cluster-role-binding.yaml @@ -5,16 +5,15 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: cluster-admin-oidc - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} roleRef: + apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin - apiGroup: rbac.authorization.k8s.io subjects: - - kind: User + - apiGroup: rbac.authorization.k8s.io + kind: User name: https://authentik.alexlebens.net/application/o/headlamp/#alexanderlebens@gmail.com - apiGroup: rbac.authorization.k8s.io - kind: ServiceAccount - name: headlamp-admin - namespace: headlamp + name: {{ include "custom.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/helm/headlamp/templates/external-secret.yaml b/clusters/cl01tl/helm/headlamp/templates/external-secret.yaml index a9454d455..3c3918119 100644 --- a/clusters/cl01tl/helm/headlamp/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/headlamp/templates/external-secret.yaml @@ -1,38 +1,37 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: headlamp-oidc-secret + name: headlamp-oidc-authentik namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: headlamp-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: headlamp-oidc-authentik + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: OIDC_CLIENT_ID remoteRef: - key: /authentik/oidc/headlamp + key: /cl01tl/authentik/oidc/headlamp property: client - secretKey: OIDC_CLIENT_SECRET remoteRef: - key: /authentik/oidc/headlamp + key: /cl01tl/authentik/oidc/headlamp property: secret - secretKey: OIDC_ISSUER_URL remoteRef: - key: /authentik/oidc/headlamp + key: /cl01tl/authentik/oidc/headlamp property: issuer - secretKey: OIDC_SCOPES remoteRef: - key: /authentik/oidc/headlamp + key: /cl01tl/authentik/oidc/headlamp property: scopes - secretKey: HEADLAMP_CONFIG_OIDC_VALIDATOR_IDP_ISSUER_URL remoteRef: - key: /authentik/oidc/headlamp - property: validator-issuer-url + key: /cl01tl/authentik/oidc/headlamp + property: issuer - secretKey: HEADLAMP_CONFIG_OIDC_VALIDATOR_CLIENT_ID remoteRef: - key: /authentik/oidc/headlamp - property: validator-client-id + key: /cl01tl/authentik/oidc/headlamp + property: client diff --git a/clusters/cl01tl/helm/headlamp/templates/service-account.yaml b/clusters/cl01tl/helm/headlamp/templates/service-account.yaml index e31ff0631..5db759b3e 100644 --- a/clusters/cl01tl/helm/headlamp/templates/service-account.yaml +++ b/clusters/cl01tl/helm/headlamp/templates/service-account.yaml @@ -1,9 +1,8 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: headlamp-admin + name: {{ include "custom.serviceAccountName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: headlamp-admin - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.serviceAccountName" . }} + {{- include "custom.labels" . | nindent 4 }} diff --git a/clusters/cl01tl/helm/headlamp/values.yaml b/clusters/cl01tl/helm/headlamp/values.yaml index 88ed132fc..80794818d 100644 --- a/clusters/cl01tl/helm/headlamp/values.yaml +++ b/clusters/cl01tl/helm/headlamp/values.yaml @@ -10,7 +10,7 @@ headlamp: create: false externalSecret: enabled: true - name: headlamp-oidc-secret + name: headlamp-oidc-authentik watchPlugins: true httpRoute: enabled: true @@ -27,11 +27,9 @@ headlamp: type: PathPrefix value: / backendRefs: - - group: '' - kind: Service + - kind: Service name: headlamp port: 80 - weight: 100 resources: requests: cpu: 1m diff --git a/clusters/cl01tl/helm/home-assistant/templates/_helpers.tpl b/clusters/cl01tl/helm/home-assistant/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/home-assistant/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/home-assistant/templates/external-secret.yaml b/clusters/cl01tl/helm/home-assistant/templates/external-secret.yaml index 6d3825e20..8b6243160 100644 --- a/clusters/cl01tl/helm/home-assistant/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/home-assistant/templates/external-secret.yaml @@ -1,42 +1,40 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: home-assistant-code-server-password-secret + name: home-assistant-code-server-password namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: home-assistant-code-server-password-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: home-assistant-code-server-password + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: PASSWORD remoteRef: - key: /cl01tl/home-assistant/code-server/auth - property: PASSWORD + key: /cl01tl/home-assistant/code-server + property: password - secretKey: SUDO_PASSWORD remoteRef: - key: /cl01tl/home-assistant/code-server/auth - property: SUDO_PASSWORD + key: /cl01tl/home-assistant/code-server + property: sudo-password --- apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: home-assistant-token-secret + name: home-assistant-metric-token namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: home-assistant-token-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: home-assistant-metric-token + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: bearer-token remoteRef: - key: /cl01tl/home-assistant/auth + key: /cl01tl/home-assistant/config property: bearer-token diff --git a/clusters/cl01tl/helm/home-assistant/values.yaml b/clusters/cl01tl/helm/home-assistant/values.yaml index d000da6d1..b4899b1e2 100644 --- a/clusters/cl01tl/helm/home-assistant/values.yaml +++ b/clusters/cl01tl/helm/home-assistant/values.yaml @@ -35,7 +35,7 @@ home-assistant: value: /config envFrom: - secretRef: - name: home-assistant-code-server-password-secret + name: home-assistant-code-server-password service: main: controller: main @@ -63,7 +63,7 @@ home-assistant: scrapeTimeout: 1m path: /api/prometheus bearerTokenSecret: - name: home-assistant-token-secret + name: home-assistant-metric-token key: bearer-token route: main: diff --git a/clusters/cl01tl/helm/homepage/templates/_helpers.tpl b/clusters/cl01tl/helm/homepage/templates/_helpers.tpl new file mode 100644 index 000000000..521c9c078 --- /dev/null +++ b/clusters/cl01tl/helm/homepage/templates/_helpers.tpl @@ -0,0 +1,21 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} + +{{/* +CluserRole Name +*/}} +{{- define "custom.clusterRoleName" -}} +homepage +{{- end -}} diff --git a/clusters/cl01tl/helm/homepage/templates/cluster-role-binding.yaml b/clusters/cl01tl/helm/homepage/templates/cluster-role-binding.yaml index 224a93bd2..2763d0373 100644 --- a/clusters/cl01tl/helm/homepage/templates/cluster-role-binding.yaml +++ b/clusters/cl01tl/helm/homepage/templates/cluster-role-binding.yaml @@ -1,16 +1,15 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: homepage + name: {{ include "custom.clusterRoleName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: homepage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.clusterRoleName" . }} + {{- include "custom.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: homepage + name: {{ include "custom.clusterRoleName" . }} subjects: - kind: ServiceAccount name: homepage diff --git a/clusters/cl01tl/helm/homepage/templates/cluster-role.yaml b/clusters/cl01tl/helm/homepage/templates/cluster-role.yaml index 3b8b2d256..9b1603745 100644 --- a/clusters/cl01tl/helm/homepage/templates/cluster-role.yaml +++ b/clusters/cl01tl/helm/homepage/templates/cluster-role.yaml @@ -1,12 +1,11 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: homepage + name: {{ include "custom.clusterRoleName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: homepage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.clusterRoleName" . }} + {{- include "custom.labels" . | nindent 4 }} rules: - apiGroups: - "" diff --git a/clusters/cl01tl/helm/homepage/templates/external-secret.yaml b/clusters/cl01tl/helm/homepage/templates/external-secret.yaml index 2b578fefc..f1904cb52 100644 --- a/clusters/cl01tl/helm/homepage/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/homepage/templates/external-secret.yaml @@ -1,20 +1,19 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: homepage-keys-secret + name: homepage-secrets namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: homepage-keys-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: homepage-secrets + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: HOMEPAGE_VAR_GITEA_API_TOKEN remoteRef: - key: /cl01tl/gitea/auth/homepage + key: /cl01tl/gitea/users/bot property: token - secretKey: HOMEPAGE_VAR_ARGOCD_API_TOKEN remoteRef: @@ -34,47 +33,47 @@ spec: property: key - secretKey: HOMEPAGE_VAR_SYNOLOGY_USER remoteRef: - key: /synology/auth/cl01tl + key: /synology/users/remote_stats property: user - secretKey: HOMEPAGE_VAR_SYNOLOGY_PASSWORD remoteRef: - key: /synology/auth/cl01tl + key: /synology/users/remote_stats property: password - secretKey: HOMEPAGE_VAR_UNIFI_API_KEY remoteRef: - key: /unifi/auth/cl01tl + key: /unifi/users/cl01tl property: api-key - secretKey: HOMEPAGE_VAR_SONARR_KEY remoteRef: - key: /cl01tl/sonarr4/key + key: /cl01tl/sonarr/key property: key - secretKey: HOMEPAGE_VAR_SONARR4K_KEY remoteRef: - key: /cl01tl/sonarr4-4k/key + key: /cl01tl/sonarr-4k/key property: key - secretKey: HOMEPAGE_VAR_SONARRANIME_KEY remoteRef: - key: /cl01tl/sonarr4-anime/key + key: /cl01tl/sonarr-anime/key property: key - secretKey: HOMEPAGE_VAR_RADARR_KEY remoteRef: - key: /cl01tl/radarr5/key + key: /cl01tl/radarr/key property: key - secretKey: HOMEPAGE_VAR_RADARR4K_KEY remoteRef: - key: /cl01tl/radarr5-4k/key + key: /cl01tl/radarr-4k/key property: key - secretKey: HOMEPAGE_VAR_RADARRANIME_KEY remoteRef: - key: /cl01tl/radarr5-anime/key + key: /cl01tl/radarr-anime/key property: key - secretKey: HOMEPAGE_VAR_RADARRSTANDUP_KEY remoteRef: - key: /cl01tl/radarr5-standup/key + key: /cl01tl/radarr-standup/key property: key - secretKey: HOMEPAGE_VAR_LIDARR_KEY remoteRef: - key: /cl01tl/lidarr2/key + key: /cl01tl/lidarr/key property: key - secretKey: HOMEPAGE_VAR_PROWLARR_KEY remoteRef: diff --git a/clusters/cl01tl/helm/homepage/values.yaml b/clusters/cl01tl/helm/homepage/values.yaml index 7389ad7e3..3a0d20b4b 100644 --- a/clusters/cl01tl/helm/homepage/values.yaml +++ b/clusters/cl01tl/helm/homepage/values.yaml @@ -22,7 +22,7 @@ homepage: value: home.alexlebens.net envFrom: - secretRef: - name: homepage-keys-secret + name: homepage-secrets resources: requests: cpu: 1m diff --git a/clusters/cl01tl/helm/houndarr/templates/_helpers.tpl b/clusters/cl01tl/helm/houndarr/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/houndarr/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/immich/templates/_helpers.tpl b/clusters/cl01tl/helm/immich/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/immich/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/immich/templates/external-secrets.yaml b/clusters/cl01tl/helm/immich/templates/external-secrets.yaml deleted file mode 100644 index c105cfa53..000000000 --- a/clusters/cl01tl/helm/immich/templates/external-secrets.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: immich-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: immich.json - remoteRef: - key: /cl01tl/immich/config - property: immich.json diff --git a/clusters/cl01tl/helm/immich/templates/secret-provider-class.yaml b/clusters/cl01tl/helm/immich/templates/secret-provider-class.yaml new file mode 100644 index 000000000..b2398a888 --- /dev/null +++ b/clusters/cl01tl/helm/immich/templates/secret-provider-class.yaml @@ -0,0 +1,18 @@ +apiVersion: secrets-store.csi.x-k8s.io/v1 +kind: SecretProviderClass +metadata: + name: immich-config + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: immich-config + {{- include "custom.labels" . | nindent 4 }} +spec: + provider: openbao + parameters: + baoAddress: "http://openbao-internal.openbao:8200" + roleName: immich + objects: | + - objectName: immich.json + fileName: immich.json + secretPath: secret/data/cl01tl/immich/config + secretKey: immich.json diff --git a/clusters/cl01tl/helm/immich/values.yaml b/clusters/cl01tl/helm/immich/values.yaml index d7b85f3b2..196121d44 100644 --- a/clusters/cl01tl/helm/immich/values.yaml +++ b/clusters/cl01tl/helm/immich/values.yaml @@ -4,6 +4,8 @@ immich: type: deployment replicas: 1 strategy: Recreate + serviceAccount: + name: immich containers: main: image: @@ -86,6 +88,10 @@ immich: gpu.intel.com/i915: 1 cpu: 10m memory: 500Mi + serviceAccount: + immich: + enabled: true + staticToken: true service: main: controller: main @@ -135,9 +141,13 @@ immich: value: / persistence: config: - enabled: true - type: secret - name: immich-config-secret + type: custom + volumeSpec: + csi: + driver: secrets-store.csi.k8s.io + readOnly: true + volumeAttributes: + secretProviderClass: immich-config advancedMounts: main: main: diff --git a/clusters/cl01tl/helm/intel-device-plugin/templates/_helpers.tpl b/clusters/cl01tl/helm/intel-device-plugin/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/intel-device-plugin/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/intel-device-plugin/templates/namespace.yaml b/clusters/cl01tl/helm/intel-device-plugin/templates/namespace.yaml index 861af10d0..bbbe36926 100644 --- a/clusters/cl01tl/helm/intel-device-plugin/templates/namespace.yaml +++ b/clusters/cl01tl/helm/intel-device-plugin/templates/namespace.yaml @@ -1,11 +1,10 @@ apiVersion: v1 kind: Namespace metadata: - name: intel-device-plugin + name: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: intel-device-plugin - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ .Release.Namespace }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/jellyfin/templates/_helpers.tpl b/clusters/cl01tl/helm/jellyfin/templates/_helpers.tpl new file mode 100644 index 000000000..d041f6628 --- /dev/null +++ b/clusters/cl01tl/helm/jellyfin/templates/_helpers.tpl @@ -0,0 +1,24 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} + +{{/* +NFS names +*/}} +{{- define "custom.storageNfsName" -}} +jellyfin-nfs-storage +{{- end -}} +{{- define "custom.storageYoutubeNfsName" -}} +jellyfin-youtube-nfs-storage +{{- end -}} diff --git a/clusters/cl01tl/helm/jellyfin/templates/external-secret.yaml b/clusters/cl01tl/helm/jellyfin/templates/external-secret.yaml index 0cd27057a..a4bc0ebab 100644 --- a/clusters/cl01tl/helm/jellyfin/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/jellyfin/templates/external-secret.yaml @@ -1,38 +1,36 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: jellyfin-exporter-secret + name: jellyfin-metric-token namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: jellyfin-exporter-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: jellyfin-metric-token + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: token remoteRef: - key: /cl01tl/jellyfin/exporter + key: /cl01tl/jellyfin/metrics property: token --- apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: jellyfin-meilisearch-master-key-secret + name: jellyfin-meilisearch-key namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: jellyfin-meilisearch-master-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: jellyfin-meilisearch-key + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: MEILI_MASTER_KEY remoteRef: key: /cl01tl/jellyfin/meilisearch - property: MEILI_MASTER_KEY + property: master-key diff --git a/clusters/cl01tl/helm/jellyfin/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/jellyfin/templates/persistent-volume-claim.yaml index fdb6a5ce7..0602e3445 100644 --- a/clusters/cl01tl/helm/jellyfin/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/jellyfin/templates/persistent-volume-claim.yaml @@ -1,14 +1,13 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: jellyfin-nfs-storage + name: {{ include "custom.storageNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: jellyfin-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.storageNfsName" . }} + {{- include "custom.labels" . | nindent 4 }} spec: - volumeName: jellyfin-nfs-storage + volumeName: {{ include "custom.storageNfsName" . }} storageClassName: nfs-client accessModes: - ReadWriteMany @@ -20,14 +19,13 @@ spec: apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: jellyfin-youtube-nfs-storage + name: {{ include "custom.storageYoutubeNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: jellyfin-youtube-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.storageYoutubeNfsName" . }} + {{- include "custom.labels" . | nindent 4 }} spec: - volumeName: jellyfin-youtube-nfs-storage + volumeName: {{ include "custom.storageYoutubeNfsName" . }} storageClassName: nfs-client accessModes: - ReadOnlyMany diff --git a/clusters/cl01tl/helm/jellyfin/templates/persistent-volume.yaml b/clusters/cl01tl/helm/jellyfin/templates/persistent-volume.yaml index af39701d4..7597252ac 100644 --- a/clusters/cl01tl/helm/jellyfin/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/jellyfin/templates/persistent-volume.yaml @@ -1,12 +1,11 @@ apiVersion: v1 kind: PersistentVolume metadata: - name: jellyfin-nfs-storage + name: {{ include "custom.storageNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: jellyfin-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.storageNfsName" . }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client @@ -26,12 +25,11 @@ spec: apiVersion: v1 kind: PersistentVolume metadata: - name: jellyfin-youtube-nfs-storage + name: {{ include "custom.storageYoutubeNfsName" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: jellyfin-youtube-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "custom.storageYoutubeNfsName" . }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/jellyfin/values.yaml b/clusters/cl01tl/helm/jellyfin/values.yaml index 4112963d7..06eab78d2 100644 --- a/clusters/cl01tl/helm/jellyfin/values.yaml +++ b/clusters/cl01tl/helm/jellyfin/values.yaml @@ -48,7 +48,7 @@ jellyfin: - name: TOKEN valueFrom: secretKeyRef: - name: jellyfin-exporter-secret + name: jellyfin-metric-token key: token service: main: @@ -133,7 +133,7 @@ meilisearch: MEILI_ENV: production MEILI_EXPERIMENTAL_DUMPLESS_UPGRADE: true auth: - existingMasterKeySecret: jellyfin-meilisearch-master-key-secret + existingMasterKeySecret: jellyfin-meilisearch-key persistence: enabled: true storageClass: ceph-block diff --git a/clusters/cl01tl/helm/jellystat/templates/_helpers.tpl b/clusters/cl01tl/helm/jellystat/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/jellystat/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/jellystat/templates/external-secret.yaml b/clusters/cl01tl/helm/jellystat/templates/external-secret.yaml index ee87cd82d..276ff1e8d 100644 --- a/clusters/cl01tl/helm/jellystat/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/jellystat/templates/external-secret.yaml @@ -1,26 +1,25 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: jellystat-secret + name: jellystat-config namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: jellystat-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + app.kubernetes.io/name: jellystat-config + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: secret-key remoteRef: - key: /cl01tl/jellystat/auth + key: /cl01tl/jellystat/key property: secret-key - secretKey: user remoteRef: - key: /cl01tl/jellystat/auth + key: /cl01tl/jellystat/config property: user - secretKey: password remoteRef: - key: /cl01tl/jellystat/auth + key: /cl01tl/jellystat/cconfig property: password diff --git a/clusters/cl01tl/helm/jellystat/values.yaml b/clusters/cl01tl/helm/jellystat/values.yaml index 51752f5c4..f21ad8c2a 100644 --- a/clusters/cl01tl/helm/jellystat/values.yaml +++ b/clusters/cl01tl/helm/jellystat/values.yaml @@ -15,17 +15,17 @@ jellystat: - name: JWT_SECRET valueFrom: secretKeyRef: - name: jellystat-secret + name: jellystat-config key: secret-key - name: JS_USER valueFrom: secretKeyRef: - name: jellystat-secret + name: jellystat-config key: user - name: JS_PASSWORD valueFrom: secretKeyRef: - name: jellystat-secret + name: jellystat-config key: password - name: POSTGRES_USER valueFrom: diff --git a/clusters/cl01tl/helm/karakeep/templates/_helpers.tpl b/clusters/cl01tl/helm/karakeep/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/karakeep/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/karakeep/templates/external-secret.yaml b/clusters/cl01tl/helm/karakeep/templates/external-secret.yaml index 055cc9477..a809456c8 100644 --- a/clusters/cl01tl/helm/karakeep/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/karakeep/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: karakeep-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -29,8 +28,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: karakeep-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -53,8 +51,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: karakeep-bucket-garage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -81,8 +78,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: karakeep-meilisearch-master-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/kiwix/templates/_helpers.tpl b/clusters/cl01tl/helm/kiwix/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/kiwix/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/kiwix/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/kiwix/templates/persistent-volume-claim.yaml index 1423bcd69..9345de883 100644 --- a/clusters/cl01tl/helm/kiwix/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/kiwix/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: kiwix-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: kiwix-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/kiwix/templates/persistent-volume.yaml b/clusters/cl01tl/helm/kiwix/templates/persistent-volume.yaml index 5185019e7..9e50301a4 100644 --- a/clusters/cl01tl/helm/kiwix/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/kiwix/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: kiwix-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/komodo/templates/_helpers.tpl b/clusters/cl01tl/helm/komodo/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/komodo/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/komodo/templates/external-secret.yaml b/clusters/cl01tl/helm/komodo/templates/external-secret.yaml index f9e7c9103..32572bab6 100644 --- a/clusters/cl01tl/helm/komodo/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/komodo/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: komodo-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -41,8 +40,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: komodo-postgresql-17-fdb-cluster-ferret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/kube-prometheus-stack/templates/_helpers.tpl b/clusters/cl01tl/helm/kube-prometheus-stack/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/kube-prometheus-stack/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/kube-prometheus-stack/templates/external-secret.yaml b/clusters/cl01tl/helm/kube-prometheus-stack/templates/external-secret.yaml index f434f9f11..f5fe5f7ec 100644 --- a/clusters/cl01tl/helm/kube-prometheus-stack/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/kube-prometheus-stack/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: alertmanager-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -25,8 +24,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: garage-metric-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -45,8 +43,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: ntfy-alertmanager-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/kube-prometheus-stack/templates/namespace.yaml b/clusters/cl01tl/helm/kube-prometheus-stack/templates/namespace.yaml index 992072a1e..d11082f59 100644 --- a/clusters/cl01tl/helm/kube-prometheus-stack/templates/namespace.yaml +++ b/clusters/cl01tl/helm/kube-prometheus-stack/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: kube-prometheus-stack labels: app.kubernetes.io/name: kube-prometheus-stack - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/kube-prometheus-stack/templates/scrape-config.yaml b/clusters/cl01tl/helm/kube-prometheus-stack/templates/scrape-config.yaml index 72e295dc1..61b597302 100644 --- a/clusters/cl01tl/helm/kube-prometheus-stack/templates/scrape-config.yaml +++ b/clusters/cl01tl/helm/kube-prometheus-stack/templates/scrape-config.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: external-nodes-http - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: staticConfigs: - labels: @@ -25,8 +24,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: external-nodes-https - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: staticConfigs: - labels: @@ -44,8 +42,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: airgradient-http - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: staticConfigs: - labels: @@ -63,8 +60,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: garage-https - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: staticConfigs: - labels: diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/_helpers.tpl b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role-binding.yaml b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role-binding.yaml index f2c354a5b..74c65abd8 100644 --- a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role-binding.yaml +++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role-binding.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: kubelet-serving-cert-approver - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role.yaml b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role.yaml index 06ee749b7..8830b6c6b 100644 --- a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role.yaml +++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: "certificates-{{ .Release.Name }}" - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} rules: - apiGroups: - certificates.k8s.io @@ -45,8 +44,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: "events-{{ .Release.Name }}" - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} rules: - apiGroups: - "" diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/namespace.yaml b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/namespace.yaml index 0ccd84973..2d4653698 100644 --- a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/namespace.yaml +++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: kubelet-serving-cert-approver labels: app.kubernetes.io/name: kubelet-serving-cert-approver - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: restricted pod-security.kubernetes.io/enforce: restricted pod-security.kubernetes.io/warn: restricted diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/role-binding.yaml b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/role-binding.yaml index cc40acbe8..afdc6c55b 100644 --- a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/role-binding.yaml +++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/role-binding.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: "events-{{ .Release.Name }}" - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/_helpers.tpl b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/external-secret.yaml b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/external-secret.yaml index 61ba281df..593ce0c81 100644 --- a/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/kubernetes-cloudflare-ddns/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: kubernetes-cloudflare-ddns-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/languagetool/templates/_helpers.tpl b/clusters/cl01tl/helm/languagetool/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/languagetool/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/libation/templates/_helpers.tpl b/clusters/cl01tl/helm/libation/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/libation/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/libation/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/libation/templates/persistent-volume-claim.yaml index 067785451..21a9df98f 100644 --- a/clusters/cl01tl/helm/libation/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/libation/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: libation-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: libation-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/libation/templates/persistent-volume.yaml b/clusters/cl01tl/helm/libation/templates/persistent-volume.yaml index 123b69068..495de2253 100644 --- a/clusters/cl01tl/helm/libation/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/libation/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: libation-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/lidarr/templates/_helpers.tpl b/clusters/cl01tl/helm/lidarr/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/lidarr/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/lidarr/templates/middleware.yaml b/clusters/cl01tl/helm/lidarr/templates/middleware.yaml index 341764b57..701f30f52 100644 --- a/clusters/cl01tl/helm/lidarr/templates/middleware.yaml +++ b/clusters/cl01tl/helm/lidarr/templates/middleware.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: oidc-forward-auth - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: forwardAuth: address: http://ak-outpost-traefik-proxy-auth.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik diff --git a/clusters/cl01tl/helm/lidarr/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/lidarr/templates/persistent-volume-claim.yaml index c1d21f84e..1c0617c89 100644 --- a/clusters/cl01tl/helm/lidarr/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/lidarr/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: lidarr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: lidarr-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/lidarr/templates/persistent-volume.yaml b/clusters/cl01tl/helm/lidarr/templates/persistent-volume.yaml index 181d788f2..d1fe2a868 100644 --- a/clusters/cl01tl/helm/lidarr/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/lidarr/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: lidarr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/lidarr/templates/prometheus-rule.yaml b/clusters/cl01tl/helm/lidarr/templates/prometheus-rule.yaml index 80b14f110..524acc8be 100644 --- a/clusters/cl01tl/helm/lidarr/templates/prometheus-rule.yaml +++ b/clusters/cl01tl/helm/lidarr/templates/prometheus-rule.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: lidarr - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: groups: - name: lidarr diff --git a/clusters/cl01tl/helm/local-path-provisioner/templates/_helpers.tpl b/clusters/cl01tl/helm/local-path-provisioner/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/local-path-provisioner/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/local-path-provisioner/templates/namespace.yaml b/clusters/cl01tl/helm/local-path-provisioner/templates/namespace.yaml index cd4e163d4..6587103c2 100644 --- a/clusters/cl01tl/helm/local-path-provisioner/templates/namespace.yaml +++ b/clusters/cl01tl/helm/local-path-provisioner/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: local-path-provisioner labels: app.kubernetes.io/name: local-path-provisioner - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/loki/templates/_helpers.tpl b/clusters/cl01tl/helm/loki/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/loki/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/loki/templates/namespace.yaml b/clusters/cl01tl/helm/loki/templates/namespace.yaml index d2683e954..793925bd9 100644 --- a/clusters/cl01tl/helm/loki/templates/namespace.yaml +++ b/clusters/cl01tl/helm/loki/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: loki labels: app.kubernetes.io/name: loki - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/mariadb-operator/templates/_helpers.tpl b/clusters/cl01tl/helm/mariadb-operator/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/mariadb-operator/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/matrix-synapse/templates/_helpers.tpl b/clusters/cl01tl/helm/matrix-synapse/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/matrix-synapse/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/matrix-synapse/templates/external-secret.yaml b/clusters/cl01tl/helm/matrix-synapse/templates/external-secret.yaml index dea8bfe15..02b79d5ea 100644 --- a/clusters/cl01tl/helm/matrix-synapse/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/matrix-synapse/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: matrix-synapse-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -29,8 +28,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: matrix-synapse-signingkey - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -49,8 +47,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: matrix-hookshot-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -104,8 +101,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: mautrix-whatsapp-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -128,8 +124,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: double-puppet-registration-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -148,8 +143,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: matrix-synapse-valkey-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/matrix-synapse/templates/service-monitor.yaml b/clusters/cl01tl/helm/matrix-synapse/templates/service-monitor.yaml index 15e02702a..659977d47 100644 --- a/clusters/cl01tl/helm/matrix-synapse/templates/service-monitor.yaml +++ b/clusters/cl01tl/helm/matrix-synapse/templates/service-monitor.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: matrix-synapse - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: selector: matchLabels: diff --git a/clusters/cl01tl/helm/medialyze/templates/_helpers.tpl b/clusters/cl01tl/helm/medialyze/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/medialyze/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/medialyze/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/medialyze/templates/persistent-volume-claim.yaml index 5b4c52337..ed0420367 100644 --- a/clusters/cl01tl/helm/medialyze/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/medialyze/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: medialyze-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: medialyze-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/medialyze/templates/persistent-volume.yaml b/clusters/cl01tl/helm/medialyze/templates/persistent-volume.yaml index b783dd104..9e1fee702 100644 --- a/clusters/cl01tl/helm/medialyze/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/medialyze/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: medialyze-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/metrics-server/templates/_helpers.tpl b/clusters/cl01tl/helm/metrics-server/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/metrics-server/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/music-grabber/templates/_helpers.tpl b/clusters/cl01tl/helm/music-grabber/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/music-grabber/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/music-grabber/templates/external-secret.yaml b/clusters/cl01tl/helm/music-grabber/templates/external-secret.yaml index 7eafe9fb4..9b8bc4164 100644 --- a/clusters/cl01tl/helm/music-grabber/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/music-grabber/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: music-grabber-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -37,8 +36,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: music-grabber-wireguard-conf - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/music-grabber/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/music-grabber/templates/persistent-volume-claim.yaml index 8b8ba67db..7d763994c 100644 --- a/clusters/cl01tl/helm/music-grabber/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/music-grabber/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: music-grabber-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: music-grabber-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/music-grabber/templates/persistent-volume.yaml b/clusters/cl01tl/helm/music-grabber/templates/persistent-volume.yaml index a9696a3d0..e07df3efe 100644 --- a/clusters/cl01tl/helm/music-grabber/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/music-grabber/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: music-grabber-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/navidrome/templates/_helpers.tpl b/clusters/cl01tl/helm/navidrome/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/navidrome/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/navidrome/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/navidrome/templates/persistent-volume-claim.yaml index 6b5e6a8ca..b5df7437a 100644 --- a/clusters/cl01tl/helm/navidrome/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/navidrome/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: navidrome-music-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: navidrome-music-nfs-storage storageClassName: nfs-client @@ -24,8 +23,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: navidrome-music-youtube-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: navidrome-music-youtube-nfs-storage storageClassName: nfs-client @@ -43,8 +41,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: navidrome-music-grabber-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: navidrome-music-grabber-nfs-storage storageClassName: nfs-client @@ -62,8 +59,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: navidrome-music-single-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: navidrome-music-single-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/navidrome/templates/persistent-volume.yaml b/clusters/cl01tl/helm/navidrome/templates/persistent-volume.yaml index e24247012..731881097 100644 --- a/clusters/cl01tl/helm/navidrome/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/navidrome/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: navidrome-music-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client @@ -30,8 +29,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: navidrome-music-youtube-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client @@ -55,8 +53,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: navidrome-music-grabber-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client @@ -80,8 +77,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: navidrome-music-single-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/node-feature-discovery/templates/_helpers.tpl b/clusters/cl01tl/helm/node-feature-discovery/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/node-feature-discovery/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/node-feature-discovery/templates/namespace.yaml b/clusters/cl01tl/helm/node-feature-discovery/templates/namespace.yaml index a8b00379e..aeb455db5 100644 --- a/clusters/cl01tl/helm/node-feature-discovery/templates/namespace.yaml +++ b/clusters/cl01tl/helm/node-feature-discovery/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: node-feature-discovery labels: app.kubernetes.io/name: node-feature-discovery - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/ntfy/templates/_helpers.tpl b/clusters/cl01tl/helm/ntfy/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/ntfy/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/ntfy/templates/external-secret.yaml b/clusters/cl01tl/helm/ntfy/templates/external-secret.yaml index b043dd4eb..7de6f187d 100644 --- a/clusters/cl01tl/helm/ntfy/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/ntfy/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: ntfy-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/ollama/templates/_helpers.tpl b/clusters/cl01tl/helm/ollama/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/ollama/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/ollama/templates/external-secret.yaml b/clusters/cl01tl/helm/ollama/templates/external-secret.yaml index 2f6cd8d43..be7ebdedf 100644 --- a/clusters/cl01tl/helm/ollama/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/ollama/templates/external-secret.yaml @@ -6,8 +6,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: ollama-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -26,8 +25,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: ollama-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/omni-tools/templates/_helpers.tpl b/clusters/cl01tl/helm/omni-tools/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/omni-tools/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/openbao/templates/_helpers.tpl b/clusters/cl01tl/helm/openbao/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/openbao/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/openbao/templates/external-secret.yaml b/clusters/cl01tl/helm/openbao/templates/external-secret.yaml index e0a72e2bd..61ab2546d 100644 --- a/clusters/cl01tl/helm/openbao/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/openbao/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: openbao-snapshot-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -37,8 +36,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: openbao-unseal-config-1 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -69,8 +67,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: openbao-unseal-config-2 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -101,8 +98,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: openbao-unseal-config-3 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/openbao/templates/ingress.yaml b/clusters/cl01tl/helm/openbao/templates/ingress.yaml index d23c33b46..972fac71a 100644 --- a/clusters/cl01tl/helm/openbao/templates/ingress.yaml +++ b/clusters/cl01tl/helm/openbao/templates/ingress.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: openbao-tailscale - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} tailscale.com/proxy-class: no-metrics annotations: tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true" diff --git a/clusters/cl01tl/helm/openbao/templates/namespace.yaml b/clusters/cl01tl/helm/openbao/templates/namespace.yaml index bdd9da5a4..748ee3072 100644 --- a/clusters/cl01tl/helm/openbao/templates/namespace.yaml +++ b/clusters/cl01tl/helm/openbao/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: openbao labels: app.kubernetes.io/name: openbao - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/outline/templates/_helpers.tpl b/clusters/cl01tl/helm/outline/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/outline/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/outline/templates/external-secret.yaml b/clusters/cl01tl/helm/outline/templates/external-secret.yaml index f90e7d5fc..ea13a006d 100644 --- a/clusters/cl01tl/helm/outline/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/outline/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: outline-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -29,8 +28,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: outline-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/paperless-ngx/templates/_helpers.tpl b/clusters/cl01tl/helm/paperless-ngx/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/paperless-ngx/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/paperless-ngx/templates/external-secret.yaml b/clusters/cl01tl/helm/paperless-ngx/templates/external-secret.yaml index 206532e30..f7c3b9c20 100644 --- a/clusters/cl01tl/helm/paperless-ngx/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/paperless-ngx/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: paperless-ngx-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -33,8 +32,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: paperless-ngx-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/plex/templates/_helpers.tpl b/clusters/cl01tl/helm/plex/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/plex/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/plex/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/plex/templates/persistent-volume-claim.yaml index 61a5296c2..b64bcbe01 100644 --- a/clusters/cl01tl/helm/plex/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/plex/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: plex-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: plex-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/plex/templates/persistent-volume.yaml b/clusters/cl01tl/helm/plex/templates/persistent-volume.yaml index cdf01b15c..7597395f6 100644 --- a/clusters/cl01tl/helm/plex/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/plex/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: plex-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/postiz/templates/_helpers.tpl b/clusters/cl01tl/helm/postiz/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/postiz/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/postiz/templates/external-secret.yaml b/clusters/cl01tl/helm/postiz/templates/external-secret.yaml index 00c889f8b..496d45f4c 100644 --- a/clusters/cl01tl/helm/postiz/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/postiz/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: postiz-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -25,8 +24,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: postiz-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -49,8 +47,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: postiz-elasticsearch-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -77,8 +74,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: postiz-valkey-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/postiz/templates/http-route.yaml b/clusters/cl01tl/helm/postiz/templates/http-route.yaml index aa86d6bac..f6d339bbe 100644 --- a/clusters/cl01tl/helm/postiz/templates/http-route.yaml +++ b/clusters/cl01tl/helm/postiz/templates/http-route.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: postiz-temporal-web - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: parentRefs: - group: gateway.networking.k8s.io diff --git a/clusters/cl01tl/helm/prowlarr/templates/_helpers.tpl b/clusters/cl01tl/helm/prowlarr/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/prowlarr/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/prowlarr/templates/external-secret.yaml b/clusters/cl01tl/helm/prowlarr/templates/external-secret.yaml index f6822c768..58a28bba1 100644 --- a/clusters/cl01tl/helm/prowlarr/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/prowlarr/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: prowlarr-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/qbittorrent/templates/_helpers.tpl b/clusters/cl01tl/helm/qbittorrent/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/qbittorrent/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/qbittorrent/templates/config-map.yaml b/clusters/cl01tl/helm/qbittorrent/templates/config-map.yaml index 375402c02..8384453f2 100644 --- a/clusters/cl01tl/helm/qbittorrent/templates/config-map.yaml +++ b/clusters/cl01tl/helm/qbittorrent/templates/config-map.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: glutun-update-script - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} data: update.sh: | API_ENDPOINT="http://localhost:8080/api/v2"; @@ -139,8 +138,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: qbit-manage-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} data: config.yml: | # Please refer to the link below for more details on how to set up the configuration file diff --git a/clusters/cl01tl/helm/qbittorrent/templates/external-secret.yaml b/clusters/cl01tl/helm/qbittorrent/templates/external-secret.yaml index a978f5319..b5b3e2bde 100644 --- a/clusters/cl01tl/helm/qbittorrent/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/qbittorrent/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: qbittorrent-wireguard-conf - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -37,8 +36,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: qbittorrent-qbit-manage-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -61,8 +59,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: qui-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/qbittorrent/templates/namespace.yaml b/clusters/cl01tl/helm/qbittorrent/templates/namespace.yaml index 37fd60393..97d505071 100644 --- a/clusters/cl01tl/helm/qbittorrent/templates/namespace.yaml +++ b/clusters/cl01tl/helm/qbittorrent/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: qbittorrent labels: app.kubernetes.io/name: qbittorrent - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/qbittorrent/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/qbittorrent/templates/persistent-volume-claim.yaml index 280f00282..e300de499 100644 --- a/clusters/cl01tl/helm/qbittorrent/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/qbittorrent/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: qbittorrent-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: qbittorrent-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/qbittorrent/templates/persistent-volume.yaml b/clusters/cl01tl/helm/qbittorrent/templates/persistent-volume.yaml index ac0f75046..4354effca 100644 --- a/clusters/cl01tl/helm/qbittorrent/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/qbittorrent/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: qbittorrent-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/radarr-4k/templates/_helpers.tpl b/clusters/cl01tl/helm/radarr-4k/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/radarr-4k/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/radarr-4k/templates/middleware.yaml b/clusters/cl01tl/helm/radarr-4k/templates/middleware.yaml index 341764b57..701f30f52 100644 --- a/clusters/cl01tl/helm/radarr-4k/templates/middleware.yaml +++ b/clusters/cl01tl/helm/radarr-4k/templates/middleware.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: oidc-forward-auth - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: forwardAuth: address: http://ak-outpost-traefik-proxy-auth.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik diff --git a/clusters/cl01tl/helm/radarr-4k/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/radarr-4k/templates/persistent-volume-claim.yaml index b05e92529..b1a1250f5 100644 --- a/clusters/cl01tl/helm/radarr-4k/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/radarr-4k/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr-4k-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: radarr-4k-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/radarr-4k/templates/persistent-volume.yaml b/clusters/cl01tl/helm/radarr-4k/templates/persistent-volume.yaml index 435908330..07ded9aa5 100644 --- a/clusters/cl01tl/helm/radarr-4k/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/radarr-4k/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr-4k-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/radarr-4k/templates/prometheus-rule.yaml b/clusters/cl01tl/helm/radarr-4k/templates/prometheus-rule.yaml index e3cab3d05..c9ce607b3 100644 --- a/clusters/cl01tl/helm/radarr-4k/templates/prometheus-rule.yaml +++ b/clusters/cl01tl/helm/radarr-4k/templates/prometheus-rule.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr-4k - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: groups: - name: radarr-4k diff --git a/clusters/cl01tl/helm/radarr-anime/templates/_helpers.tpl b/clusters/cl01tl/helm/radarr-anime/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/radarr-anime/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/radarr-anime/templates/middleware.yaml b/clusters/cl01tl/helm/radarr-anime/templates/middleware.yaml index 341764b57..701f30f52 100644 --- a/clusters/cl01tl/helm/radarr-anime/templates/middleware.yaml +++ b/clusters/cl01tl/helm/radarr-anime/templates/middleware.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: oidc-forward-auth - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: forwardAuth: address: http://ak-outpost-traefik-proxy-auth.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik diff --git a/clusters/cl01tl/helm/radarr-anime/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/radarr-anime/templates/persistent-volume-claim.yaml index 572bca509..463913336 100644 --- a/clusters/cl01tl/helm/radarr-anime/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/radarr-anime/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr-anime-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: radarr-anime-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/radarr-anime/templates/persistent-volume.yaml b/clusters/cl01tl/helm/radarr-anime/templates/persistent-volume.yaml index de760a1b9..4ff3d5b21 100644 --- a/clusters/cl01tl/helm/radarr-anime/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/radarr-anime/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr-anime-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/radarr-anime/templates/prometheus-rule.yaml b/clusters/cl01tl/helm/radarr-anime/templates/prometheus-rule.yaml index 9134bf0c5..d68c6eeba 100644 --- a/clusters/cl01tl/helm/radarr-anime/templates/prometheus-rule.yaml +++ b/clusters/cl01tl/helm/radarr-anime/templates/prometheus-rule.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr-anime - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: groups: - name: radarr-anime diff --git a/clusters/cl01tl/helm/radarr-standup/templates/_helpers.tpl b/clusters/cl01tl/helm/radarr-standup/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/radarr-standup/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/radarr-standup/templates/middleware.yaml b/clusters/cl01tl/helm/radarr-standup/templates/middleware.yaml index 341764b57..701f30f52 100644 --- a/clusters/cl01tl/helm/radarr-standup/templates/middleware.yaml +++ b/clusters/cl01tl/helm/radarr-standup/templates/middleware.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: oidc-forward-auth - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: forwardAuth: address: http://ak-outpost-traefik-proxy-auth.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik diff --git a/clusters/cl01tl/helm/radarr-standup/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/radarr-standup/templates/persistent-volume-claim.yaml index 29ad7f688..6c61d9abc 100644 --- a/clusters/cl01tl/helm/radarr-standup/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/radarr-standup/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr-standup-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: radarr-standup-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/radarr-standup/templates/persistent-volume.yaml b/clusters/cl01tl/helm/radarr-standup/templates/persistent-volume.yaml index 63cdd5dea..2abc1a935 100644 --- a/clusters/cl01tl/helm/radarr-standup/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/radarr-standup/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr-standup-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/radarr-standup/templates/prometheus-rule.yaml b/clusters/cl01tl/helm/radarr-standup/templates/prometheus-rule.yaml index 3e33b02c4..86b4ba302 100644 --- a/clusters/cl01tl/helm/radarr-standup/templates/prometheus-rule.yaml +++ b/clusters/cl01tl/helm/radarr-standup/templates/prometheus-rule.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr-standup - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: groups: - name: radarr-standup diff --git a/clusters/cl01tl/helm/radarr/templates/_helpers.tpl b/clusters/cl01tl/helm/radarr/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/radarr/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/radarr/templates/middleware.yaml b/clusters/cl01tl/helm/radarr/templates/middleware.yaml index 341764b57..701f30f52 100644 --- a/clusters/cl01tl/helm/radarr/templates/middleware.yaml +++ b/clusters/cl01tl/helm/radarr/templates/middleware.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: oidc-forward-auth - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: forwardAuth: address: http://ak-outpost-traefik-proxy-auth.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik diff --git a/clusters/cl01tl/helm/radarr/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/radarr/templates/persistent-volume-claim.yaml index 1c07245f8..e4702537e 100644 --- a/clusters/cl01tl/helm/radarr/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/radarr/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: radarr-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/radarr/templates/persistent-volume.yaml b/clusters/cl01tl/helm/radarr/templates/persistent-volume.yaml index 131d465cc..e11ad08ae 100644 --- a/clusters/cl01tl/helm/radarr/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/radarr/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/radarr/templates/prometheus-rule.yaml b/clusters/cl01tl/helm/radarr/templates/prometheus-rule.yaml index d5076ca9d..1454b8ec7 100644 --- a/clusters/cl01tl/helm/radarr/templates/prometheus-rule.yaml +++ b/clusters/cl01tl/helm/radarr/templates/prometheus-rule.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: radarr - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: groups: - name: radarr diff --git a/clusters/cl01tl/helm/rclone/templates/_helpers.tpl b/clusters/cl01tl/helm/rclone/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/rclone/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/rclone/templates/external-secret.yaml b/clusters/cl01tl/helm/rclone/templates/external-secret.yaml index f79997299..e6613280b 100644 --- a/clusters/cl01tl/helm/rclone/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/rclone/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: garage-directus-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -41,8 +40,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: garage-karakeep-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -77,8 +75,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: garage-talos-backups-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -113,8 +110,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: garage-web-assets-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -149,8 +145,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: garage-postgres-backups-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -185,8 +180,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: garage-ntfy-attachments-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -221,8 +215,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: garage-openbao-backups-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -257,8 +250,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: external-openbao-backups-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/reloader/templates/_helpers.tpl b/clusters/cl01tl/helm/reloader/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/reloader/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/rook-ceph/templates/_helpers.tpl b/clusters/cl01tl/helm/rook-ceph/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/rook-ceph/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/rook-ceph/templates/namespace.yaml b/clusters/cl01tl/helm/rook-ceph/templates/namespace.yaml index 846716636..82e9bf619 100644 --- a/clusters/cl01tl/helm/rook-ceph/templates/namespace.yaml +++ b/clusters/cl01tl/helm/rook-ceph/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: rook-ceph labels: app.kubernetes.io/name: rook-ceph - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/roundcube/templates/_helpers.tpl b/clusters/cl01tl/helm/roundcube/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/roundcube/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/roundcube/templates/external-secret.yaml b/clusters/cl01tl/helm/roundcube/templates/external-secret.yaml index 4d287732c..89fdc892e 100644 --- a/clusters/cl01tl/helm/roundcube/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/roundcube/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: roundcube-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/rybbit/templates/_helpers.tpl b/clusters/cl01tl/helm/rybbit/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/rybbit/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/rybbit/templates/external-secret.yaml b/clusters/cl01tl/helm/rybbit/templates/external-secret.yaml index b40f60b87..cda4cae82 100644 --- a/clusters/cl01tl/helm/rybbit/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/rybbit/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: rybbit-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/s3-exporter/templates/_helpers.tpl b/clusters/cl01tl/helm/s3-exporter/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/s3-exporter/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/s3-exporter/templates/external-secret.yaml b/clusters/cl01tl/helm/s3-exporter/templates/external-secret.yaml index 34a377c54..8f8081e0d 100644 --- a/clusters/cl01tl/helm/s3-exporter/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/s3-exporter/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: s3-do-home-infra-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -33,8 +32,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: s3-garage-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/searxng/templates/_helpers.tpl b/clusters/cl01tl/helm/searxng/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/searxng/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/searxng/templates/external-secret.yaml b/clusters/cl01tl/helm/searxng/templates/external-secret.yaml index 2b7dd2c0c..468398105 100644 --- a/clusters/cl01tl/helm/searxng/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/searxng/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: searxng-browser-metrics-auth - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -29,8 +28,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: searxng-api-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/secrets-store-csi-driver/templates/_helpers.tpl b/clusters/cl01tl/helm/secrets-store-csi-driver/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/secrets-store-csi-driver/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/secrets-store-csi-driver/templates/namespace.yaml b/clusters/cl01tl/helm/secrets-store-csi-driver/templates/namespace.yaml index b5f85dbcb..05537d795 100644 --- a/clusters/cl01tl/helm/secrets-store-csi-driver/templates/namespace.yaml +++ b/clusters/cl01tl/helm/secrets-store-csi-driver/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: secrets-store-csi-driver labels: app.kubernetes.io/name: secrets-store-csi-driver - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/seerr/templates/_helpers.tpl b/clusters/cl01tl/helm/seerr/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/seerr/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/shelfmark/templates/_helpers.tpl b/clusters/cl01tl/helm/shelfmark/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/shelfmark/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/shelfmark/templates/external-secret.yaml b/clusters/cl01tl/helm/shelfmark/templates/external-secret.yaml index 95f80d759..c9eb87bd2 100644 --- a/clusters/cl01tl/helm/shelfmark/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/shelfmark/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: shelfmark-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/shelfmark/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/shelfmark/templates/persistent-volume-claim.yaml index 2c31a5189..00a8465a6 100644 --- a/clusters/cl01tl/helm/shelfmark/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/shelfmark/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: shelfmark-import-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: shelfmark-import-nfs-storage storageClassName: nfs-client @@ -24,8 +23,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: shelfmark-audiobooks-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: shelfmark-audiobooks-nfs-storage storageClassName: nfs-client @@ -43,8 +41,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: shelfmark-downloads-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: shelfmark-downloads-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/shelfmark/templates/persistent-volume.yaml b/clusters/cl01tl/helm/shelfmark/templates/persistent-volume.yaml index 28fac1832..02b16ff44 100644 --- a/clusters/cl01tl/helm/shelfmark/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/shelfmark/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: shelfmark-import-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client @@ -30,8 +29,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: shelfmark-audiobooks-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client @@ -55,8 +53,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: shelfmark-downloads-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/shelly-plug/templates/_helpers.tpl b/clusters/cl01tl/helm/shelly-plug/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/shelly-plug/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/shelly-plug/templates/external-secret.yaml b/clusters/cl01tl/helm/shelly-plug/templates/external-secret.yaml index cf2d8bcc1..c0ea53483 100644 --- a/clusters/cl01tl/helm/shelly-plug/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/shelly-plug/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: shelly-plug-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/site-documentation/templates/_helpers.tpl b/clusters/cl01tl/helm/site-documentation/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/site-documentation/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/site-profile/templates/_helpers.tpl b/clusters/cl01tl/helm/site-profile/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/site-profile/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/site-saralebens/templates/_helpers.tpl b/clusters/cl01tl/helm/site-saralebens/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/site-saralebens/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/slskd/templates/_helpers.tpl b/clusters/cl01tl/helm/slskd/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/slskd/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/slskd/templates/external-secret.yaml b/clusters/cl01tl/helm/slskd/templates/external-secret.yaml index 51a984b5b..0949bdfd1 100644 --- a/clusters/cl01tl/helm/slskd/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/slskd/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: airvpn-wireguard-conf - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -41,8 +40,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: protonvpn-wireguard-conf - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/slskd/templates/namespace.yaml b/clusters/cl01tl/helm/slskd/templates/namespace.yaml index 9793bc56d..be130061c 100644 --- a/clusters/cl01tl/helm/slskd/templates/namespace.yaml +++ b/clusters/cl01tl/helm/slskd/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: slskd labels: app.kubernetes.io/name: slskd - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/slskd/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/slskd/templates/persistent-volume-claim.yaml index b44e26d30..cba12149a 100644 --- a/clusters/cl01tl/helm/slskd/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/slskd/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: slskd-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: slskd-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/slskd/templates/persistent-volume.yaml b/clusters/cl01tl/helm/slskd/templates/persistent-volume.yaml index 3e234f75a..5ad8d6a44 100644 --- a/clusters/cl01tl/helm/slskd/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/slskd/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: slskd-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/slskd/templates/secret-provider-class.yaml b/clusters/cl01tl/helm/slskd/templates/secret-provider-class.yaml index e37cf1e74..eaf25c068 100644 --- a/clusters/cl01tl/helm/slskd/templates/secret-provider-class.yaml +++ b/clusters/cl01tl/helm/slskd/templates/secret-provider-class.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: slskd-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: provider: openbao parameters: diff --git a/clusters/cl01tl/helm/slskd/values.yaml b/clusters/cl01tl/helm/slskd/values.yaml index ecaa2af4d..a005489e4 100644 --- a/clusters/cl01tl/helm/slskd/values.yaml +++ b/clusters/cl01tl/helm/slskd/values.yaml @@ -109,6 +109,9 @@ slskd: devic.es/tun: "1" requests: devic.es/tun: "1" + serviceAccount: + slskd: + enabled: true service: main: controller: main diff --git a/clusters/cl01tl/helm/snapshot-controller/templates/_helpers.tpl b/clusters/cl01tl/helm/snapshot-controller/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/snapshot-controller/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/sonarr-4k/templates/_helpers.tpl b/clusters/cl01tl/helm/sonarr-4k/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/sonarr-4k/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/sonarr-4k/templates/middleware.yaml b/clusters/cl01tl/helm/sonarr-4k/templates/middleware.yaml index 341764b57..701f30f52 100644 --- a/clusters/cl01tl/helm/sonarr-4k/templates/middleware.yaml +++ b/clusters/cl01tl/helm/sonarr-4k/templates/middleware.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: oidc-forward-auth - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: forwardAuth: address: http://ak-outpost-traefik-proxy-auth.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik diff --git a/clusters/cl01tl/helm/sonarr-4k/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/sonarr-4k/templates/persistent-volume-claim.yaml index 388857422..f83ff9214 100644 --- a/clusters/cl01tl/helm/sonarr-4k/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/sonarr-4k/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: sonarr-4k-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: sonarr-4k-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/sonarr-4k/templates/persistent-volume.yaml b/clusters/cl01tl/helm/sonarr-4k/templates/persistent-volume.yaml index 8049c36c9..c7ddc3c18 100644 --- a/clusters/cl01tl/helm/sonarr-4k/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/sonarr-4k/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: sonarr-4k-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/sonarr-4k/templates/prometheus-rule.yaml b/clusters/cl01tl/helm/sonarr-4k/templates/prometheus-rule.yaml index 407d04562..81d08656f 100644 --- a/clusters/cl01tl/helm/sonarr-4k/templates/prometheus-rule.yaml +++ b/clusters/cl01tl/helm/sonarr-4k/templates/prometheus-rule.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: sonarr-4k - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: groups: - name: sonarr-4k diff --git a/clusters/cl01tl/helm/sonarr-anime/templates/_helpers.tpl b/clusters/cl01tl/helm/sonarr-anime/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/sonarr-anime/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/sonarr-anime/templates/middleware.yaml b/clusters/cl01tl/helm/sonarr-anime/templates/middleware.yaml index 341764b57..701f30f52 100644 --- a/clusters/cl01tl/helm/sonarr-anime/templates/middleware.yaml +++ b/clusters/cl01tl/helm/sonarr-anime/templates/middleware.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: oidc-forward-auth - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: forwardAuth: address: http://ak-outpost-traefik-proxy-auth.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik diff --git a/clusters/cl01tl/helm/sonarr-anime/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/sonarr-anime/templates/persistent-volume-claim.yaml index e0e63952a..531b38f11 100644 --- a/clusters/cl01tl/helm/sonarr-anime/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/sonarr-anime/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: sonarr-anime-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: sonarr-anime-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/sonarr-anime/templates/persistent-volume.yaml b/clusters/cl01tl/helm/sonarr-anime/templates/persistent-volume.yaml index 3ee8f4c63..50aa05f46 100644 --- a/clusters/cl01tl/helm/sonarr-anime/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/sonarr-anime/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: sonarr-anime-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/sonarr-anime/templates/prometheus-rule.yaml b/clusters/cl01tl/helm/sonarr-anime/templates/prometheus-rule.yaml index dbcc8e998..83ba1d530 100644 --- a/clusters/cl01tl/helm/sonarr-anime/templates/prometheus-rule.yaml +++ b/clusters/cl01tl/helm/sonarr-anime/templates/prometheus-rule.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: sonarr-anime - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: groups: - name: sonarr-anime diff --git a/clusters/cl01tl/helm/sonarr/templates/_helpers.tpl b/clusters/cl01tl/helm/sonarr/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/sonarr/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/sonarr/templates/middleware.yaml b/clusters/cl01tl/helm/sonarr/templates/middleware.yaml index 341764b57..701f30f52 100644 --- a/clusters/cl01tl/helm/sonarr/templates/middleware.yaml +++ b/clusters/cl01tl/helm/sonarr/templates/middleware.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: oidc-forward-auth - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: forwardAuth: address: http://ak-outpost-traefik-proxy-auth.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik diff --git a/clusters/cl01tl/helm/sonarr/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/sonarr/templates/persistent-volume-claim.yaml index 72cf49562..cae209ff6 100644 --- a/clusters/cl01tl/helm/sonarr/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/sonarr/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: sonarr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: sonarr-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/sonarr/templates/persistent-volume.yaml b/clusters/cl01tl/helm/sonarr/templates/persistent-volume.yaml index a23f24017..a63d6c47e 100644 --- a/clusters/cl01tl/helm/sonarr/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/sonarr/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: sonarr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/sonarr/templates/prometheus-rule.yaml b/clusters/cl01tl/helm/sonarr/templates/prometheus-rule.yaml index 5459fd7c3..593b3b3b1 100644 --- a/clusters/cl01tl/helm/sonarr/templates/prometheus-rule.yaml +++ b/clusters/cl01tl/helm/sonarr/templates/prometheus-rule.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: sonarr - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: groups: - name: sonarr diff --git a/clusters/cl01tl/helm/sparkyfitness/templates/_helpers.tpl b/clusters/cl01tl/helm/sparkyfitness/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/sparkyfitness/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/sparkyfitness/templates/external-secret.yaml b/clusters/cl01tl/helm/sparkyfitness/templates/external-secret.yaml index c7521caf8..2bb5cdc61 100644 --- a/clusters/cl01tl/helm/sparkyfitness/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/sparkyfitness/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: sparkyfitness-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -29,8 +28,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: sparkyfitness-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/speedtest-exporter/templates/_helpers.tpl b/clusters/cl01tl/helm/speedtest-exporter/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/speedtest-exporter/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/stack/templates/_helpers.tpl b/clusters/cl01tl/helm/stack/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/stack/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/stalwart/templates/_helpers.tpl b/clusters/cl01tl/helm/stalwart/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/stalwart/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/stalwart/templates/elasticsearch.yaml b/clusters/cl01tl/helm/stalwart/templates/elasticsearch.yaml index 7d27bfe86..672c3369a 100644 --- a/clusters/cl01tl/helm/stalwart/templates/elasticsearch.yaml +++ b/clusters/cl01tl/helm/stalwart/templates/elasticsearch.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: elasticsearch-stalwart - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: # renovate: datasource=docker depName=elasticsearch version: 9.3.3 diff --git a/clusters/cl01tl/helm/stalwart/templates/external-secret.yaml b/clusters/cl01tl/helm/stalwart/templates/external-secret.yaml index 5f2bf011c..31cfd9583 100644 --- a/clusters/cl01tl/helm/stalwart/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/stalwart/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: stalwart-elasticsearch-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/stalwart/templates/namespace.yaml b/clusters/cl01tl/helm/stalwart/templates/namespace.yaml index 884be40ab..c573f079f 100644 --- a/clusters/cl01tl/helm/stalwart/templates/namespace.yaml +++ b/clusters/cl01tl/helm/stalwart/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: stalwart labels: app.kubernetes.io/name: stalwart - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/tailscale-operator/templates/_helpers.tpl b/clusters/cl01tl/helm/tailscale-operator/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/tailscale-operator/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/tailscale-operator/templates/connector.yaml b/clusters/cl01tl/helm/tailscale-operator/templates/connector.yaml index 348f98d0c..6d6b61517 100644 --- a/clusters/cl01tl/helm/tailscale-operator/templates/connector.yaml +++ b/clusters/cl01tl/helm/tailscale-operator/templates/connector.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: subnet-router-local - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: hostname: subnet-router-local-cl01tl proxyClass: default diff --git a/clusters/cl01tl/helm/tailscale-operator/templates/dns-config.yaml b/clusters/cl01tl/helm/tailscale-operator/templates/dns-config.yaml index f1da7d6d6..ce9599eee 100644 --- a/clusters/cl01tl/helm/tailscale-operator/templates/dns-config.yaml +++ b/clusters/cl01tl/helm/tailscale-operator/templates/dns-config.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: ts-dns - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: nameserver: image: diff --git a/clusters/cl01tl/helm/tailscale-operator/templates/external-secrets.yaml b/clusters/cl01tl/helm/tailscale-operator/templates/external-secrets.yaml index 67c070a66..18539044b 100644 --- a/clusters/cl01tl/helm/tailscale-operator/templates/external-secrets.yaml +++ b/clusters/cl01tl/helm/tailscale-operator/templates/external-secrets.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: operator-oauth - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/tailscale-operator/templates/namespace.yaml b/clusters/cl01tl/helm/tailscale-operator/templates/namespace.yaml index f5b21a61a..166afd7cc 100644 --- a/clusters/cl01tl/helm/tailscale-operator/templates/namespace.yaml +++ b/clusters/cl01tl/helm/tailscale-operator/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: tailscale-operator labels: app.kubernetes.io/name: tailscale-operator - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/tailscale-operator/templates/proxy-class.yaml b/clusters/cl01tl/helm/tailscale-operator/templates/proxy-class.yaml index 8cd14c059..7827c0e5a 100644 --- a/clusters/cl01tl/helm/tailscale-operator/templates/proxy-class.yaml +++ b/clusters/cl01tl/helm/tailscale-operator/templates/proxy-class.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: default - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: metrics: enable: true @@ -31,8 +30,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: no-metrics - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: metrics: enable: false diff --git a/clusters/cl01tl/helm/tailscale-operator/templates/service.yaml b/clusters/cl01tl/helm/tailscale-operator/templates/service.yaml index ca9ee7765..8a9009268 100644 --- a/clusters/cl01tl/helm/tailscale-operator/templates/service.yaml +++ b/clusters/cl01tl/helm/tailscale-operator/templates/service.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: garage-ps10rp - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} annotations: tailscale.com/tailnet-fqdn: garage-ps10rp.boreal-beaufort.ts.net spec: @@ -21,8 +20,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: garage-ui-ps10rp - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} annotations: tailscale.com/tailnet-fqdn: garage-ui-ps10rp.boreal-beaufort.ts.net spec: @@ -37,8 +35,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: gitea-ps10rp - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} annotations: tailscale.com/tailnet-fqdn: gitea-ps10rp.boreal-beaufort.ts.net spec: @@ -53,8 +50,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: home-ps10rp - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} annotations: tailscale.com/tailnet-fqdn: home-ps10rp.boreal-beaufort.ts.net spec: @@ -69,8 +65,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: komodo-periphery-ps10rp - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} annotations: tailscale.com/tailnet-fqdn: komodo-periphery-ps10rp.boreal-beaufort.ts.net spec: @@ -85,8 +80,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: node-ps10rp - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} annotations: tailscale.com/tailnet-fqdn: node-exporter-ps10rp.boreal-beaufort.ts.net spec: @@ -101,8 +95,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: ollama-pd05wd - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} annotations: tailscale.com/tailnet-fqdn: ollama-pd05wd.boreal-beaufort.ts.net spec: @@ -117,8 +110,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: stable-diffusion-pd05wd - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} annotations: tailscale.com/tailnet-fqdn: stable-diffusion-pd05wd.boreal-beaufort.ts.net spec: diff --git a/clusters/cl01tl/helm/talos/templates/_helpers.tpl b/clusters/cl01tl/helm/talos/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/talos/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/talos/templates/config.yaml b/clusters/cl01tl/helm/talos/templates/config.yaml index 8a6168289..53b71833f 100644 --- a/clusters/cl01tl/helm/talos/templates/config.yaml +++ b/clusters/cl01tl/helm/talos/templates/config.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: talos-prune-script - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} data: prune.sh: | DATE_RANGE=$(date -d @$(( $(date +%s) - $DATE_RANGE_SECONDS )) +%Y-%m-%dT%H:%M:%SZ); diff --git a/clusters/cl01tl/helm/talos/templates/external-secret.yaml b/clusters/cl01tl/helm/talos/templates/external-secret.yaml index b625b664c..aff367831 100644 --- a/clusters/cl01tl/helm/talos/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/talos/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: talos-etcd-backup-local-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -41,8 +40,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: talos-etcd-backup-remote-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -77,8 +75,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: talos-etcd-backup-external-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -113,8 +110,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: talos-backup-ntfy-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -141,8 +137,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: talos-etcd-defrag-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/talos/templates/secret.yaml b/clusters/cl01tl/helm/talos/templates/secret.yaml index b54ee3464..8c1b72257 100644 --- a/clusters/cl01tl/helm/talos/templates/secret.yaml +++ b/clusters/cl01tl/helm/talos/templates/secret.yaml @@ -5,7 +5,6 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: talos-backup-secrets - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} annotations: kubernetes.io/service-account.name: talos-backup-secrets diff --git a/clusters/cl01tl/helm/talos/templates/service-account.yaml b/clusters/cl01tl/helm/talos/templates/service-account.yaml index 60e9a89ed..605a45acd 100644 --- a/clusters/cl01tl/helm/talos/templates/service-account.yaml +++ b/clusters/cl01tl/helm/talos/templates/service-account.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: talos-backup-secrets - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: roles: - os:etcd:backup diff --git a/clusters/cl01tl/helm/tdarr/templates/_helpers.tpl b/clusters/cl01tl/helm/tdarr/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/tdarr/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/tdarr/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/tdarr/templates/persistent-volume-claim.yaml index f86557f72..4b76fae0b 100644 --- a/clusters/cl01tl/helm/tdarr/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/tdarr/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: tdarr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: tdarr-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/tdarr/templates/persistent-volume.yaml b/clusters/cl01tl/helm/tdarr/templates/persistent-volume.yaml index c3da6a310..7417aefd8 100644 --- a/clusters/cl01tl/helm/tdarr/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/tdarr/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: tdarr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/traefik/templates/_helpers.tpl b/clusters/cl01tl/helm/traefik/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/traefik/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/traefik/templates/namespace.yaml b/clusters/cl01tl/helm/traefik/templates/namespace.yaml index 99f864e62..a053774e0 100644 --- a/clusters/cl01tl/helm/traefik/templates/namespace.yaml +++ b/clusters/cl01tl/helm/traefik/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: traefik labels: app.kubernetes.io/name: traefik - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/tubearchivist/templates/_helpers.tpl b/clusters/cl01tl/helm/tubearchivist/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/tubearchivist/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/tubearchivist/templates/elasticsearch.yaml b/clusters/cl01tl/helm/tubearchivist/templates/elasticsearch.yaml index 539c94283..1836d11ba 100644 --- a/clusters/cl01tl/helm/tubearchivist/templates/elasticsearch.yaml +++ b/clusters/cl01tl/helm/tubearchivist/templates/elasticsearch.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: elasticsearch-tubearchivist - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: # renovate: datasource=docker depName=elasticsearch version: 9.3.3 diff --git a/clusters/cl01tl/helm/tubearchivist/templates/external-secret.yaml b/clusters/cl01tl/helm/tubearchivist/templates/external-secret.yaml index 743df7e10..a1ff4fb23 100644 --- a/clusters/cl01tl/helm/tubearchivist/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/tubearchivist/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: tubearchivist-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -29,8 +28,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: tubearchivist-elasticsearch-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -57,8 +55,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: tubearchivist-wireguard-conf - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/tubearchivist/templates/namespace.yaml b/clusters/cl01tl/helm/tubearchivist/templates/namespace.yaml index 0f2687e94..d5f39b622 100644 --- a/clusters/cl01tl/helm/tubearchivist/templates/namespace.yaml +++ b/clusters/cl01tl/helm/tubearchivist/templates/namespace.yaml @@ -4,8 +4,7 @@ metadata: name: tubearchivist labels: app.kubernetes.io/name: tubearchivist - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/helm/tubearchivist/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/tubearchivist/templates/persistent-volume-claim.yaml index 6c8dcc160..831e2ac58 100644 --- a/clusters/cl01tl/helm/tubearchivist/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/tubearchivist/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: tubearchivist-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: tubearchivist-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/tubearchivist/templates/persistent-volume.yaml b/clusters/cl01tl/helm/tubearchivist/templates/persistent-volume.yaml index 62bab667a..c0946d4ed 100644 --- a/clusters/cl01tl/helm/tubearchivist/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/tubearchivist/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: tubearchivist-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/unpackerr/templates/_helpers.tpl b/clusters/cl01tl/helm/unpackerr/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/unpackerr/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/unpackerr/templates/external-secret.yaml b/clusters/cl01tl/helm/unpackerr/templates/external-secret.yaml index 81e691f28..16d085afd 100644 --- a/clusters/cl01tl/helm/unpackerr/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/unpackerr/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: unpackerr-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/unpackerr/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/unpackerr/templates/persistent-volume-claim.yaml index 8d6232ee0..5fb701984 100644 --- a/clusters/cl01tl/helm/unpackerr/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/unpackerr/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: unpackerr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: unpackerr-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/unpackerr/templates/persistent-volume.yaml b/clusters/cl01tl/helm/unpackerr/templates/persistent-volume.yaml index d49f8056e..d633dedd7 100644 --- a/clusters/cl01tl/helm/unpackerr/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/unpackerr/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: unpackerr-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/unpoller/templates/_helpers.tpl b/clusters/cl01tl/helm/unpoller/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/unpoller/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/unpoller/templates/external-secret.yaml b/clusters/cl01tl/helm/unpoller/templates/external-secret.yaml index 9e355be95..5eb1bb4b2 100644 --- a/clusters/cl01tl/helm/unpoller/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/unpoller/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: unpoller-unifi-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/vault/templates/_helpers.tpl b/clusters/cl01tl/helm/vault/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/vault/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/vault/templates/config-map.yaml b/clusters/cl01tl/helm/vault/templates/config-map.yaml index 235d1d5ad..3db525447 100644 --- a/clusters/cl01tl/helm/vault/templates/config-map.yaml +++ b/clusters/cl01tl/helm/vault/templates/config-map.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-snapshot-script - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} data: snapshot.sh: | DATE=$(date +"%Y%m%d-%H-%M") @@ -72,8 +71,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-backup-script - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} data: backup.sh: | echo " "; diff --git a/clusters/cl01tl/helm/vault/templates/external-secret.yaml b/clusters/cl01tl/helm/vault/templates/external-secret.yaml index 02eca8ca1..1f6df90eb 100644 --- a/clusters/cl01tl/helm/vault/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/vault/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-snapshot-agent-token - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -29,8 +28,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-s3cmd-local-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -53,8 +51,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-s3cmd-remote-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -77,8 +74,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-s3cmd-external-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -101,8 +97,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-backup-ntfy-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -129,8 +124,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-unseal-config-1 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -161,8 +155,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-unseal-config-2 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -193,8 +186,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-unseal-config-3 - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -225,8 +217,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-token - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/vault/templates/http-route.yaml b/clusters/cl01tl/helm/vault/templates/http-route.yaml index 8d64a8846..f849fc6ae 100644 --- a/clusters/cl01tl/helm/vault/templates/http-route.yaml +++ b/clusters/cl01tl/helm/vault/templates/http-route.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: parentRefs: - group: gateway.networking.k8s.io diff --git a/clusters/cl01tl/helm/vault/templates/ingress.yaml b/clusters/cl01tl/helm/vault/templates/ingress.yaml index 878705702..213450d0d 100644 --- a/clusters/cl01tl/helm/vault/templates/ingress.yaml +++ b/clusters/cl01tl/helm/vault/templates/ingress.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-tailscale - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} tailscale.com/proxy-class: no-metrics annotations: tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true" diff --git a/clusters/cl01tl/helm/vault/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/vault/templates/persistent-volume-claim.yaml index d5791f361..50c9e48e8 100644 --- a/clusters/cl01tl/helm/vault/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/vault/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vault-storage-backup - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeMode: Filesystem storageClassName: ceph-filesystem diff --git a/clusters/cl01tl/helm/vaultwarden/templates/_helpers.tpl b/clusters/cl01tl/helm/vaultwarden/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/vaultwarden/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/vaultwarden/templates/external-secret.yaml b/clusters/cl01tl/helm/vaultwarden/templates/external-secret.yaml index 958e974b4..669c08ca3 100644 --- a/clusters/cl01tl/helm/vaultwarden/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/vaultwarden/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: vaultwarden-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/version-checker/templates/_helpers.tpl b/clusters/cl01tl/helm/version-checker/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/version-checker/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/version-checker/templates/service-monitor.yaml b/clusters/cl01tl/helm/version-checker/templates/service-monitor.yaml index 7fd6f7ce0..0fb56f4ea 100644 --- a/clusters/cl01tl/helm/version-checker/templates/service-monitor.yaml +++ b/clusters/cl01tl/helm/version-checker/templates/service-monitor.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: version-checker - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: selector: matchLabels: diff --git a/clusters/cl01tl/helm/volsync/templates/_helpers.tpl b/clusters/cl01tl/helm/volsync/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/volsync/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/volsync/templates/prometheus-rule.yaml b/clusters/cl01tl/helm/volsync/templates/prometheus-rule.yaml index e19ac6b2c..2619b8f68 100644 --- a/clusters/cl01tl/helm/volsync/templates/prometheus-rule.yaml +++ b/clusters/cl01tl/helm/volsync/templates/prometheus-rule.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: volsync - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: groups: - name: volsync.rules diff --git a/clusters/cl01tl/helm/volsync/templates/service-monitor.yaml b/clusters/cl01tl/helm/volsync/templates/service-monitor.yaml index c78d5ef3e..9a0058cee 100644 --- a/clusters/cl01tl/helm/volsync/templates/service-monitor.yaml +++ b/clusters/cl01tl/helm/volsync/templates/service-monitor.yaml @@ -5,8 +5,7 @@ metadata: labels: control-plane: volsync-controller app.kubernetes.io/name: volsync - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: endpoints: - interval: 30s diff --git a/clusters/cl01tl/helm/whodb/templates/_helpers.tpl b/clusters/cl01tl/helm/whodb/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/whodb/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/yamtrack/templates/_helpers.tpl b/clusters/cl01tl/helm/yamtrack/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/yamtrack/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/yamtrack/templates/external-secret.yaml b/clusters/cl01tl/helm/yamtrack/templates/external-secret.yaml index 1f6f5ebb7..8df459d64 100644 --- a/clusters/cl01tl/helm/yamtrack/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/yamtrack/templates/external-secret.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: yamtrack-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore @@ -25,8 +24,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: yamtrack-oidc-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/helm/yubal/templates/_helpers.tpl b/clusters/cl01tl/helm/yubal/templates/_helpers.tpl new file mode 100644 index 000000000..10688fcef --- /dev/null +++ b/clusters/cl01tl/helm/yubal/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Common labels +*/}} +{{- define "custom.labels" -}} +{{ include "custom.selectorLabels" $ }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "custom.selectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/part-of: {{ .Release.Name }} +{{- end }} diff --git a/clusters/cl01tl/helm/yubal/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/yubal/templates/persistent-volume-claim.yaml index ddedfb48a..99327471b 100644 --- a/clusters/cl01tl/helm/yubal/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/yubal/templates/persistent-volume-claim.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: yubal-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: volumeName: yubal-nfs-storage storageClassName: nfs-client diff --git a/clusters/cl01tl/helm/yubal/templates/persistent-volume.yaml b/clusters/cl01tl/helm/yubal/templates/persistent-volume.yaml index 8426d7768..b9b5d0930 100644 --- a/clusters/cl01tl/helm/yubal/templates/persistent-volume.yaml +++ b/clusters/cl01tl/helm/yubal/templates/persistent-volume.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: yubal-nfs-storage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} + {{- include "custom.labels" . | nindent 4 }} spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client