Compare commits
1 Commits
main
...
389ea8ff79
Author | SHA1 | Date | |
---|---|---|---|
389ea8ff79
|
40
.gitea/workflows/process-repository.yaml
Normal file
40
.gitea/workflows/process-repository.yaml
Normal file
@@ -0,0 +1,40 @@
|
||||
name: process-repository
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "@daily"
|
||||
|
||||
jobs:
|
||||
process-repository:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Python Script
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: alexlebens/workflow-scripts
|
||||
ref: main
|
||||
token: ${{ secrets.BOT_TOKEN }}
|
||||
path: workflow-scripts
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: "3.13"
|
||||
|
||||
- name: Install dependencies
|
||||
run: pip install requests immutabledict
|
||||
|
||||
- name: Run Script
|
||||
env:
|
||||
INSTANCE_URL: ${{ vars.INSTANCE_URL }}
|
||||
OWNER: ${{ gitea.owner }}
|
||||
REPOSITORY: ${{ gitea.repository }}
|
||||
TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
LOG_LEVEL: DEBUG
|
||||
ISSUE_STALE_DAYS: 3
|
||||
ISSUE_STALE_TAG: 16
|
||||
ISSUE_EXCLUDE_TAG: 20
|
||||
PULL_REQUEST_STALE_DAYS: 3
|
||||
PULL_REQUEST_STALE_TAG: 16
|
||||
PULL_REQUEST_REQUIRED_TAG: 15
|
||||
run: python ./workflow-scripts/process-repository.py
|
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: actual
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
||||
appVersion: v25.5.0
|
||||
|
@@ -9,7 +9,7 @@ actual:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/actualbudget/actual
|
||||
tag: 25.10.0
|
||||
tag: 25.7.1
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
@@ -18,6 +18,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: audiobookshelf
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
|
||||
appVersion: 2.21.0
|
||||
|
@@ -9,7 +9,7 @@ audiobookshelf:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/advplyr/audiobookshelf
|
||||
tag: 2.30.0
|
||||
tag: 2.26.3
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -21,7 +21,7 @@ audiobookshelf:
|
||||
apprise-api:
|
||||
image:
|
||||
repository: caronc/apprise
|
||||
tag: 1.2.2
|
||||
tag: 1.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
@@ -18,6 +18,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: bazarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png
|
||||
appVersion: 1.5.2
|
||||
|
@@ -15,7 +15,7 @@ bazarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/bazarr
|
||||
tag: 1.5.3@sha256:a93c3595410f5c5791a126d7705cd8a29f3ce882338eef304cb8bece3ef2580b
|
||||
tag: 1.5.2@sha256:943f7b4772e2c93eab2ad10ccd29946c62b69d3196f3dbafc70de77d36672cad
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: calibre-web-automated
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/calibre-web.png
|
||||
appVersion: V3.0.4
|
||||
|
@@ -31,7 +31,7 @@ calibre-web-automated:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/calibrain/calibre-web-automated-book-downloader
|
||||
tag: latest@sha256:c2850991e99e278269003d92efa86e865f7df039093fbd03e85141b035cf7a80
|
||||
tag: latest@sha256:518908641a2260249513f349eef9f30e580f8f428d1adfa830096b43a818e97b
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: FLASK_PORT
|
||||
@@ -41,7 +41,7 @@ calibre-web-automated:
|
||||
- name: GID
|
||||
value: 100
|
||||
- name: USE_CF_BYPASS
|
||||
value: false
|
||||
value: true
|
||||
- name: CLOUDFLARE_PROXY_URL
|
||||
value: http://localhost:8000
|
||||
- name: INGEST_DIR
|
||||
@@ -55,7 +55,7 @@ calibre-web-automated:
|
||||
bypass:
|
||||
image:
|
||||
repository: ghcr.io/sarperavci/cloudflarebypassforscraping
|
||||
tag: latest@sha256:c34ef70a768ddf35c057f893c5392b8f65465fc4fbac634ba68a16d6a9dd0cbb
|
||||
tag: latest@sha256:bd326a3c6ae0b7ed3e405bbaa230e43e252f444c98f57d179f7a1d78f273748b
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
|
@@ -19,10 +19,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: code-server
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.1
|
||||
version: 1.18.0
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/visual-studio-code.png
|
||||
appVersion: 4.100.2
|
||||
|
@@ -9,7 +9,7 @@ code-server:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/code-server
|
||||
tag: 4.105.1@sha256:aea1f1c92e70b84204e928d73378e8782b3a23af73b419efff0ac7f39b6c73f2
|
||||
tag: 4.102.2@sha256:e93e459877c47affef393e81dd6bcd591af96363c0e96748aed4980b6d12de24
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
@@ -8,10 +8,12 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/c2d242de-dcaa-4801-86a2-c4761dc8bf9b
|
||||
sources:
|
||||
- https://github.com/directus/directus
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/cloudflare/cloudflared
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://hub.docker.com/r/directus/directus
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
maintainers:
|
||||
@@ -20,14 +22,17 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: directus
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: valkey
|
||||
version: 3.0.22
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
- name: cloudflared
|
||||
alias: cloudflared-directus
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.1
|
||||
version: 1.18.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png
|
||||
appVersion: 11.7.2
|
||||
|
@@ -68,10 +68,10 @@ spec:
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-redis-config
|
||||
name: directus-valkey-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-redis-config
|
||||
app.kubernetes.io/name: directus-valkey-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
@@ -83,14 +83,14 @@ spec:
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/redis
|
||||
key: /cl01tl/directus/valkey
|
||||
metadataPolicy: None
|
||||
property: user
|
||||
- secretKey: password
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/redis
|
||||
key: /cl01tl/directus/valkey
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
|
||||
@@ -176,33 +176,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -1,35 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-directus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.2.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
redisSecret:
|
||||
name: directus-redis-config
|
||||
key: password
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.76.0
|
@@ -1,30 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisSentinel
|
||||
metadata:
|
||||
name: redis-sentinel-directus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-sentinel-directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
redisSentinelConfig:
|
||||
redisReplicationName: redis-replication-directus
|
||||
redisReplicationPassword:
|
||||
secretKeyRef:
|
||||
name: directus-redis-config
|
||||
key: password
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis-sentinel:v7.0.15
|
||||
imagePullPolicy: IfNotPresent
|
||||
redisSecret:
|
||||
name: directus-redis-config
|
||||
key: password
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
@@ -20,24 +20,3 @@ spec:
|
||||
bearerTokenSecret:
|
||||
name: directus-metric-token
|
||||
key: metric-token
|
||||
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: redis-replication-directus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
redis-operator: "true"
|
||||
env: production
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
redis_setup_type: replication
|
||||
endpoints:
|
||||
- port: redis-exporter
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
||||
|
@@ -9,7 +9,7 @@ directus:
|
||||
main:
|
||||
image:
|
||||
repository: directus/directus
|
||||
tag: 11.12.0
|
||||
tag: 11.9.3
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PUBLIC_URL
|
||||
@@ -63,25 +63,21 @@ directus:
|
||||
secretKeyRef:
|
||||
name: directus-postgresql-17-cluster-app
|
||||
key: password
|
||||
- name: SYNCHRONIZATION_STORE
|
||||
value: redis
|
||||
- name: CACHE_ENABLED
|
||||
value: true
|
||||
- name: CACHE_STORE
|
||||
value: redis
|
||||
- name: REDIS_ENABLED
|
||||
value: true
|
||||
- name: REDIS_HOST
|
||||
value: redis-replication-directus-master
|
||||
value: directus-valkey-primary
|
||||
- name: REDIS_PORT
|
||||
value: 6379
|
||||
- name: REDIS_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: directus-redis-config
|
||||
name: directus-valkey-config
|
||||
key: user
|
||||
- name: REDIS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: directus-redis-config
|
||||
name: directus-valkey-config
|
||||
key: password
|
||||
- name: STORAGE_LOCATIONS
|
||||
value: s3
|
||||
@@ -153,11 +149,35 @@ directus:
|
||||
port: 80
|
||||
targetPort: 8055
|
||||
protocol: TCP
|
||||
valkey:
|
||||
architecture: replication
|
||||
auth:
|
||||
enabled: true
|
||||
existingSecret: directus-valkey-config
|
||||
existingSecretPasswordKey: password
|
||||
usePasswordFiles: false
|
||||
primary:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
replica:
|
||||
replicaCount: 1
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
cloudflared-directus:
|
||||
name: cloudflared-directus
|
||||
existingSecretName: directus-cloudflared-secret
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -170,30 +190,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "2d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 0 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
retentionPolicy: "7d"
|
||||
|
21
clusters/cl01tl/applications/eigenfocus/Chart.yaml
Normal file
21
clusters/cl01tl/applications/eigenfocus/Chart.yaml
Normal file
@@ -0,0 +1,21 @@
|
||||
apiVersion: v2
|
||||
name: eigenfocus
|
||||
version: 1.0.0
|
||||
description: Eigenfocus
|
||||
keywords:
|
||||
- eigenfocus
|
||||
- projects
|
||||
home: https://wiki.alexlebens.dev/s/82548c75-cefe-4ad2-b60c-0b101127c31b
|
||||
sources:
|
||||
- https://github.com/Eigenfocus/eigenfocus
|
||||
- https://hub.docker.com/r/eigenfocus/eigenfocus
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: app-template
|
||||
alias: eigenfocus
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/eigenfocus.png
|
||||
appVersion: 1.1.0
|
@@ -0,0 +1,55 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: eigenfocus-data-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: eigenfocus-data-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/eigenfocus/eigenfocus-data"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
@@ -0,0 +1,28 @@
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
name: http-route-eigenfocus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-eigenfocus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
- group: gateway.networking.k8s.io
|
||||
kind: Gateway
|
||||
name: traefik-gateway
|
||||
namespace: traefik
|
||||
hostnames:
|
||||
- eigenfocus.alexlebens.net
|
||||
rules:
|
||||
- matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: eigenfocus
|
||||
port: 80
|
||||
weight: 100
|
@@ -0,0 +1,25 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: eigenfocus-data-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: eigenfocus-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: eigenfocus-data
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: eigenfocus-data-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
40
clusters/cl01tl/applications/eigenfocus/values.yaml
Normal file
40
clusters/cl01tl/applications/eigenfocus/values.yaml
Normal file
@@ -0,0 +1,40 @@
|
||||
eigenfocus:
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: eigenfocus/eigenfocus
|
||||
tag: 1.2.0-free
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: DEFAULT_HOST_URL
|
||||
value: https://eigenfocus.alexlebens.net
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
ports:
|
||||
http:
|
||||
port: 80
|
||||
targetPort: 3000
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
data:
|
||||
forceRename: eigenfocus-data
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 2Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
- path: /eigenfocus-app/app-data
|
||||
readOnly: false
|
@@ -17,11 +17,11 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: element-web
|
||||
version: 1.4.22
|
||||
version: 1.4.16
|
||||
repository: https://ananace.gitlab.io/charts
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.1
|
||||
version: 1.18.0
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
||||
appVersion: v1.11.100
|
||||
|
@@ -2,7 +2,7 @@ element-web:
|
||||
replicaCount: 1
|
||||
image:
|
||||
repository: vectorim/element-web
|
||||
tag: v1.12.2
|
||||
tag: v1.11.106
|
||||
pullPolicy: IfNotPresent
|
||||
defaultServer:
|
||||
url: https://matrix.alexlebens.dev
|
||||
@@ -12,7 +12,7 @@ element-web:
|
||||
disable_3pid_login: true
|
||||
brand: "Alex Lebens"
|
||||
branding:
|
||||
welcome_background_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
||||
welcome_background_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||
auth_header_logo_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
||||
sso_redirect_options:
|
||||
immediate: true
|
||||
|
@@ -20,14 +20,14 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: freshrss
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.1
|
||||
version: 1.18.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png
|
||||
appVersion: 1.26.2
|
||||
|
@@ -180,33 +180,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: freshrss-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -11,7 +11,7 @@ freshrss:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.22.2
|
||||
tag: 3.22.1
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -35,7 +35,7 @@ freshrss:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.22.2
|
||||
tag: 3.22.1
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -49,29 +49,7 @@ freshrss:
|
||||
git checkout;
|
||||
rm -rf /var/www/FreshRSS/extensions/xExtension-ImageProxy
|
||||
cp -r xExtension-ImageProxy /var/www/FreshRSS/extensions
|
||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-ImageProxy
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
init-download-extension-3:
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.22.2
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
- -ec
|
||||
- |
|
||||
cd /tmp;
|
||||
wget https://github.com/zimmra/xExtension-karakeep-button/archive/refs/tags/v1.1.tar.gz;
|
||||
tar -xvzf *.tar.gz;
|
||||
rm -rf /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
mkdir /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
cp -r /tmp/xExtension-karakeep-button-*/* /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-YouTubeChannel2RssFeed
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
@@ -80,7 +58,7 @@ freshrss:
|
||||
main:
|
||||
image:
|
||||
repository: freshrss/freshrss
|
||||
tag: 1.27.1
|
||||
tag: 1.26.3
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PGID
|
||||
@@ -185,16 +163,13 @@ freshrss:
|
||||
init-download-extension-2:
|
||||
- path: /var/www/FreshRSS/extensions
|
||||
readOnly: false
|
||||
init-download-extension-3:
|
||||
- path: /var/www/FreshRSS/extensions
|
||||
readOnly: false
|
||||
main:
|
||||
- path: /var/www/FreshRSS/extensions
|
||||
readOnly: false
|
||||
cloudflared:
|
||||
existingSecretName: freshrss-cloudflared-secret
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -207,30 +182,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "2d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 2 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
@@ -18,6 +18,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: home-assistant
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/home-assistant.png
|
||||
appVersion: 2025.5.2
|
||||
|
@@ -9,7 +9,7 @@ home-assistant:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/home-assistant/home-assistant
|
||||
tag: 2025.10.3
|
||||
tag: 2025.7.3
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -21,7 +21,7 @@ home-assistant:
|
||||
code-server:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/code-server
|
||||
tag: 4.105.1@sha256:aea1f1c92e70b84204e928d73378e8782b3a23af73b419efff0ac7f39b6c73f2
|
||||
tag: 4.102.2@sha256:e93e459877c47affef393e81dd6bcd591af96363c0e96748aed4980b6d12de24
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
@@ -18,10 +18,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: homepage
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.1
|
||||
version: 1.18.0
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||
appVersion: v1.2.0
|
||||
|
@@ -11,7 +11,7 @@ homepage:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/gethomepage/homepage
|
||||
tag: v1.5.0
|
||||
tag: v1.4.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: HOMEPAGE_ALLOWED_HOSTS
|
||||
@@ -32,7 +32,7 @@ homepage:
|
||||
hideVersion: true
|
||||
color: zinc
|
||||
background:
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||
brightness: 50
|
||||
theme: dark
|
||||
disableCollapse: true
|
||||
|
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: homepage
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||
appVersion: v1.2.0
|
||||
|
@@ -28,19 +28,3 @@ metadata:
|
||||
spec:
|
||||
externalName: placeholder
|
||||
type: ExternalName
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: garage-ps10rp
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: garage-ps10rp
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
tailscale.com/tailnet-fqdn: garage-ps10rp.boreal-beaufort.ts.net
|
||||
spec:
|
||||
externalName: placeholder
|
||||
type: ExternalName
|
||||
|
@@ -15,7 +15,7 @@ homepage:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/gethomepage/homepage
|
||||
tag: v1.5.0
|
||||
tag: v1.4.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: HOMEPAGE_ALLOWED_HOSTS
|
||||
@@ -44,7 +44,7 @@ homepage:
|
||||
hideVersion: true
|
||||
color: zinc
|
||||
background:
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||
brightness: 50
|
||||
theme: dark
|
||||
disableCollapse: true
|
||||
@@ -132,21 +132,21 @@ homepage:
|
||||
href: https://plex.alexlebens.net
|
||||
siteMonitor: http://plex.plex:32400
|
||||
statusStyle: dot
|
||||
- Jellyfin:
|
||||
icon: sh-jellyfin.webp
|
||||
description: Media server
|
||||
href: https://jellyfin.alexlebens.net
|
||||
siteMonitor: http://jellyfin.jellyfin:80
|
||||
statusStyle: dot
|
||||
- Media Requests:
|
||||
icon: sh-overseerr.webp
|
||||
description: Overseer
|
||||
href: https://overseerr.alexlebens.net
|
||||
siteMonitor: http://overseerr.overseerr:80
|
||||
statusStyle: dot
|
||||
- Media Tracking:
|
||||
- Jellyfin:
|
||||
icon: sh-jellyfin.webp
|
||||
description: Media server
|
||||
href: https://jellyfin.alexlebens.net
|
||||
siteMonitor: http://jellyfin.jellyfin:80
|
||||
statusStyle: dot
|
||||
- Yamtrack:
|
||||
icon: sh-yamtrack.webp
|
||||
description: Yamtrack
|
||||
description: Watched Media Tracking
|
||||
href: https://yamtrack.alexlebens.net
|
||||
siteMonitor: http://yamtrack.yamtrack:80
|
||||
statusStyle: dot
|
||||
@@ -242,6 +242,12 @@ homepage:
|
||||
href: https://actual.alexlebens.net
|
||||
siteMonitor: http://actual.actual:80
|
||||
statusStyle: dot
|
||||
- Project Management:
|
||||
icon: sh-eigenfocus.webp
|
||||
description: Eigenfocus
|
||||
href: https://eigenfocus.alexlebens.net
|
||||
siteMonitor: http://eigenfocus.eigenfocus:80
|
||||
statusStyle: dot
|
||||
- AI:
|
||||
icon: sh-ollama.webp
|
||||
description: Ollama
|
||||
@@ -288,8 +294,8 @@ homepage:
|
||||
- Code (ps10rp):
|
||||
icon: sh-gitea.webp
|
||||
description: Gitea
|
||||
href: https://gitea-ps10rp.boreal-beaufort.ts.net
|
||||
siteMonitor: https://gitea-ps10rp.boreal-beaufort.ts.net
|
||||
href: https://gitea.lebens-home.net
|
||||
siteMonitor: https://gitea.lebens-home.net
|
||||
statusStyle: dot
|
||||
- IDE (Public):
|
||||
icon: sh-visual-studio-code.webp
|
||||
@@ -313,7 +319,7 @@ homepage:
|
||||
icon: sh-komodo-light.webp
|
||||
description: Komodo
|
||||
href: https://komodo.alexlebens.net
|
||||
siteMonitor: http://komodo-main.komodo:80
|
||||
siteMonitor: http://komodo.komodo:80
|
||||
statusStyle: dot
|
||||
- Automation:
|
||||
- Deployment Workflows:
|
||||
@@ -492,12 +498,6 @@ homepage:
|
||||
href: https://ceph.alexlebens.net
|
||||
siteMonitor: http://rook-ceph-mgr-dashboard.rook-ceph:7000
|
||||
statusStyle: dot
|
||||
- Remote Storage:
|
||||
icon: sh-garage.webp
|
||||
description: Garage
|
||||
href: https://garage-ps10rp.boreal-beaufort.ts.net
|
||||
siteMonitor: https://garage-ps10rp.boreal-beaufort.ts.net
|
||||
statusStyle: dot
|
||||
- Database:
|
||||
icon: sh-pgadmin-light.webp
|
||||
description: PGAdmin
|
||||
@@ -627,11 +627,11 @@ homepage:
|
||||
siteMonitor: http://slskd.slskd:5030
|
||||
statusStyle: dot
|
||||
- Services (Servarr):
|
||||
- qUI:
|
||||
icon: https://raw.githubusercontent.com/autobrr/qui/8487c818886df9abb2b1456f43b54e0ba180a2bd/web/public/icons.svg
|
||||
description: qbitorrent
|
||||
href: https://qui.alexlebens.net
|
||||
siteMonitor: http://qbittorrent-qui.qbittorrent:80
|
||||
- qBittorrent:
|
||||
icon: sh-qbittorrent.webp
|
||||
description: P2P Downloads
|
||||
href: https://qbittorrent.alexlebens.net
|
||||
siteMonitor: http://qbittorrent.qbittorrent:8080
|
||||
statusStyle: dot
|
||||
widget:
|
||||
type: qbittorrent
|
||||
|
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: huntarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/huntarr.png
|
||||
appVersion: 7.0.0
|
||||
|
@@ -9,7 +9,7 @@ huntarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/plexguide/huntarr
|
||||
tag: 8.2.10
|
||||
tag: 8.1.15
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -31,7 +31,7 @@ huntarr:
|
||||
forceRename: huntarr-config
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
size: 1Gi
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
|
@@ -8,8 +8,10 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/9377ae08-2041-4b6d-bc2b-61a4f5e8faae
|
||||
sources:
|
||||
- https://github.com/immich-app/immich
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
@@ -17,10 +19,13 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: immich
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: valkey
|
||||
version: 3.0.22
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
alias: postgres-16-cluster
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/immich.png
|
||||
appVersion: v2.0.1
|
||||
appVersion: v1.132.3
|
||||
|
@@ -24,10 +24,10 @@ spec:
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: immich-postgresql-17-cluster-backup-secret
|
||||
name: immich-postgresql-16-cluster-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret
|
||||
app.kubernetes.io/name: immich-postgresql-16-cluster-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
@@ -49,33 +49,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: immich-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -1,32 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-immich
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-immich
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.0.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
@@ -21,24 +21,3 @@ spec:
|
||||
interval: 3m
|
||||
scrapeTimeout: 1m
|
||||
path: /metrics
|
||||
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: redis-replication-immich
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-immich
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
redis-operator: "true"
|
||||
env: production
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
redis_setup_type: replication
|
||||
endpoints:
|
||||
- port: redis-exporter
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
||||
|
@@ -9,7 +9,7 @@ immich:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/immich-app/immich-server
|
||||
tag: v2.1.0
|
||||
tag: v1.136.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -21,33 +21,33 @@ immich:
|
||||
- name: IMMICH_MACHINE_LEARNING_URL
|
||||
value: http://immich-machine-learning.immich:3003
|
||||
- name: REDIS_HOSTNAME
|
||||
value: redis-replication-immich-master
|
||||
value: immich-valkey-primary
|
||||
- name: DB_VECTOR_EXTENSION
|
||||
value: vectorchord
|
||||
value: pgvecto.rs
|
||||
- name: DB_HOSTNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: host
|
||||
- name: DB_DATABASE_NAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: dbname
|
||||
- name: DB_PORT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: port
|
||||
- name: DB_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: user
|
||||
- name: DB_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: password
|
||||
probes:
|
||||
liveness:
|
||||
@@ -99,7 +99,7 @@ immich:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/immich-app/immich-machine-learning
|
||||
tag: v2.1.0
|
||||
tag: v1.134.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TRANSFORMERS_CACHE
|
||||
@@ -188,16 +188,48 @@ immich:
|
||||
main:
|
||||
- path: /usr/src/app/upload
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
valkey:
|
||||
architecture: replication
|
||||
auth:
|
||||
enabled: false
|
||||
usePasswordFiles: false
|
||||
primary:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
replica:
|
||||
replicaCount: 1
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
postgres-16-cluster:
|
||||
# Tensorchord
|
||||
#--- https://github.com/immich-app/immich/discussions/9060
|
||||
#--- https://docs.pgvecto.rs/admin/kubernetes.html
|
||||
#--- https://github.com/tensorchord/cloudnative-pgvecto.rs
|
||||
#--- https://github.com/immich-app/immich/discussions/17025
|
||||
type: tensorchord
|
||||
mode: recovery
|
||||
cluster:
|
||||
image:
|
||||
repository: ghcr.io/tensorchord/cloudnative-vectorchord
|
||||
tag: 17.5-0.4.3
|
||||
repository: ghcr.io/tensorchord/cloudnative-pgvecto.rs
|
||||
tag: 16.3-v0.2.1
|
||||
storage:
|
||||
storageClass: local-path
|
||||
walStorage:
|
||||
storageClass: local-path
|
||||
resources:
|
||||
requests:
|
||||
memory: 384Mi
|
||||
cpu: 200m
|
||||
monitoring:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
@@ -205,41 +237,17 @@ postgres-17-cluster:
|
||||
postgresql:
|
||||
parameters:
|
||||
shared_buffers: 256MB
|
||||
shared_preload_libraries:
|
||||
- "vchord.so"
|
||||
initdb:
|
||||
postInitSQL:
|
||||
- CREATE EXTENSION IF NOT EXISTS "vector";
|
||||
- CREATE EXTENSION IF NOT EXISTS "vchord" CASCADE;
|
||||
- CREATE EXTENSION IF NOT EXISTS "cube" CASCADE;
|
||||
- CREATE EXTENSION IF NOT EXISTS "earthdistance" CASCADE;
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster
|
||||
index: 2
|
||||
endpointCredentials: immich-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster
|
||||
index: 2
|
||||
retentionPolicy: "2d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: immich-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 4 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-16-cluster
|
||||
endpointCredentials: immich-postgresql-16-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
retentionPolicy: "7d"
|
||||
|
@@ -20,6 +20,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: jellyfin
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellyfin.png
|
||||
appVersion: 10.10.7
|
||||
|
@@ -9,7 +9,7 @@ jellyfin:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/jellyfin/jellyfin
|
||||
tag: 10.11.0
|
||||
tag: 10.10.7
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
@@ -18,10 +18,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: jellystat
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellystat.png
|
||||
appVersion: 1.1.6
|
||||
|
@@ -120,33 +120,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: jellystat-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: jellystat-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -79,7 +79,7 @@ jellystat:
|
||||
- path: /app/backend/backup-data
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -92,30 +92,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "2d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 6 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
retentionPolicy: "3d"
|
||||
|
@@ -20,13 +20,13 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: karakeep
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: meilisearch
|
||||
version: 0.17.1
|
||||
version: 0.14.0
|
||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.1
|
||||
version: 1.18.0
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/webp/karakeep.webp
|
||||
appVersion: 0.26.0
|
||||
|
@@ -9,13 +9,11 @@ karakeep:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/karakeep-app/karakeep
|
||||
tag: 0.27.1
|
||||
tag: 0.26.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: DATA_DIR
|
||||
value: /data
|
||||
- name: DB_WAL_MODE
|
||||
value: true
|
||||
- name: NEXTAUTH_URL
|
||||
value: https://karakeep.alexlebens.dev/
|
||||
- name: NEXTAUTH_SECRET
|
||||
@@ -34,7 +32,7 @@ karakeep:
|
||||
value: us-east-1
|
||||
- name: ASSET_STORE_S3_BUCKET
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
secretKeyRef:
|
||||
name: ceph-bucket-karakeep
|
||||
key: BUCKET_NAME
|
||||
- name: ASSET_STORE_S3_ACCESS_KEY_ID
|
||||
|
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: kiwix
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kiwix-dark.png
|
||||
appVersion: 3.7.0
|
||||
|
@@ -17,6 +17,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: libation
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/libation.png
|
||||
appVersion: 12.4.3
|
||||
|
@@ -16,7 +16,7 @@ libation:
|
||||
main:
|
||||
image:
|
||||
repository: rmcrackan/libation
|
||||
tag: 12.5.5
|
||||
tag: 12.4.9
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: SLEEP_TIME
|
||||
|
@@ -21,10 +21,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: lidarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/lidarr.png
|
||||
appVersion: 2.13.3
|
||||
appVersion: 2.11.2
|
||||
|
@@ -83,33 +83,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: lidarr-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: lidarr-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -15,7 +15,7 @@ lidarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/lidarr
|
||||
tag: 2.14.5@sha256:5f58fcb45a15cb33ef153f74b14c724ba073553afdc9b078e7701f15b7ce1433
|
||||
tag: 2.12.4@sha256:2231bc5581589de7c5373b19f7f16e1a5bfa48c5a365ca9b928e232b4c985dce
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -31,7 +31,7 @@ lidarr:
|
||||
metrics:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.3.0
|
||||
tag: v2.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
args: ["lidarr"]
|
||||
env:
|
||||
@@ -85,20 +85,21 @@ lidarr:
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
nameOverride: lidarr2-postgresql-17
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
walStorage:
|
||||
storageClass: local-path
|
||||
monitoring:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
resources:
|
||||
requests:
|
||||
memory: 1Gi
|
||||
cpu: 200m
|
||||
monitoring:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
bootstrap:
|
||||
initdb:
|
||||
postInitSQL:
|
||||
- CREATE DATABASE "lidarr-main" OWNER "app";
|
||||
@@ -106,32 +107,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret
|
||||
retentionPolicy: "1d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/lidarr/lidarr2-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 */12 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 8 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster
|
||||
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "3d"
|
||||
|
@@ -17,6 +17,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: lidatube
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/lidatube.png
|
||||
appVersion: 0.2.22
|
||||
|
@@ -13,7 +13,7 @@ lidatube:
|
||||
main:
|
||||
image:
|
||||
repository: thewicklowwolf/lidatube
|
||||
tag: 0.2.40
|
||||
tag: 0.2.30
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PUID
|
||||
|
@@ -15,6 +15,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: omni-tools
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/omnitools.png
|
||||
appVersion: 0.4.0
|
||||
|
@@ -9,7 +9,7 @@ omni-tools:
|
||||
main:
|
||||
image:
|
||||
repository: iib0011/omni-tools
|
||||
tag: 0.6.0
|
||||
tag: 0.5.0
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
|
@@ -9,10 +9,12 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/c530c2b9-82b7-44df-b7ef-870c8b29242f
|
||||
sources:
|
||||
- https://github.com/outline/outline
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/cloudflare/cloudflared
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://hub.docker.com/r/outlinewiki/outline
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
maintainers:
|
||||
@@ -21,14 +23,17 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: outline
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: valkey
|
||||
version: 3.0.22
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
- name: cloudflared
|
||||
alias: cloudflared-outline
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.1
|
||||
version: 1.18.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/outline.png
|
||||
appVersion: 0.84.0
|
||||
|
@@ -109,33 +109,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: outline-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: outline-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -1,32 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-outline
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-outline
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.0.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
@@ -1,19 +0,0 @@
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: redis-replication-outline
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-outline
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
redis-operator: "true"
|
||||
env: production
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
redis_setup_type: replication
|
||||
endpoints:
|
||||
- port: redis-exporter
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
@@ -9,7 +9,7 @@ outline:
|
||||
main:
|
||||
image:
|
||||
repository: outlinewiki/outline
|
||||
tag: 0.87.4
|
||||
tag: 0.85.1
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: NODE_ENV
|
||||
@@ -64,7 +64,7 @@ outline:
|
||||
- name: PGSSLMODE
|
||||
value: disable
|
||||
- name: REDIS_URL
|
||||
value: redis://redis-replication-outline-master.outline:6379
|
||||
value: redis://outline-valkey-primary.outline:6379
|
||||
- name: FILE_STORAGE
|
||||
value: s3
|
||||
- name: AWS_ACCESS_KEY_ID
|
||||
@@ -142,11 +142,33 @@ outline:
|
||||
port: 3000
|
||||
targetPort: 3000
|
||||
protocol: HTTP
|
||||
valkey:
|
||||
architecture: replication
|
||||
auth:
|
||||
enabled: false
|
||||
usePasswordFiles: false
|
||||
primary:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
replica:
|
||||
replicaCount: 1
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
cloudflared-outline:
|
||||
existingSecretName: outline-cloudflared-secret
|
||||
name: cloudflared-outline
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -159,30 +181,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: outline-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "2d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/outline/outline-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: outline-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 10 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster
|
||||
endpointCredentials: outline-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
retentionPolicy: "7d"
|
||||
|
@@ -16,6 +16,6 @@ maintainers:
|
||||
dependencies:
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/overseerr.png
|
||||
appVersion: 1.34.0
|
||||
|
@@ -17,10 +17,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: photoview
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/photoview.png
|
||||
appVersion: 2.4.0
|
||||
|
@@ -26,33 +26,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: photoview-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: photoview-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -73,7 +73,7 @@ photoview:
|
||||
- path: /photos
|
||||
readOnly: true
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -86,30 +86,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: photoview-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "2d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: photoview-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 12 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||
endpointCredentials: photoview-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
@@ -21,6 +21,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: plex
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/plex.png
|
||||
appVersion: 1.41.6
|
||||
|
@@ -9,7 +9,7 @@ plex:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/plex
|
||||
tag: 1.42.2@sha256:b13c1a01150225d88085214dc3deabb41985fa5427766c0126c84780d156b9a9
|
||||
tag: 1.41.9@sha256:f8ed359f87f1becab37c2586af9f3414bd5c604d031d47f75e8422baf5224ef5
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
@@ -8,10 +8,12 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/f483a06b-860b-423c-8d51-a1ce82e0fd43
|
||||
sources:
|
||||
- https://github.com/gitroomhq/postiz-app
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/cloudflare/cloudflared
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://github.com/gitroomhq/postiz-app/pkgs/container/postiz-app
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
maintainers:
|
||||
@@ -20,13 +22,16 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: postiz
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: valkey
|
||||
version: 3.0.22
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.1
|
||||
version: 1.18.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/postiz.png
|
||||
appVersion: v1.43.3
|
||||
|
@@ -24,10 +24,10 @@ spec:
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: postiz-redis-config
|
||||
name: postiz-valkey-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: postiz-redis-config
|
||||
app.kubernetes.io/name: postiz-valkey-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
@@ -35,27 +35,27 @@ spec:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: REDIS_URL
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/postiz/redis
|
||||
metadataPolicy: None
|
||||
property: REDIS_URL
|
||||
- secretKey: user
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/postiz/redis
|
||||
key: /cl01tl/postiz/valkey
|
||||
metadataPolicy: None
|
||||
property: user
|
||||
- secretKey: password
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/postiz/redis
|
||||
key: /cl01tl/postiz/valkey
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
- secretKey: REDIS_URL
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/postiz/valkey
|
||||
metadataPolicy: None
|
||||
property: REDIS_URL
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
@@ -253,33 +253,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: postiz-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: postiz-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -1,35 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-postiz
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-postiz
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.0.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
redisSecret:
|
||||
name: postiz-redis-config
|
||||
key: password
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
@@ -1,19 +0,0 @@
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: redis-replication-postiz
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-postiz
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
redis-operator: "true"
|
||||
env: production
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
redis_setup_type: replication
|
||||
endpoints:
|
||||
- port: redis-exporter
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
@@ -9,7 +9,7 @@ postiz:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/gitroomhq/postiz-app
|
||||
tag: v2.7.0
|
||||
tag: v2.0.3
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: MAIN_URL
|
||||
@@ -31,12 +31,12 @@ postiz:
|
||||
- name: REDIS_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postiz-redis-config
|
||||
name: postiz-valkey-config
|
||||
key: REDIS_URL
|
||||
- name: BACKEND_INTERNAL_URL
|
||||
value: http://localhost:3000
|
||||
- name: IS_GENERAL
|
||||
value: "true"
|
||||
value: 'true'
|
||||
- name: STORAGE_PROVIDER
|
||||
value: local
|
||||
- name: UPLOAD_DIRECTORY
|
||||
@@ -48,7 +48,7 @@ postiz:
|
||||
- name: NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL
|
||||
value: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png
|
||||
- name: POSTIZ_GENERIC_OAUTH
|
||||
value: "true"
|
||||
value: 'true'
|
||||
- name: POSTIZ_OAUTH_URL
|
||||
value: https://auth.alexlebens.dev
|
||||
- name: POSTIZ_OAUTH_AUTH_URL
|
||||
@@ -102,11 +102,35 @@ postiz:
|
||||
main:
|
||||
- path: /uploads
|
||||
readOnly: false
|
||||
valkey:
|
||||
architecture: replication
|
||||
auth:
|
||||
enabled: true
|
||||
existingSecret: postiz-valkey-config
|
||||
existingSecretPasswordKey: password
|
||||
usePasswordFiles: false
|
||||
primary:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
replica:
|
||||
replicaCount: 1
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
cloudflared:
|
||||
name: cloudflared-postiz
|
||||
existingSecretName: postiz-cloudflared-secret
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -119,30 +143,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||
index: 2
|
||||
endpointCredentials: postiz-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 1
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||
index: 2
|
||||
retentionPolicy: "2d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: postiz-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 14 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||
endpointCredentials: postiz-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 1
|
||||
retentionPolicy: "7d"
|
||||
|
@@ -18,6 +18,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: prowlarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/prowlarr.png
|
||||
appVersion: 1.35.1
|
||||
|
@@ -20,7 +20,7 @@ prowlarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/prowlarr
|
||||
tag: 2.0.5@sha256:608935c38763920b25622a3d404bb14ea08fcaa7c2a9b1c93ce9bac61ad4b11d
|
||||
tag: 1.37.0@sha256:d2462d470891c70073e31d158657a9b247b317c90238c40534d8be8f98671057
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
@@ -24,10 +24,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: radarr-4k
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr-4k.png
|
||||
appVersion: 5.22.4
|
||||
|
@@ -83,33 +83,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: radarr-4k-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: radarr-4k-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -15,7 +15,7 @@ radarr-4k:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/radarr
|
||||
tag: 5.28.0@sha256:fae2aafa6ecace3524fc79d102f5bfd25fb151caed6a454cee46479236ac33bf
|
||||
tag: 5.26.2@sha256:ae89f05ad7023258730ed62f5fcca63aab1e27ee5adcca1edb55d716f7cef356
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -31,7 +31,7 @@ radarr-4k:
|
||||
metrics:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.3.0
|
||||
tag: v2.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
args: ["radarr"]
|
||||
env:
|
||||
@@ -85,7 +85,7 @@ radarr-4k:
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
nameOverride: radarr5-4k-postgresql-17
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -95,43 +95,24 @@ postgres-17-cluster:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
resources:
|
||||
requests:
|
||||
memory: 1Gi
|
||||
cpu: 200m
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: app
|
||||
owner: app
|
||||
postInitSQL:
|
||||
- CREATE DATABASE "radarr-main" OWNER "app";
|
||||
- CREATE DATABASE "radarr-log" OWNER "app";
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret
|
||||
retentionPolicy: "2d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr-4k/radarr5-4k-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 18 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster
|
||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
@@ -24,10 +24,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: radarr-anime
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr-anime.png
|
||||
appVersion: 5.22.4
|
||||
|
@@ -83,33 +83,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: radarr-anime-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: radarr-anime-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -13,7 +13,7 @@ radarr-anime:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/radarr
|
||||
tag: 5.28.0@sha256:fae2aafa6ecace3524fc79d102f5bfd25fb151caed6a454cee46479236ac33bf
|
||||
tag: 5.26.2@sha256:ae89f05ad7023258730ed62f5fcca63aab1e27ee5adcca1edb55d716f7cef356
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -29,7 +29,7 @@ radarr-anime:
|
||||
metrics:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.3.0
|
||||
tag: v2.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
args: ["radarr"]
|
||||
env:
|
||||
@@ -83,7 +83,7 @@ radarr-anime:
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
nameOverride: radarr5-anime-postgresql-17
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -93,39 +93,24 @@ postgres-17-cluster:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: app
|
||||
owner: app
|
||||
postInitSQL:
|
||||
- CREATE DATABASE "radarr-main" OWNER "app";
|
||||
- CREATE DATABASE "radarr-log" OWNER "app";
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret
|
||||
retentionPolicy: "2d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr-anime/radarr5-anime-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 20 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster
|
||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
@@ -23,10 +23,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: radarr-standup
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr.png
|
||||
appVersion: 5.22.4
|
||||
|
@@ -83,33 +83,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: radarr-standup-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: radarr-standup-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -13,7 +13,7 @@ radarr-standup:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/radarr
|
||||
tag: 5.28.0@sha256:fae2aafa6ecace3524fc79d102f5bfd25fb151caed6a454cee46479236ac33bf
|
||||
tag: 5.26.2@sha256:ae89f05ad7023258730ed62f5fcca63aab1e27ee5adcca1edb55d716f7cef356
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -29,7 +29,7 @@ radarr-standup:
|
||||
metrics:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.3.0
|
||||
tag: v2.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
args: ["radarr"]
|
||||
env:
|
||||
@@ -83,7 +83,7 @@ radarr-standup:
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
nameOverride: radarr5-standup-postgresql-17
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -93,39 +93,24 @@ postgres-17-cluster:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: app
|
||||
owner: app
|
||||
postInitSQL:
|
||||
- CREATE DATABASE "radarr-main" OWNER "app";
|
||||
- CREATE DATABASE "radarr-log" OWNER "app";
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret
|
||||
retentionPolicy: "2d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr-standup/radarr5-standup-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 22 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster
|
||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
@@ -23,10 +23,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: radarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr.png
|
||||
appVersion: 5.22.4
|
||||
|
@@ -83,33 +83,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: radarr-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: radarr-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -15,7 +15,7 @@ radarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/radarr
|
||||
tag: 5.28.0@sha256:fae2aafa6ecace3524fc79d102f5bfd25fb151caed6a454cee46479236ac33bf
|
||||
tag: 5.26.2@sha256:ae89f05ad7023258730ed62f5fcca63aab1e27ee5adcca1edb55d716f7cef356
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -31,7 +31,7 @@ radarr:
|
||||
metrics:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.3.0
|
||||
tag: v2.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
args: ["radarr"]
|
||||
env:
|
||||
@@ -85,53 +85,38 @@ radarr:
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
nameOverride: radarr5-postgresql-17
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
walStorage:
|
||||
storageClass: local-path
|
||||
monitoring:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
resources:
|
||||
requests:
|
||||
memory: 1Gi
|
||||
cpu: 200m
|
||||
monitoring:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: app
|
||||
owner: app
|
||||
postInitSQL:
|
||||
- CREATE DATABASE "radarr-main" OWNER "app";
|
||||
- CREATE DATABASE "radarr-log" OWNER "app";
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5/radarr5-postgresql-17-cluster
|
||||
index: 2
|
||||
endpointCredentials: radarr-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5/radarr5-postgresql-17-cluster
|
||||
index: 2
|
||||
endpointCredentials: radarr-postgresql-17-cluster-backup-secret
|
||||
retentionPolicy: "1d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr/radarr5-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: radarr-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 */12 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 16 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5/radarr5-postgresql-17-cluster
|
||||
endpointCredentials: radarr-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
@@ -18,10 +18,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: roundcube
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.14.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/roundcube.png
|
||||
appVersion: 1.6.10
|
||||
|
@@ -106,33 +106,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: roundcube-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: roundcube-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
@@ -58,7 +58,7 @@ roundcube:
|
||||
nginx:
|
||||
image:
|
||||
repository: nginx
|
||||
tag: 1.29.2-alpine
|
||||
tag: 1.29.0-alpine
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: NGINX_HOST
|
||||
@@ -206,7 +206,7 @@ roundcube:
|
||||
mountPropagation: None
|
||||
subPath: default.conf
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -219,30 +219,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/roundcube/roundcube-postgresql-17-cluster
|
||||
index: 2
|
||||
endpointCredentials: roundcube-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/roundcube/roundcube-postgresql-17-cluster
|
||||
index: 2
|
||||
retentionPolicy: "2d"
|
||||
isWALArchiver: true
|
||||
- name: garage
|
||||
destinationPath: s3://postgres-backups/cl01tl/roundcube/roundcube-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
endpointCredentials: roundcube-postgresql-17-cluster-backup-secret-weekly
|
||||
retentionPolicy: "30d"
|
||||
data:
|
||||
compression: bzip2
|
||||
jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: weekly-backup
|
||||
suspend: false
|
||||
schedule: "0 24 4 * * SAT"
|
||||
backupName: garage
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/roundcube/roundcube-postgresql-17-cluster
|
||||
endpointCredentials: roundcube-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
retentionPolicy: "7d"
|
||||
|
@@ -8,13 +8,18 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/6c6da68a-8725-4439-93c8-990ce824be54
|
||||
sources:
|
||||
- https://github.com/searxng/searxng
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: app-template
|
||||
alias: searxng
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: valkey
|
||||
version: 3.0.22
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/searxng.png
|
||||
appVersion: 1.0.0
|
||||
|
@@ -1,32 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-searxng
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-searxng
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.0.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
@@ -1,19 +0,0 @@
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: redis-replication-searxng
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-searxng
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
redis-operator: "true"
|
||||
env: production
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
redis_setup_type: replication
|
||||
endpoints:
|
||||
- port: redis-exporter
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
@@ -9,7 +9,7 @@ searxng:
|
||||
main:
|
||||
image:
|
||||
repository: searxng/searxng
|
||||
tag: latest@sha256:ffc01f261943ae18e203c01fafd8c7eba75f9dd30f9a1c352f39511d668d6df6
|
||||
tag: latest@sha256:d09426cc58ed8eacc47232578f2795509b904bfc4dda13b58f467a2e6252c0b0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: SEARXNG_BASE_URL
|
||||
@@ -43,7 +43,7 @@ searxng:
|
||||
main:
|
||||
image:
|
||||
repository: searxng/searxng
|
||||
tag: latest@sha256:ffc01f261943ae18e203c01fafd8c7eba75f9dd30f9a1c352f39511d668d6df6
|
||||
tag: latest@sha256:d09426cc58ed8eacc47232578f2795509b904bfc4dda13b58f467a2e6252c0b0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: SEARXNG_BASE_URL
|
||||
@@ -53,7 +53,7 @@ searxng:
|
||||
- name: SEARXNG_HOSTNAME
|
||||
value: searxng.alexlebens.net
|
||||
- name: SEARXNG_REDIS_URL
|
||||
value: redis://redis-replication-searxng-master.searxng:6379/0
|
||||
value: redis://searxng-valkey-primary.searxng:6379/0
|
||||
- name: UWSGI_WORKERS
|
||||
value: 4
|
||||
- name: UWSGI_THREADS
|
||||
@@ -111,3 +111,25 @@ searxng:
|
||||
main:
|
||||
- path: /etc/searxng
|
||||
readOnly: false
|
||||
valkey:
|
||||
architecture: replication
|
||||
auth:
|
||||
enabled: false
|
||||
usePasswordFiles: false
|
||||
primary:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
replica:
|
||||
replicaCount: 1
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
|
@@ -1,28 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: site-documentation
|
||||
version: 1.0.0
|
||||
description: Site Documentation
|
||||
keywords:
|
||||
- site-documentation
|
||||
- astro
|
||||
home: https://wiki.alexlebens.dev/s/1c39adb6-e0c6-4b01-b71f-278631adf584
|
||||
sources:
|
||||
- https://github.com/alexlebens/site-documentation
|
||||
- https://github.com/withastro/astro
|
||||
- https://github.com/cloudflare/cloudflared
|
||||
- https://github.com/alexlebens/site-documentation/pkgs/container/site-documentation
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: app-template
|
||||
alias: site-documentation
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
- name: cloudflared
|
||||
alias: cloudflared-site
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.1
|
||||
icon: https://d21zlbwtcn424f.cloudfront.net/logo-new-round.png
|
||||
appVersion: 0.8.1
|
@@ -1,21 +0,0 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: site-documentation-cloudflared-api-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: site-documentation-cloudflared-api-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/site-documentation
|
||||
metadataPolicy: None
|
||||
property: token
|
@@ -1,30 +0,0 @@
|
||||
site-documentation:
|
||||
global:
|
||||
fullnameOverride: site-documentation
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
replicas: 3
|
||||
strategy: RollingUpdate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: harbor.alexlebens.net/images/site-documentation
|
||||
tag: 0.0.2
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
ports:
|
||||
http:
|
||||
port: 80
|
||||
targetPort: 4321
|
||||
protocol: HTTP
|
||||
cloudflared-site:
|
||||
name: cloudflared-site
|
||||
existingSecretName: site-documentation-cloudflared-api-secret
|
@@ -19,10 +19,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: site-profile
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: cloudflared
|
||||
alias: cloudflared-site
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.1
|
||||
version: 1.18.0
|
||||
icon: https://d21zlbwtcn424f.cloudfront.net/logo-new-round.png
|
||||
appVersion: 2.0.1
|
||||
appVersion: 0.8.1
|
||||
|
@@ -11,7 +11,7 @@ site-profile:
|
||||
main:
|
||||
image:
|
||||
repository: harbor.alexlebens.net/images/site-profile
|
||||
tag: 2.0.6
|
||||
tag: 1.0.1
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user