Compare commits
1 Commits
main
...
75c06da4db
| Author | SHA1 | Date | |
|---|---|---|---|
75c06da4db
|
@@ -6,6 +6,7 @@ on:
|
|||||||
- main
|
- main
|
||||||
paths:
|
paths:
|
||||||
- 'hosts/**'
|
- 'hosts/**'
|
||||||
|
- ! 'hosts/archive'
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
docker-lint:
|
docker-lint:
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ on:
|
|||||||
- main
|
- main
|
||||||
paths:
|
paths:
|
||||||
- 'hosts/**'
|
- 'hosts/**'
|
||||||
|
- ! 'hosts/archive'
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
docker-lint:
|
docker-lint:
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ on:
|
|||||||
- main
|
- main
|
||||||
paths:
|
paths:
|
||||||
- 'clusters/**'
|
- 'clusters/**'
|
||||||
|
- ! 'clusters/*/archive'
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
helm-lint:
|
helm-lint:
|
||||||
@@ -31,7 +32,7 @@ jobs:
|
|||||||
uses: azure/setup-helm@v4
|
uses: azure/setup-helm@v4
|
||||||
with:
|
with:
|
||||||
token: ${{ secrets.GITEA_TOKEN }}
|
token: ${{ secrets.GITEA_TOKEN }}
|
||||||
version: v3.19.2
|
version: latest
|
||||||
|
|
||||||
- name: Lint Helm Chart
|
- name: Lint Helm Chart
|
||||||
if: steps.check-branch-exists.outputs.exists == 'true'
|
if: steps.check-branch-exists.outputs.exists == 'true'
|
||||||
@@ -67,11 +68,6 @@ jobs:
|
|||||||
echo "$CHANGED_CHARTS"
|
echo "$CHANGED_CHARTS"
|
||||||
|
|
||||||
echo "$CHANGED_CHARTS" | while read -r chart; do
|
echo "$CHANGED_CHARTS" | while read -r chart; do
|
||||||
helm dependency list --max-col-width 120 $chart 2> /dev/null \
|
|
||||||
| tail +2 | head -n -1 \
|
|
||||||
| awk '{ print "helm repo add " $1 " " $3 }' \
|
|
||||||
| while read cmd; do echo "$cmd" | sh; done || true
|
|
||||||
|
|
||||||
echo ">> Building dependency for "$chart" ..."
|
echo ">> Building dependency for "$chart" ..."
|
||||||
helm dependency build "$chart"
|
helm dependency build "$chart"
|
||||||
echo ">> Linting $chart..."
|
echo ">> Linting $chart..."
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ on:
|
|||||||
- main
|
- main
|
||||||
paths:
|
paths:
|
||||||
- 'clusters/**'
|
- 'clusters/**'
|
||||||
|
- ! 'clusters/*/archive'
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
helm-lint:
|
helm-lint:
|
||||||
@@ -20,10 +21,12 @@ jobs:
|
|||||||
uses: azure/setup-helm@v4
|
uses: azure/setup-helm@v4
|
||||||
with:
|
with:
|
||||||
token: ${{ secrets.GITEA_TOKEN }}
|
token: ${{ secrets.GITEA_TOKEN }}
|
||||||
version: v3.19.2
|
version: latest
|
||||||
|
|
||||||
- name: Lint Helm Chart
|
- name: Lint Helm Chart
|
||||||
run: |
|
run: |
|
||||||
|
set -e # Exit immediately if a command exits with a non-zero status.
|
||||||
|
|
||||||
TARGET_BRANCH="origin/main"
|
TARGET_BRANCH="origin/main"
|
||||||
echo ">> Target branch for diff is: $TARGET_BRANCH"
|
echo ">> Target branch for diff is: $TARGET_BRANCH"
|
||||||
|
|
||||||
@@ -53,11 +56,6 @@ jobs:
|
|||||||
echo "$CHANGED_CHARTS"
|
echo "$CHANGED_CHARTS"
|
||||||
|
|
||||||
echo "$CHANGED_CHARTS" | while read -r chart; do
|
echo "$CHANGED_CHARTS" | while read -r chart; do
|
||||||
helm dependency list --max-col-width 120 $chart 2> /dev/null \
|
|
||||||
| tail +2 | head -n -1 \
|
|
||||||
| awk '{ print "helm repo add " $1 " " $3 }' \
|
|
||||||
| while read cmd; do echo "$cmd" | sh; done || true
|
|
||||||
|
|
||||||
echo ">> Building dependency for "$chart" ..."
|
echo ">> Building dependency for "$chart" ..."
|
||||||
helm dependency build "$chart"
|
helm dependency build "$chart"
|
||||||
echo ">> Linting $chart..."
|
echo ">> Linting $chart..."
|
||||||
|
|||||||
@@ -1,343 +0,0 @@
|
|||||||
name: render-manifests
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
paths:
|
|
||||||
- 'clusters/cl01tl/helm/**'
|
|
||||||
|
|
||||||
workflow_dispatch:
|
|
||||||
|
|
||||||
env:
|
|
||||||
CLUSTER: cl01tl
|
|
||||||
BASE_BRANCH: manifests
|
|
||||||
BRANCH_NAME: auto/update-manifests
|
|
||||||
ASSIGNEE: alexlebens
|
|
||||||
MAIN_DIR: /workspace/alexlebens/infrastructure/infrastructure
|
|
||||||
MANIFEST_DIR: /workspace/alexlebens/infrastructure/infrastructure-manifests
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
render-manifests:
|
|
||||||
runs-on: ubuntu-js
|
|
||||||
steps:
|
|
||||||
- name: Checkout Main
|
|
||||||
uses: actions/checkout@v6
|
|
||||||
with:
|
|
||||||
path: infrastructure
|
|
||||||
fetch-depth: 0
|
|
||||||
|
|
||||||
- name: Checkout Manifests
|
|
||||||
uses: actions/checkout@v6
|
|
||||||
with:
|
|
||||||
ref: manifests
|
|
||||||
path: infrastructure-manifests
|
|
||||||
|
|
||||||
- name: Set up Helm
|
|
||||||
uses: azure/setup-helm@v4
|
|
||||||
with:
|
|
||||||
token: ${{ secrets.GITEA_TOKEN }}
|
|
||||||
version: v3.17.2 # Pending https://github.com/helm/helm/pull/30743
|
|
||||||
|
|
||||||
- name: Prepare Manifest Branch
|
|
||||||
run: |
|
|
||||||
cd ${MANIFEST_DIR}
|
|
||||||
|
|
||||||
echo ">> Configure git to use gitea-bot as user ..."
|
|
||||||
git config user.name "gitea-bot"
|
|
||||||
git config user.email "gitea-bot@alexlebens.net"
|
|
||||||
|
|
||||||
echo ">> Checking if PR branch exists ..."
|
|
||||||
if [[ $(git ls-remote --heads origin "${BRANCH_NAME}" | wc -l) -gt 0 ]]; then
|
|
||||||
echo ">> Branch '${BRANCH_NAME}' exists, pulling changes ..."
|
|
||||||
git fetch origin "${BRANCH_NAME}"
|
|
||||||
git checkout "${BRANCH_NAME}"
|
|
||||||
git pull --rebase
|
|
||||||
|
|
||||||
else
|
|
||||||
echo ">> Branch '${BRANCH_NAME}' does not exist, creating ..."
|
|
||||||
git checkout -b $BRANCH_NAME
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: Check which Directories have Changes
|
|
||||||
id: check-dir-changes
|
|
||||||
run: |
|
|
||||||
cd ${MAIN_DIR}
|
|
||||||
|
|
||||||
GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u | grep "clusters/cl01tl/helm/")
|
|
||||||
CHANGED_DIR=()
|
|
||||||
|
|
||||||
echo ">> Checking for changes .."
|
|
||||||
echo "$GIT_DIFF"
|
|
||||||
|
|
||||||
if [ -n $GIT_DIFF ]; then
|
|
||||||
echo ">> Changes detected"
|
|
||||||
|
|
||||||
for path in $GIT_DIFF; do
|
|
||||||
CHANGED_DIR+=$(echo "$path" | awk -F '/' '{print $4}')
|
|
||||||
done
|
|
||||||
|
|
||||||
echo ">> Changes Directories:"
|
|
||||||
echo "$(printf "%s\n" "$CHANGED_DIR" | sort -u)"
|
|
||||||
|
|
||||||
echo "changes-detected=true" >> $GITEA_OUTPUT
|
|
||||||
echo "changed-dir=$(printf "%s\n" "$CHANGED_DIR" | sort -u)" >> $GITEA_OUTPUT
|
|
||||||
else
|
|
||||||
echo ">> No changes detected, skipping rendering"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: Add Repositories
|
|
||||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
|
||||||
env:
|
|
||||||
CHANGED_DIR: ${{ steps.check-dir-changes.outputs.changed-dir }}
|
|
||||||
run: |
|
|
||||||
cd ${MAIN_DIR}
|
|
||||||
|
|
||||||
echo ">> Adding repositories for chart dependencies ..."
|
|
||||||
for dir in ${CHANGED_DIR}; do
|
|
||||||
helm dependency list --max-col-width 120 ${MAIN_DIR}/clusters/${CLUSTER}/helm/$dir 2> /dev/null \
|
|
||||||
| tail +2 | head -n -1 \
|
|
||||||
| awk '{ print "helm repo add " $1 " " $3 }' \
|
|
||||||
| while read cmd; do echo "$cmd" | sh; done || true
|
|
||||||
done
|
|
||||||
|
|
||||||
- name: Remove Changed Manifest Files
|
|
||||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
|
||||||
env:
|
|
||||||
CHANGED_DIR: ${{ steps.check-dir-changes.outputs.changed-dir }}
|
|
||||||
run: |
|
|
||||||
cd ${MANIFEST_DIR}
|
|
||||||
|
|
||||||
echo ">> Remove manfiest files and rebuild from source ..."
|
|
||||||
|
|
||||||
for dir in ${CHANGED_DIR}; do
|
|
||||||
chart_path=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$dir
|
|
||||||
|
|
||||||
echo ">> Removing from $chart_path ..."
|
|
||||||
rm -rf $chart_path/*
|
|
||||||
done
|
|
||||||
|
|
||||||
- name: Render Helm Manifests
|
|
||||||
id: render-manifests
|
|
||||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
|
||||||
env:
|
|
||||||
CHANGED_DIR: ${{ steps.check-dir-changes.outputs.changed-dir }}
|
|
||||||
run: |
|
|
||||||
cd ${MAIN_DIR}
|
|
||||||
|
|
||||||
echo ">> Rendering Manifests ..."
|
|
||||||
|
|
||||||
for dir in ${CHANGED_DIR}; do
|
|
||||||
chart_path=${MAIN_DIR}/clusters/${CLUSTER}/helm/$dir
|
|
||||||
chart_name=$(basename "$chart_path")
|
|
||||||
|
|
||||||
echo ">> Rendering chart: $chart_name"
|
|
||||||
echo ">> Chart path $chart_path"
|
|
||||||
|
|
||||||
if [ -f "$chart_path/Chart.yaml" ]; then
|
|
||||||
mkdir -p ${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$chart_name
|
|
||||||
OUTPUT_FILE="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$chart_name/$chart_name.yaml"
|
|
||||||
|
|
||||||
cd $chart_path
|
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo ">> Building helm dependency ..."
|
|
||||||
helm dependency build
|
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo ">> Linting helm ..."
|
|
||||||
helm lint --namespace "$chart_name"
|
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo ">> Rendering templates ..."
|
|
||||||
helm template "$chart_name" ./ --namespace "$chart_name" --include-crds > "$OUTPUT_FILE"
|
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo ">> Manifests for $chart_name rendered to $OUTPUT_FILE"
|
|
||||||
echo ""
|
|
||||||
else
|
|
||||||
echo ""
|
|
||||||
echo ">> Directory $chart_path does not contain a Chart.yaml. Skipping ..."
|
|
||||||
echo ""
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
- name: Check for Changes
|
|
||||||
id: check-changes
|
|
||||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
|
||||||
run: |
|
|
||||||
cd ${MANIFEST_DIR}
|
|
||||||
|
|
||||||
if git status --porcelain | grep -q .; then
|
|
||||||
echo ">> Changes detected"
|
|
||||||
git status --porcelain
|
|
||||||
echo "changes-detected=true" >> $GITEA_OUTPUT
|
|
||||||
else
|
|
||||||
echo ">> No changes detected, skipping PR creation"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: Commit and Push Changes
|
|
||||||
id: commit-push
|
|
||||||
if: steps.check-changes.outputs.changes-detected == 'true'
|
|
||||||
run: |
|
|
||||||
cd ${MANIFEST_DIR}
|
|
||||||
|
|
||||||
echo ">> Commiting changes to ${BRANCH_NAME} ..."
|
|
||||||
git add .
|
|
||||||
git commit -m "chore: Update manifests after change"
|
|
||||||
|
|
||||||
echo ">> Pushing changes to $REPO_URL ..."
|
|
||||||
REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}"
|
|
||||||
git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@$(echo $REPO_URL | sed -e 's|https://||')" ${BRANCH_NAME}
|
|
||||||
|
|
||||||
echo "HEAD_BRANCH=${BRANCH_NAME}" >> $GITEA_OUTPUT
|
|
||||||
echo "push=true" >> $GITEA_OUTPUT
|
|
||||||
|
|
||||||
- name: Check for Pull Request
|
|
||||||
id: check-for-pull-requst
|
|
||||||
if: steps.commit-push.outputs.push == 'true'
|
|
||||||
env:
|
|
||||||
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
|
|
||||||
GITEA_URL: ${{ secrets.REPO_URL }}
|
|
||||||
HEAD_BRANCH: ${{ steps.commit-push.outputs.HEAD_BRANCH }}
|
|
||||||
run: |
|
|
||||||
cd ${MANIFEST_DIR}
|
|
||||||
|
|
||||||
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls/${BASE_BRANCH}/${HEAD_BRANCH}"
|
|
||||||
|
|
||||||
echo ">> Checking if PR from branch ${HEAD_BRANCH} into ${BASE_BRANCH}"
|
|
||||||
echo ">> With Endpoint of:"
|
|
||||||
echo "$API_ENDPOINT"
|
|
||||||
|
|
||||||
HTTP_STATUS=$(
|
|
||||||
curl -X GET \
|
|
||||||
--silent \
|
|
||||||
--write-out '%{http_code}' \
|
|
||||||
--output response_body.json \
|
|
||||||
--dump-header response_headers.txt \
|
|
||||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
|
||||||
-H "Content-Type: application/json" \
|
|
||||||
"$API_ENDPOINT" 2> response_errors.txt
|
|
||||||
)
|
|
||||||
|
|
||||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
|
||||||
echo ">> Response Output ..."
|
|
||||||
echo "----"
|
|
||||||
cat response_body.json
|
|
||||||
echo "----"
|
|
||||||
cat response_headers.txt
|
|
||||||
echo "----"
|
|
||||||
cat response_errors.txt
|
|
||||||
echo "----"
|
|
||||||
|
|
||||||
if [ "$HTTP_STATUS" == "200" ] && [ "$(cat response_body.json | jq -r .state)" == "open" ]; then
|
|
||||||
echo ">> Pull Request has been found open, will update"
|
|
||||||
PR_INDEX=$(cat response_body.json | jq -r .number)
|
|
||||||
echo "pull-request-exists=${PR_INDEX}" >> $GITEA_OUTPUT
|
|
||||||
echo "pull-request-index=true" >> $GITEA_OUTPUT
|
|
||||||
|
|
||||||
else
|
|
||||||
echo ">> Pull Request not found"
|
|
||||||
echo "pull-request-exists=false" >> $GITEA_OUTPUT
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: Create Pull Request
|
|
||||||
id: create-pull-request
|
|
||||||
if: steps.commit-push.outputs.push == 'true' && steps.check-for-pull-requst.outputs.pull-request-exists == 'false'
|
|
||||||
env:
|
|
||||||
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
|
|
||||||
GITEA_URL: ${{ secrets.REPO_URL }}
|
|
||||||
HEAD_BRANCH: ${{ steps.commit-push.outputs.HEAD_BRANCH }}
|
|
||||||
run: |
|
|
||||||
cd ${MANIFEST_DIR}
|
|
||||||
|
|
||||||
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls"
|
|
||||||
|
|
||||||
PAYLOAD=$( jq -n \
|
|
||||||
--arg head "${HEAD_BRANCH}" \
|
|
||||||
--arg base "${BASE_BRANCH}" \
|
|
||||||
--arg assignee "${ASSIGNEE}" \
|
|
||||||
--arg title "Automated Manifest Update" \
|
|
||||||
--arg body "This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow." \
|
|
||||||
'{head: $head, base: $base, assignee: $assignee, title: $title, body: $body'} )
|
|
||||||
|
|
||||||
echo ">> Creating PR from branch ${HEAD_BRANCH} into ${BASE_BRANCH}"
|
|
||||||
echo ">> With Endpoint of:"
|
|
||||||
echo "$API_ENDPOINT"
|
|
||||||
echo ">> With Payload of:"
|
|
||||||
echo "$PAYLOAD"
|
|
||||||
|
|
||||||
HTTP_STATUS=$(
|
|
||||||
curl -X POST \
|
|
||||||
--silent \
|
|
||||||
--write-out '%{http_code}' \
|
|
||||||
--output response_body.json \
|
|
||||||
--dump-header response_headers.txt \
|
|
||||||
--data "$PAYLOAD" \
|
|
||||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
|
||||||
-H "Content-Type: application/json" \
|
|
||||||
"$API_ENDPOINT" 2> response_errors.txt
|
|
||||||
)
|
|
||||||
|
|
||||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
|
||||||
echo ">> Response Output ..."
|
|
||||||
echo "----"
|
|
||||||
cat response_body.json
|
|
||||||
echo "----"
|
|
||||||
cat response_headers.txt
|
|
||||||
echo "----"
|
|
||||||
cat response_errors.txt
|
|
||||||
echo "----"
|
|
||||||
|
|
||||||
if [ "$HTTP_STATUS" == "201" ]; then
|
|
||||||
echo ">> Pull Request created successfully!"
|
|
||||||
PR_URL=$(cat response_body.json | jq -r .html_url)
|
|
||||||
echo "pull-request-url=${PR_URL}" >> $GITEA_OUTPUT
|
|
||||||
echo "pull-request-operation=created" >> $GITEA_OUTPUT
|
|
||||||
|
|
||||||
elif [ "$HTTP_STATUS" == "422" ]; then
|
|
||||||
echo ">> Failed to create PR (HTTP 422: Unprocessable Entity), PR may already exist"
|
|
||||||
|
|
||||||
else
|
|
||||||
echo ">> Failed to create PR, HTTP status code: $HTTP_STATUS"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: Cleanup Branch
|
|
||||||
if: failure() && steps.create-pull-request.outcome == 'failure'
|
|
||||||
env:
|
|
||||||
HEAD_BRANCH: ${{ steps.commit-push.outputs.HEAD_BRANCH }}
|
|
||||||
run: |
|
|
||||||
echo ">> Removing branch: ${HEAD_BRANCH}"
|
|
||||||
git push origin --delete ${HEAD_BRANCH}
|
|
||||||
|
|
||||||
- name: ntfy Created
|
|
||||||
uses: niniyas/ntfy-action@master
|
|
||||||
if: steps.create-pull-request.outputs.pull-request-operation == 'created'
|
|
||||||
with:
|
|
||||||
url: "${{ secrets.NTFY_URL }}"
|
|
||||||
topic: "${{ secrets.NTFY_TOPIC }}"
|
|
||||||
title: "Manifest Render PR Created - Infrastructure"
|
|
||||||
priority: 3
|
|
||||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
|
||||||
tags: action,successfully,completed
|
|
||||||
details: "Manifest rendering for Infrastructure has created a new Pull Request!"
|
|
||||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
|
||||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "${{ steps.create-pull-request.outputs.pull-request-url }}", "clear": true}]'
|
|
||||||
|
|
||||||
- name: ntfy Failed
|
|
||||||
uses: niniyas/ntfy-action@master
|
|
||||||
if: failure()
|
|
||||||
with:
|
|
||||||
url: "${{ secrets.NTFY_URL }}"
|
|
||||||
topic: "${{ secrets.NTFY_TOPIC }}"
|
|
||||||
title: "Manifest Render Failure - Infrastructure"
|
|
||||||
priority: 4
|
|
||||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
|
||||||
tags: action,failed
|
|
||||||
details: "Manifest rendering for Infrastructure has failed!"
|
|
||||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
|
||||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=render-manifests.yaml", "clear": true}]'
|
|
||||||
image: true
|
|
||||||
3
.gitignore
vendored
3
.gitignore
vendored
@@ -1,3 +0,0 @@
|
|||||||
/**/archive/
|
|
||||||
/**/charts/
|
|
||||||
/**/manifests/
|
|
||||||
@@ -18,4 +18,4 @@ dependencies:
|
|||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.4.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
||||||
appVersion: 25.11.0
|
appVersion: v25.5.0
|
||||||
@@ -15,7 +15,7 @@ bazarr:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linuxserver/bazarr
|
repository: ghcr.io/linuxserver/bazarr
|
||||||
tag: 1.5.3@sha256:2be164c02c0bb311b6c32e57d3d0ddc2813d524e89ab51a3408c1bf6fafecda5
|
tag: 1.5.3@sha256:a42fef2a5ffa1dca8714e12892ba0b8de5c6c513f1bcdb1ffe4143e715cffb45
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
@@ -9,7 +9,7 @@ booklore:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/booklore-app/booklore
|
repository: ghcr.io/booklore-app/booklore
|
||||||
tag: v1.12.0
|
tag: v1.11.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
@@ -0,0 +1,21 @@
|
|||||||
|
apiVersion: v2
|
||||||
|
name: calibre-web-automated
|
||||||
|
version: 1.0.0
|
||||||
|
description: Calibre Web Automated
|
||||||
|
keywords:
|
||||||
|
- calibre-web-automated
|
||||||
|
- books
|
||||||
|
home: https://wiki.alexlebens.dev/s/fdcfdb7e-8f73-438e-b59c-3c2de2081885
|
||||||
|
sources:
|
||||||
|
- https://github.com/crocodilestick/Calibre-Web-Automator
|
||||||
|
- https://hub.docker.com/r/crocodilestick/calibre-web-automated
|
||||||
|
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||||
|
maintainers:
|
||||||
|
- name: alexlebens
|
||||||
|
dependencies:
|
||||||
|
- name: app-template
|
||||||
|
alias: calibre-web-automated
|
||||||
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
|
version: 4.4.0
|
||||||
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/calibre-web.png
|
||||||
|
appVersion: V3.0.4
|
||||||
@@ -0,0 +1,78 @@
|
|||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: calibre-web-automated-gmail-config
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: calibre-web-automated-gmail-config
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: gmail.json
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/calibre-web/gmail
|
||||||
|
metadataPolicy: None
|
||||||
|
property: gmail.json
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: calibre-web-automated-config-backup-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: calibre-web-automated-config-backup-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
target:
|
||||||
|
template:
|
||||||
|
mergePolicy: Merge
|
||||||
|
engineVersion: v2
|
||||||
|
data:
|
||||||
|
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/calibre-web-automated/calibre-web-automated-config"
|
||||||
|
data:
|
||||||
|
- secretKey: BUCKET_ENDPOINT
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/volsync/restic/config
|
||||||
|
metadataPolicy: None
|
||||||
|
property: S3_BUCKET_ENDPOINT
|
||||||
|
- secretKey: RESTIC_PASSWORD
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/volsync/restic/config
|
||||||
|
metadataPolicy: None
|
||||||
|
property: RESTIC_PASSWORD
|
||||||
|
- secretKey: AWS_DEFAULT_REGION
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/volsync/restic/config
|
||||||
|
metadataPolicy: None
|
||||||
|
property: AWS_DEFAULT_REGION
|
||||||
|
- secretKey: AWS_ACCESS_KEY_ID
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /digital-ocean/home-infra/volsync-backups
|
||||||
|
metadataPolicy: None
|
||||||
|
property: access_key
|
||||||
|
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /digital-ocean/home-infra/volsync-backups
|
||||||
|
metadataPolicy: None
|
||||||
|
property: secret_key
|
||||||
@@ -0,0 +1,58 @@
|
|||||||
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
|
kind: HTTPRoute
|
||||||
|
metadata:
|
||||||
|
name: http-route-calibre
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: http-route-calibre
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
parentRefs:
|
||||||
|
- group: gateway.networking.k8s.io
|
||||||
|
kind: Gateway
|
||||||
|
name: traefik-gateway
|
||||||
|
namespace: traefik
|
||||||
|
hostnames:
|
||||||
|
- calibre.alexlebens.net
|
||||||
|
rules:
|
||||||
|
- matches:
|
||||||
|
- path:
|
||||||
|
type: PathPrefix
|
||||||
|
value: /
|
||||||
|
backendRefs:
|
||||||
|
- group: ''
|
||||||
|
kind: Service
|
||||||
|
name: calibre-web-automated-main
|
||||||
|
port: 8083
|
||||||
|
weight: 100
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
|
kind: HTTPRoute
|
||||||
|
metadata:
|
||||||
|
name: http-route-calibre-downloader
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: http-route-calibre-downloader
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
parentRefs:
|
||||||
|
- group: gateway.networking.k8s.io
|
||||||
|
kind: Gateway
|
||||||
|
name: traefik-gateway
|
||||||
|
namespace: traefik
|
||||||
|
hostnames:
|
||||||
|
- calibre-downloader.alexlebens.net
|
||||||
|
rules:
|
||||||
|
- matches:
|
||||||
|
- path:
|
||||||
|
type: PathPrefix
|
||||||
|
value: /
|
||||||
|
backendRefs:
|
||||||
|
- group: ''
|
||||||
|
kind: Service
|
||||||
|
name: calibre-web-automated-downloader
|
||||||
|
port: 8084
|
||||||
|
weight: 100
|
||||||
@@ -0,0 +1,36 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: calibre-web-automated-nfs-storage
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: calibre-web-automated-nfs-storage
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
volumeName: calibre-web-automated-nfs-storage
|
||||||
|
storageClassName: nfs-client
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 1Gi
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: calibre-web-automated-ingest-nfs-storage
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: calibre-web-automated-ingest-nfs-storage
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
volumeName: calibre-web-automated-ingest-nfs-storage
|
||||||
|
storageClassName: nfs-client
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 1Gi
|
||||||
@@ -0,0 +1,48 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolume
|
||||||
|
metadata:
|
||||||
|
name: calibre-web-automated-nfs-storage
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: calibre-web-automated-nfs-storage
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
persistentVolumeReclaimPolicy: Retain
|
||||||
|
storageClassName: nfs-client
|
||||||
|
capacity:
|
||||||
|
storage: 1Gi
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
nfs:
|
||||||
|
path: /volume2/Storage/Calibre
|
||||||
|
server: synologybond.alexlebens.net
|
||||||
|
mountOptions:
|
||||||
|
- vers=4
|
||||||
|
- minorversion=1
|
||||||
|
- noac
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolume
|
||||||
|
metadata:
|
||||||
|
name: calibre-web-automated-ingest-nfs-storage
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: calibre-web-automated-ingest-nfs-storage
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
persistentVolumeReclaimPolicy: Retain
|
||||||
|
storageClassName: nfs-client
|
||||||
|
capacity:
|
||||||
|
storage: 1Gi
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
nfs:
|
||||||
|
path: /volume2/Storage/Calibre Import
|
||||||
|
server: synologybond.alexlebens.net
|
||||||
|
mountOptions:
|
||||||
|
- vers=4
|
||||||
|
- minorversion=1
|
||||||
|
- noac
|
||||||
@@ -0,0 +1,28 @@
|
|||||||
|
apiVersion: volsync.backube/v1alpha1
|
||||||
|
kind: ReplicationSource
|
||||||
|
metadata:
|
||||||
|
name: calibre-web-automated-config-backup-source
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: calibre-web-automated-config-backup-source
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
sourcePVC: calibre-web-automated-config
|
||||||
|
trigger:
|
||||||
|
schedule: 0 4 * * *
|
||||||
|
restic:
|
||||||
|
pruneIntervalDays: 7
|
||||||
|
repository: calibre-web-automated-config-backup-secret
|
||||||
|
retain:
|
||||||
|
hourly: 1
|
||||||
|
daily: 3
|
||||||
|
weekly: 2
|
||||||
|
monthly: 2
|
||||||
|
yearly: 4
|
||||||
|
moverSecurityContext:
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsGroup: 100
|
||||||
|
copyMethod: Snapshot
|
||||||
|
storageClassName: ceph-block
|
||||||
|
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||||
119
clusters/cl01tl/applications/calibre-web-automated/values.yaml
Normal file
119
clusters/cl01tl/applications/calibre-web-automated/values.yaml
Normal file
@@ -0,0 +1,119 @@
|
|||||||
|
calibre-web-automated:
|
||||||
|
controllers:
|
||||||
|
main:
|
||||||
|
type: deployment
|
||||||
|
replicas: 1
|
||||||
|
strategy: Recreate
|
||||||
|
revisionHistoryLimit: 3
|
||||||
|
containers:
|
||||||
|
main:
|
||||||
|
image:
|
||||||
|
repository: crocodilestick/calibre-web-automated
|
||||||
|
tag: V3.0.4
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
env:
|
||||||
|
- name: TZ
|
||||||
|
value: US/Central
|
||||||
|
- name: PUID
|
||||||
|
value: 1000
|
||||||
|
- name: PGID
|
||||||
|
value: 100
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 10m
|
||||||
|
memory: 256Mi
|
||||||
|
downloader:
|
||||||
|
type: deployment
|
||||||
|
replicas: 1
|
||||||
|
strategy: Recreate
|
||||||
|
revisionHistoryLimit: 3
|
||||||
|
containers:
|
||||||
|
main:
|
||||||
|
image:
|
||||||
|
repository: ghcr.io/calibrain/calibre-web-automated-book-downloader
|
||||||
|
tag: latest@sha256:b1296c5edc89eee8742d86392ce40707233671044a454e002821e5c76cd58deb
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
env:
|
||||||
|
- name: FLASK_PORT
|
||||||
|
value: 8084
|
||||||
|
- name: UID
|
||||||
|
value: 1000
|
||||||
|
- name: GID
|
||||||
|
value: 100
|
||||||
|
- name: USE_CF_BYPASS
|
||||||
|
value: false
|
||||||
|
- name: CLOUDFLARE_PROXY_URL
|
||||||
|
value: http://localhost:8000
|
||||||
|
- name: INGEST_DIR
|
||||||
|
value: /cwa-book-ingest
|
||||||
|
- name: BOOK_LANGUAGE
|
||||||
|
value: end
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 10m
|
||||||
|
memory: 256Mi
|
||||||
|
bypass:
|
||||||
|
image:
|
||||||
|
repository: ghcr.io/sarperavci/cloudflarebypassforscraping
|
||||||
|
tag: latest@sha256:fc8443dd96450ab10ed455a05397c8a17bab89b8408b7cbb6242fa6e4fb9edf5
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 10m
|
||||||
|
memory: 128Mi
|
||||||
|
service:
|
||||||
|
main:
|
||||||
|
controller: main
|
||||||
|
ports:
|
||||||
|
http:
|
||||||
|
port: 8083
|
||||||
|
targetPort: 8083
|
||||||
|
protocol: HTTP
|
||||||
|
downloader:
|
||||||
|
controller: downloader
|
||||||
|
ports:
|
||||||
|
http:
|
||||||
|
port: 8084
|
||||||
|
targetPort: 8084
|
||||||
|
protocol: HTTP
|
||||||
|
persistence:
|
||||||
|
config:
|
||||||
|
forceRename: calibre-web-automated-config
|
||||||
|
storageClass: ceph-block
|
||||||
|
accessMode: ReadWriteOnce
|
||||||
|
size: 5Gi
|
||||||
|
retain: true
|
||||||
|
advancedMounts:
|
||||||
|
main:
|
||||||
|
main:
|
||||||
|
- path: /config
|
||||||
|
readOnly: false
|
||||||
|
gmail:
|
||||||
|
enabled: true
|
||||||
|
type: secret
|
||||||
|
name: calibre-web-automated-gmail-config
|
||||||
|
advancedMounts:
|
||||||
|
main:
|
||||||
|
main:
|
||||||
|
- path: /app/calibre-web/gmail.json
|
||||||
|
readOnly: true
|
||||||
|
mountPropagation: None
|
||||||
|
subPath: gmail.json
|
||||||
|
books:
|
||||||
|
existingClaim: calibre-web-automated-nfs-storage
|
||||||
|
advancedMounts:
|
||||||
|
main:
|
||||||
|
main:
|
||||||
|
- path: /calibre-library
|
||||||
|
readOnly: false
|
||||||
|
ingest:
|
||||||
|
existingClaim: calibre-web-automated-ingest-nfs-storage
|
||||||
|
advancedMounts:
|
||||||
|
main:
|
||||||
|
main:
|
||||||
|
- path: /cwa-book-ingest
|
||||||
|
readOnly: false
|
||||||
|
downloader:
|
||||||
|
main:
|
||||||
|
- path: /cwa-book-ingest
|
||||||
|
readOnly: false
|
||||||
@@ -52,7 +52,7 @@ ephemera:
|
|||||||
apprise-api:
|
apprise-api:
|
||||||
image:
|
image:
|
||||||
repository: caronc/apprise
|
repository: caronc/apprise
|
||||||
tag: 1.2.6
|
tag: 1.2.5
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
@@ -76,20 +76,20 @@ homepage:
|
|||||||
- Storage:
|
- Storage:
|
||||||
tab: Services
|
tab: Services
|
||||||
icon: mdi-database-#ffffff
|
icon: mdi-database-#ffffff
|
||||||
- Content:
|
- Servarr:
|
||||||
tab: Services
|
tab: Services
|
||||||
icon: mdi-multimedia-#ffffff
|
icon: mdi-multimedia-#ffffff
|
||||||
- TV Shows:
|
- TV Shows:
|
||||||
tab: Content
|
tab: Servarr
|
||||||
icon: mdi-television-#ffffff
|
icon: mdi-television-#ffffff
|
||||||
- Movies:
|
- Movies:
|
||||||
tab: Content
|
tab: Servarr
|
||||||
icon: mdi-filmstrip-#ffffff
|
icon: mdi-filmstrip-#ffffff
|
||||||
- Music:
|
- Music:
|
||||||
tab: Content
|
tab: Servarr
|
||||||
icon: mdi-music-box-multiple-#ffffff
|
icon: mdi-music-box-multiple-#ffffff
|
||||||
- Books:
|
- Books:
|
||||||
tab: Content
|
tab: Servarr
|
||||||
icon: mdi-book-open-variant-#ffffff
|
icon: mdi-book-open-variant-#ffffff
|
||||||
- External Services:
|
- External Services:
|
||||||
tab: Bookmarks
|
tab: Bookmarks
|
||||||
@@ -178,6 +178,12 @@ homepage:
|
|||||||
siteMonitor: http://audiobookshelf.audiobookshelf:80
|
siteMonitor: http://audiobookshelf.audiobookshelf:80
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Books:
|
- Books:
|
||||||
|
icon: sh-calibre-web.webp
|
||||||
|
description: Calibre Web Automated
|
||||||
|
href: https://calibre.alexlebens.net
|
||||||
|
siteMonitor: http://calibre-web-automated-main.calibre-web-automated:8083
|
||||||
|
statusStyle: dot
|
||||||
|
- Books (Booklore):
|
||||||
icon: sh-booklore.webp
|
icon: sh-booklore.webp
|
||||||
description: Booklore
|
description: Booklore
|
||||||
href: https://booklore.alexlebens.net
|
href: https://booklore.alexlebens.net
|
||||||
@@ -531,7 +537,7 @@ homepage:
|
|||||||
href: https://backrest.alexlebens.net
|
href: https://backrest.alexlebens.net
|
||||||
siteMonitor: http://backrest.backrest:80
|
siteMonitor: http://backrest.backrest:80
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Content:
|
- Servarr:
|
||||||
- qUI:
|
- qUI:
|
||||||
icon: https://raw.githubusercontent.com/autobrr/qui/8487c818886df9abb2b1456f43b54e0ba180a2bd/web/public/icons.svg
|
icon: https://raw.githubusercontent.com/autobrr/qui/8487c818886df9abb2b1456f43b54e0ba180a2bd/web/public/icons.svg
|
||||||
description: qbitorrent
|
description: qbitorrent
|
||||||
@@ -686,6 +692,12 @@ homepage:
|
|||||||
href: https://ephemera.alexlebens.net
|
href: https://ephemera.alexlebens.net
|
||||||
siteMonitor: http://ephemera.ephemera:80
|
siteMonitor: http://ephemera.ephemera:80
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
|
- CWA Downloader:
|
||||||
|
icon: sh-cwa-book-downloader.webp
|
||||||
|
description: Books
|
||||||
|
href: https://calibre-downloader.alexlebens.net
|
||||||
|
siteMonitor: http://calibre-web-automated-downloader.calibre-web-automated:8084
|
||||||
|
statusStyle: dot
|
||||||
- Listenarr:
|
- Listenarr:
|
||||||
icon: sh-audiobookrequest.webp
|
icon: sh-audiobookrequest.webp
|
||||||
description: Audiobooks
|
description: Audiobooks
|
||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user