Compare commits
1 Commits
renovate/a
...
9b1fd816f1
| Author | SHA1 | Date | |
|---|---|---|---|
9b1fd816f1
|
@@ -1,80 +0,0 @@
|
||||
name: lint-test-docker
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- 'hosts/**'
|
||||
- ! 'hosts/archive'
|
||||
|
||||
pull_request:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- 'hosts/**'
|
||||
- ! 'hosts/archive'
|
||||
|
||||
jobs:
|
||||
docker-lint:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Check Branch Exists
|
||||
id: check-branch-exists
|
||||
uses: GuillaumeFalourd/branch-exists@v1.1
|
||||
with:
|
||||
branch: "origin/${{ github.base_ref }}"
|
||||
|
||||
- name: Branch Does Not Exist
|
||||
if: steps.check-branch-exists.outputs.exists == 'false'
|
||||
run: echo "Branch origin/${{ github.base_ref }} was not found, likely already merged"
|
||||
|
||||
|
||||
- name: Set up Node.js
|
||||
if: steps.check-branch-exists.outputs.exists == 'true'
|
||||
uses: actions/setup-node@v6
|
||||
with:
|
||||
node-version: '22'
|
||||
|
||||
- name: Lint Docker Compose
|
||||
if: steps.check-branch-exists.outputs.exists == 'true'
|
||||
run: |
|
||||
set -e # Exit immediately if a command exits with a non-zero status.
|
||||
|
||||
TARGET_BRANCH="origin/${{ github.base_ref }}"
|
||||
echo ">> Target branch for diff is: $TARGET_BRANCH"
|
||||
|
||||
CHANGED_FILES=$(git diff --name-only "$TARGET_BRANCH" -- 'hosts/**')
|
||||
|
||||
echo ">> Found changed files:"
|
||||
echo "$CHANGED_FILES"
|
||||
|
||||
# For each changed file, find its parent chart directory (the one with compose.yaml).
|
||||
# Then, create a unique list of those directories.
|
||||
CHANGED_COMPOSE=$(echo "$CHANGED_FILES" | while read -r file; do
|
||||
dir=$(dirname "$file")
|
||||
while [[ "$dir" != "." && ! -f "$dir/compose.yaml" ]]; do
|
||||
dir=$(dirname "$dir")
|
||||
done
|
||||
if [[ "$dir" != "." ]]; then
|
||||
echo "$dir"
|
||||
fi
|
||||
done | sort -u)
|
||||
|
||||
if [[ -z "$CHANGED_COMPOSE" ]]; then
|
||||
echo ">> Could not determine changed compose files. This will happen if only files outside a compose file were changed."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo ">> Running dclint on changed compose files:"
|
||||
echo "$CHANGED_COMPOSE"
|
||||
|
||||
echo "$CHANGED_COMPOSE" | while read -r compose; do
|
||||
echo ">> Linting $compose ..."
|
||||
npx dclint $compose
|
||||
done
|
||||
@@ -1,82 +0,0 @@
|
||||
name: lint-test-helm
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- 'clusters/**'
|
||||
- ! 'clusters/*/archive'
|
||||
|
||||
pull_request:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- 'clusters/**'
|
||||
- ! 'clusters/*/archive'
|
||||
|
||||
jobs:
|
||||
helm-lint:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Check Branch Exists
|
||||
id: check-branch-exists
|
||||
uses: GuillaumeFalourd/branch-exists@v1.1
|
||||
with:
|
||||
branch: "origin/${{ github.base_ref }}"
|
||||
|
||||
- name: Branch Does Not Exist
|
||||
if: steps.check-branch-exists.outputs.exists == 'false'
|
||||
run: echo "Branch origin/${{ github.base_ref }} was not found, likely already merged"
|
||||
|
||||
- name: Set up Helm
|
||||
if: steps.check-branch-exists.outputs.exists == 'true'
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: latest
|
||||
|
||||
- name: Lint Helm Chart
|
||||
if: steps.check-branch-exists.outputs.exists == 'true'
|
||||
run: |
|
||||
set -e # Exit immediately if a command exits with a non-zero status.
|
||||
|
||||
TARGET_BRANCH="origin/${{ github.base_ref }}"
|
||||
echo ">> Target branch for diff is: $TARGET_BRANCH"
|
||||
|
||||
CHANGED_FILES=$(git diff --name-only "$TARGET_BRANCH" -- 'clusters/**')
|
||||
|
||||
echo ">> Found changed files:"
|
||||
echo "$CHANGED_FILES"
|
||||
|
||||
# For each changed file, find its parent chart directory (the one with Chart.yaml).
|
||||
# Then, create a unique list of those directories.
|
||||
CHANGED_CHARTS=$(echo "$CHANGED_FILES" | while read -r file; do
|
||||
dir=$(dirname "$file")
|
||||
while [[ "$dir" != "." && ! -f "$dir/Chart.yaml" ]]; do
|
||||
dir=$(dirname "$dir")
|
||||
done
|
||||
if [[ "$dir" != "." ]]; then
|
||||
echo "$dir"
|
||||
fi
|
||||
done | sort -u)
|
||||
|
||||
if [[ -z "$CHANGED_CHARTS" ]]; then
|
||||
echo ">> Could not determine changed charts. This could happen if only files outside a chart were changed."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo ">> Running helm lint on changed charts:"
|
||||
echo "$CHANGED_CHARTS"
|
||||
|
||||
echo "$CHANGED_CHARTS" | while read -r chart; do
|
||||
echo ">> Building dependency for "$chart" ..."
|
||||
helm dependency build "$chart"
|
||||
echo ">> Linting $chart..."
|
||||
helm lint "$chart"
|
||||
done
|
||||
37
.gitea/workflows/lint-test.yaml
Normal file
37
.gitea/workflows/lint-test.yaml
Normal file
@@ -0,0 +1,37 @@
|
||||
name: lint-and-test-charts
|
||||
|
||||
on: pull_request
|
||||
|
||||
jobs:
|
||||
lint-test:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
version: latest
|
||||
|
||||
- uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: "3.13"
|
||||
check-latest: true
|
||||
|
||||
- name: Set up chart-testing
|
||||
uses: helm/chart-testing-action@v2.7.0
|
||||
|
||||
- name: Run chart-testing (list-changed)
|
||||
id: list-changed
|
||||
run: |
|
||||
changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
|
||||
if [[ -n "$changed" ]]; then
|
||||
echo "changed=true" >> "$GITHUB_OUTPUT"
|
||||
fi
|
||||
|
||||
- name: Run chart-testing (lint)
|
||||
if: steps.list-changed.outputs.changed == 'true'
|
||||
run: ct lint --target-branch ${{ github.event.repository.default_branch }}
|
||||
@@ -1,32 +0,0 @@
|
||||
name: renovate
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "@hourly"
|
||||
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
renovate:
|
||||
runs-on: ubuntu-latest
|
||||
container: ghcr.io/renovatebot/renovate:41
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Renovate
|
||||
run: renovate
|
||||
env:
|
||||
RENOVATE_PLATFORM: gitea
|
||||
RENOVATE_ENDPOINT: ${{ vars.INSTANCE_URL }}
|
||||
RENOVATE_REPOSITORIES: alexlebens/infrastructure
|
||||
RENOVATE_GIT_AUTHOR: Renovate Bot <renovate-bot@alexlebens.net>
|
||||
LOG_LEVEL: info
|
||||
RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }}
|
||||
RENOVATE_GIT_PRIVATE_KEY: ${{ secrets.RENOVATE_GIT_PRIVATE_KEY }}
|
||||
RENOVATE_GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_COM_TOKEN }}
|
||||
RENOVATE_REDIS_URL: ${{ vars.RENOVATE_REDIS_URL }}
|
||||
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: actual
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
||||
appVersion: v25.5.0
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: actual-data-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-actual
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: actual-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: actual-data
|
||||
|
||||
@@ -9,7 +9,7 @@ actual:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/actualbudget/actual
|
||||
tag: 25.10.0
|
||||
tag: 25.5.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -20,7 +20,7 @@ actual:
|
||||
memory: 128Mi
|
||||
probes:
|
||||
liveness:
|
||||
enabled: true
|
||||
enabled: false
|
||||
custom: true
|
||||
spec:
|
||||
exec:
|
||||
@@ -34,6 +34,8 @@ actual:
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 10
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -44,7 +46,6 @@ actual:
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
data:
|
||||
forceRename: actual-data
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 2Gi
|
||||
|
||||
@@ -18,6 +18,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: audiobookshelf
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
|
||||
appVersion: 2.21.0
|
||||
|
||||
@@ -1,34 +1,13 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: audiobookshelf-apprise-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: audiobookshelf-apprise-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ntfy-url
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/audiobookshelf/apprise
|
||||
metadataPolicy: None
|
||||
property: ntfy-url
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: audiobookshelf-config-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: audiobookshelf-config-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -86,6 +65,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: audiobookshelf-metadata-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-audiobookshelf
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: audiobookshelf-nfs-storage-backup
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeMode: Filesystem
|
||||
@@ -25,6 +27,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: audiobookshelf-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: audiobookshelf-nfs-storage
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: audiobookshelf-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: audiobookshelf-config-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: audiobookshelf-config
|
||||
@@ -33,6 +35,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: audiobookshelf-metadata-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: audiobookshelf-metadata
|
||||
|
||||
@@ -1,19 +0,0 @@
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: audiobookshelf-apprise
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: audiobookshelf-apprise
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
endpoints:
|
||||
- port: apprise
|
||||
interval: 30s
|
||||
scrapeTimeout: 15s
|
||||
path: /metrics
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: audiobookshelf
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
@@ -9,7 +9,7 @@ audiobookshelf:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/advplyr/audiobookshelf
|
||||
tag: 2.30.0
|
||||
tag: 2.22.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -18,29 +18,8 @@ audiobookshelf:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
apprise-api:
|
||||
image:
|
||||
repository: caronc/apprise
|
||||
tag: 1.2.2
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
value: US/Central
|
||||
- name: APPRISE_STORAGE_MODE
|
||||
value: memory
|
||||
- name: APPRISE_STATEFUL_MODE
|
||||
value: disabled
|
||||
- name: APPRISE_WORKER_COUNT
|
||||
value: 1
|
||||
- name: APPRISE_STATELESS_URLS
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: audiobookshelf-apprise-config
|
||||
key: ntfy-url
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -49,10 +28,6 @@ audiobookshelf:
|
||||
port: 80
|
||||
targetPort: 80
|
||||
protocol: HTTP
|
||||
apprise:
|
||||
port: 8000
|
||||
targetPort: 8000
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
config:
|
||||
storageClass: ceph-block
|
||||
|
||||
@@ -1,23 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: bazarr
|
||||
version: 1.0.0
|
||||
description: Bazarr
|
||||
keywords:
|
||||
- bazarr
|
||||
- servarr
|
||||
- subtitles
|
||||
home: https://wiki.alexlebens.dev/s/92784d53-1d43-42fd-b509-f42c73454226
|
||||
sources:
|
||||
- https://github.com/morpheus65535/bazarr
|
||||
- https://github.com/linuxserver/docker-bazarr
|
||||
- https://github.com/linuxserver/docker-bazarr/pkgs/container/bazarr
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: app-template
|
||||
alias: bazarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png
|
||||
appVersion: 1.5.2
|
||||
@@ -1,17 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: bazarr-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: bazarr-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: bazarr-nfs-storage
|
||||
storageClassName: nfs-client
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
@@ -1,23 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: bazarr-nfs-storage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: bazarr-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
storageClassName: nfs-client
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
nfs:
|
||||
path: /volume2/Storage
|
||||
server: synologybond.alexlebens.net
|
||||
mountOptions:
|
||||
- vers=4
|
||||
- minorversion=1
|
||||
- noac
|
||||
@@ -1,57 +0,0 @@
|
||||
bazarr:
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
pod:
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/bazarr
|
||||
tag: 1.5.3@sha256:a42fef2a5ffa1dca8714e12892ba0b8de5c6c513f1bcdb1ffe4143e715cffb45
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
value: US/Central
|
||||
- name: PUID
|
||||
value: 1000
|
||||
- name: PGID
|
||||
value: 1000
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 256Mi
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
ports:
|
||||
http:
|
||||
port: 80
|
||||
targetPort: 6767
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
config:
|
||||
forceRename: bazarr-config
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
- path: /config
|
||||
readOnly: false
|
||||
media:
|
||||
existingClaim: bazarr-nfs-storage
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
- path: /mnt/store
|
||||
readOnly: false
|
||||
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: calibre-web-automated
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/calibre-web.png
|
||||
appVersion: V3.0.4
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-web-automated-gmail-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -29,6 +31,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-web-automated-config-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-calibre
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
@@ -36,6 +38,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-calibre-downloader
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-web-automated-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: calibre-web-automated-nfs-storage
|
||||
@@ -25,6 +27,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-web-automated-ingest-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: calibre-web-automated-ingest-nfs-storage
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-web-automated-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
@@ -31,6 +33,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-web-automated-ingest-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-web-automated-config-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: calibre-web-automated-config
|
||||
|
||||
@@ -20,7 +20,7 @@ calibre-web-automated:
|
||||
value: 100
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
cpu: 100m
|
||||
memory: 256Mi
|
||||
downloader:
|
||||
type: deployment
|
||||
@@ -31,7 +31,7 @@ calibre-web-automated:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/calibrain/calibre-web-automated-book-downloader
|
||||
tag: latest@sha256:c2850991e99e278269003d92efa86e865f7df039093fbd03e85141b035cf7a80
|
||||
tag: latest@sha256:97a636efe3b78e1306ff521aa09256125aacdb1a04e628df294d7b6da3fe7b4a
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: FLASK_PORT
|
||||
@@ -41,7 +41,7 @@ calibre-web-automated:
|
||||
- name: GID
|
||||
value: 100
|
||||
- name: USE_CF_BYPASS
|
||||
value: false
|
||||
value: true
|
||||
- name: CLOUDFLARE_PROXY_URL
|
||||
value: http://localhost:8000
|
||||
- name: INGEST_DIR
|
||||
@@ -55,12 +55,14 @@ calibre-web-automated:
|
||||
bypass:
|
||||
image:
|
||||
repository: ghcr.io/sarperavci/cloudflarebypassforscraping
|
||||
tag: latest@sha256:c34ef70a768ddf35c057f893c5392b8f65465fc4fbac634ba68a16d6a9dd0cbb
|
||||
tag: latest@sha256:d1028839c2d6317a48e6e2139acaea5129bb3b089f0c5583f61fc162f1975de0
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -78,7 +80,6 @@ calibre-web-automated:
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
config:
|
||||
forceRename: calibre-web-automated-config
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
|
||||
@@ -19,10 +19,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: code-server
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.14.8
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/visual-studio-code.png
|
||||
appVersion: 4.100.2
|
||||
appVersion: 4.99.4
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: codeserver-password-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -36,6 +38,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: code-server-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-code-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: code-server-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeMode: Filesystem
|
||||
|
||||
@@ -9,7 +9,7 @@ code-server:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/code-server
|
||||
tag: 4.105.1@sha256:c7c66416238b70312df90b5936ea4adb6108552d866dd00a804c86c599b2ab6c
|
||||
tag: 4.100.2@sha256:511445e8877da1665b97d2ca39f03009a36edadba9959eefcc8ff3d1b0f42251
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -27,6 +27,8 @@ code-server:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
|
||||
@@ -8,10 +8,14 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/c2d242de-dcaa-4801-86a2-c4761dc8bf9b
|
||||
sources:
|
||||
- https://github.com/directus/directus
|
||||
- https://github.com/minio/operator
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/cloudflare/cloudflared
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://hub.docker.com/r/directus/directus
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/minio/operator/tree/master/helm/tenant
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
maintainers:
|
||||
@@ -20,14 +24,21 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: directus
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
- name: tenant
|
||||
alias: minio
|
||||
version: 7.1.1
|
||||
repository: https://operator.min.io/
|
||||
- name: valkey
|
||||
version: 3.0.6
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
- name: cloudflared
|
||||
alias: cloudflared-directus
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.14.8
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png
|
||||
appVersion: 11.7.2
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -45,34 +47,13 @@ spec:
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-metric-token
|
||||
name: directus-valkey-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-metric-token
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: metric-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/metrics
|
||||
metadataPolicy: None
|
||||
property: metric-token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-redis-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-redis-config
|
||||
app.kubernetes.io/name: directus-valkey-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -83,14 +64,14 @@ spec:
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/redis
|
||||
key: /cl01tl/directus/valkey
|
||||
metadataPolicy: None
|
||||
property: user
|
||||
- secretKey: password
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/redis
|
||||
key: /cl01tl/directus/valkey
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
|
||||
@@ -103,6 +84,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-oidc-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -124,6 +107,88 @@ spec:
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-minio-user-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-minio-user-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: database
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/minio/auth
|
||||
metadataPolicy: None
|
||||
property: AWS_ACCESS_KEY_ID
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/minio/auth
|
||||
metadataPolicy: None
|
||||
property: AWS_SECRET_ACCESS_KEY
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-minio-root-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-minio-root-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: database
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: config.env
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/minio/config
|
||||
metadataPolicy: None
|
||||
property: root-config.env
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-minio-config-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-minio-config-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: database
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: config.env
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/minio/config
|
||||
metadataPolicy: None
|
||||
property: config.env
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
@@ -133,6 +198,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -156,6 +223,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: database
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -176,70 +245,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-postgresql-17-cluster-backup-secret-weekly
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret-weekly
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -1,11 +1,13 @@
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
name: https-route-kronic
|
||||
name: http-route-directus-minio
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: https-route-kronic
|
||||
app.kubernetes.io/name: http-route-directus-minio
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
@@ -14,7 +16,7 @@ spec:
|
||||
name: traefik-gateway
|
||||
namespace: traefik
|
||||
hostnames:
|
||||
- kronic.alexlebens.net
|
||||
- minio-directus.alexlebens.net
|
||||
rules:
|
||||
- matches:
|
||||
- path:
|
||||
@@ -23,6 +25,6 @@ spec:
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: kronic
|
||||
port: 80
|
||||
name: minio-directus-console
|
||||
port: 9090
|
||||
weight: 100
|
||||
@@ -1,11 +0,0 @@
|
||||
apiVersion: objectbucket.io/v1alpha1
|
||||
kind: ObjectBucketClaim
|
||||
metadata:
|
||||
name: ceph-bucket-directus
|
||||
labels:
|
||||
app.kubernetes.io/name: ceph-bucket-directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
generateBucketName: bucket-directus
|
||||
storageClassName: ceph-bucket
|
||||
@@ -1,35 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-directus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.2.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
redisSecret:
|
||||
name: directus-redis-config
|
||||
key: password
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.76.0
|
||||
@@ -1,30 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisSentinel
|
||||
metadata:
|
||||
name: redis-sentinel-directus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-sentinel-directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
redisSentinelConfig:
|
||||
redisReplicationName: redis-replication-directus
|
||||
redisReplicationPassword:
|
||||
secretKeyRef:
|
||||
name: directus-redis-config
|
||||
key: password
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis-sentinel:v7.0.15
|
||||
imagePullPolicy: IfNotPresent
|
||||
redisSecret:
|
||||
name: directus-redis-config
|
||||
key: password
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
@@ -1,43 +0,0 @@
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: directus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
endpoints:
|
||||
- port: http
|
||||
interval: 30s
|
||||
scrapeTimeout: 15s
|
||||
path: /metrics
|
||||
bearerTokenSecret:
|
||||
name: directus-metric-token
|
||||
key: metric-token
|
||||
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: redis-replication-directus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-directus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
redis-operator: "true"
|
||||
env: production
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
redis_setup_type: replication
|
||||
endpoints:
|
||||
- port: redis-exporter
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
||||
@@ -9,7 +9,7 @@ directus:
|
||||
main:
|
||||
image:
|
||||
repository: directus/directus
|
||||
tag: 11.12.0
|
||||
tag: 11.7.2
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PUBLIC_URL
|
||||
@@ -63,25 +63,21 @@ directus:
|
||||
secretKeyRef:
|
||||
name: directus-postgresql-17-cluster-app
|
||||
key: password
|
||||
- name: SYNCHRONIZATION_STORE
|
||||
value: redis
|
||||
- name: CACHE_ENABLED
|
||||
value: true
|
||||
- name: CACHE_STORE
|
||||
value: redis
|
||||
- name: REDIS_ENABLED
|
||||
value: true
|
||||
- name: REDIS_HOST
|
||||
value: redis-replication-directus-master
|
||||
value: directus-valkey-primary
|
||||
- name: REDIS_PORT
|
||||
value: 6379
|
||||
- name: REDIS_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: directus-redis-config
|
||||
name: directus-valkey-config
|
||||
key: user
|
||||
- name: REDIS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: directus-redis-config
|
||||
name: directus-valkey-config
|
||||
key: password
|
||||
- name: STORAGE_LOCATIONS
|
||||
value: s3
|
||||
@@ -90,24 +86,21 @@ directus:
|
||||
- name: STORAGE_S3_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ceph-bucket-directus
|
||||
name: directus-minio-user-secret
|
||||
key: AWS_ACCESS_KEY_ID
|
||||
- name: STORAGE_S3_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ceph-bucket-directus
|
||||
name: directus-minio-user-secret
|
||||
key: AWS_SECRET_ACCESS_KEY
|
||||
- name: STORAGE_S3_BUCKET
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: ceph-bucket-directus
|
||||
key: BUCKET_NAME
|
||||
value: directus
|
||||
- name: STORAGE_S3_REGION
|
||||
value: us-east-1
|
||||
- name: STORAGE_S3_ENDPOINT
|
||||
value: http://rook-ceph-rgw-ceph-objectstore.rook-ceph.svc:80
|
||||
value: http://minio.directus:80
|
||||
- name: STORAGE_S3_FORCE_PATH_STYLE
|
||||
value: true
|
||||
value: "true"
|
||||
- name: AUTH_PROVIDERS
|
||||
value: AUTHENTIK
|
||||
- name: AUTH_AUTHENTIK_DRIVER
|
||||
@@ -134,17 +127,12 @@ directus:
|
||||
value: Authentik
|
||||
- name: TELEMETRY
|
||||
value: false
|
||||
- name: METRICS_ENABLED
|
||||
value: true
|
||||
- name: METRICS_TOKENS
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: directus-metric-token
|
||||
key: metric-token
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 256Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -153,11 +141,48 @@ directus:
|
||||
port: 80
|
||||
targetPort: 8055
|
||||
protocol: TCP
|
||||
minio:
|
||||
existingSecret:
|
||||
name: directus-minio-root-secret
|
||||
tenant:
|
||||
name: minio-directus
|
||||
configSecret:
|
||||
name: directus-minio-config-secret
|
||||
pools:
|
||||
- servers: 3
|
||||
name: pool
|
||||
volumesPerServer: 2
|
||||
size: 10Gi
|
||||
storageClassName: ceph-block
|
||||
mountPath: /export
|
||||
subPath: /data
|
||||
metrics:
|
||||
enabled: true
|
||||
port: 9000
|
||||
protocol: http
|
||||
certificate:
|
||||
requestAutoCert: false
|
||||
ingress:
|
||||
console:
|
||||
enabled: false
|
||||
valkey:
|
||||
architecture: standalone
|
||||
auth:
|
||||
enabled: true
|
||||
existingSecret: directus-valkey-config
|
||||
existingSecretPasswordKey: password
|
||||
usePasswordFiles: false
|
||||
primary:
|
||||
persistence:
|
||||
enabled: false
|
||||
replica:
|
||||
persistence:
|
||||
enabled: false
|
||||
cloudflared-directus:
|
||||
name: cloudflared-directus
|
||||
existingSecretName: directus-cloudflared-secret
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -170,45 +195,13 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: directus-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 0 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
|
||||
21
clusters/cl01tl/applications/eigenfocus/Chart.yaml
Normal file
21
clusters/cl01tl/applications/eigenfocus/Chart.yaml
Normal file
@@ -0,0 +1,21 @@
|
||||
apiVersion: v2
|
||||
name: eigenfocus
|
||||
version: 1.0.0
|
||||
description: Eigenfocus
|
||||
keywords:
|
||||
- eigenfocus
|
||||
- projects
|
||||
home: https://wiki.alexlebens.dev/s/82548c75-cefe-4ad2-b60c-0b101127c31b
|
||||
sources:
|
||||
- https://github.com/Eigenfocus/eigenfocus
|
||||
- https://hub.docker.com/r/eigenfocus/eigenfocus
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: app-template
|
||||
alias: eigenfocus
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 3.7.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/eigenfocus.png
|
||||
appVersion: v1.1.0
|
||||
@@ -1,11 +1,13 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: bazarr-config-backup-secret
|
||||
name: eigenfocus-data-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: bazarr-config-backup-secret
|
||||
app.kubernetes.io/name: eigenfocus-data-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -16,7 +18,7 @@ spec:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/bazarr/bazarr-config"
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/eigenfocus/eigenfocus-data"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
@@ -1,11 +1,13 @@
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
name: http-route-bazarr
|
||||
name: http-route-eigenfocus
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-bazarr
|
||||
app.kubernetes.io/name: http-route-eigenfocus
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
@@ -14,7 +16,7 @@ spec:
|
||||
name: traefik-gateway
|
||||
namespace: traefik
|
||||
hostnames:
|
||||
- bazarr.alexlebens.net
|
||||
- eigenfocus.alexlebens.net
|
||||
rules:
|
||||
- matches:
|
||||
- path:
|
||||
@@ -23,6 +25,6 @@ spec:
|
||||
backendRefs:
|
||||
- group: ''
|
||||
kind: Service
|
||||
name: bazarr
|
||||
name: eigenfocus
|
||||
port: 80
|
||||
weight: 100
|
||||
@@ -1,30 +1,27 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: bazarr-config-backup-source
|
||||
name: eigenfocus-data-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: bazarr-config-backup-source
|
||||
app.kubernetes.io/name: eigenfocus-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: bazarr-config
|
||||
sourcePVC: eigenfocus-data
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: bazarr-config-backup-secret
|
||||
repository: eigenfocus-data-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
moverSecurityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
41
clusters/cl01tl/applications/eigenfocus/values.yaml
Normal file
41
clusters/cl01tl/applications/eigenfocus/values.yaml
Normal file
@@ -0,0 +1,41 @@
|
||||
eigenfocus:
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: eigenfocus/eigenfocus
|
||||
tag: 1.1.0-free
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: DEFAULT_HOST_URL
|
||||
value: https://eigenfocus.alexlebens.net
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
ports:
|
||||
http:
|
||||
port: 80
|
||||
targetPort: 3000
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
data:
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 2Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
- path: /eigenfocus-app/app-data
|
||||
readOnly: false
|
||||
@@ -17,11 +17,11 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: element-web
|
||||
version: 1.4.22
|
||||
version: 1.4.10
|
||||
repository: https://ananace.gitlab.io/charts
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.14.8
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
||||
appVersion: v1.11.100
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: element-web-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
|
||||
@@ -2,7 +2,7 @@ element-web:
|
||||
replicaCount: 1
|
||||
image:
|
||||
repository: vectorim/element-web
|
||||
tag: v1.12.2
|
||||
tag: v1.11.100
|
||||
pullPolicy: IfNotPresent
|
||||
defaultServer:
|
||||
url: https://matrix.alexlebens.dev
|
||||
@@ -12,8 +12,8 @@ element-web:
|
||||
disable_3pid_login: true
|
||||
brand: "Alex Lebens"
|
||||
branding:
|
||||
welcome_background_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
||||
auth_header_logo_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
||||
welcome_background_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||
auth_header_logo_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
sso_redirect_options:
|
||||
immediate: true
|
||||
default_theme: dark
|
||||
|
||||
@@ -20,14 +20,14 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: freshrss
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.14.8
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png
|
||||
appVersion: 1.26.2
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: freshrss-install-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -41,8 +43,10 @@ metadata:
|
||||
name: freshrss-oidc-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: freshrss-oidc-secret
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -80,6 +84,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: freshrss-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -103,6 +109,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: freshrss-data-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -160,6 +168,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: database
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -180,40 +190,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: freshrss-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: freshrss-data
|
||||
|
||||
@@ -11,7 +11,7 @@ freshrss:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.22.2
|
||||
tag: 3.21.3
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -28,14 +28,14 @@ freshrss:
|
||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-YouTubeChannel2RssFeed
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
init-download-extension-2:
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.22.2
|
||||
tag: 3.21.3
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -49,38 +49,16 @@ freshrss:
|
||||
git checkout;
|
||||
rm -rf /var/www/FreshRSS/extensions/xExtension-ImageProxy
|
||||
cp -r xExtension-ImageProxy /var/www/FreshRSS/extensions
|
||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-ImageProxy
|
||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-YouTubeChannel2RssFeed
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
init-download-extension-3:
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.22.2
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
- -ec
|
||||
- |
|
||||
cd /tmp;
|
||||
wget https://github.com/zimmra/xExtension-karakeep-button/archive/refs/tags/v1.1.tar.gz;
|
||||
tar -xvzf *.tar.gz;
|
||||
rm -rf /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
mkdir /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
cp -r /tmp/xExtension-karakeep-button-*/* /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: freshrss/freshrss
|
||||
tag: 1.27.1
|
||||
tag: 1.26.2
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PGID
|
||||
@@ -153,6 +131,8 @@ freshrss:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -185,16 +165,13 @@ freshrss:
|
||||
init-download-extension-2:
|
||||
- path: /var/www/FreshRSS/extensions
|
||||
readOnly: false
|
||||
init-download-extension-3:
|
||||
- path: /var/www/FreshRSS/extensions
|
||||
readOnly: false
|
||||
main:
|
||||
- path: /var/www/FreshRSS/extensions
|
||||
readOnly: false
|
||||
cloudflared:
|
||||
existingSecretName: freshrss-cloudflared-secret
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -207,45 +184,13 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 3
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 2 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 3
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
apiVersion: v2
|
||||
name: karakeep
|
||||
name: hoarder
|
||||
version: 1.0.0
|
||||
description: Karakeep
|
||||
keywords:
|
||||
- hoarder
|
||||
- karakeep
|
||||
- bookmarks
|
||||
home: https://wiki.alexlebens.dev/s/f8177591-8253-4e21-82d5-a556f0aeafad
|
||||
@@ -18,15 +19,15 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: app-template
|
||||
alias: karakeep
|
||||
alias: hoarder
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
- name: meilisearch
|
||||
version: 0.17.1
|
||||
version: 0.13.0
|
||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.14.8
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/webp/karakeep.webp
|
||||
appVersion: 0.26.0
|
||||
appVersion: 0.24.1
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep-key-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -19,13 +21,6 @@ spec:
|
||||
key: /cl01tl/karakeep/key
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
- secretKey: prometheus-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/karakeep/key
|
||||
metadataPolicy: None
|
||||
property: prometheus-token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
@@ -36,6 +31,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep-oidc-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -66,6 +63,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep-meilisearch-master-key-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: meilisearch
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -89,6 +88,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -107,11 +108,13 @@ spec:
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: karakeep-data-backup-secret
|
||||
name: hoarder-data-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep-data-backup-secret
|
||||
app.kubernetes.io/name: hoarder-data-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -122,7 +125,7 @@ spec:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/karakeep/karakeep-data"
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/hoarder/hoarder-data"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
remoteRef:
|
||||
@@ -1,19 +1,21 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: karakeep-data-backup-source
|
||||
name: hoarder-data-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep-data-backup-source
|
||||
app.kubernetes.io/name: hoarder-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: karakeep-data
|
||||
sourcePVC: hoarder-data
|
||||
trigger:
|
||||
schedule: 0 4 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: karakeep-data-backup-secret
|
||||
repository: hoarder-data-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
@@ -1,4 +1,4 @@
|
||||
karakeep:
|
||||
hoarder:
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
@@ -9,13 +9,11 @@ karakeep:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/karakeep-app/karakeep
|
||||
tag: 0.27.1
|
||||
tag: 0.24.1
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: DATA_DIR
|
||||
value: /data
|
||||
- name: DB_WAL_MODE
|
||||
value: true
|
||||
- name: NEXTAUTH_URL
|
||||
value: https://karakeep.alexlebens.dev/
|
||||
- name: NEXTAUTH_SECRET
|
||||
@@ -23,41 +21,15 @@ karakeep:
|
||||
secretKeyRef:
|
||||
name: karakeep-key-secret
|
||||
key: key
|
||||
- name: PROMETHEUS_AUTH_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: karakeep-key-secret
|
||||
key: prometheus-token
|
||||
- name: ASSET_STORE_S3_ENDPOINT
|
||||
value: http://rook-ceph-rgw-ceph-objectstore.rook-ceph.svc:80
|
||||
- name: ASSET_STORE_S3_REGION
|
||||
value: us-east-1
|
||||
- name: ASSET_STORE_S3_BUCKET
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: ceph-bucket-karakeep
|
||||
key: BUCKET_NAME
|
||||
- name: ASSET_STORE_S3_ACCESS_KEY_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ceph-bucket-karakeep
|
||||
key: AWS_ACCESS_KEY_ID
|
||||
- name: ASSET_STORE_S3_SECRET_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ceph-bucket-karakeep
|
||||
key: AWS_SECRET_ACCESS_KEY
|
||||
- name: ASSET_STORE_S3_FORCE_PATH_STYLE
|
||||
value: true
|
||||
- name: MEILI_ADDR
|
||||
value: http://karakeep-meilisearch.karakeep:7700
|
||||
value: http://hoarder-meilisearch.hoarder:7700
|
||||
- name: MEILI_MASTER_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: karakeep-meilisearch-master-key-secret
|
||||
key: MEILI_MASTER_KEY
|
||||
- name: BROWSER_WEB_URL
|
||||
value: http://karakeep.karakeep:9222
|
||||
value: http://hoarder.hoarder:9222
|
||||
- name: DISABLE_SIGNUPS
|
||||
value: false
|
||||
- name: OAUTH_PROVIDER_NAME
|
||||
@@ -77,13 +49,13 @@ karakeep:
|
||||
name: karakeep-oidc-secret
|
||||
key: AUTHENTIK_CLIENT_SECRET
|
||||
- name: OLLAMA_BASE_URL
|
||||
value: http://ollama-server-3.ollama:11434
|
||||
value: http://ollama-server-1.ollama:11434
|
||||
- name: OLLAMA_KEEP_ALIVE
|
||||
value: 5m
|
||||
- name: INFERENCE_TEXT_MODEL
|
||||
value: gemma3:4b
|
||||
value: llama3.1:8b
|
||||
- name: INFERENCE_IMAGE_MODEL
|
||||
value: granite3.2-vision:2b
|
||||
value: llama3.2-vision:11b
|
||||
- name: EMBEDDING_TEXT_MODEL
|
||||
value: mxbai-embed-large
|
||||
- name: INFERENCE_JOB_TIMEOUT_SEC
|
||||
@@ -108,6 +80,8 @@ karakeep:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -18,6 +18,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: home-assistant
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/home-assistant.png
|
||||
appVersion: 2025.5.2
|
||||
appVersion: 2025.5.1
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: home-assistant-code-server-password-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -36,6 +38,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: home-assistant-token-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-home-assistant
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
@@ -36,6 +38,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-home-assistant-code-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: home-assistant
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: metrics
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
selector:
|
||||
|
||||
@@ -9,19 +9,19 @@ home-assistant:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/home-assistant/home-assistant
|
||||
tag: 2025.10.4
|
||||
tag: 2025.5.1
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
value: US/Central
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 512Mi
|
||||
cpu: 1
|
||||
memory: 2Gi
|
||||
code-server:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/code-server
|
||||
tag: 4.105.1@sha256:c7c66416238b70312df90b5936ea4adb6108552d866dd00a804c86c599b2ab6c
|
||||
tag: 4.100.2@sha256:511445e8877da1665b97d2ca39f03009a36edadba9959eefcc8ff3d1b0f42251
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -39,6 +39,8 @@ home-assistant:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -56,7 +58,6 @@ home-assistant:
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
config:
|
||||
forceRename: home-assistant-config
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
|
||||
@@ -18,10 +18,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: homepage
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
- name: cloudflared
|
||||
alias: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 1.22.2
|
||||
version: 1.14.8
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||
appVersion: v1.2.0
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage-dev-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
|
||||
@@ -11,7 +11,7 @@ homepage:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/gethomepage/homepage
|
||||
tag: v1.5.0
|
||||
tag: v1.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: HOMEPAGE_ALLOWED_HOSTS
|
||||
@@ -20,6 +20,8 @@ homepage:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
configMaps:
|
||||
config:
|
||||
enabled: true
|
||||
@@ -27,18 +29,18 @@ homepage:
|
||||
docker.yaml: ""
|
||||
kubernetes.yaml: ""
|
||||
settings.yaml: |
|
||||
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.svg
|
||||
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
headerStyle: clean
|
||||
hideVersion: true
|
||||
color: zinc
|
||||
background:
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||
brightness: 50
|
||||
theme: dark
|
||||
disableCollapse: true
|
||||
widgets.yaml: |
|
||||
- logo:
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
- datetime:
|
||||
text_size: xl
|
||||
format:
|
||||
@@ -68,26 +70,20 @@ homepage:
|
||||
href: https://gitea.alexlebens.dev
|
||||
siteMonitor: https://gitea.alexlebens.dev
|
||||
statusStyle: dot
|
||||
- Code:
|
||||
icon: sh-visual-studio-code.webp
|
||||
description: VS Code
|
||||
href: https://codeserver.alexlebens.dev
|
||||
siteMonitor: https://codeserver.alexlebens.dev
|
||||
statusStyle: dot
|
||||
- Site:
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
||||
icon: https://d21zlbwtcn424f.cloudfront.net/icon_white.png
|
||||
description: Profile Website
|
||||
href: https://www.alexlebens.dev
|
||||
siteMonitor: https://www.alexlebens.dev
|
||||
statusStyle: dot
|
||||
- Content Management:
|
||||
icon: directus.png
|
||||
icon: directus.webp
|
||||
description: Directus
|
||||
href: https://directus.alexlebens.dev
|
||||
siteMonitor: https://directus.alexlebens.dev
|
||||
statusStyle: dot
|
||||
- Social Media Management:
|
||||
icon: sh-postiz.webp
|
||||
icon: postiz.png
|
||||
description: Postiz
|
||||
href: https://postiz.alexlebens.dev
|
||||
siteMonitor: https://postiz.alexlebens.dev
|
||||
@@ -135,7 +131,7 @@ homepage:
|
||||
config:
|
||||
enabled: true
|
||||
type: configMap
|
||||
name: homepage-dev
|
||||
name: homepage-dev-config
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
|
||||
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: homepage
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||
appVersion: v1.2.0
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
@@ -26,20 +28,13 @@ rules:
|
||||
- get
|
||||
- list
|
||||
- apiGroups:
|
||||
- traefik.containo.us
|
||||
- traefik.io
|
||||
resources:
|
||||
- ingressroutes
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- apiGroups:
|
||||
- gateway.networking.k8s.io
|
||||
resources:
|
||||
- httproutes
|
||||
- gateways
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- apiGroups:
|
||||
- metrics.k8s.io
|
||||
resources:
|
||||
@@ -48,3 +43,9 @@ rules:
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- apiGroups:
|
||||
- apiextensions.k8s.io
|
||||
resources:
|
||||
- customresourcedefinitions/status
|
||||
verbs:
|
||||
- get
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage-keys-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: gitea-ps10rp
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: tailscale
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
tailscale.com/tailnet-fqdn: gitea-ps10rp.boreal-beaufort.ts.net
|
||||
@@ -22,25 +24,11 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: home-ps10rp
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: tailscale
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
tailscale.com/tailnet-fqdn: home-ps10rp.boreal-beaufort.ts.net
|
||||
spec:
|
||||
externalName: placeholder
|
||||
type: ExternalName
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: garage-ui-ps10rp
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: garage-ps10rp
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
tailscale.com/tailnet-fqdn: garage-ui-ps10rp.boreal-beaufort.ts.net
|
||||
spec:
|
||||
externalName: placeholder
|
||||
type: ExternalName
|
||||
|
||||
@@ -7,15 +7,11 @@ homepage:
|
||||
annotations:
|
||||
reloader.stakater.com/auto: "true"
|
||||
strategy: Recreate
|
||||
serviceAccount:
|
||||
name: homepage
|
||||
pod:
|
||||
automountServiceAccountToken: true
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/gethomepage/homepage
|
||||
tag: v1.5.0
|
||||
tag: v1.2.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: HOMEPAGE_ALLOWED_HOSTS
|
||||
@@ -28,9 +24,8 @@ homepage:
|
||||
cpu: 10m
|
||||
memory: 256Mi
|
||||
serviceAccount:
|
||||
homepage:
|
||||
enabled: true
|
||||
staticToken: true
|
||||
create: true
|
||||
name: homepage
|
||||
configMaps:
|
||||
config:
|
||||
enabled: true
|
||||
@@ -39,12 +34,12 @@ homepage:
|
||||
kubernetes.yaml: |
|
||||
mode: cluster
|
||||
settings.yaml: |
|
||||
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.svg
|
||||
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
headerStyle: clean
|
||||
hideVersion: true
|
||||
color: zinc
|
||||
background:
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||
brightness: 50
|
||||
theme: dark
|
||||
disableCollapse: true
|
||||
@@ -61,9 +56,6 @@ homepage:
|
||||
- Code:
|
||||
tab: Tools
|
||||
icon: mdi-code-block-braces-#ffffff
|
||||
- Automation:
|
||||
tab: Tools
|
||||
icon: mdi-wrench-#ffffff
|
||||
- Monitoring:
|
||||
tab: Tools
|
||||
icon: mdi-chart-line-#ffffff
|
||||
@@ -99,7 +91,7 @@ homepage:
|
||||
icon: mdi-cloud-#ffffff
|
||||
widgets.yaml: |
|
||||
- logo:
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
- kubernetes:
|
||||
cluster:
|
||||
show: true
|
||||
@@ -132,21 +124,21 @@ homepage:
|
||||
href: https://plex.alexlebens.net
|
||||
siteMonitor: http://plex.plex:32400
|
||||
statusStyle: dot
|
||||
- Jellyfin:
|
||||
icon: sh-jellyfin.webp
|
||||
description: Media server
|
||||
href: https://jellyfin.alexlebens.net
|
||||
siteMonitor: http://jellyfin.jellyfin:80
|
||||
statusStyle: dot
|
||||
- Media Requests:
|
||||
icon: sh-overseerr.webp
|
||||
description: Overseer
|
||||
href: https://overseerr.alexlebens.net
|
||||
siteMonitor: http://overseerr.overseerr:80
|
||||
statusStyle: dot
|
||||
- Media Tracking:
|
||||
- Jellyfin:
|
||||
icon: sh-jellyfin.webp
|
||||
description: Media server
|
||||
href: https://jellyfin.alexlebens.net
|
||||
siteMonitor: http://jellyfin.jellyfin:80
|
||||
statusStyle: dot
|
||||
- Yamtrack:
|
||||
icon: sh-yamtrack.webp
|
||||
description: Yamtrack
|
||||
description: Watched Media Tracking
|
||||
href: https://yamtrack.alexlebens.net
|
||||
siteMonitor: http://yamtrack.yamtrack:80
|
||||
statusStyle: dot
|
||||
@@ -182,7 +174,7 @@ homepage:
|
||||
statusStyle: dot
|
||||
- Public:
|
||||
- Site:
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||
description: Profile Website
|
||||
href: https://www.alexlebens.dev
|
||||
siteMonitor: https://www.alexlebens.dev
|
||||
@@ -194,7 +186,7 @@ homepage:
|
||||
siteMonitor: https://directus.alexlebens.dev
|
||||
statusStyle: dot
|
||||
- Social Media Management:
|
||||
icon: sh-postiz.webp
|
||||
icon: postiz.png
|
||||
description: Postiz
|
||||
href: https://postiz.alexlebens.dev
|
||||
siteMonitor: https://postiz.alexlebens.dev
|
||||
@@ -242,6 +234,12 @@ homepage:
|
||||
href: https://actual.alexlebens.net
|
||||
siteMonitor: http://actual.actual:80
|
||||
statusStyle: dot
|
||||
- Project Management:
|
||||
icon: sh-eigenfocus.webp
|
||||
description: Eigenfocus
|
||||
href: https://eigenfocus.alexlebens.net
|
||||
siteMonitor: http://eigenfocus.eigenfocus:80
|
||||
statusStyle: dot
|
||||
- AI:
|
||||
icon: sh-ollama.webp
|
||||
description: Ollama
|
||||
@@ -288,8 +286,8 @@ homepage:
|
||||
- Code (ps10rp):
|
||||
icon: sh-gitea.webp
|
||||
description: Gitea
|
||||
href: https://gitea-ps10rp.boreal-beaufort.ts.net
|
||||
siteMonitor: https://gitea-ps10rp.boreal-beaufort.ts.net
|
||||
href: https://gitea.lebens-home.net
|
||||
siteMonitor: https://gitea.lebens-home.net
|
||||
statusStyle: dot
|
||||
- IDE (Public):
|
||||
icon: sh-visual-studio-code.webp
|
||||
@@ -309,43 +307,21 @@ homepage:
|
||||
href: https://argocd.alexlebens.net
|
||||
siteMonitor: http://argocd-server.argocd:80
|
||||
statusStyle: dot
|
||||
- Docker Deployment:
|
||||
icon: sh-komodo-light.webp
|
||||
description: Komodo
|
||||
href: https://komodo.alexlebens.net
|
||||
siteMonitor: http://komodo-main.komodo:80
|
||||
statusStyle: dot
|
||||
- Automation:
|
||||
- Deployment Workflows:
|
||||
namespace: argocd
|
||||
- Workflows:
|
||||
icon: sh-argo-cd.webp
|
||||
description: Argo Workflows
|
||||
href: https://argo-workflows.alexlebens.net
|
||||
siteMonitor: http://argo-workflows-server.argo-workflows:2746
|
||||
statusStyle: dot
|
||||
- API Workflows:
|
||||
icon: sh-n8n.webp
|
||||
description: n8n
|
||||
href: https://n8n.alexlebens.net
|
||||
siteMonitor: http://n8n-main.n8n:80
|
||||
statusStyle: dot
|
||||
- Jobs:
|
||||
icon: https://raw.githubusercontent.com/mshade/kronic/main/static/android-chrome-192x192.png
|
||||
description: Kronic
|
||||
href: https://kronic.alexlebens.net
|
||||
siteMonitor: http://kronic.kronic:80
|
||||
statusStyle: dot
|
||||
- Uptime:
|
||||
icon: sh-gatus.webp
|
||||
description: Gatus
|
||||
href: https://gatus.alexlebens.net
|
||||
siteMonitor: http://gatus.gatus:80
|
||||
statusStyle: dot
|
||||
- Tools:
|
||||
icon: sh-omnitools.webp
|
||||
description: OmniTools
|
||||
href: https://omni-tools.alexlebens.net
|
||||
siteMonitor: http://omni-tools.omni-tools:80
|
||||
namespace: argocd
|
||||
- Deployment:
|
||||
icon: sh-komodo-light.webp
|
||||
description: Komodo
|
||||
href: https://komodo.alexlebens.net
|
||||
siteMonitor: http://komodo.komodo:80
|
||||
statusStyle: dot
|
||||
namespace: komodo
|
||||
- Monitoring:
|
||||
- Kubernetes:
|
||||
icon: sh-headlamp.webp
|
||||
@@ -374,23 +350,6 @@ homepage:
|
||||
widget:
|
||||
type: prometheus
|
||||
url: http://kube-prometheus-stack-prometheus.kube-prometheus-stack:9090
|
||||
- Alerting:
|
||||
icon: sh-prometheus-light.webp
|
||||
description: Alertmanager
|
||||
href: https://alertmanager.alexlebens.net
|
||||
siteMonitor: http://kube-prometheus-stack-alertmanager.kube-prometheus-stack:9093
|
||||
statusStyle: dot
|
||||
widget:
|
||||
type: prometheusmetric
|
||||
url: http://kube-prometheus-stack-prometheus.kube-prometheus-stack:9090
|
||||
refreshInterval: 120s
|
||||
metrics:
|
||||
- label: Alerts Active
|
||||
query: alertmanager_alerts{state="active"}
|
||||
- label: Metric Database Size
|
||||
query: prometheus_tsdb_storage_blocks_bytes
|
||||
format:
|
||||
type: bytes
|
||||
- Tautulli:
|
||||
icon: sh-tautulli.webp
|
||||
description: Plex Monitoring
|
||||
@@ -417,17 +376,11 @@ homepage:
|
||||
siteMonitor: http://authentik-server.authentik:80
|
||||
statusStyle: dot
|
||||
- Email:
|
||||
icon: sh-stalwart.webp
|
||||
icon: sh-stalwart-mail-server.webp
|
||||
description: Stalwart
|
||||
href: https://stalwart.alexlebens.net
|
||||
siteMonitor: http://stalwart.stalwart:80
|
||||
statusStyle: dot
|
||||
- Notifications:
|
||||
icon: sh-ntfy.webp
|
||||
description: ntfy
|
||||
href: https://ntfy.alexlebens.net
|
||||
siteMonitor: http://ntfy.ntfy:80
|
||||
statusStyle: dot
|
||||
- Reverse Proxy:
|
||||
icon: sh-traefik.webp
|
||||
description: Traefik
|
||||
@@ -479,12 +432,6 @@ homepage:
|
||||
href: https://pikvm.alexlebens.net
|
||||
siteMonitor: https://pikvm.alexlebens.net
|
||||
statusStyle: dot
|
||||
- Server Plug:
|
||||
icon: sh-shelly.webp
|
||||
description: Shelly
|
||||
href: http://it05sp.alexlebens.net
|
||||
siteMonitor: http://it05sp.alexlebens.net
|
||||
statusStyle: dot
|
||||
- Storage:
|
||||
- Cluster Storage:
|
||||
icon: sh-ceph.webp
|
||||
@@ -492,36 +439,30 @@ homepage:
|
||||
href: https://ceph.alexlebens.net
|
||||
siteMonitor: http://rook-ceph-mgr-dashboard.rook-ceph:7000
|
||||
statusStyle: dot
|
||||
- Object Storage (NAS):
|
||||
icon: sh-garage.webp
|
||||
description: Garage
|
||||
href: https://garage-webui.alexlebens.net
|
||||
siteMonitor: http://garage-webui.garage:3909
|
||||
statusStyle: dot
|
||||
- Object Storage (ps10rp):
|
||||
icon: sh-garage.webp
|
||||
description: Garage
|
||||
href: https://garage-ui-ps10rp.boreal-beaufort.ts.net
|
||||
siteMonitor: https://garage-ui-ps10rp.boreal-beaufort.ts.net
|
||||
statusStyle: dot
|
||||
- Database:
|
||||
icon: sh-pgadmin-light.webp
|
||||
description: PGAdmin
|
||||
href: https://pgadmin.alexlebens.net
|
||||
siteMonitor: http://pgadmin.pgadmin:80
|
||||
statusStyle: dot
|
||||
- Database:
|
||||
icon: sh-whodb.webp
|
||||
description: WhoDB
|
||||
href: https://whodb.alexlebens.net
|
||||
siteMonitor: http://whodb.whodb:80
|
||||
statusStyle: dot
|
||||
- Secrets:
|
||||
icon: sh-hashicorp-vault.webp
|
||||
description: Vault
|
||||
href: https://vault.alexlebens.net
|
||||
siteMonitor: http://vault.vault:8200
|
||||
statusStyle: dot
|
||||
- Object Storage (Outline):
|
||||
icon: sh-minio.webp
|
||||
description: Minio Tenant
|
||||
href: https://minio-outline.alexlebens.net
|
||||
siteMonitor: http://minio-outline-console.outline:9090
|
||||
statusStyle: dot
|
||||
- Object Storage (Directus):
|
||||
icon: sh-minio.webp
|
||||
description: Minio Tenant
|
||||
href: https://minio-directus.alexlebens.net
|
||||
siteMonitor: http://minio-directus-console.directus:9090
|
||||
statusStyle: dot
|
||||
- TV Shows:
|
||||
- Sonarr:
|
||||
icon: sh-sonarr.webp
|
||||
@@ -633,11 +574,11 @@ homepage:
|
||||
siteMonitor: http://slskd.slskd:5030
|
||||
statusStyle: dot
|
||||
- Services (Servarr):
|
||||
- qUI:
|
||||
icon: https://raw.githubusercontent.com/autobrr/qui/8487c818886df9abb2b1456f43b54e0ba180a2bd/web/public/icons.svg
|
||||
description: qbitorrent
|
||||
href: https://qui.alexlebens.net
|
||||
siteMonitor: http://qbittorrent-qui.qbittorrent:80
|
||||
- qBittorrent:
|
||||
icon: sh-qbittorrent.webp
|
||||
description: P2P Downloads
|
||||
href: https://qbittorrent.alexlebens.net
|
||||
siteMonitor: http://qbittorrent.qbittorrent:8080
|
||||
statusStyle: dot
|
||||
widget:
|
||||
type: qbittorrent
|
||||
@@ -649,12 +590,6 @@ homepage:
|
||||
href: https://prowlarr.alexlebens.net
|
||||
siteMonitor: http://prowlarr.prowlarr:80
|
||||
statusStyle: dot
|
||||
- Bazarr:
|
||||
icon: sh-bazarr.webp
|
||||
description: Indexers
|
||||
href: https://bazarr.alexlebens.net
|
||||
siteMonitor: http://bazarr.bazarr:80
|
||||
statusStyle: dot
|
||||
- Huntarr:
|
||||
icon: https://raw.githubusercontent.com/plexguide/Huntarr.io/main/frontend/static/logo/128.png
|
||||
description: Indexers
|
||||
@@ -694,6 +629,9 @@ homepage:
|
||||
- Github:
|
||||
- abbr: GH
|
||||
href: https://github.com/alexlebens
|
||||
- Renovate:
|
||||
- abbr: RN
|
||||
href: https://developer.mend.io/[platform]/alexlebens/infrastructure
|
||||
- Digital Ocean:
|
||||
- abbr: DO
|
||||
href: https://www.digitalocean.com/
|
||||
@@ -749,7 +687,7 @@ homepage:
|
||||
config:
|
||||
enabled: true
|
||||
type: configMap
|
||||
name: homepage
|
||||
name: homepage-config
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
|
||||
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: huntarr
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/huntarr.png
|
||||
appVersion: 7.0.0
|
||||
appVersion: 6.3.6
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-huntarr
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
|
||||
@@ -8,8 +8,8 @@ huntarr:
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/plexguide/huntarr
|
||||
tag: 8.2.10
|
||||
repository: huntarr/huntarr
|
||||
tag: 6.5.15
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -18,6 +18,8 @@ huntarr:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 256Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -28,10 +30,9 @@ huntarr:
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
config:
|
||||
forceRename: huntarr-config
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
size: 1Gi
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
|
||||
@@ -8,8 +8,10 @@ keywords:
|
||||
home: https://wiki.alexlebens.dev/s/9377ae08-2041-4b6d-bc2b-61a4f5e8faae
|
||||
sources:
|
||||
- https://github.com/immich-app/immich
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
@@ -17,10 +19,13 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: immich
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
- name: valkey
|
||||
version: 3.0.6
|
||||
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
alias: postgres-16-cluster
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/immich.png
|
||||
appVersion: v2.0.1
|
||||
appVersion: v1.132.3
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-config-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: config
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -24,11 +26,13 @@ spec:
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: immich-postgresql-17-cluster-backup-secret
|
||||
name: immich-postgresql-16-cluster-backup-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret
|
||||
app.kubernetes.io/name: immich-postgresql-16-cluster-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: database
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -49,40 +53,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: immich-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-immich
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: immich-nfs-storage
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: immich-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
|
||||
@@ -1,32 +0,0 @@
|
||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
||||
kind: RedisReplication
|
||||
metadata:
|
||||
name: redis-replication-immich
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-immich
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
clusterSize: 3
|
||||
podSecurityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
kubernetesConfig:
|
||||
image: quay.io/opstree/redis:v8.0.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
storageClassName: ceph-block
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
redisExporter:
|
||||
enabled: true
|
||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: immich
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: metrics
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
selector:
|
||||
@@ -21,24 +23,3 @@ spec:
|
||||
interval: 3m
|
||||
scrapeTimeout: 1m
|
||||
path: /metrics
|
||||
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: redis-replication-immich
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: redis-replication-immich
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
redis-operator: "true"
|
||||
env: production
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
redis_setup_type: replication
|
||||
endpoints:
|
||||
- port: redis-exporter
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
||||
|
||||
@@ -9,7 +9,7 @@ immich:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/immich-app/immich-server
|
||||
tag: v2.2.2
|
||||
tag: v1.132.3
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -21,33 +21,33 @@ immich:
|
||||
- name: IMMICH_MACHINE_LEARNING_URL
|
||||
value: http://immich-machine-learning.immich:3003
|
||||
- name: REDIS_HOSTNAME
|
||||
value: redis-replication-immich-master
|
||||
value: immich-valkey-primary
|
||||
- name: DB_VECTOR_EXTENSION
|
||||
value: vectorchord
|
||||
value: pgvecto.rs
|
||||
- name: DB_HOSTNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: host
|
||||
- name: DB_DATABASE_NAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: dbname
|
||||
- name: DB_PORT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: port
|
||||
- name: DB_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: user
|
||||
- name: DB_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: immich-postgresql-17-cluster-app
|
||||
name: immich-postgresql-16-cluster-app
|
||||
key: password
|
||||
probes:
|
||||
liveness:
|
||||
@@ -99,7 +99,7 @@ immich:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/immich-app/immich-machine-learning
|
||||
tag: v2.2.2
|
||||
tag: v1.132.1
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TRANSFORMERS_CACHE
|
||||
@@ -136,6 +136,8 @@ immich:
|
||||
gpu.intel.com/i915: 1
|
||||
cpu: 10m
|
||||
memory: 256Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -171,6 +173,13 @@ immich:
|
||||
readOnly: true
|
||||
mountPropagation: None
|
||||
subPath: immich.json
|
||||
media:
|
||||
existingClaim: immich-nfs-storage
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
- path: /usr/src/app/upload
|
||||
readOnly: false
|
||||
cache:
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
@@ -181,23 +190,37 @@ immich:
|
||||
main:
|
||||
- path: /cache
|
||||
readOnly: false
|
||||
media:
|
||||
existingClaim: immich-nfs-storage
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
- path: /usr/src/app/upload
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
valkey:
|
||||
architecture: standalone
|
||||
auth:
|
||||
enabled: false
|
||||
usePasswordFiles: false
|
||||
primary:
|
||||
persistence:
|
||||
enabled: false
|
||||
replica:
|
||||
persistence:
|
||||
enabled: false
|
||||
postgres-16-cluster:
|
||||
# Tensorchord
|
||||
#--- https://github.com/immich-app/immich/discussions/9060
|
||||
#--- https://docs.pgvecto.rs/admin/kubernetes.html
|
||||
#--- https://github.com/tensorchord/cloudnative-pgvecto.rs
|
||||
#--- https://github.com/immich-app/immich/discussions/17025
|
||||
type: tensorchord
|
||||
mode: recovery
|
||||
cluster:
|
||||
image:
|
||||
repository: ghcr.io/tensorchord/cloudnative-vectorchord
|
||||
tag: 17.5-0.4.3
|
||||
repository: ghcr.io/tensorchord/cloudnative-pgvecto.rs
|
||||
tag: 16.3-v0.2.1
|
||||
storage:
|
||||
storageClass: local-path
|
||||
walStorage:
|
||||
storageClass: local-path
|
||||
resources:
|
||||
requests:
|
||||
memory: 384Mi
|
||||
cpu: 200m
|
||||
monitoring:
|
||||
enabled: true
|
||||
prometheusRule:
|
||||
@@ -205,56 +228,16 @@ postgres-17-cluster:
|
||||
postgresql:
|
||||
parameters:
|
||||
shared_buffers: 256MB
|
||||
shared_preload_libraries:
|
||||
- "vchord.so"
|
||||
initdb:
|
||||
postInitSQL:
|
||||
- CREATE EXTENSION IF NOT EXISTS "vector";
|
||||
- CREATE EXTENSION IF NOT EXISTS "vchord" CASCADE;
|
||||
- CREATE EXTENSION IF NOT EXISTS "cube" CASCADE;
|
||||
- CREATE EXTENSION IF NOT EXISTS "earthdistance" CASCADE;
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: immich-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster
|
||||
endpointCredentials: immich-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster
|
||||
index: 2
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: immich-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: immich-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 4 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-16-cluster
|
||||
endpointCredentials: immich-postgresql-16-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
|
||||
@@ -20,6 +20,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: jellyfin
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellyfin.png
|
||||
appVersion: 10.10.7
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: jellyfin-config-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-jellyfin
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: jellyfin-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: jellyfin-nfs-storage
|
||||
@@ -25,6 +27,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: jellyfin-youtube-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: jellyfin-youtube-nfs-storage
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: jellyfin-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
@@ -31,6 +33,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: jellyfin-youtube-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: jellyfin-config-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: jellyfin-config
|
||||
|
||||
@@ -9,7 +9,7 @@ jellyfin:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/jellyfin/jellyfin
|
||||
tag: 10.11.2
|
||||
tag: 10.10.7
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
@@ -25,6 +25,8 @@ jellyfin:
|
||||
gpu.intel.com/i915: 1
|
||||
cpu: 1
|
||||
memory: 2Gi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -35,7 +37,6 @@ jellyfin:
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
config:
|
||||
forceRename: jellyfin-config
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 100Gi
|
||||
|
||||
@@ -18,10 +18,10 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: jellystat
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
- name: postgres-cluster
|
||||
alias: postgres-17-cluster
|
||||
version: 6.15.0
|
||||
version: 5.1.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellystat.png
|
||||
appVersion: 1.1.6
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: jellystat-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -43,6 +45,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: jellystat-data-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -100,6 +104,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: jellystat-postgresql-17-cluster-backup-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: database
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
@@ -120,40 +126,3 @@ spec:
|
||||
key: /digital-ocean/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: jellystat-postgresql-17-cluster-backup-secret-garage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: jellystat-postgresql-17-cluster-backup-secret-garage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_KEY_ID
|
||||
- secretKey: ACCESS_SECRET_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_SECRET_KEY
|
||||
- secretKey: ACCESS_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /garage/home-infra/postgres-backups
|
||||
metadataPolicy: None
|
||||
property: ACCESS_REGION
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-jellystat
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: jellystat-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: jellystat-data
|
||||
|
||||
@@ -58,6 +58,8 @@ jellystat:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 256Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
@@ -68,7 +70,6 @@ jellystat:
|
||||
protocol: HTTP
|
||||
persistence:
|
||||
data:
|
||||
forceRename: jellystat-data
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
@@ -79,7 +80,7 @@ jellystat:
|
||||
- path: /app/backend/backup-data
|
||||
readOnly: false
|
||||
postgres-17-cluster:
|
||||
mode: recovery
|
||||
mode: standalone
|
||||
cluster:
|
||||
storage:
|
||||
storageClass: local-path
|
||||
@@ -92,45 +93,14 @@ postgres-17-cluster:
|
||||
recovery:
|
||||
method: objectStore
|
||||
objectStore:
|
||||
destinationPath: s3://postgres-backups/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
index: 1
|
||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret-garage
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret
|
||||
recoveryIndex: 2
|
||||
backup:
|
||||
objectStore:
|
||||
- name: external
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
index: 1
|
||||
retentionPolicy: "30d"
|
||||
isWALArchiver: false
|
||||
- name: garage-local
|
||||
destinationPath: s3://postgres-backups/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
index: 1
|
||||
endpointURL: http://garage-main.garage:3900
|
||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret-garage
|
||||
endpointCredentialsIncludeRegion: true
|
||||
retentionPolicy: "3d"
|
||||
isWALArchiver: true
|
||||
# - name: garage-remote
|
||||
# destinationPath: s3://postgres-backups/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
# index: 1
|
||||
# endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
||||
# endpointCredentials: jellystat-postgresql-17-cluster-backup-secret-garage
|
||||
# retentionPolicy: "30d"
|
||||
# data:
|
||||
# compression: bzip2
|
||||
# jobs: 2
|
||||
scheduledBackups:
|
||||
- name: daily-backup
|
||||
suspend: false
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: external
|
||||
- name: live-backup
|
||||
suspend: false
|
||||
immediate: true
|
||||
schedule: "0 0 0 * * *"
|
||||
backupName: garage-local
|
||||
# - name: weekly-backup
|
||||
# suspend: false
|
||||
# schedule: "0 6 4 * * SAT"
|
||||
# backupName: garage-remote
|
||||
enabled: true
|
||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret
|
||||
backupIndex: 2
|
||||
retentionPolicy: "7d"
|
||||
|
||||
@@ -1,11 +0,0 @@
|
||||
apiVersion: objectbucket.io/v1alpha1
|
||||
kind: ObjectBucketClaim
|
||||
metadata:
|
||||
name: ceph-bucket-karakeep
|
||||
labels:
|
||||
app.kubernetes.io/name: ceph-bucket-karakeep
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
generateBucketName: bucket-karakeep
|
||||
storageClassName: ceph-bucket
|
||||
@@ -1,23 +0,0 @@
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: karakeep
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: karakeep
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
endpoints:
|
||||
- port: http
|
||||
interval: 30s
|
||||
scrapeTimeout: 15s
|
||||
path: /api/metrics
|
||||
authorization:
|
||||
credentials:
|
||||
key: prometheus-token
|
||||
name: karakeep-key-secret
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: karakeep
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
@@ -16,6 +16,6 @@ dependencies:
|
||||
- name: app-template
|
||||
alias: kiwix
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
version: 3.7.3
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kiwix-dark.png
|
||||
appVersion: 3.7.0
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: http-route-kiwix
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
parentRefs:
|
||||
|
||||
@@ -6,6 +6,8 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: kiwix-nfs-storage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
volumeName: kiwix-nfs-storage
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user