Compare commits
1 Commits
renovate/a
...
934118d8fb
| Author | SHA1 | Date | |
|---|---|---|---|
934118d8fb
|
@@ -37,7 +37,7 @@ jobs:
|
||||
|
||||
- name: Set up Node.js
|
||||
if: steps.check-branch-exists.outputs.exists == 'true'
|
||||
uses: actions/setup-node@v6
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: '22'
|
||||
|
||||
|
||||
35
.gitea/workflows/process-issues.yaml
Normal file
35
.gitea/workflows/process-issues.yaml
Normal file
@@ -0,0 +1,35 @@
|
||||
name: process-issues
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '@daily'
|
||||
|
||||
jobs:
|
||||
process-issues:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Python Script
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: alexlebens/workflow-scripts
|
||||
ref: main
|
||||
token: ${{ secrets.BOT_TOKEN }}
|
||||
path: scripts
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: '3.13'
|
||||
|
||||
- name: Install dependencies
|
||||
run: pip install requests
|
||||
|
||||
- name: Run Script
|
||||
env:
|
||||
INSTANCE_URL: ${{ vars.INSTANCE_URL }}
|
||||
REPOSITORY: ${{ gitea.repository }}
|
||||
TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
STALE_DAYS: 3
|
||||
STALE_TAG: 'stale'
|
||||
EXCLUDE_TAG: 'renovate'
|
||||
run: python ./scripts/scripts/process-issues.py
|
||||
35
.gitea/workflows/process-pull-requests.yaml
Normal file
35
.gitea/workflows/process-pull-requests.yaml
Normal file
@@ -0,0 +1,35 @@
|
||||
name: process-pull-requests
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '@daily'
|
||||
|
||||
jobs:
|
||||
process-pull-requests:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Python Script
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: alexlebens/workflow-scripts
|
||||
ref: main
|
||||
token: ${{ secrets.BOT_TOKEN }}
|
||||
path: scripts
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: '3.13'
|
||||
|
||||
- name: Install dependencies
|
||||
run: pip install requests
|
||||
|
||||
- name: Run Script
|
||||
env:
|
||||
INSTANCE_URL: ${{ vars.INSTANCE_URL }}
|
||||
REPOSITORY: ${{ gitea.repository }}
|
||||
TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
STALE_DAYS: 3
|
||||
STALE_TAG: 'stale'
|
||||
REQUIRED_TAG: 'automerge'
|
||||
run: python ./scripts/scripts/process-pull-requests.py
|
||||
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: actual
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
||||
appVersion: v25.5.0
|
||||
|
||||
@@ -9,7 +9,7 @@ actual:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/actualbudget/actual
|
||||
tag: 25.10.0
|
||||
tag: 25.6.1
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -18,6 +18,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: audiobookshelf
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
|
||||
appVersion: 2.21.0
|
||||
|
||||
@@ -9,7 +9,7 @@ audiobookshelf:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/advplyr/audiobookshelf
|
||||
tag: 2.30.0
|
||||
tag: 2.25.1
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -21,7 +21,7 @@ audiobookshelf:
|
||||
apprise-api:
|
||||
image:
|
||||
repository: caronc/apprise
|
||||
tag: 1.2.2
|
||||
tag: 1.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -18,6 +18,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: bazarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png
|
||||
appVersion: 1.5.2
|
||||
|
||||
@@ -15,7 +15,7 @@ bazarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/bazarr
|
||||
tag: 1.5.3@sha256:a42fef2a5ffa1dca8714e12892ba0b8de5c6c513f1bcdb1ffe4143e715cffb45
|
||||
tag: 1.5.2@sha256:b515d79a4f7aa4bbbdfe45376d996a9bae2794faa16aca5a2beab0dba0c0b074
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: calibre-web-automated
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/calibre-web.png
|
||||
appVersion: V3.0.4
|
||||
|
||||
@@ -31,7 +31,7 @@ calibre-web-automated:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/calibrain/calibre-web-automated-book-downloader
|
||||
tag: latest@sha256:c2850991e99e278269003d92efa86e865f7df039093fbd03e85141b035cf7a80
|
||||
tag: latest@sha256:914a9e80b1c5b81b0e17a7d82ad1d1e22b0050164a739131203831123c60baf7
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: FLASK_PORT
|
||||
@@ -41,7 +41,7 @@ calibre-web-automated:
|
||||
- name: GID
|
||||
value: 100
|
||||
- name: USE_CF_BYPASS
|
||||
value: false
|
||||
value: true
|
||||
- name: CLOUDFLARE_PROXY_URL
|
||||
value: http://localhost:8000
|
||||
- name: INGEST_DIR
|
||||
@@ -55,7 +55,7 @@ calibre-web-automated:
|
||||
bypass:
|
||||
image:
|
||||
repository: ghcr.io/sarperavci/cloudflarebypassforscraping
|
||||
tag: latest@sha256:c34ef70a768ddf35c057f893c5392b8f65465fc4fbac634ba68a16d6a9dd0cbb
|
||||
tag: latest@sha256:bd326a3c6ae0b7ed3e405bbaa230e43e252f444c98f57d179f7a1d78f273748b
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
|
||||
@@ -19,10 +19,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: code-server
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.17.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/visual-studio-code.png
|
||||
appVersion: 4.100.2
|
||||
|
||||
@@ -9,7 +9,7 @@ code-server:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/code-server
|
||||
tag: 4.105.1@sha256:c7c66416238b70312df90b5936ea4adb6108552d866dd00a804c86c599b2ab6c
|
||||
tag: 4.101.2@sha256:d3945c21b1bd19938c15d79fc21f08fff272b2f6699825ca08856dd78545b623
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -8,10 +8,12 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/c2d242de-dcaa-4801-86a2-c4761dc8bf9b
|
||||
sources:
|
||||
- https://github.com/directus/directus
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/cloudflare/cloudflared
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://hub.docker.com/r/directus/directus
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
maintainers:
|
||||
@@ -20,14 +22,17 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: directus
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: valkey
|
||||
version: 3.0.16
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
- name: cloudflared
|
||||
alias: cloudflared-directus
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.17.3
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png
|
||||
appVersion: 11.7.2
|
||||
|
||||
@@ -68,10 +68,10 @@ spec:
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-redis-config
|
||||
name: directus-valkey-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-redis-config
|
||||
app.kubernetes.io/name: directus-valkey-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
@@ -83,14 +83,14 @@ spec:
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/redis
|
||||
key: /cl01tl/directus/valkey
|
||||
metadataPolicy: None
|
||||
property: user
|
||||
- secretKey: password
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/redis
|
||||
key: /cl01tl/directus/valkey
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
|
||||
@@ -176,70 +176,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -1,35 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-directus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.2.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
redisSecret:
|
||||
name: directus-redis-config
|
||||
key: password
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.76.0
|
||||
@@ -1,30 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisSentinel
|
||||
metadata:
|
||||
name: redis-sentinel-directus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-sentinel-directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
redisSentinelConfig:
|
||||
redisReplicationName: redis-replication-directus
|
||||
redisReplicationPassword:
|
||||
secretKeyRef:
|
||||
name: directus-redis-config
|
||||
key: password
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis-sentinel:v7.0.15
|
||||
imagePullPolicy: IfNotPresent
|
||||
redisSecret:
|
||||
name: directus-redis-config
|
||||
key: password
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
@@ -20,24 +20,3 @@ spec:
|
||||
bearerTokenSecret:
|
||||
name: directus-metric-token
|
||||
key: metric-token
|
||||
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: redis-replication-directus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
redis-operator: "true"
|
||||
env: production
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
redis_setup_type: replication
|
||||
endpoints:
|
||||
- port: redis-exporter
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
||||
|
||||
@@ -9,7 +9,7 @@ directus:
|
||||
main:
|
||||
image:
|
||||
repository: directus/directus
|
||||
tag: 11.12.0
|
||||
tag: 11.9.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PUBLIC_URL
|
||||
@@ -63,25 +63,21 @@ directus:
|
||||
secretKeyRef:
|
||||
name: directus-postgresql-17-cluster-app
|
||||
key: password
|
||||
- name: SYNCHRONIZATION_STORE
|
||||
value: redis
|
||||
- name: CACHE_ENABLED
|
||||
value: true
|
||||
- name: CACHE_STORE
|
||||
value: redis
|
||||
- name: REDIS_ENABLED
|
||||
value: true
|
||||
- name: REDIS_HOST
|
||||
value: redis-replication-directus-master
|
||||
value: directus-valkey-primary
|
||||
- name: REDIS_PORT
|
||||
value: 6379
|
||||
- name: REDIS_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: directus-redis-config
|
||||
name: directus-valkey-config
|
||||
key: user
|
||||
- name: REDIS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: directus-redis-config
|
||||
name: directus-valkey-config
|
||||
key: password
|
||||
- name: STORAGE_LOCATIONS
|
||||
value: s3
|
||||
@@ -153,11 +149,35 @@ directus:
|
||||
port: 80
|
||||
targetPort: 8055
|
||||
protocol: TCP
|
||||
valkey:
|
||||
architecture: replication
|
||||
auth:
|
||||
enabled: true
|
||||
existingSecret: directus-valkey-config
|
||||
existingSecretPasswordKey: password
|
||||
usePasswordFiles: false
|
||||
primary:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
replica:
|
||||
replicaCount: 1
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
cloudflared-directus:
|
||||
name: cloudflared-directus
|
||||
existingSecretName: directus-cloudflared-secret
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -170,45 +190,13 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 0 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
|
||||
21
clusters/cl01tl/applications/eigenfocus/Chart.yaml
Normal file
21
clusters/cl01tl/applications/eigenfocus/Chart.yaml
Normal file
@@ -0,0 +1,21 @@
|
||||
apiVersion: v2
|
||||
name: eigenfocus
|
||||
version: 1.0.0
|
||||
description: Eigenfocus
|
||||
keywords:
|
||||
- eigenfocus
|
||||
- projects
|
||||
home: https://wiki.alexlebens.dev/s/82548c75-cefe-4ad2-b60c-0b101127c31b
|
||||
sources:
|
||||
- https://github.com/Eigenfocus/eigenfocus
|
||||
- https://hub.docker.com/r/eigenfocus/eigenfocus
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: app-template
|
||||
alias: eigenfocus
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/eigenfocus.png
|
||||
appVersion: 1.1.0
|
||||
@@ -0,0 +1,55 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: eigenfocus-data-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: eigenfocus-data-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/eigenfocus/eigenfocus-data"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /digital-ocean/home-infra/volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
@@ -0,0 +1,28 @@
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
name: http-route-eigenfocus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-eigenfocus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
- group: gateway.networking.k8s.io
|
||||
kind: Gateway
|
||||
name: traefik-gateway
|
||||
namespace: traefik
|
||||
hostnames:
|
||||
- eigenfocus.alexlebens.net
|
||||
rules:
|
||||
- matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: eigenfocus
|
||||
port: 80
|
||||
weight: 100
|
||||
@@ -0,0 +1,25 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: eigenfocus-data-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: eigenfocus-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: eigenfocus-data
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: eigenfocus-data-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
40
clusters/cl01tl/applications/eigenfocus/values.yaml
Normal file
40
clusters/cl01tl/applications/eigenfocus/values.yaml
Normal file
@@ -0,0 +1,40 @@
|
||||
eigenfocus:
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: eigenfocus/eigenfocus
|
||||
tag: 1.2.0-free
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: DEFAULT_HOST_URL
|
||||
value: https://eigenfocus.alexlebens.net
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
ports:
|
||||
http:
|
||||
port: 80
|
||||
targetPort: 3000
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
data:
|
||||
forceRename: eigenfocus-data
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 2Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
- path: /eigenfocus-app/app-data
|
||||
readOnly: false
|
||||
@@ -17,11 +17,11 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: element-web
|
||||
version: 1.4.22
|
||||
version: 1.4.14
|
||||
repository: https://ananace.gitlab.io/charts
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.17.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
||||
appVersion: v1.11.100
|
||||
|
||||
@@ -2,7 +2,7 @@ element-web:
|
||||
replicaCount: 1
|
||||
image:
|
||||
repository: vectorim/element-web
|
||||
tag: v1.12.2
|
||||
tag: v1.11.104
|
||||
pullPolicy: IfNotPresent
|
||||
defaultServer:
|
||||
url: https://matrix.alexlebens.dev
|
||||
@@ -12,8 +12,8 @@ element-web:
|
||||
disable_3pid_login: true
|
||||
brand: "Alex Lebens"
|
||||
branding:
|
||||
welcome_background_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
||||
auth_header_logo_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
||||
welcome_background_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||
auth_header_logo_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
sso_redirect_options:
|
||||
immediate: true
|
||||
default_theme: dark
|
||||
|
||||
@@ -20,14 +20,14 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: freshrss
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.17.3
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png
|
||||
appVersion: 1.26.2
|
||||
|
||||
@@ -180,40 +180,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -11,7 +11,7 @@ freshrss:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.22.2
|
||||
tag: 3.22.0
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -35,7 +35,7 @@ freshrss:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.22.2
|
||||
tag: 3.22.0
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -49,29 +49,7 @@ freshrss:
|
||||
git checkout;
|
||||
rm -rf /var/www/FreshRSS/extensions/xExtension-ImageProxy
|
||||
cp -r xExtension-ImageProxy /var/www/FreshRSS/extensions
|
||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-ImageProxy
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
init-download-extension-3:
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.22.2
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
- -ec
|
||||
- |
|
||||
cd /tmp;
|
||||
wget https://github.com/zimmra/xExtension-karakeep-button/archive/refs/tags/v1.1.tar.gz;
|
||||
tar -xvzf *.tar.gz;
|
||||
rm -rf /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
mkdir /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
cp -r /tmp/xExtension-karakeep-button-*/* /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-YouTubeChannel2RssFeed
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
@@ -80,7 +58,7 @@ freshrss:
|
||||
main:
|
||||
image:
|
||||
repository: freshrss/freshrss
|
||||
tag: 1.27.1
|
||||
tag: 1.26.3
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PGID
|
||||
@@ -185,16 +163,13 @@ freshrss:
|
||||
init-download-extension-2:
|
||||
- path: /var/www/FreshRSS/extensions
|
||||
readOnly: false
|
||||
init-download-extension-3:
|
||||
- path: /var/www/FreshRSS/extensions
|
||||
readOnly: false
|
||||
main:
|
||||
- path: /var/www/FreshRSS/extensions
|
||||
readOnly: false
|
||||
cloudflared:
|
||||
existingSecretName: freshrss-cloudflared-secret
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -207,45 +182,13 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 2 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
apiVersion: v2
|
||||
name: karakeep
|
||||
name: hoarder
|
||||
version: 1.0.0
|
||||
description: Karakeep
|
||||
keywords:
|
||||
- hoarder
|
||||
- karakeep
|
||||
- bookmarks
|
||||
home: https://wiki.alexlebens.dev/s/f8177591-8253-4e21-82d5-a556f0aeafad
|
||||
@@ -18,15 +19,15 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: app-template
|
||||
alias: karakeep
|
||||
alias: hoarder
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: meilisearch
|
||||
version: 0.17.1
|
||||
version: 0.14.0
|
||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.17.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/webp/karakeep.webp
|
||||
appVersion: 0.26.0
|
||||
appVersion: 0.24.1
|
||||
@@ -19,13 +19,6 @@ spec:
|
||||
key: /cl01tl/karakeep/key
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
- secretKey: prometheus-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/karakeep/key
|
||||
metadataPolicy: None
|
||||
property: prometheus-token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
@@ -107,10 +100,10 @@ spec:
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: karakeep-data-backup-secret
|
||||
name: hoarder-data-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep-data-backup-secret
|
||||
app.kubernetes.io/name: hoarder-data-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
@@ -122,7 +115,7 @@ spec:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/karakeep/karakeep-data"
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/hoarder/hoarder-data"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
@@ -1,19 +1,19 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: karakeep-data-backup-source
|
||||
name: hoarder-data-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep-data-backup-source
|
||||
app.kubernetes.io/name: hoarder-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: karakeep-data
|
||||
sourcePVC: hoarder-data
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: karakeep-data-backup-secret
|
||||
repository: hoarder-data-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
@@ -1,4 +1,4 @@
|
||||
karakeep:
|
||||
hoarder:
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
@@ -9,13 +9,11 @@ karakeep:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/karakeep-app/karakeep
|
||||
tag: 0.27.1
|
||||
tag: 0.25.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: DATA_DIR
|
||||
value: /data
|
||||
- name: DB_WAL_MODE
|
||||
value: true
|
||||
- name: NEXTAUTH_URL
|
||||
value: https://karakeep.alexlebens.dev/
|
||||
- name: NEXTAUTH_SECRET
|
||||
@@ -23,41 +21,15 @@ karakeep:
|
||||
secretKeyRef:
|
||||
name: karakeep-key-secret
|
||||
key: key
|
||||
- name: PROMETHEUS_AUTH_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: karakeep-key-secret
|
||||
key: prometheus-token
|
||||
- name: ASSET_STORE_S3_ENDPOINT
|
||||
value: http://rook-ceph-rgw-ceph-objectstore.rook-ceph.svc:80
|
||||
- name: ASSET_STORE_S3_REGION
|
||||
value: us-east-1
|
||||
- name: ASSET_STORE_S3_BUCKET
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: ceph-bucket-karakeep
|
||||
key: BUCKET_NAME
|
||||
- name: ASSET_STORE_S3_ACCESS_KEY_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ceph-bucket-karakeep
|
||||
key: AWS_ACCESS_KEY_ID
|
||||
- name: ASSET_STORE_S3_SECRET_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ceph-bucket-karakeep
|
||||
key: AWS_SECRET_ACCESS_KEY
|
||||
- name: ASSET_STORE_S3_FORCE_PATH_STYLE
|
||||
value: true
|
||||
- name: MEILI_ADDR
|
||||
value: http://karakeep-meilisearch.karakeep:7700
|
||||
value: http://hoarder-meilisearch.hoarder:7700
|
||||
- name: MEILI_MASTER_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: karakeep-meilisearch-master-key-secret
|
||||
key: MEILI_MASTER_KEY
|
||||
- name: BROWSER_WEB_URL
|
||||
value: http://karakeep.karakeep:9222
|
||||
value: http://hoarder.hoarder:9222
|
||||
- name: DISABLE_SIGNUPS
|
||||
value: false
|
||||
- name: OAUTH_PROVIDER_NAME
|
||||
@@ -77,13 +49,13 @@ karakeep:
|
||||
name: karakeep-oidc-secret
|
||||
key: AUTHENTIK_CLIENT_SECRET
|
||||
- name: OLLAMA_BASE_URL
|
||||
value: http://ollama-server-3.ollama:11434
|
||||
value: http://ollama-server-1.ollama:11434
|
||||
- name: OLLAMA_KEEP_ALIVE
|
||||
value: 5m
|
||||
- name: INFERENCE_TEXT_MODEL
|
||||
value: gemma3:4b
|
||||
value: llama3.1:8b
|
||||
- name: INFERENCE_IMAGE_MODEL
|
||||
value: granite3.2-vision:2b
|
||||
value: llama3.2-vision:11b
|
||||
- name: EMBEDDING_TEXT_MODEL
|
||||
value: mxbai-embed-large
|
||||
- name: INFERENCE_JOB_TIMEOUT_SEC
|
||||
@@ -122,6 +94,7 @@ karakeep:
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
data:
|
||||
forceRename: hoarder-data
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 10Gi
|
||||
@@ -18,6 +18,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: home-assistant
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/home-assistant.png
|
||||
appVersion: 2025.5.2
|
||||
|
||||
@@ -9,7 +9,7 @@ home-assistant:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/home-assistant/home-assistant
|
||||
tag: 2025.10.4
|
||||
tag: 2025.6.3
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -21,7 +21,7 @@ home-assistant:
|
||||
code-server:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/code-server
|
||||
tag: 4.105.1@sha256:c7c66416238b70312df90b5936ea4adb6108552d866dd00a804c86c599b2ab6c
|
||||
tag: 4.101.2@sha256:d3945c21b1bd19938c15d79fc21f08fff272b2f6699825ca08856dd78545b623
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -18,10 +18,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: homepage
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.17.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||
appVersion: v1.2.0
|
||||
|
||||
@@ -11,7 +11,7 @@ homepage:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/gethomepage/homepage
|
||||
tag: v1.5.0
|
||||
tag: v1.3.2
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: HOMEPAGE_ALLOWED_HOSTS
|
||||
@@ -27,18 +27,18 @@ homepage:
|
||||
docker.yaml: ""
|
||||
kubernetes.yaml: ""
|
||||
settings.yaml: |
|
||||
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.svg
|
||||
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
headerStyle: clean
|
||||
hideVersion: true
|
||||
color: zinc
|
||||
background:
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||
brightness: 50
|
||||
theme: dark
|
||||
disableCollapse: true
|
||||
widgets.yaml: |
|
||||
- logo:
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
- datetime:
|
||||
text_size: xl
|
||||
format:
|
||||
@@ -75,7 +75,7 @@ homepage:
|
||||
siteMonitor: https://codeserver.alexlebens.dev
|
||||
statusStyle: dot
|
||||
- Site:
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
description: Profile Website
|
||||
href: https://www.alexlebens.dev
|
||||
siteMonitor: https://www.alexlebens.dev
|
||||
|
||||
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: homepage
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||
appVersion: v1.2.0
|
||||
|
||||
@@ -28,19 +28,3 @@ metadata:
|
||||
spec:
|
||||
externalName: placeholder
|
||||
type: ExternalName
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: garage-ui-ps10rp
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: garage-ps10rp
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
tailscale.com/tailnet-fqdn: garage-ui-ps10rp.boreal-beaufort.ts.net
|
||||
spec:
|
||||
externalName: placeholder
|
||||
type: ExternalName
|
||||
|
||||
@@ -15,7 +15,7 @@ homepage:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/gethomepage/homepage
|
||||
tag: v1.5.0
|
||||
tag: v1.3.2
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: HOMEPAGE_ALLOWED_HOSTS
|
||||
@@ -39,12 +39,12 @@ homepage:
|
||||
kubernetes.yaml: |
|
||||
mode: cluster
|
||||
settings.yaml: |
|
||||
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.svg
|
||||
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
headerStyle: clean
|
||||
hideVersion: true
|
||||
color: zinc
|
||||
background:
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||
brightness: 50
|
||||
theme: dark
|
||||
disableCollapse: true
|
||||
@@ -99,7 +99,7 @@ homepage:
|
||||
icon: mdi-cloud-#ffffff
|
||||
widgets.yaml: |
|
||||
- logo:
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
- kubernetes:
|
||||
cluster:
|
||||
show: true
|
||||
@@ -132,21 +132,21 @@ homepage:
|
||||
href: https://plex.alexlebens.net
|
||||
siteMonitor: http://plex.plex:32400
|
||||
statusStyle: dot
|
||||
- Jellyfin:
|
||||
icon: sh-jellyfin.webp
|
||||
description: Media server
|
||||
href: https://jellyfin.alexlebens.net
|
||||
siteMonitor: http://jellyfin.jellyfin:80
|
||||
statusStyle: dot
|
||||
- Media Requests:
|
||||
icon: sh-overseerr.webp
|
||||
description: Overseer
|
||||
href: https://overseerr.alexlebens.net
|
||||
siteMonitor: http://overseerr.overseerr:80
|
||||
statusStyle: dot
|
||||
- Media Tracking:
|
||||
- Jellyfin:
|
||||
icon: sh-jellyfin.webp
|
||||
description: Media server
|
||||
href: https://jellyfin.alexlebens.net
|
||||
siteMonitor: http://jellyfin.jellyfin:80
|
||||
statusStyle: dot
|
||||
- Yamtrack:
|
||||
icon: sh-yamtrack.webp
|
||||
description: Yamtrack
|
||||
description: Watched Media Tracking
|
||||
href: https://yamtrack.alexlebens.net
|
||||
siteMonitor: http://yamtrack.yamtrack:80
|
||||
statusStyle: dot
|
||||
@@ -182,7 +182,7 @@ homepage:
|
||||
statusStyle: dot
|
||||
- Public:
|
||||
- Site:
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
description: Profile Website
|
||||
href: https://www.alexlebens.dev
|
||||
siteMonitor: https://www.alexlebens.dev
|
||||
@@ -242,6 +242,12 @@ homepage:
|
||||
href: https://actual.alexlebens.net
|
||||
siteMonitor: http://actual.actual:80
|
||||
statusStyle: dot
|
||||
- Project Management:
|
||||
icon: sh-eigenfocus.webp
|
||||
description: Eigenfocus
|
||||
href: https://eigenfocus.alexlebens.net
|
||||
siteMonitor: http://eigenfocus.eigenfocus:80
|
||||
statusStyle: dot
|
||||
- AI:
|
||||
icon: sh-ollama.webp
|
||||
description: Ollama
|
||||
@@ -288,8 +294,8 @@ homepage:
|
||||
- Code (ps10rp):
|
||||
icon: sh-gitea.webp
|
||||
description: Gitea
|
||||
href: https://gitea-ps10rp.boreal-beaufort.ts.net
|
||||
siteMonitor: https://gitea-ps10rp.boreal-beaufort.ts.net
|
||||
href: https://gitea.lebens-home.net
|
||||
siteMonitor: https://gitea.lebens-home.net
|
||||
statusStyle: dot
|
||||
- IDE (Public):
|
||||
icon: sh-visual-studio-code.webp
|
||||
@@ -313,7 +319,7 @@ homepage:
|
||||
icon: sh-komodo-light.webp
|
||||
description: Komodo
|
||||
href: https://komodo.alexlebens.net
|
||||
siteMonitor: http://komodo-main.komodo:80
|
||||
siteMonitor: http://komodo.komodo:80
|
||||
statusStyle: dot
|
||||
- Automation:
|
||||
- Deployment Workflows:
|
||||
@@ -492,18 +498,6 @@ homepage:
|
||||
href: https://ceph.alexlebens.net
|
||||
siteMonitor: http://rook-ceph-mgr-dashboard.rook-ceph:7000
|
||||
statusStyle: dot
|
||||
- Object Storage (NAS):
|
||||
icon: sh-garage.webp
|
||||
description: Garage
|
||||
href: https://garage-webui.alexlebens.net
|
||||
siteMonitor: http://garage-webui.garage:3909
|
||||
statusStyle: dot
|
||||
- Object Storage (ps10rp):
|
||||
icon: sh-garage.webp
|
||||
description: Garage
|
||||
href: https://garage-ui-ps10rp.boreal-beaufort.ts.net
|
||||
siteMonitor: https://garage-ui-ps10rp.boreal-beaufort.ts.net
|
||||
statusStyle: dot
|
||||
- Database:
|
||||
icon: sh-pgadmin-light.webp
|
||||
description: PGAdmin
|
||||
@@ -633,11 +627,11 @@ homepage:
|
||||
siteMonitor: http://slskd.slskd:5030
|
||||
statusStyle: dot
|
||||
- Services (Servarr):
|
||||
- qUI:
|
||||
icon: https://raw.githubusercontent.com/autobrr/qui/8487c818886df9abb2b1456f43b54e0ba180a2bd/web/public/icons.svg
|
||||
description: qbitorrent
|
||||
href: https://qui.alexlebens.net
|
||||
siteMonitor: http://qbittorrent-qui.qbittorrent:80
|
||||
- qBittorrent:
|
||||
icon: sh-qbittorrent.webp
|
||||
description: P2P Downloads
|
||||
href: https://qbittorrent.alexlebens.net
|
||||
siteMonitor: http://qbittorrent.qbittorrent:8080
|
||||
statusStyle: dot
|
||||
widget:
|
||||
type: qbittorrent
|
||||
|
||||
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: huntarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/huntarr.png
|
||||
appVersion: 7.0.0
|
||||
|
||||
@@ -9,7 +9,7 @@ huntarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/plexguide/huntarr
|
||||
tag: 8.2.10
|
||||
tag: 7.8.2
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -31,7 +31,7 @@ huntarr:
|
||||
forceRename: huntarr-config
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
size: 1Gi
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
|
||||
@@ -8,8 +8,10 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/9377ae08-2041-4b6d-bc2b-61a4f5e8faae
|
||||
sources:
|
||||
- https://github.com/immich-app/immich
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
@@ -17,10 +19,13 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: immich
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: valkey
|
||||
version: 3.0.16
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
alias: postgres-16-cluster
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/immich.png
|
||||
appVersion: v2.0.1
|
||||
appVersion: v1.132.3
|
||||
|
||||
@@ -24,10 +24,10 @@ spec:
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: immich-postgresql-17-cluster-backup-secret
|
||||
name: immich-postgresql-16-cluster-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret
|
||||
app.kubernetes.io/name: immich-postgresql-16-cluster-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
@@ -49,40 +49,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: immich-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -1,32 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-immich
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-immich
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.0.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||
@@ -21,24 +21,3 @@ spec:
|
||||
interval: 3m
|
||||
scrapeTimeout: 1m
|
||||
path: /metrics
|
||||
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: redis-replication-immich
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-immich
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
redis-operator: "true"
|
||||
env: production
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
redis_setup_type: replication
|
||||
endpoints:
|
||||
- port: redis-exporter
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
||||
|
||||
@@ -9,7 +9,7 @@ immich:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/immich-app/immich-server
|
||||
tag: v2.2.2
|
||||
tag: v1.132.3
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -21,33 +21,33 @@ immich:
|
||||
- name: IMMICH_MACHINE_LEARNING_URL
|
||||
value: http://immich-machine-learning.immich:3003
|
||||
- name: REDIS_HOSTNAME
|
||||
value: redis-replication-immich-master
|
||||
value: immich-valkey-primary
|
||||
- name: DB_VECTOR_EXTENSION
|
||||
value: vectorchord
|
||||
value: pgvecto.rs
|
||||
- name: DB_HOSTNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: host
|
||||
- name: DB_DATABASE_NAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: dbname
|
||||
- name: DB_PORT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: port
|
||||
- name: DB_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: user
|
||||
- name: DB_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: password
|
||||
probes:
|
||||
liveness:
|
||||
@@ -99,7 +99,7 @@ immich:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/immich-app/immich-machine-learning
|
||||
tag: v2.2.2
|
||||
tag: v1.134.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TRANSFORMERS_CACHE
|
||||
@@ -188,16 +188,48 @@ immich:
|
||||
main:
|
||||
- path: /usr/src/app/upload
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
valkey:
|
||||
architecture: replication
|
||||
auth:
|
||||
enabled: false
|
||||
usePasswordFiles: false
|
||||
primary:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
replica:
|
||||
replicaCount: 1
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
postgres-16-cluster:
|
||||
# Tensorchord
|
||||
#--- https://github.com/immich-app/immich/discussions/9060
|
||||
#--- https://docs.pgvecto.rs/admin/kubernetes.html
|
||||
#--- https://github.com/tensorchord/cloudnative-pgvecto.rs
|
||||
#--- https://github.com/immich-app/immich/discussions/17025
|
||||
type: tensorchord
|
||||
mode: recovery
|
||||
cluster:
|
||||
image:
|
||||
repository: ghcr.io/tensorchord/cloudnative-vectorchord
|
||||
tag: 17.5-0.4.3
|
||||
repository: ghcr.io/tensorchord/cloudnative-pgvecto.rs
|
||||
tag: 16.3-v0.2.1
|
||||
storage:
|
||||
storageClass: local-path
|
||||
walStorage:
|
||||
storageClass: local-path
|
||||
resources:
|
||||
requests:
|
||||
memory: 384Mi
|
||||
cpu: 200m
|
||||
monitoring:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
@@ -205,56 +237,16 @@ postgres-17-cluster:
|
||||
postgresql:
|
||||
parameters:
|
||||
shared_buffers: 256MB
|
||||
shared_preload_libraries:
|
||||
- "vchord.so"
|
||||
initdb:
|
||||
postInitSQL:
|
||||
- CREATE EXTENSION IF NOT EXISTS "vector";
|
||||
- CREATE EXTENSION IF NOT EXISTS "vchord" CASCADE;
|
||||
- CREATE EXTENSION IF NOT EXISTS "cube" CASCADE;
|
||||
- CREATE EXTENSION IF NOT EXISTS "earthdistance" CASCADE;
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: immich-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster
|
||||
endpointCredentials: immich-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster
|
||||
index: 2
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: immich-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: immich-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 4 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-16-cluster
|
||||
endpointCredentials: immich-postgresql-16-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
|
||||
@@ -20,6 +20,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: jellyfin
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellyfin.png
|
||||
appVersion: 10.10.7
|
||||
|
||||
@@ -9,7 +9,7 @@ jellyfin:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/jellyfin/jellyfin
|
||||
tag: 10.11.2
|
||||
tag: 10.10.7
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -18,10 +18,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: jellystat
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellystat.png
|
||||
appVersion: 1.1.6
|
||||
|
||||
@@ -120,40 +120,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: jellystat-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: jellystat-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -79,7 +79,7 @@ jellystat:
|
||||
- path: /app/backend/backup-data
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -92,45 +92,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: jellystat-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 6 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
retentionPolicy: "7d"
|
||||
|
||||
@@ -1,11 +0,0 @@
|
||||
apiVersion: objectbucket.io/v1alpha1
|
||||
kind: ObjectBucketClaim
|
||||
metadata:
|
||||
name: ceph-bucket-karakeep
|
||||
labels:
|
||||
app.kubernetes.io/name: ceph-bucket-karakeep
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
generateBucketName: bucket-karakeep
|
||||
storageClassName: ceph-bucket
|
||||
@@ -1,23 +0,0 @@
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: karakeep
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
endpoints:
|
||||
- port: http
|
||||
interval: 30s
|
||||
scrapeTimeout: 15s
|
||||
path: /api/metrics
|
||||
authorization:
|
||||
credentials:
|
||||
key: prometheus-token
|
||||
name: karakeep-key-secret
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: karakeep
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: kiwix
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kiwix-dark.png
|
||||
appVersion: 3.7.0
|
||||
|
||||
@@ -9,7 +9,7 @@ kiwix:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/kiwix/kiwix-serve
|
||||
tag: 3.8.0
|
||||
tag: 3.7.0
|
||||
pullPolicy: IfNotPresent
|
||||
args:
|
||||
- '*.zim'
|
||||
|
||||
@@ -17,6 +17,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: libation
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/libation.png
|
||||
appVersion: 12.4.3
|
||||
|
||||
@@ -16,7 +16,7 @@ libation:
|
||||
main:
|
||||
image:
|
||||
repository: rmcrackan/libation
|
||||
tag: 12.5.7
|
||||
tag: 12.4.5
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: SLEEP_TIME
|
||||
|
||||
@@ -21,10 +21,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: lidarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/lidarr.png
|
||||
appVersion: 2.13.3
|
||||
appVersion: 2.11.2
|
||||
|
||||
@@ -83,40 +83,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: lidarr-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: lidarr-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -15,7 +15,7 @@ lidarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/lidarr
|
||||
tag: 2.14.5@sha256:5e1235d00b5d1c1f60ca0d472e554a6611aef41aa7b5b6d88260214bf4809af0
|
||||
tag: 2.12.4@sha256:71fe6d5702691c6ac8961b9b1042fdea1ff833a49c82c5e165346fa88999a48a
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -31,7 +31,7 @@ lidarr:
|
||||
metrics:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.3.0
|
||||
tag: v2.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
args: ["lidarr"]
|
||||
env:
|
||||
@@ -85,20 +85,21 @@ lidarr:
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
nameOverride: lidarr2-postgresql-17
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
walStorage:
|
||||
storageClass: local-path
|
||||
monitoring:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
resources:
|
||||
requests:
|
||||
memory: 1Gi
|
||||
cpu: 200m
|
||||
monitoring:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
bootstrap:
|
||||
initdb:
|
||||
postInitSQL:
|
||||
- CREATE DATABASE "lidarr-main" OWNER "app";
|
||||
@@ -106,46 +107,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/lidarr/lidarr2-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster
|
||||
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/lidarr/lidarr2-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/lidarr/lidarr2-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: lidarr-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 8 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster
|
||||
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
||||
@@ -17,6 +17,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: lidatube
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/lidatube.png
|
||||
appVersion: 0.2.22
|
||||
|
||||
@@ -13,7 +13,7 @@ lidatube:
|
||||
main:
|
||||
image:
|
||||
repository: thewicklowwolf/lidatube
|
||||
tag: 0.2.40
|
||||
tag: 0.2.28
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PUID
|
||||
|
||||
@@ -15,6 +15,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: omni-tools
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/omnitools.png
|
||||
appVersion: 0.4.0
|
||||
|
||||
@@ -9,7 +9,7 @@ omni-tools:
|
||||
main:
|
||||
image:
|
||||
repository: iib0011/omni-tools
|
||||
tag: 0.6.0
|
||||
tag: 0.4.0
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
|
||||
@@ -9,10 +9,12 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/c530c2b9-82b7-44df-b7ef-870c8b29242f
|
||||
sources:
|
||||
- https://github.com/outline/outline
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/cloudflare/cloudflared
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://hub.docker.com/r/outlinewiki/outline
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
maintainers:
|
||||
@@ -21,14 +23,17 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: outline
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: valkey
|
||||
version: 3.0.16
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
- name: cloudflared
|
||||
alias: cloudflared-outline
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.17.3
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/outline.png
|
||||
appVersion: 0.84.0
|
||||
|
||||
@@ -109,40 +109,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: outline-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: outline-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -1,32 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-outline
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-outline
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.0.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||
@@ -1,19 +0,0 @@
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: redis-replication-outline
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-outline
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
redis-operator: "true"
|
||||
env: production
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
redis_setup_type: replication
|
||||
endpoints:
|
||||
- port: redis-exporter
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
||||
@@ -9,7 +9,7 @@ outline:
|
||||
main:
|
||||
image:
|
||||
repository: outlinewiki/outline
|
||||
tag: 1.0.1
|
||||
tag: 0.84.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: NODE_ENV
|
||||
@@ -64,7 +64,7 @@ outline:
|
||||
- name: PGSSLMODE
|
||||
value: disable
|
||||
- name: REDIS_URL
|
||||
value: redis://redis-replication-outline-master.outline:6379
|
||||
value: redis://outline-valkey-primary.outline:6379
|
||||
- name: FILE_STORAGE
|
||||
value: s3
|
||||
- name: AWS_ACCESS_KEY_ID
|
||||
@@ -142,11 +142,33 @@ outline:
|
||||
port: 3000
|
||||
targetPort: 3000
|
||||
protocol: HTTP
|
||||
valkey:
|
||||
architecture: replication
|
||||
auth:
|
||||
enabled: false
|
||||
usePasswordFiles: false
|
||||
primary:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
replica:
|
||||
replicaCount: 1
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
cloudflared-outline:
|
||||
existingSecretName: outline-cloudflared-secret
|
||||
name: cloudflared-outline
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -159,45 +181,13 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/outline/outline-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: outline-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster
|
||||
endpointCredentials: outline-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/outline/outline-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: outline-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/outline/outline-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: outline-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 10 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster
|
||||
endpointCredentials: outline-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
|
||||
@@ -16,6 +16,6 @@ maintainers:
|
||||
dependencies:
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/overseerr.png
|
||||
appVersion: 1.34.0
|
||||
|
||||
@@ -17,10 +17,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: photoview
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/photoview.png
|
||||
appVersion: 2.4.0
|
||||
|
||||
@@ -26,40 +26,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: photoview-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: photoview-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -73,7 +73,7 @@ photoview:
|
||||
- path: /photos
|
||||
readOnly: true
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -86,45 +86,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: photoview-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||
endpointCredentials: photoview-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: photoview-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: photoview-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 12 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||
endpointCredentials: photoview-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
||||
@@ -21,6 +21,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: plex
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/plex.png
|
||||
appVersion: 1.41.6
|
||||
|
||||
@@ -9,7 +9,7 @@ plex:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/plex
|
||||
tag: 1.42.2@sha256:a59133e5b94b3ca19158e4ab272657c77c62dc9abdbebe1172b7657da138badb
|
||||
tag: 1.41.8@sha256:7794c25926494a63da421fabf2898dd38c4d6190f9146450fc0e29da8025ed2c
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -8,10 +8,12 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/f483a06b-860b-423c-8d51-a1ce82e0fd43
|
||||
sources:
|
||||
- https://github.com/gitroomhq/postiz-app
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/cloudflare/cloudflared
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://github.com/gitroomhq/postiz-app/pkgs/container/postiz-app
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
maintainers:
|
||||
@@ -20,13 +22,16 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: postiz
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: valkey
|
||||
version: 3.0.16
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.17.3
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/postiz.png
|
||||
appVersion: v1.43.3
|
||||
|
||||
@@ -24,10 +24,10 @@ spec:
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: postiz-redis-config
|
||||
name: postiz-valkey-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: postiz-redis-config
|
||||
app.kubernetes.io/name: postiz-valkey-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
@@ -35,27 +35,27 @@ spec:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: REDIS_URL
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/postiz/redis
|
||||
metadataPolicy: None
|
||||
property: REDIS_URL
|
||||
- secretKey: user
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/postiz/redis
|
||||
key: /cl01tl/postiz/valkey
|
||||
metadataPolicy: None
|
||||
property: user
|
||||
- secretKey: password
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/postiz/redis
|
||||
key: /cl01tl/postiz/valkey
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
- secretKey: REDIS_URL
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/postiz/valkey
|
||||
metadataPolicy: None
|
||||
property: REDIS_URL
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
@@ -253,40 +253,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: postiz-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: postiz-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -1,35 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-postiz
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-postiz
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.0.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
redisSecret:
|
||||
name: postiz-redis-config
|
||||
key: password
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||
@@ -1,19 +0,0 @@
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: redis-replication-postiz
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-postiz
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
redis-operator: "true"
|
||||
env: production
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
redis_setup_type: replication
|
||||
endpoints:
|
||||
- port: redis-exporter
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
||||
@@ -9,7 +9,7 @@ postiz:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/gitroomhq/postiz-app
|
||||
tag: v2.7.0
|
||||
tag: v1.56.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: MAIN_URL
|
||||
@@ -31,12 +31,12 @@ postiz:
|
||||
- name: REDIS_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postiz-redis-config
|
||||
name: postiz-valkey-config
|
||||
key: REDIS_URL
|
||||
- name: BACKEND_INTERNAL_URL
|
||||
value: http://localhost:3000
|
||||
- name: IS_GENERAL
|
||||
value: "true"
|
||||
value: 'true'
|
||||
- name: STORAGE_PROVIDER
|
||||
value: local
|
||||
- name: UPLOAD_DIRECTORY
|
||||
@@ -48,7 +48,7 @@ postiz:
|
||||
- name: NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL
|
||||
value: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png
|
||||
- name: POSTIZ_GENERIC_OAUTH
|
||||
value: "true"
|
||||
value: 'true'
|
||||
- name: POSTIZ_OAUTH_URL
|
||||
value: https://auth.alexlebens.dev
|
||||
- name: POSTIZ_OAUTH_AUTH_URL
|
||||
@@ -102,11 +102,35 @@ postiz:
|
||||
main:
|
||||
- path: /uploads
|
||||
readOnly: false
|
||||
valkey:
|
||||
architecture: replication
|
||||
auth:
|
||||
enabled: true
|
||||
existingSecret: postiz-valkey-config
|
||||
existingSecretPasswordKey: password
|
||||
usePasswordFiles: false
|
||||
primary:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
replica:
|
||||
replicaCount: 1
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
cloudflared:
|
||||
name: cloudflared-postiz
|
||||
existingSecretName: postiz-cloudflared-secret
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -119,45 +143,13 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: postiz-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||
endpointCredentials: postiz-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 1
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||
index: 2
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: postiz-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: postiz-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 14 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||
endpointCredentials: postiz-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 1
|
||||
|
||||
@@ -18,6 +18,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: prowlarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/prowlarr.png
|
||||
appVersion: 1.35.1
|
||||
|
||||
@@ -20,7 +20,7 @@ prowlarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/prowlarr
|
||||
tag: 2.1.5@sha256:643220338204525524db787ff38a607261597f49d1f550694acdb3e908e2b43e
|
||||
tag: 1.37.0@sha256:b058be8a4e083e0cba238f03759994617a559abe0c89e5ed66454b44395da6a9
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -24,10 +24,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: radarr-4k
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr-4k.png
|
||||
appVersion: 5.22.4
|
||||
|
||||
@@ -83,40 +83,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: radarr-4k-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: radarr-4k-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -15,7 +15,7 @@ radarr-4k:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/radarr
|
||||
tag: 5.28.0@sha256:c984533510abe0219a70e80d15bd0d212b7df21baa0913759c4ce6cc9092240b
|
||||
tag: 5.26.2@sha256:07a474b61394553e047ad43a1a78c1047fc99be0144c509dd91e3877f402ebcb
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -31,7 +31,7 @@ radarr-4k:
|
||||
metrics:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.3.0
|
||||
tag: v2.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
args: ["radarr"]
|
||||
env:
|
||||
@@ -85,7 +85,7 @@ radarr-4k:
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
nameOverride: radarr5-4k-postgresql-17
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -95,57 +95,24 @@ postgres-17-cluster:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
resources:
|
||||
requests:
|
||||
memory: 1Gi
|
||||
cpu: 200m
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: app
|
||||
owner: app
|
||||
postInitSQL:
|
||||
- CREATE DATABASE "radarr-main" OWNER "app";
|
||||
- CREATE DATABASE "radarr-log" OWNER "app";
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster
|
||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr-4k/radarr5-4k-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/radarr-4k/radarr5-4k-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 18 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster
|
||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
||||
@@ -24,10 +24,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: radarr-anime
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr-anime.png
|
||||
appVersion: 5.22.4
|
||||
|
||||
@@ -83,40 +83,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: radarr-anime-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: radarr-anime-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -13,7 +13,7 @@ radarr-anime:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/radarr
|
||||
tag: 5.28.0@sha256:c984533510abe0219a70e80d15bd0d212b7df21baa0913759c4ce6cc9092240b
|
||||
tag: 5.26.2@sha256:07a474b61394553e047ad43a1a78c1047fc99be0144c509dd91e3877f402ebcb
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -29,7 +29,7 @@ radarr-anime:
|
||||
metrics:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.3.0
|
||||
tag: v2.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
args: ["radarr"]
|
||||
env:
|
||||
@@ -83,7 +83,7 @@ radarr-anime:
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
nameOverride: radarr5-anime-postgresql-17
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -93,53 +93,24 @@ postgres-17-cluster:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: app
|
||||
owner: app
|
||||
postInitSQL:
|
||||
- CREATE DATABASE "radarr-main" OWNER "app";
|
||||
- CREATE DATABASE "radarr-log" OWNER "app";
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster
|
||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr-anime/radarr5-anime-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/radarr-anime/radarr5-anime-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 20 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster
|
||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
||||
@@ -23,10 +23,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: radarr-standup
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr.png
|
||||
appVersion: 5.22.4
|
||||
|
||||
@@ -83,40 +83,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: radarr-standup-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: radarr-standup-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -13,7 +13,7 @@ radarr-standup:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/radarr
|
||||
tag: 5.28.0@sha256:c984533510abe0219a70e80d15bd0d212b7df21baa0913759c4ce6cc9092240b
|
||||
tag: 5.26.2@sha256:07a474b61394553e047ad43a1a78c1047fc99be0144c509dd91e3877f402ebcb
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -29,7 +29,7 @@ radarr-standup:
|
||||
metrics:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.3.0
|
||||
tag: v2.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
args: ["radarr"]
|
||||
env:
|
||||
@@ -83,7 +83,7 @@ radarr-standup:
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
nameOverride: radarr5-standup-postgresql-17
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -93,53 +93,24 @@ postgres-17-cluster:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: app
|
||||
owner: app
|
||||
postInitSQL:
|
||||
- CREATE DATABASE "radarr-main" OWNER "app";
|
||||
- CREATE DATABASE "radarr-log" OWNER "app";
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster
|
||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr-standup/radarr5-standup-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/radarr-standup/radarr5-standup-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 22 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster
|
||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
||||
@@ -23,10 +23,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: radarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr.png
|
||||
appVersion: 5.22.4
|
||||
|
||||
@@ -83,40 +83,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: radarr-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: radarr-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -15,7 +15,7 @@ radarr:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/radarr
|
||||
tag: 5.28.0@sha256:c984533510abe0219a70e80d15bd0d212b7df21baa0913759c4ce6cc9092240b
|
||||
tag: 5.26.2@sha256:07a474b61394553e047ad43a1a78c1047fc99be0144c509dd91e3877f402ebcb
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -31,7 +31,7 @@ radarr:
|
||||
metrics:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.3.0
|
||||
tag: v2.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
args: ["radarr"]
|
||||
env:
|
||||
@@ -85,67 +85,38 @@ radarr:
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
nameOverride: radarr5-postgresql-17
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
walStorage:
|
||||
storageClass: local-path
|
||||
monitoring:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
resources:
|
||||
requests:
|
||||
memory: 1Gi
|
||||
cpu: 200m
|
||||
monitoring:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: app
|
||||
owner: app
|
||||
postInitSQL:
|
||||
- CREATE DATABASE "radarr-main" OWNER "app";
|
||||
- CREATE DATABASE "radarr-log" OWNER "app";
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr5/radarr5-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: radarr-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5/radarr5-postgresql-17-cluster
|
||||
endpointCredentials: radarr-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5/radarr5-postgresql-17-cluster
|
||||
index: 2
|
||||
endpointCredentials: radarr-postgresql-17-cluster-backup-secret
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/radarr/radarr5-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: radarr-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/radarr/radarr5-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: radarr-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 16 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5/radarr5-postgresql-17-cluster
|
||||
endpointCredentials: radarr-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
retentionPolicy: "7d"
|
||||
|
||||
@@ -18,10 +18,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: roundcube
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/roundcube.png
|
||||
appVersion: 1.6.10
|
||||
|
||||
@@ -106,40 +106,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: roundcube-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: roundcube-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -58,7 +58,7 @@ roundcube:
|
||||
nginx:
|
||||
image:
|
||||
repository: nginx
|
||||
tag: 1.29.3-alpine
|
||||
tag: 1.29.0-alpine
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: NGINX_HOST
|
||||
@@ -206,7 +206,7 @@ roundcube:
|
||||
mountPropagation: None
|
||||
subPath: default.conf
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -219,45 +219,13 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/roundcube/roundcube-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: roundcube-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/roundcube/roundcube-postgresql-17-cluster
|
||||
endpointCredentials: roundcube-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/roundcube/roundcube-postgresql-17-cluster
|
||||
index: 2
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/roundcube/roundcube-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: roundcube-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/roundcube/roundcube-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: roundcube-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 24 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/roundcube/roundcube-postgresql-17-cluster
|
||||
endpointCredentials: roundcube-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
|
||||
@@ -8,13 +8,18 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/6c6da68a-8725-4439-93c8-990ce824be54
|
||||
sources:
|
||||
- https://github.com/searxng/searxng
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: app-template
|
||||
alias: searxng
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 4.1.2
|
||||
- name: valkey
|
||||
version: 3.0.16
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/searxng.png
|
||||
appVersion: 1.0.0
|
||||
|
||||
@@ -1,32 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-searxng
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-searxng
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.0.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user