alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions 4 Activity

Compare commits

base: alexlebens:15c6bdce37f5c434b9fca5c9e70e77299c3dd0de
Branches Tags
alexlebens:main alexlebens:renovate/docker.io-postgres-18.x alexlebens:renovate/stalwartlabs-stalwart-0.x
..
compare: alexlebens:13ca4115d9124d07731dac3e792a327b50b6d825
Branches Tags
alexlebens:renovate/docker.io-postgres-18.x alexlebens:renovate/stalwartlabs-stalwart-0.x alexlebens:main

1 Commits
15c6bdce37 ... 13ca4115d9

Author SHA1 Message Date
Renovate Bot
13ca4115d9 Update ollama/ollama Docker tag to v0.13.0
All checks were successful
renovate/stability-days Updates have met minimum release age requirement
Details
lint-test-helm / helm-lint (pull_request) Successful in 13s
Details
2025-11-20 22:32:32 +00:00
4 changed files with 6 additions and 285 deletions
Expand all files Collapse all files

183
clusters/cl01tl/applications/booklore/templates/external-secret.yaml
View File

@@ -45,21 +45,21 @@ spec:
remoteRef: remoteRef:
conversionStrategy: Default conversionStrategy: Default
decodingStrategy: None decodingStrategy: None
key: /volsync/restic/digital-ocean key: /cl01tl/volsync/restic/config
metadataPolicy: None metadataPolicy: None
property: BUCKET_ENDPOINT property: S3_BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD - secretKey: RESTIC_PASSWORD
remoteRef: remoteRef:
conversionStrategy: Default conversionStrategy: Default
decodingStrategy: None decodingStrategy: None
key: /volsync/restic/digital-ocean key: /cl01tl/volsync/restic/config
metadataPolicy: None metadataPolicy: None
property: RESTIC_PASSWORD property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION - secretKey: AWS_DEFAULT_REGION
remoteRef: remoteRef:
conversionStrategy: Default conversionStrategy: Default
decodingStrategy: None decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups key: /cl01tl/volsync/restic/config
metadataPolicy: None metadataPolicy: None
property: AWS_DEFAULT_REGION property: AWS_DEFAULT_REGION
- secretKey: AWS_ACCESS_KEY_ID - secretKey: AWS_ACCESS_KEY_ID
@@ -68,185 +68,14 @@ spec:
decodingStrategy: None decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None metadataPolicy: None
property: AWS_ACCESS_KEY_ID property: access_key
- secretKey: AWS_SECRET_ACCESS_KEY - secretKey: AWS_SECRET_ACCESS_KEY
remoteRef: remoteRef:
conversionStrategy: Default conversionStrategy: Default
decodingStrategy: None decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None metadataPolicy: None
property: AWS_SECRET_ACCESS_KEY property: secret_key
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: booklore-data-backup-secret-local
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-data-backup-secret-local
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/booklore/booklore-data"
data:
- secretKey: BUCKET_ENDPOINT
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/garage-local
metadataPolicy: None
property: BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/garage-local
metadataPolicy: None
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_SECRET_KEY
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: booklore-data-backup-secret-remote
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-data-backup-secret-remote
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/booklore/booklore-data"
data:
- secretKey: BUCKET_ENDPOINT
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/garage-remote
metadataPolicy: None
property: BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/garage-remote
metadataPolicy: None
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_SECRET_KEY
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: booklore-data-backup-secret-external
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-data-backup-secret-external
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/booklore/booklore-data"
data:
- secretKey: BUCKET_ENDPOINT
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/digital-ocean
metadataPolicy: None
property: BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/digital-ocean
metadataPolicy: None
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None
property: AWS_DEFAULT_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None
property: AWS_SECRET_ACCESS_KEY
--- ---
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1

84
clusters/cl01tl/applications/booklore/templates/replication-source.yaml
View File

@@ -24,87 +24,3 @@ spec:
storageClassName: ceph-block storageClassName: ceph-block
volumeSnapshotClassName: ceph-blockpool-snapshot volumeSnapshotClassName: ceph-blockpool-snapshot
cacheCapacity: 10Gi cacheCapacity: 10Gi
---
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: booklore-data-backup-source-local
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-data-backup-source-local
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
sourcePVC: booklore-data
trigger:
schedule: 0 2 * * *
restic:
pruneIntervalDays: 7
repository: booklore-data-backup-secret-local
retain:
hourly: 1
daily: 3
weekly: 2
monthly: 2
yearly: 4
copyMethod: Snapshot
storageClassName: ceph-block
volumeSnapshotClassName: ceph-blockpool-snapshot
cacheCapacity: 10Gi
---
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: booklore-data-backup-source-remote
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-data-backup-source-remote
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
sourcePVC: booklore-data
trigger:
schedule: 0 3 * * *
restic:
pruneIntervalDays: 7
repository: booklore-data-backup-secret-remote
retain:
hourly: 1
daily: 3
weekly: 2
monthly: 2
yearly: 4
copyMethod: Snapshot
storageClassName: ceph-block
volumeSnapshotClassName: ceph-blockpool-snapshot
cacheCapacity: 10Gi
---
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: booklore-data-backup-source-external
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: booklore-data-backup-source-external
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
sourcePVC: booklore-data
trigger:
schedule: 0 4 * * *
restic:
pruneIntervalDays: 7
repository: booklore-data-backup-secret-external
retain:
hourly: 1
daily: 3
weekly: 2
monthly: 2
yearly: 4
copyMethod: Snapshot
storageClassName: ceph-block
volumeSnapshotClassName: ceph-blockpool-snapshot
cacheCapacity: 10Gi

14
clusters/cl01tl/applications/booklore/templates/service.yaml
View File

@@ -1,14 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: garage-ps10rp
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: garage-ps10rp
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
annotations:
tailscale.com/tailnet-fqdn: garage-ps10rp.boreal-beaufort.ts.net
spec:
externalName: placeholder
type: ExternalName

10
clusters/cl01tl/applications/booklore/values.yaml
View File

@@ -50,16 +50,6 @@ booklore:
main: main:
- path: /app/data - path: /app/data
readOnly: false readOnly: false
data:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 10Gi
retain: true
advancedMounts:
main:
main:
- path: /data
readOnly: false
books: books:
existingClaim: booklore-books-nfs-storage existingClaim: booklore-books-nfs-storage
advancedMounts: advancedMounts: