From fb646674025a9bb7ab5554bb3eaf77b1e0945c12 Mon Sep 17 00:00:00 2001 From: alexlebens Date: Wed, 14 Aug 2024 13:21:06 -0500 Subject: [PATCH] add homepage for tailscale --- .../homepage-tailscale/Chart.yaml | 22 ++ .../templates/cluster-role-binding.yaml | 19 ++ .../templates/cluster-role.yaml | 51 ++++ .../templates/external-secret.yaml | 93 +++++++ .../homepage-tailscale/values.yaml | 247 ++++++++++++++++++ .../cl01tl/applications/homepage/values.yaml | 3 + 6 files changed, 435 insertions(+) create mode 100644 clusters/cl01tl/applications/homepage-tailscale/Chart.yaml create mode 100644 clusters/cl01tl/applications/homepage-tailscale/templates/cluster-role-binding.yaml create mode 100644 clusters/cl01tl/applications/homepage-tailscale/templates/cluster-role.yaml create mode 100644 clusters/cl01tl/applications/homepage-tailscale/templates/external-secret.yaml create mode 100644 clusters/cl01tl/applications/homepage-tailscale/values.yaml diff --git a/clusters/cl01tl/applications/homepage-tailscale/Chart.yaml b/clusters/cl01tl/applications/homepage-tailscale/Chart.yaml new file mode 100644 index 000000000..a8f3c8f78 --- /dev/null +++ b/clusters/cl01tl/applications/homepage-tailscale/Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v2 +name: homepage-tailscale +version: 1.0.0 +description: Homepage +keywords: + - homepage + - tailscale + - dashboard +home: https://outline.alexlebens.net/doc/homepage-s2clWoI5EC +sources: + - https://github.com/gethomepage/homepage + - https://github.com/gethomepage/homepage/pkgs/container/homepage + - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template +maintainers: + - name: alexlebens +dependencies: + - name: app-template + alias: homepage + repository: https://bjw-s.github.io/helm-charts/ + version: 3.3.2 +icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/homepage.png +appVersion: v0.9.2 diff --git a/clusters/cl01tl/applications/homepage-tailscale/templates/cluster-role-binding.yaml b/clusters/cl01tl/applications/homepage-tailscale/templates/cluster-role-binding.yaml new file mode 100644 index 000000000..f20a953fc --- /dev/null +++ b/clusters/cl01tl/applications/homepage-tailscale/templates/cluster-role-binding.yaml @@ -0,0 +1,19 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: homepage + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: homepage + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: homepage +subjects: + - kind: ServiceAccount + name: homepage + namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/applications/homepage-tailscale/templates/cluster-role.yaml b/clusters/cl01tl/applications/homepage-tailscale/templates/cluster-role.yaml new file mode 100644 index 000000000..429adc8b4 --- /dev/null +++ b/clusters/cl01tl/applications/homepage-tailscale/templates/cluster-role.yaml @@ -0,0 +1,51 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: homepage + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: homepage + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +rules: + - apiGroups: + - "" + resources: + - namespaces + - pods + - nodes + verbs: + - get + - list + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - apiGroups: + - traefik.containo.us + - traefik.io + resources: + - ingressroutes + verbs: + - get + - list + - apiGroups: + - metrics.k8s.io + resources: + - nodes + - pods + verbs: + - get + - list + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions/status + verbs: + - get diff --git a/clusters/cl01tl/applications/homepage-tailscale/templates/external-secret.yaml b/clusters/cl01tl/applications/homepage-tailscale/templates/external-secret.yaml new file mode 100644 index 000000000..2b225a191 --- /dev/null +++ b/clusters/cl01tl/applications/homepage-tailscale/templates/external-secret.yaml @@ -0,0 +1,93 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: homepage-keys-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: homepage-keys-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: HOMEPAGE_VAR_SYNOLOGY_USER + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /synology/auth + metadataPolicy: None + property: user + - secretKey: HOMEPAGE_VAR_SYNOLOGY_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /synology/auth + metadataPolicy: None + property: password + - secretKey: HOMEPAGE_VAR_UNIFI_USER + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /unifi/auth + metadataPolicy: None + property: user + - secretKey: HOMEPAGE_VAR_UNIFI_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /unifi/auth + metadataPolicy: None + property: password + - secretKey: HOMEPAGE_VAR_SONARR_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/sonarr4/key + metadataPolicy: None + property: key + - secretKey: HOMEPAGE_VAR_SONARR4K_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/sonar4-4k/key + metadataPolicy: None + property: key + - secretKey: HOMEPAGE_VAR_RADARR_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/radarr5/key + metadataPolicy: None + property: key + - secretKey: HOMEPAGE_VAR_RADARR4K_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/radarr5-4k/key + metadataPolicy: None + property: key + - secretKey: HOMEPAGE_VAR_LIDARR2_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/lidarr2/key + metadataPolicy: None + property: key + - secretKey: HOMEPAGE_VAR_READARR_BOOKS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/readarr-books/key + metadataPolicy: None + property: key + - secretKey: HOMEPAGE_VAR_PROWLARR_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/prowlarr/key + metadataPolicy: None + property: key diff --git a/clusters/cl01tl/applications/homepage-tailscale/values.yaml b/clusters/cl01tl/applications/homepage-tailscale/values.yaml new file mode 100644 index 000000000..e4cb606ee --- /dev/null +++ b/clusters/cl01tl/applications/homepage-tailscale/values.yaml @@ -0,0 +1,247 @@ +homepage: + global: + nameOverride: homepage + controllers: + main: + type: deployment + annotations: + reloader.stakater.com/auto: "true" + strategy: Recreate + containers: + main: + image: + repository: ghcr.io/gethomepage/homepage + tag: v0.9.6 + pullPolicy: IfNotPresent + envFrom: + - secretRef: + name: homepage-keys-secret + resources: + requests: + cpu: 100m + memory: 256Mi + serviceAccount: + create: true + name: homepage + configMaps: + config: + enabled: true + data: + docker.yaml: "" + kubernetes.yaml: | + mode: cluster + settings.yaml: | + favicon: https://d21zlbwtcn424f.cloudfront.net/icon_white.png + headerStyle: clean + hideVersion: true + color: slate + background: + image: https://d21zlbwtcn424f.cloudfront.net/background.jpg + theme: dark + disableCollapse: true + layout: + - Media: + tab: Applications + icon: mdi-multimedia-#ffffff + - External: + tab: Applications + icon: mdi-application-#ffffff + - Internal: + tab: Applications + icon: mdi-application-#ffffff + - Code: + tab: Tools + icon: mdi-code-braces-box-#ffffff + - Monitoring: + tab: Tools + icon: mdi-chart-bar-#ffffff + - Services: + tab: Services + icon: mdi-server-network-#ffffff + - Hardware: + tab: Services + icon: mdi-lan-connect-#ffffff + - Storage: + tab: Services + icon: mdi-harddisk-#ffffff + - Sonarr: + tab: Servarr + icon: mdi-television-#ffffff + - Radarr: + tab: Servarr + icon: mdi-filmstrip-#ffffff + - Otharr: + tab: Servarr + icon: mdi-music-box-multiple-#ffffff + - Media Services: + tab: Servarr + icon: mdi-radar-#ffffff + - External Services: + tab: Bookmarks + icon: mdi-cloud-#ffffff + - Other Homes: + tab: Bookmarks + icon: mdi-cloud-#ffffff + - Trackers: + tab: Bookmarks + icon: mdi-cloud-#ffffff + widgets.yaml: | + - logo: + icon: https://d21zlbwtcn424f.cloudfront.net/icon_white.png + - kubernetes: + cluster: + show: true + cpu: true + memory: true + showLabel: true + label: "Cluster" + nodes: + show: false + - datetime: + text_size: xl + format: + dateStyle: long + timeStyle: short + hour12: false + - openmeteo: + label: St. Paul + latitude: 44.95 + longitude: 93.09 + units: metric + cache: 5 + services.yaml: | + - Storage: + - Secret Management: + icon: vault.png + description: Vault + href: https://vault-cl01tl.boreal-beaufort.ts.net + siteMonitor: http://vault.vault:8200 + statusStyle: dot + - Otharr: + - Lidarr: + icon: lidarr.png + description: Music + href: https://lidarr-cl01tl.boreal-beaufort.ts.net + siteMonitor: http://lidarr2.lidarr2:80 + statusStyle: dot + widget: + type: lidarr + url: http://lidarr2.lidarr2:80 + key: {{ "{{HOMEPAGE_VAR_LIDARR2_KEY}}" }} + fields: ["wanted", "queued", "artists"] + bookmarks.yaml: | + - External Services: + - Github: + - abbr: GH + href: https://github.com/alexlebens/infrastructure + - Renovate: + - abbr: RN + href: https://developer.mend.io/[platform]/alexlebens/infrastructure + - AWS: + - abbr: AW + href: https://aws.amazon.com/console/ + - Cloudflare: + - abbr: CF + href: https://dash.cloudflare.com/b76e303258b84076ee01fd0f515c0768 + - Tailscale: + - abbr: TS + href: https://login.tailscale.com/admin/machines + - ProtonVPN: + - abbr: PV + href: https://account.protonvpn.com/ + - Unifi: + - abbr: UF + href: https://unifi.ui.com/ + - Pushover: + - abbr: PO + href: https://pushover.net + - ReCaptcha: + - abbr: RC + href: https://www.google.com/recaptcha/admin/site/698983587 + - Dashboard Icons: + - abbr: DI + href: https://github.com/walkxcode/dashboard-icons/tree/main/png + - Other Homes: + - Home: + - abbr: HM + href: https://home.alexlebens.net + - Dev: + - abbr: DV + href: https://home.alexlebens.dev + - Lebens Home: + - abbr: LH + href: https://www.lebens-home.net + - Trackers: + - Torrentleech: + - abbr: TL + href: https://www.torrentleech.org + - Avistaz: + - abbr: AV + href: https://avistaz.to + - Cinemaz: + - abbr: CM + href: https://cinemaz.to + - Cathode Ray Tube: + - abbr: CRT + href: https://www.cathode-ray.tube + - Alpha Ratio: + - abbr: AL + href: https://alpharatio.cc/ + - MV Group: + - abbr: MV + href: https://forums.mvgroup.org + service: + http: + controller: main + ports: + http: + port: 80 + targetPort: 3000 + protocol: HTTP + ingress: + tailscale: + enabled: true + className: tailscale + hosts: + - host: home-cl01tl + paths: + - path: / + pathType: Prefix + service: + name: home + port: 80 + tls: + - hosts: + - home-cl01tl + persistence: + config: + enabled: true + type: configMap + name: homepage-config + advancedMounts: + main: + main: + - path: /app/config/bookmarks.yaml + readOnly: true + mountPropagation: None + subPath: bookmarks.yaml + - path: /app/config/docker.yaml + readOnly: true + mountPropagation: None + subPath: docker.yaml + - path: /app/config/kubernetes.yaml + readOnly: true + mountPropagation: None + subPath: kubernetes.yaml + - path: /app/config/services.yaml + readOnly: true + mountPropagation: None + subPath: services.yaml + - path: /app/config/settings.yaml + readOnly: true + mountPropagation: None + subPath: settings.yaml + - path: /app/config/widgets.yaml + readOnly: true + mountPropagation: None + subPath: widgets.yaml diff --git a/clusters/cl01tl/applications/homepage/values.yaml b/clusters/cl01tl/applications/homepage/values.yaml index 10985d7fb..76aec8b10 100644 --- a/clusters/cl01tl/applications/homepage/values.yaml +++ b/clusters/cl01tl/applications/homepage/values.yaml @@ -615,6 +615,9 @@ homepage: - Dev: - abbr: DV href: https://home.alexlebens.dev + - Tailscale: + - abbr: TS + href: https://home-cl01tl.boreal-beaufort.ts.net - Lebens Home: - abbr: LH href: https://www.lebens-home.net