Compare commits
1 Commits
renovate/s
...
13243b398d
Author | SHA1 | Date | |
---|---|---|---|
13243b398d
|
@@ -1,80 +0,0 @@
|
|||||||
name: lint-test-docker
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
paths:
|
|
||||||
- 'hosts/**'
|
|
||||||
- ! 'hosts/archive'
|
|
||||||
|
|
||||||
pull_request:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
paths:
|
|
||||||
- 'hosts/**'
|
|
||||||
- ! 'hosts/archive'
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
docker-lint:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
with:
|
|
||||||
fetch-depth: 0
|
|
||||||
|
|
||||||
- name: Check Branch Exists
|
|
||||||
id: check-branch-exists
|
|
||||||
uses: GuillaumeFalourd/branch-exists@v1.1
|
|
||||||
with:
|
|
||||||
branch: "origin/${{ github.base_ref }}"
|
|
||||||
|
|
||||||
- name: Branch Does Not Exist
|
|
||||||
if: steps.check-branch-exists.outputs.exists == 'false'
|
|
||||||
run: echo "Branch origin/${{ github.base_ref }} was not found, likely already merged"
|
|
||||||
|
|
||||||
|
|
||||||
- name: Set up Node.js
|
|
||||||
if: steps.check-branch-exists.outputs.exists == 'true'
|
|
||||||
uses: actions/setup-node@v4
|
|
||||||
with:
|
|
||||||
node-version: '22'
|
|
||||||
|
|
||||||
- name: Lint Docker Compose
|
|
||||||
if: steps.check-branch-exists.outputs.exists == 'true'
|
|
||||||
run: |
|
|
||||||
set -e # Exit immediately if a command exits with a non-zero status.
|
|
||||||
|
|
||||||
TARGET_BRANCH="origin/${{ github.base_ref }}"
|
|
||||||
echo ">> Target branch for diff is: $TARGET_BRANCH"
|
|
||||||
|
|
||||||
CHANGED_FILES=$(git diff --name-only "$TARGET_BRANCH" -- 'hosts/**')
|
|
||||||
|
|
||||||
echo ">> Found changed files:"
|
|
||||||
echo "$CHANGED_FILES"
|
|
||||||
|
|
||||||
# For each changed file, find its parent chart directory (the one with compose.yaml).
|
|
||||||
# Then, create a unique list of those directories.
|
|
||||||
CHANGED_COMPOSE=$(echo "$CHANGED_FILES" | while read -r file; do
|
|
||||||
dir=$(dirname "$file")
|
|
||||||
while [[ "$dir" != "." && ! -f "$dir/compose.yaml" ]]; do
|
|
||||||
dir=$(dirname "$dir")
|
|
||||||
done
|
|
||||||
if [[ "$dir" != "." ]]; then
|
|
||||||
echo "$dir"
|
|
||||||
fi
|
|
||||||
done | sort -u)
|
|
||||||
|
|
||||||
if [[ -z "$CHANGED_COMPOSE" ]]; then
|
|
||||||
echo ">> Could not determine changed compose files. This will happen if only files outside a compose file were changed."
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo ">> Running dclint on changed compose files:"
|
|
||||||
echo "$CHANGED_COMPOSE"
|
|
||||||
|
|
||||||
echo "$CHANGED_COMPOSE" | while read -r compose; do
|
|
||||||
echo ">> Linting $compose ..."
|
|
||||||
npx dclint $compose
|
|
||||||
done
|
|
@@ -1,82 +0,0 @@
|
|||||||
name: lint-test-helm
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
paths:
|
|
||||||
- 'clusters/**'
|
|
||||||
- ! 'clusters/*/archive'
|
|
||||||
|
|
||||||
pull_request:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
paths:
|
|
||||||
- 'clusters/**'
|
|
||||||
- ! 'clusters/*/archive'
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
helm-lint:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
with:
|
|
||||||
fetch-depth: 0
|
|
||||||
|
|
||||||
- name: Check Branch Exists
|
|
||||||
id: check-branch-exists
|
|
||||||
uses: GuillaumeFalourd/branch-exists@v1.1
|
|
||||||
with:
|
|
||||||
branch: "origin/${{ github.base_ref }}"
|
|
||||||
|
|
||||||
- name: Branch Does Not Exist
|
|
||||||
if: steps.check-branch-exists.outputs.exists == 'false'
|
|
||||||
run: echo "Branch origin/${{ github.base_ref }} was not found, likely already merged"
|
|
||||||
|
|
||||||
- name: Set up Helm
|
|
||||||
if: steps.check-branch-exists.outputs.exists == 'true'
|
|
||||||
uses: azure/setup-helm@v4
|
|
||||||
with:
|
|
||||||
token: ${{ secrets.GITEA_TOKEN }}
|
|
||||||
version: latest
|
|
||||||
|
|
||||||
- name: Lint Helm Chart
|
|
||||||
if: steps.check-branch-exists.outputs.exists == 'true'
|
|
||||||
run: |
|
|
||||||
set -e # Exit immediately if a command exits with a non-zero status.
|
|
||||||
|
|
||||||
TARGET_BRANCH="origin/${{ github.base_ref }}"
|
|
||||||
echo ">> Target branch for diff is: $TARGET_BRANCH"
|
|
||||||
|
|
||||||
CHANGED_FILES=$(git diff --name-only "$TARGET_BRANCH" -- 'clusters/**')
|
|
||||||
|
|
||||||
echo ">> Found changed files:"
|
|
||||||
echo "$CHANGED_FILES"
|
|
||||||
|
|
||||||
# For each changed file, find its parent chart directory (the one with Chart.yaml).
|
|
||||||
# Then, create a unique list of those directories.
|
|
||||||
CHANGED_CHARTS=$(echo "$CHANGED_FILES" | while read -r file; do
|
|
||||||
dir=$(dirname "$file")
|
|
||||||
while [[ "$dir" != "." && ! -f "$dir/Chart.yaml" ]]; do
|
|
||||||
dir=$(dirname "$dir")
|
|
||||||
done
|
|
||||||
if [[ "$dir" != "." ]]; then
|
|
||||||
echo "$dir"
|
|
||||||
fi
|
|
||||||
done | sort -u)
|
|
||||||
|
|
||||||
if [[ -z "$CHANGED_CHARTS" ]]; then
|
|
||||||
echo ">> Could not determine changed charts. This could happen if only files outside a chart were changed."
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo ">> Running helm lint on changed charts:"
|
|
||||||
echo "$CHANGED_CHARTS"
|
|
||||||
|
|
||||||
echo "$CHANGED_CHARTS" | while read -r chart; do
|
|
||||||
echo ">> Building dependency for "$chart" ..."
|
|
||||||
helm dependency build "$chart"
|
|
||||||
echo ">> Linting $chart..."
|
|
||||||
helm lint "$chart"
|
|
||||||
done
|
|
37
.gitea/workflows/lint-test.yaml
Normal file
37
.gitea/workflows/lint-test.yaml
Normal file
@@ -0,0 +1,37 @@
|
|||||||
|
name: lint-and-test-charts
|
||||||
|
|
||||||
|
on: pull_request
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
lint-test:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
fetch-depth: 0
|
||||||
|
|
||||||
|
- name: Set up Helm
|
||||||
|
uses: azure/setup-helm@v4
|
||||||
|
with:
|
||||||
|
version: latest
|
||||||
|
|
||||||
|
- uses: actions/setup-python@v5
|
||||||
|
with:
|
||||||
|
python-version: "3.13"
|
||||||
|
check-latest: true
|
||||||
|
|
||||||
|
- name: Set up chart-testing
|
||||||
|
uses: helm/chart-testing-action@v2.7.0
|
||||||
|
|
||||||
|
- name: Run chart-testing (list-changed)
|
||||||
|
id: list-changed
|
||||||
|
run: |
|
||||||
|
changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
|
||||||
|
if [[ -n "$changed" ]]; then
|
||||||
|
echo "changed=true" >> "$GITHUB_OUTPUT"
|
||||||
|
fi
|
||||||
|
|
||||||
|
- name: Run chart-testing (lint)
|
||||||
|
if: steps.list-changed.outputs.changed == 'true'
|
||||||
|
run: ct lint --target-branch ${{ github.event.repository.default_branch }}
|
@@ -1,32 +0,0 @@
|
|||||||
name: renovate
|
|
||||||
|
|
||||||
on:
|
|
||||||
schedule:
|
|
||||||
- cron: "@hourly"
|
|
||||||
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
|
|
||||||
workflow_dispatch:
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
renovate:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
container: ghcr.io/renovatebot/renovate:41
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Renovate
|
|
||||||
run: renovate
|
|
||||||
env:
|
|
||||||
RENOVATE_PLATFORM: gitea
|
|
||||||
RENOVATE_ENDPOINT: ${{ vars.INSTANCE_URL }}
|
|
||||||
RENOVATE_REPOSITORIES: alexlebens/infrastructure
|
|
||||||
RENOVATE_GIT_AUTHOR: Renovate Bot <renovate-bot@alexlebens.net>
|
|
||||||
LOG_LEVEL: info
|
|
||||||
RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }}
|
|
||||||
RENOVATE_GIT_PRIVATE_KEY: ${{ secrets.RENOVATE_GIT_PRIVATE_KEY }}
|
|
||||||
RENOVATE_GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_COM_TOKEN }}
|
|
||||||
RENOVATE_REDIS_URL: ${{ vars.RENOVATE_REDIS_URL }}
|
|
@@ -16,6 +16,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: actual
|
alias: actual
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/actual-budget.png
|
||||||
appVersion: v25.5.0
|
appVersion: v25.5.0
|
||||||
|
@@ -9,7 +9,7 @@ actual:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/actualbudget/actual
|
repository: ghcr.io/actualbudget/actual
|
||||||
tag: 25.10.0
|
tag: 25.5.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
|
@@ -18,6 +18,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: audiobookshelf
|
alias: audiobookshelf
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/audiobookshelf.png
|
||||||
appVersion: 2.21.0
|
appVersion: 2.21.0
|
||||||
|
@@ -1,28 +1,5 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
|
||||||
name: audiobookshelf-apprise-config
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: audiobookshelf-apprise-config
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ntfy-url
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/audiobookshelf/apprise
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ntfy-url
|
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
metadata:
|
||||||
name: audiobookshelf-config-backup-secret
|
name: audiobookshelf-config-backup-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
|
@@ -1,19 +0,0 @@
|
|||||||
apiVersion: monitoring.coreos.com/v1
|
|
||||||
kind: ServiceMonitor
|
|
||||||
metadata:
|
|
||||||
name: audiobookshelf-apprise
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: audiobookshelf-apprise
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
endpoints:
|
|
||||||
- port: apprise
|
|
||||||
interval: 30s
|
|
||||||
scrapeTimeout: 15s
|
|
||||||
path: /metrics
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app.kubernetes.io/name: audiobookshelf
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
@@ -9,7 +9,7 @@ audiobookshelf:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/advplyr/audiobookshelf
|
repository: ghcr.io/advplyr/audiobookshelf
|
||||||
tag: 2.30.0
|
tag: 2.23.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
@@ -18,29 +18,6 @@ audiobookshelf:
|
|||||||
requests:
|
requests:
|
||||||
cpu: 10m
|
cpu: 10m
|
||||||
memory: 128Mi
|
memory: 128Mi
|
||||||
apprise-api:
|
|
||||||
image:
|
|
||||||
repository: caronc/apprise
|
|
||||||
tag: 1.2.2
|
|
||||||
pullPolicy: IfNotPresent
|
|
||||||
env:
|
|
||||||
- name: TZ
|
|
||||||
value: US/Central
|
|
||||||
- name: APPRISE_STORAGE_MODE
|
|
||||||
value: memory
|
|
||||||
- name: APPRISE_STATEFUL_MODE
|
|
||||||
value: disabled
|
|
||||||
- name: APPRISE_WORKER_COUNT
|
|
||||||
value: 1
|
|
||||||
- name: APPRISE_STATELESS_URLS
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: audiobookshelf-apprise-config
|
|
||||||
key: ntfy-url
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 10m
|
|
||||||
memory: 128Mi
|
|
||||||
service:
|
service:
|
||||||
main:
|
main:
|
||||||
controller: main
|
controller: main
|
||||||
@@ -49,10 +26,6 @@ audiobookshelf:
|
|||||||
port: 80
|
port: 80
|
||||||
targetPort: 80
|
targetPort: 80
|
||||||
protocol: HTTP
|
protocol: HTTP
|
||||||
apprise:
|
|
||||||
port: 8000
|
|
||||||
targetPort: 8000
|
|
||||||
protocol: HTTP
|
|
||||||
persistence:
|
persistence:
|
||||||
config:
|
config:
|
||||||
storageClass: ceph-block
|
storageClass: ceph-block
|
||||||
|
@@ -18,6 +18,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: bazarr
|
alias: bazarr
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/bazarr.png
|
||||||
appVersion: 1.5.2
|
appVersion: 1.5.2
|
||||||
|
@@ -15,7 +15,7 @@ bazarr:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linuxserver/bazarr
|
repository: ghcr.io/linuxserver/bazarr
|
||||||
tag: 1.5.3@sha256:a93c3595410f5c5791a126d7705cd8a29f3ce882338eef304cb8bece3ef2580b
|
tag: 1.5.2@sha256:2458b13b6bdb9beee13acd2c70172140e9f9362488914d9f7cd95a473c3742b7
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
|
@@ -16,6 +16,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: calibre-web-automated
|
alias: calibre-web-automated
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/calibre-web.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/calibre-web.png
|
||||||
appVersion: V3.0.4
|
appVersion: V3.0.4
|
||||||
|
@@ -31,7 +31,7 @@ calibre-web-automated:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/calibrain/calibre-web-automated-book-downloader
|
repository: ghcr.io/calibrain/calibre-web-automated-book-downloader
|
||||||
tag: latest@sha256:c2850991e99e278269003d92efa86e865f7df039093fbd03e85141b035cf7a80
|
tag: latest@sha256:97a636efe3b78e1306ff521aa09256125aacdb1a04e628df294d7b6da3fe7b4a
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: FLASK_PORT
|
- name: FLASK_PORT
|
||||||
@@ -41,7 +41,7 @@ calibre-web-automated:
|
|||||||
- name: GID
|
- name: GID
|
||||||
value: 100
|
value: 100
|
||||||
- name: USE_CF_BYPASS
|
- name: USE_CF_BYPASS
|
||||||
value: false
|
value: true
|
||||||
- name: CLOUDFLARE_PROXY_URL
|
- name: CLOUDFLARE_PROXY_URL
|
||||||
value: http://localhost:8000
|
value: http://localhost:8000
|
||||||
- name: INGEST_DIR
|
- name: INGEST_DIR
|
||||||
@@ -55,7 +55,7 @@ calibre-web-automated:
|
|||||||
bypass:
|
bypass:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/sarperavci/cloudflarebypassforscraping
|
repository: ghcr.io/sarperavci/cloudflarebypassforscraping
|
||||||
tag: latest@sha256:c34ef70a768ddf35c057f893c5392b8f65465fc4fbac634ba68a16d6a9dd0cbb
|
tag: latest@sha256:bd326a3c6ae0b7ed3e405bbaa230e43e252f444c98f57d179f7a1d78f273748b
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
|
@@ -19,10 +19,10 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: code-server
|
alias: code-server
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
alias: cloudflared
|
alias: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.22.1
|
version: 1.15.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/visual-studio-code.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/visual-studio-code.png
|
||||||
appVersion: 4.100.2
|
appVersion: 4.100.2
|
||||||
|
@@ -9,7 +9,7 @@ code-server:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linuxserver/code-server
|
repository: ghcr.io/linuxserver/code-server
|
||||||
tag: 4.105.1@sha256:aea1f1c92e70b84204e928d73378e8782b3a23af73b419efff0ac7f39b6c73f2
|
tag: 4.100.2@sha256:23fbadee99aed3400b725f8b202306b5e7178ded297cbd1db049b8537229a145
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
|
@@ -8,10 +8,14 @@ keywords:
|
|||||||
home: https://wiki.alexlebens.dev/s/c2d242de-dcaa-4801-86a2-c4761dc8bf9b
|
home: https://wiki.alexlebens.dev/s/c2d242de-dcaa-4801-86a2-c4761dc8bf9b
|
||||||
sources:
|
sources:
|
||||||
- https://github.com/directus/directus
|
- https://github.com/directus/directus
|
||||||
|
- https://github.com/minio/operator
|
||||||
|
- https://github.com/valkey-io/valkey
|
||||||
- https://github.com/cloudflare/cloudflared
|
- https://github.com/cloudflare/cloudflared
|
||||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||||
- https://hub.docker.com/r/directus/directus
|
- https://hub.docker.com/r/directus/directus
|
||||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||||
|
- https://github.com/minio/operator/tree/master/helm/tenant
|
||||||
|
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||||
maintainers:
|
maintainers:
|
||||||
@@ -20,14 +24,21 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: directus
|
alias: directus
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
|
- name: tenant
|
||||||
|
alias: minio
|
||||||
|
version: 7.1.1
|
||||||
|
repository: https://operator.min.io/
|
||||||
|
- name: valkey
|
||||||
|
version: 3.0.9
|
||||||
|
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
alias: cloudflared-directus
|
alias: cloudflared-directus
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.22.1
|
version: 1.15.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/directus.png
|
||||||
appVersion: 11.7.2
|
appVersion: 11.7.2
|
||||||
|
@@ -45,33 +45,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: directus-metric-token
|
name: directus-valkey-config
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: directus-metric-token
|
app.kubernetes.io/name: directus-valkey-config
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: metric-token
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/directus/metrics
|
|
||||||
metadataPolicy: None
|
|
||||||
property: metric-token
|
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: directus-redis-config
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: directus-redis-config
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -83,14 +60,14 @@ spec:
|
|||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
conversionStrategy: Default
|
||||||
decodingStrategy: None
|
decodingStrategy: None
|
||||||
key: /cl01tl/directus/redis
|
key: /cl01tl/directus/valkey
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: user
|
property: user
|
||||||
- secretKey: password
|
- secretKey: password
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
conversionStrategy: Default
|
||||||
decodingStrategy: None
|
decodingStrategy: None
|
||||||
key: /cl01tl/directus/redis
|
key: /cl01tl/directus/valkey
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: password
|
property: password
|
||||||
|
|
||||||
@@ -124,6 +101,82 @@ spec:
|
|||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: directus-minio-user-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: directus-minio-user-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: AWS_ACCESS_KEY_ID
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/directus/minio/auth
|
||||||
|
metadataPolicy: None
|
||||||
|
property: AWS_ACCESS_KEY_ID
|
||||||
|
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/directus/minio/auth
|
||||||
|
metadataPolicy: None
|
||||||
|
property: AWS_SECRET_ACCESS_KEY
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: directus-minio-root-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: directus-minio-root-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: config.env
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/directus/minio/config
|
||||||
|
metadataPolicy: None
|
||||||
|
property: root-config.env
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: directus-minio-config-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: directus-minio-config-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: config.env
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/directus/minio/config
|
||||||
|
metadataPolicy: None
|
||||||
|
property: config.env
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
@@ -176,33 +229,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: directus-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: directus-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
@@ -1,10 +1,10 @@
|
|||||||
apiVersion: gateway.networking.k8s.io/v1
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
kind: HTTPRoute
|
kind: HTTPRoute
|
||||||
metadata:
|
metadata:
|
||||||
name: http-route-gatus
|
name: http-route-directus-minio
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: http-route-gatus
|
app.kubernetes.io/name: http-route-directus-minio
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -14,7 +14,7 @@ spec:
|
|||||||
name: traefik-gateway
|
name: traefik-gateway
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
hostnames:
|
hostnames:
|
||||||
- gatus.alexlebens.net
|
- minio-directus.alexlebens.net
|
||||||
rules:
|
rules:
|
||||||
- matches:
|
- matches:
|
||||||
- path:
|
- path:
|
||||||
@@ -23,6 +23,6 @@ spec:
|
|||||||
backendRefs:
|
backendRefs:
|
||||||
- group: ''
|
- group: ''
|
||||||
kind: Service
|
kind: Service
|
||||||
name: gatus
|
name: minio-directus-console
|
||||||
port: 80
|
port: 9090
|
||||||
weight: 100
|
weight: 100
|
@@ -1,11 +0,0 @@
|
|||||||
apiVersion: objectbucket.io/v1alpha1
|
|
||||||
kind: ObjectBucketClaim
|
|
||||||
metadata:
|
|
||||||
name: ceph-bucket-directus
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: ceph-bucket-directus
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
generateBucketName: bucket-directus
|
|
||||||
storageClassName: ceph-bucket
|
|
@@ -1,35 +0,0 @@
|
|||||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
|
||||||
kind: RedisReplication
|
|
||||||
metadata:
|
|
||||||
name: redis-replication-directus
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-replication-directus
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
clusterSize: 3
|
|
||||||
podSecurityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
fsGroup: 1000
|
|
||||||
kubernetesConfig:
|
|
||||||
image: quay.io/opstree/redis:v8.2.1
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
redisSecret:
|
|
||||||
name: directus-redis-config
|
|
||||||
key: password
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 50m
|
|
||||||
memory: 128Mi
|
|
||||||
storage:
|
|
||||||
volumeClaimTemplate:
|
|
||||||
spec:
|
|
||||||
storageClassName: ceph-block
|
|
||||||
accessModes: ["ReadWriteOnce"]
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 1Gi
|
|
||||||
redisExporter:
|
|
||||||
enabled: true
|
|
||||||
image: quay.io/opstree/redis-exporter:v1.76.0
|
|
@@ -1,30 +0,0 @@
|
|||||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
|
||||||
kind: RedisSentinel
|
|
||||||
metadata:
|
|
||||||
name: redis-sentinel-directus
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-sentinel-directus
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
clusterSize: 3
|
|
||||||
podSecurityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
fsGroup: 1000
|
|
||||||
redisSentinelConfig:
|
|
||||||
redisReplicationName: redis-replication-directus
|
|
||||||
redisReplicationPassword:
|
|
||||||
secretKeyRef:
|
|
||||||
name: directus-redis-config
|
|
||||||
key: password
|
|
||||||
kubernetesConfig:
|
|
||||||
image: quay.io/opstree/redis-sentinel:v7.0.15
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
redisSecret:
|
|
||||||
name: directus-redis-config
|
|
||||||
key: password
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 10m
|
|
||||||
memory: 128Mi
|
|
@@ -1,43 +0,0 @@
|
|||||||
apiVersion: monitoring.coreos.com/v1
|
|
||||||
kind: ServiceMonitor
|
|
||||||
metadata:
|
|
||||||
name: directus
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: directus
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app.kubernetes.io/name: directus
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
endpoints:
|
|
||||||
- port: http
|
|
||||||
interval: 30s
|
|
||||||
scrapeTimeout: 15s
|
|
||||||
path: /metrics
|
|
||||||
bearerTokenSecret:
|
|
||||||
name: directus-metric-token
|
|
||||||
key: metric-token
|
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: monitoring.coreos.com/v1
|
|
||||||
kind: ServiceMonitor
|
|
||||||
metadata:
|
|
||||||
name: redis-replication-directus
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-replication-directus
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
redis-operator: "true"
|
|
||||||
env: production
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
redis_setup_type: replication
|
|
||||||
endpoints:
|
|
||||||
- port: redis-exporter
|
|
||||||
interval: 30s
|
|
||||||
scrapeTimeout: 10s
|
|
@@ -9,7 +9,7 @@ directus:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: directus/directus
|
repository: directus/directus
|
||||||
tag: 11.12.0
|
tag: 11.7.2
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: PUBLIC_URL
|
- name: PUBLIC_URL
|
||||||
@@ -63,25 +63,21 @@ directus:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: directus-postgresql-17-cluster-app
|
name: directus-postgresql-17-cluster-app
|
||||||
key: password
|
key: password
|
||||||
- name: SYNCHRONIZATION_STORE
|
|
||||||
value: redis
|
|
||||||
- name: CACHE_ENABLED
|
|
||||||
value: true
|
|
||||||
- name: CACHE_STORE
|
|
||||||
value: redis
|
|
||||||
- name: REDIS_ENABLED
|
- name: REDIS_ENABLED
|
||||||
value: true
|
value: true
|
||||||
- name: REDIS_HOST
|
- name: REDIS_HOST
|
||||||
value: redis-replication-directus-master
|
value: directus-valkey-primary
|
||||||
|
- name: REDIS_PORT
|
||||||
|
value: 6379
|
||||||
- name: REDIS_USERNAME
|
- name: REDIS_USERNAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: directus-redis-config
|
name: directus-valkey-config
|
||||||
key: user
|
key: user
|
||||||
- name: REDIS_PASSWORD
|
- name: REDIS_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: directus-redis-config
|
name: directus-valkey-config
|
||||||
key: password
|
key: password
|
||||||
- name: STORAGE_LOCATIONS
|
- name: STORAGE_LOCATIONS
|
||||||
value: s3
|
value: s3
|
||||||
@@ -90,24 +86,21 @@ directus:
|
|||||||
- name: STORAGE_S3_KEY
|
- name: STORAGE_S3_KEY
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: ceph-bucket-directus
|
name: directus-minio-user-secret
|
||||||
key: AWS_ACCESS_KEY_ID
|
key: AWS_ACCESS_KEY_ID
|
||||||
- name: STORAGE_S3_SECRET
|
- name: STORAGE_S3_SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: ceph-bucket-directus
|
name: directus-minio-user-secret
|
||||||
key: AWS_SECRET_ACCESS_KEY
|
key: AWS_SECRET_ACCESS_KEY
|
||||||
- name: STORAGE_S3_BUCKET
|
- name: STORAGE_S3_BUCKET
|
||||||
valueFrom:
|
value: directus
|
||||||
configMapKeyRef:
|
|
||||||
name: ceph-bucket-directus
|
|
||||||
key: BUCKET_NAME
|
|
||||||
- name: STORAGE_S3_REGION
|
- name: STORAGE_S3_REGION
|
||||||
value: us-east-1
|
value: us-east-1
|
||||||
- name: STORAGE_S3_ENDPOINT
|
- name: STORAGE_S3_ENDPOINT
|
||||||
value: http://rook-ceph-rgw-ceph-objectstore.rook-ceph.svc:80
|
value: http://minio.directus:80
|
||||||
- name: STORAGE_S3_FORCE_PATH_STYLE
|
- name: STORAGE_S3_FORCE_PATH_STYLE
|
||||||
value: true
|
value: "true"
|
||||||
- name: AUTH_PROVIDERS
|
- name: AUTH_PROVIDERS
|
||||||
value: AUTHENTIK
|
value: AUTHENTIK
|
||||||
- name: AUTH_AUTHENTIK_DRIVER
|
- name: AUTH_AUTHENTIK_DRIVER
|
||||||
@@ -134,13 +127,6 @@ directus:
|
|||||||
value: Authentik
|
value: Authentik
|
||||||
- name: TELEMETRY
|
- name: TELEMETRY
|
||||||
value: false
|
value: false
|
||||||
- name: METRICS_ENABLED
|
|
||||||
value: true
|
|
||||||
- name: METRICS_TOKENS
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: directus-metric-token
|
|
||||||
key: metric-token
|
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 10m
|
cpu: 10m
|
||||||
@@ -153,11 +139,59 @@ directus:
|
|||||||
port: 80
|
port: 80
|
||||||
targetPort: 8055
|
targetPort: 8055
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
minio:
|
||||||
|
existingSecret:
|
||||||
|
name: directus-minio-root-secret
|
||||||
|
tenant:
|
||||||
|
name: minio-directus
|
||||||
|
configSecret:
|
||||||
|
name: directus-minio-config-secret
|
||||||
|
pools:
|
||||||
|
- servers: 3
|
||||||
|
name: pool
|
||||||
|
volumesPerServer: 2
|
||||||
|
size: 10Gi
|
||||||
|
storageClassName: ceph-block
|
||||||
|
mountPath: /export
|
||||||
|
subPath: /data
|
||||||
|
metrics:
|
||||||
|
enabled: true
|
||||||
|
port: 9000
|
||||||
|
protocol: http
|
||||||
|
certificate:
|
||||||
|
requestAutoCert: false
|
||||||
|
ingress:
|
||||||
|
console:
|
||||||
|
enabled: false
|
||||||
|
valkey:
|
||||||
|
architecture: replication
|
||||||
|
auth:
|
||||||
|
enabled: true
|
||||||
|
existingSecret: directus-valkey-config
|
||||||
|
existingSecretPasswordKey: password
|
||||||
|
usePasswordFiles: false
|
||||||
|
primary:
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 64Mi
|
||||||
|
persistence:
|
||||||
|
enabled: true
|
||||||
|
size: 1Gi
|
||||||
|
replica:
|
||||||
|
replicaCount: 1
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 64Mi
|
||||||
|
persistence:
|
||||||
|
enabled: true
|
||||||
|
size: 1Gi
|
||||||
cloudflared-directus:
|
cloudflared-directus:
|
||||||
name: cloudflared-directus
|
name: cloudflared-directus
|
||||||
existingSecretName: directus-cloudflared-secret
|
existingSecretName: directus-cloudflared-secret
|
||||||
postgres-17-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: standalone
|
||||||
cluster:
|
cluster:
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
@@ -170,30 +204,13 @@ postgres-17-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: directus-postgresql-17-cluster-backup-secret
|
||||||
|
recoveryIndex: 2
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
enabled: true
|
||||||
- name: external
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: directus-postgresql-17-cluster-backup-secret
|
||||||
retentionPolicy: "2d"
|
backupIndex: 2
|
||||||
isWALArchiver: true
|
|
||||||
- name: garage
|
|
||||||
destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-17-cluster
|
|
||||||
index: 1
|
|
||||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
||||||
endpointCredentials: directus-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
retentionPolicy: "30d"
|
|
||||||
data:
|
|
||||||
compression: bzip2
|
|
||||||
jobs: 2
|
|
||||||
scheduledBackups:
|
|
||||||
- name: daily-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 0 * * *"
|
|
||||||
backupName: external
|
|
||||||
- name: weekly-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 4 * * SAT"
|
|
||||||
backupName: garage
|
|
||||||
|
21
clusters/cl01tl/applications/eigenfocus/Chart.yaml
Normal file
21
clusters/cl01tl/applications/eigenfocus/Chart.yaml
Normal file
@@ -0,0 +1,21 @@
|
|||||||
|
apiVersion: v2
|
||||||
|
name: eigenfocus
|
||||||
|
version: 1.0.0
|
||||||
|
description: Eigenfocus
|
||||||
|
keywords:
|
||||||
|
- eigenfocus
|
||||||
|
- projects
|
||||||
|
home: https://wiki.alexlebens.dev/s/82548c75-cefe-4ad2-b60c-0b101127c31b
|
||||||
|
sources:
|
||||||
|
- https://github.com/Eigenfocus/eigenfocus
|
||||||
|
- https://hub.docker.com/r/eigenfocus/eigenfocus
|
||||||
|
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||||
|
maintainers:
|
||||||
|
- name: alexlebens
|
||||||
|
dependencies:
|
||||||
|
- name: app-template
|
||||||
|
alias: eigenfocus
|
||||||
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
|
version: 4.0.1
|
||||||
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/eigenfocus.png
|
||||||
|
appVersion: 1.1.0
|
@@ -0,0 +1,55 @@
|
|||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: eigenfocus-data-backup-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: eigenfocus-data-backup-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
target:
|
||||||
|
template:
|
||||||
|
mergePolicy: Merge
|
||||||
|
engineVersion: v2
|
||||||
|
data:
|
||||||
|
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/eigenfocus/eigenfocus-data"
|
||||||
|
data:
|
||||||
|
- secretKey: BUCKET_ENDPOINT
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/volsync/restic/config
|
||||||
|
metadataPolicy: None
|
||||||
|
property: S3_BUCKET_ENDPOINT
|
||||||
|
- secretKey: RESTIC_PASSWORD
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/volsync/restic/config
|
||||||
|
metadataPolicy: None
|
||||||
|
property: RESTIC_PASSWORD
|
||||||
|
- secretKey: AWS_DEFAULT_REGION
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/volsync/restic/config
|
||||||
|
metadataPolicy: None
|
||||||
|
property: AWS_DEFAULT_REGION
|
||||||
|
- secretKey: AWS_ACCESS_KEY_ID
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /digital-ocean/home-infra/volsync-backups
|
||||||
|
metadataPolicy: None
|
||||||
|
property: access_key
|
||||||
|
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /digital-ocean/home-infra/volsync-backups
|
||||||
|
metadataPolicy: None
|
||||||
|
property: secret_key
|
@@ -1,10 +1,10 @@
|
|||||||
apiVersion: gateway.networking.k8s.io/v1
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
kind: HTTPRoute
|
kind: HTTPRoute
|
||||||
metadata:
|
metadata:
|
||||||
name: https-route-kronic
|
name: http-route-eigenfocus
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: https-route-kronic
|
app.kubernetes.io/name: http-route-eigenfocus
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -14,7 +14,7 @@ spec:
|
|||||||
name: traefik-gateway
|
name: traefik-gateway
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
hostnames:
|
hostnames:
|
||||||
- kronic.alexlebens.net
|
- eigenfocus.alexlebens.net
|
||||||
rules:
|
rules:
|
||||||
- matches:
|
- matches:
|
||||||
- path:
|
- path:
|
||||||
@@ -23,6 +23,6 @@ spec:
|
|||||||
backendRefs:
|
backendRefs:
|
||||||
- group: ''
|
- group: ''
|
||||||
kind: Service
|
kind: Service
|
||||||
name: kronic
|
name: eigenfocus
|
||||||
port: 80
|
port: 80
|
||||||
weight: 100
|
weight: 100
|
@@ -0,0 +1,25 @@
|
|||||||
|
apiVersion: volsync.backube/v1alpha1
|
||||||
|
kind: ReplicationSource
|
||||||
|
metadata:
|
||||||
|
name: eigenfocus-data-backup-source
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: eigenfocus-data-backup-source
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
sourcePVC: eigenfocus-data
|
||||||
|
trigger:
|
||||||
|
schedule: 0 4 * * *
|
||||||
|
restic:
|
||||||
|
pruneIntervalDays: 7
|
||||||
|
repository: eigenfocus-data-backup-secret
|
||||||
|
retain:
|
||||||
|
hourly: 1
|
||||||
|
daily: 3
|
||||||
|
weekly: 2
|
||||||
|
monthly: 2
|
||||||
|
yearly: 4
|
||||||
|
copyMethod: Snapshot
|
||||||
|
storageClassName: ceph-block
|
||||||
|
volumeSnapshotClassName: ceph-blockpool-snapshot
|
40
clusters/cl01tl/applications/eigenfocus/values.yaml
Normal file
40
clusters/cl01tl/applications/eigenfocus/values.yaml
Normal file
@@ -0,0 +1,40 @@
|
|||||||
|
eigenfocus:
|
||||||
|
controllers:
|
||||||
|
main:
|
||||||
|
type: deployment
|
||||||
|
replicas: 1
|
||||||
|
strategy: Recreate
|
||||||
|
revisionHistoryLimit: 3
|
||||||
|
containers:
|
||||||
|
main:
|
||||||
|
image:
|
||||||
|
repository: eigenfocus/eigenfocus
|
||||||
|
tag: 1.1.0-free
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
env:
|
||||||
|
- name: DEFAULT_HOST_URL
|
||||||
|
value: https://eigenfocus.alexlebens.net
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 10m
|
||||||
|
memory: 128Mi
|
||||||
|
service:
|
||||||
|
main:
|
||||||
|
controller: main
|
||||||
|
ports:
|
||||||
|
http:
|
||||||
|
port: 80
|
||||||
|
targetPort: 3000
|
||||||
|
protocol: HTTP
|
||||||
|
persistence:
|
||||||
|
data:
|
||||||
|
forceRename: eigenfocus-data
|
||||||
|
storageClass: ceph-block
|
||||||
|
accessMode: ReadWriteOnce
|
||||||
|
size: 2Gi
|
||||||
|
retain: true
|
||||||
|
advancedMounts:
|
||||||
|
main:
|
||||||
|
main:
|
||||||
|
- path: /eigenfocus-app/app-data
|
||||||
|
readOnly: false
|
@@ -17,11 +17,11 @@ maintainers:
|
|||||||
- name: alexlebens
|
- name: alexlebens
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: element-web
|
- name: element-web
|
||||||
version: 1.4.22
|
version: 1.4.10
|
||||||
repository: https://ananace.gitlab.io/charts
|
repository: https://ananace.gitlab.io/charts
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
alias: cloudflared
|
alias: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.22.1
|
version: 1.15.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/element.png
|
||||||
appVersion: v1.11.100
|
appVersion: v1.11.100
|
||||||
|
@@ -2,7 +2,7 @@ element-web:
|
|||||||
replicaCount: 1
|
replicaCount: 1
|
||||||
image:
|
image:
|
||||||
repository: vectorim/element-web
|
repository: vectorim/element-web
|
||||||
tag: v1.12.2
|
tag: v1.11.101
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
defaultServer:
|
defaultServer:
|
||||||
url: https://matrix.alexlebens.dev
|
url: https://matrix.alexlebens.dev
|
||||||
@@ -12,8 +12,8 @@ element-web:
|
|||||||
disable_3pid_login: true
|
disable_3pid_login: true
|
||||||
brand: "Alex Lebens"
|
brand: "Alex Lebens"
|
||||||
branding:
|
branding:
|
||||||
welcome_background_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
welcome_background_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||||
auth_header_logo_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
auth_header_logo_url: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||||
sso_redirect_options:
|
sso_redirect_options:
|
||||||
immediate: true
|
immediate: true
|
||||||
default_theme: dark
|
default_theme: dark
|
||||||
|
@@ -20,14 +20,14 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: freshrss
|
alias: freshrss
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
alias: cloudflared
|
alias: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.22.1
|
version: 1.15.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png
|
||||||
appVersion: 1.26.2
|
appVersion: 1.26.2
|
||||||
|
@@ -180,33 +180,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: freshrss-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
@@ -11,7 +11,7 @@ freshrss:
|
|||||||
runAsUser: 0
|
runAsUser: 0
|
||||||
image:
|
image:
|
||||||
repository: alpine
|
repository: alpine
|
||||||
tag: 3.22.2
|
tag: 3.21.3
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
command:
|
command:
|
||||||
- /bin/sh
|
- /bin/sh
|
||||||
@@ -35,7 +35,7 @@ freshrss:
|
|||||||
runAsUser: 0
|
runAsUser: 0
|
||||||
image:
|
image:
|
||||||
repository: alpine
|
repository: alpine
|
||||||
tag: 3.22.2
|
tag: 3.21.3
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
command:
|
command:
|
||||||
- /bin/sh
|
- /bin/sh
|
||||||
@@ -49,29 +49,7 @@ freshrss:
|
|||||||
git checkout;
|
git checkout;
|
||||||
rm -rf /var/www/FreshRSS/extensions/xExtension-ImageProxy
|
rm -rf /var/www/FreshRSS/extensions/xExtension-ImageProxy
|
||||||
cp -r xExtension-ImageProxy /var/www/FreshRSS/extensions
|
cp -r xExtension-ImageProxy /var/www/FreshRSS/extensions
|
||||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-ImageProxy
|
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-YouTubeChannel2RssFeed
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 10m
|
|
||||||
memory: 128Mi
|
|
||||||
init-download-extension-3:
|
|
||||||
securityContext:
|
|
||||||
runAsUser: 0
|
|
||||||
image:
|
|
||||||
repository: alpine
|
|
||||||
tag: 3.22.2
|
|
||||||
pullPolicy: IfNotPresent
|
|
||||||
command:
|
|
||||||
- /bin/sh
|
|
||||||
- -ec
|
|
||||||
- |
|
|
||||||
cd /tmp;
|
|
||||||
wget https://github.com/zimmra/xExtension-karakeep-button/archive/refs/tags/v1.1.tar.gz;
|
|
||||||
tar -xvzf *.tar.gz;
|
|
||||||
rm -rf /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
|
||||||
mkdir /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
|
||||||
cp -r /tmp/xExtension-karakeep-button-*/* /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
|
||||||
chown -R 568:568 /var/www/FreshRSS/extensions/xExtension-karakeep-button
|
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 10m
|
cpu: 10m
|
||||||
@@ -80,7 +58,7 @@ freshrss:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: freshrss/freshrss
|
repository: freshrss/freshrss
|
||||||
tag: 1.27.1
|
tag: 1.26.2
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: PGID
|
- name: PGID
|
||||||
@@ -185,16 +163,13 @@ freshrss:
|
|||||||
init-download-extension-2:
|
init-download-extension-2:
|
||||||
- path: /var/www/FreshRSS/extensions
|
- path: /var/www/FreshRSS/extensions
|
||||||
readOnly: false
|
readOnly: false
|
||||||
init-download-extension-3:
|
|
||||||
- path: /var/www/FreshRSS/extensions
|
|
||||||
readOnly: false
|
|
||||||
main:
|
main:
|
||||||
- path: /var/www/FreshRSS/extensions
|
- path: /var/www/FreshRSS/extensions
|
||||||
readOnly: false
|
readOnly: false
|
||||||
cloudflared:
|
cloudflared:
|
||||||
existingSecretName: freshrss-cloudflared-secret
|
existingSecretName: freshrss-cloudflared-secret
|
||||||
postgres-17-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: standalone
|
||||||
cluster:
|
cluster:
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
@@ -207,30 +182,13 @@ postgres-17-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret
|
||||||
|
recoveryIndex: 3
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
enabled: true
|
||||||
- name: external
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret
|
||||||
retentionPolicy: "2d"
|
backupIndex: 3
|
||||||
isWALArchiver: true
|
|
||||||
- name: garage
|
|
||||||
destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster
|
|
||||||
index: 1
|
|
||||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
||||||
endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
retentionPolicy: "30d"
|
|
||||||
data:
|
|
||||||
compression: bzip2
|
|
||||||
jobs: 2
|
|
||||||
scheduledBackups:
|
|
||||||
- name: daily-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 0 * * *"
|
|
||||||
backupName: external
|
|
||||||
- name: weekly-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 2 4 * * SAT"
|
|
||||||
backupName: garage
|
|
||||||
|
@@ -1,8 +1,9 @@
|
|||||||
apiVersion: v2
|
apiVersion: v2
|
||||||
name: karakeep
|
name: hoarder
|
||||||
version: 1.0.0
|
version: 1.0.0
|
||||||
description: Karakeep
|
description: Karakeep
|
||||||
keywords:
|
keywords:
|
||||||
|
- hoarder
|
||||||
- karakeep
|
- karakeep
|
||||||
- bookmarks
|
- bookmarks
|
||||||
home: https://wiki.alexlebens.dev/s/f8177591-8253-4e21-82d5-a556f0aeafad
|
home: https://wiki.alexlebens.dev/s/f8177591-8253-4e21-82d5-a556f0aeafad
|
||||||
@@ -18,15 +19,15 @@ maintainers:
|
|||||||
- name: alexlebens
|
- name: alexlebens
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: app-template
|
- name: app-template
|
||||||
alias: karakeep
|
alias: hoarder
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
- name: meilisearch
|
- name: meilisearch
|
||||||
version: 0.17.1
|
version: 0.13.0
|
||||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
alias: cloudflared
|
alias: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.22.1
|
version: 1.15.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/webp/karakeep.webp
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/webp/karakeep.webp
|
||||||
appVersion: 0.26.0
|
appVersion: 0.24.1
|
@@ -19,13 +19,6 @@ spec:
|
|||||||
key: /cl01tl/karakeep/key
|
key: /cl01tl/karakeep/key
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: key
|
property: key
|
||||||
- secretKey: prometheus-token
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/karakeep/key
|
|
||||||
metadataPolicy: None
|
|
||||||
property: prometheus-token
|
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
@@ -107,10 +100,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: karakeep-data-backup-secret
|
name: hoarder-data-backup-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: karakeep-data-backup-secret
|
app.kubernetes.io/name: hoarder-data-backup-secret
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -122,7 +115,7 @@ spec:
|
|||||||
mergePolicy: Merge
|
mergePolicy: Merge
|
||||||
engineVersion: v2
|
engineVersion: v2
|
||||||
data:
|
data:
|
||||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/karakeep/karakeep-data"
|
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/hoarder/hoarder-data"
|
||||||
data:
|
data:
|
||||||
- secretKey: BUCKET_ENDPOINT
|
- secretKey: BUCKET_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
@@ -1,19 +1,19 @@
|
|||||||
apiVersion: volsync.backube/v1alpha1
|
apiVersion: volsync.backube/v1alpha1
|
||||||
kind: ReplicationSource
|
kind: ReplicationSource
|
||||||
metadata:
|
metadata:
|
||||||
name: karakeep-data-backup-source
|
name: hoarder-data-backup-source
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: karakeep-data-backup-source
|
app.kubernetes.io/name: hoarder-data-backup-source
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
sourcePVC: karakeep-data
|
sourcePVC: hoarder-data
|
||||||
trigger:
|
trigger:
|
||||||
schedule: 0 4 * * *
|
schedule: 0 4 * * *
|
||||||
restic:
|
restic:
|
||||||
pruneIntervalDays: 7
|
pruneIntervalDays: 7
|
||||||
repository: karakeep-data-backup-secret
|
repository: hoarder-data-backup-secret
|
||||||
retain:
|
retain:
|
||||||
hourly: 1
|
hourly: 1
|
||||||
daily: 3
|
daily: 3
|
@@ -1,4 +1,4 @@
|
|||||||
karakeep:
|
hoarder:
|
||||||
controllers:
|
controllers:
|
||||||
main:
|
main:
|
||||||
type: deployment
|
type: deployment
|
||||||
@@ -9,13 +9,11 @@ karakeep:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/karakeep-app/karakeep
|
repository: ghcr.io/karakeep-app/karakeep
|
||||||
tag: 0.27.1
|
tag: 0.24.1
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: DATA_DIR
|
- name: DATA_DIR
|
||||||
value: /data
|
value: /data
|
||||||
- name: DB_WAL_MODE
|
|
||||||
value: true
|
|
||||||
- name: NEXTAUTH_URL
|
- name: NEXTAUTH_URL
|
||||||
value: https://karakeep.alexlebens.dev/
|
value: https://karakeep.alexlebens.dev/
|
||||||
- name: NEXTAUTH_SECRET
|
- name: NEXTAUTH_SECRET
|
||||||
@@ -23,41 +21,15 @@ karakeep:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: karakeep-key-secret
|
name: karakeep-key-secret
|
||||||
key: key
|
key: key
|
||||||
- name: PROMETHEUS_AUTH_TOKEN
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: karakeep-key-secret
|
|
||||||
key: prometheus-token
|
|
||||||
- name: ASSET_STORE_S3_ENDPOINT
|
|
||||||
value: http://rook-ceph-rgw-ceph-objectstore.rook-ceph.svc:80
|
|
||||||
- name: ASSET_STORE_S3_REGION
|
|
||||||
value: us-east-1
|
|
||||||
- name: ASSET_STORE_S3_BUCKET
|
|
||||||
valueFrom:
|
|
||||||
configMapKeyRef:
|
|
||||||
name: ceph-bucket-karakeep
|
|
||||||
key: BUCKET_NAME
|
|
||||||
- name: ASSET_STORE_S3_ACCESS_KEY_ID
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: ceph-bucket-karakeep
|
|
||||||
key: AWS_ACCESS_KEY_ID
|
|
||||||
- name: ASSET_STORE_S3_SECRET_ACCESS_KEY
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: ceph-bucket-karakeep
|
|
||||||
key: AWS_SECRET_ACCESS_KEY
|
|
||||||
- name: ASSET_STORE_S3_FORCE_PATH_STYLE
|
|
||||||
value: true
|
|
||||||
- name: MEILI_ADDR
|
- name: MEILI_ADDR
|
||||||
value: http://karakeep-meilisearch.karakeep:7700
|
value: http://hoarder-meilisearch.hoarder:7700
|
||||||
- name: MEILI_MASTER_KEY
|
- name: MEILI_MASTER_KEY
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: karakeep-meilisearch-master-key-secret
|
name: karakeep-meilisearch-master-key-secret
|
||||||
key: MEILI_MASTER_KEY
|
key: MEILI_MASTER_KEY
|
||||||
- name: BROWSER_WEB_URL
|
- name: BROWSER_WEB_URL
|
||||||
value: http://karakeep.karakeep:9222
|
value: http://hoarder.hoarder:9222
|
||||||
- name: DISABLE_SIGNUPS
|
- name: DISABLE_SIGNUPS
|
||||||
value: false
|
value: false
|
||||||
- name: OAUTH_PROVIDER_NAME
|
- name: OAUTH_PROVIDER_NAME
|
||||||
@@ -77,13 +49,13 @@ karakeep:
|
|||||||
name: karakeep-oidc-secret
|
name: karakeep-oidc-secret
|
||||||
key: AUTHENTIK_CLIENT_SECRET
|
key: AUTHENTIK_CLIENT_SECRET
|
||||||
- name: OLLAMA_BASE_URL
|
- name: OLLAMA_BASE_URL
|
||||||
value: http://ollama-server-3.ollama:11434
|
value: http://ollama-server-1.ollama:11434
|
||||||
- name: OLLAMA_KEEP_ALIVE
|
- name: OLLAMA_KEEP_ALIVE
|
||||||
value: 5m
|
value: 5m
|
||||||
- name: INFERENCE_TEXT_MODEL
|
- name: INFERENCE_TEXT_MODEL
|
||||||
value: gemma3:4b
|
value: llama3.1:8b
|
||||||
- name: INFERENCE_IMAGE_MODEL
|
- name: INFERENCE_IMAGE_MODEL
|
||||||
value: granite3.2-vision:2b
|
value: llama3.2-vision:11b
|
||||||
- name: EMBEDDING_TEXT_MODEL
|
- name: EMBEDDING_TEXT_MODEL
|
||||||
value: mxbai-embed-large
|
value: mxbai-embed-large
|
||||||
- name: INFERENCE_JOB_TIMEOUT_SEC
|
- name: INFERENCE_JOB_TIMEOUT_SEC
|
||||||
@@ -122,6 +94,7 @@ karakeep:
|
|||||||
protocol: HTTP
|
protocol: HTTP
|
||||||
persistence:
|
persistence:
|
||||||
data:
|
data:
|
||||||
|
forceRename: hoarder-data
|
||||||
storageClass: ceph-block
|
storageClass: ceph-block
|
||||||
accessMode: ReadWriteOnce
|
accessMode: ReadWriteOnce
|
||||||
size: 10Gi
|
size: 10Gi
|
@@ -18,6 +18,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: home-assistant
|
alias: home-assistant
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/home-assistant.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/home-assistant.png
|
||||||
appVersion: 2025.5.2
|
appVersion: 2025.5.2
|
||||||
|
@@ -9,7 +9,7 @@ home-assistant:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/home-assistant/home-assistant
|
repository: ghcr.io/home-assistant/home-assistant
|
||||||
tag: 2025.10.3
|
tag: 2025.5.3
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
@@ -21,7 +21,7 @@ home-assistant:
|
|||||||
code-server:
|
code-server:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linuxserver/code-server
|
repository: ghcr.io/linuxserver/code-server
|
||||||
tag: 4.105.1@sha256:aea1f1c92e70b84204e928d73378e8782b3a23af73b419efff0ac7f39b6c73f2
|
tag: 4.100.2@sha256:23fbadee99aed3400b725f8b202306b5e7178ded297cbd1db049b8537229a145
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
|
@@ -18,10 +18,10 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: homepage
|
alias: homepage
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
alias: cloudflared
|
alias: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.22.1
|
version: 1.15.0
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||||
appVersion: v1.2.0
|
appVersion: v1.2.0
|
||||||
|
@@ -11,7 +11,7 @@ homepage:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/gethomepage/homepage
|
repository: ghcr.io/gethomepage/homepage
|
||||||
tag: v1.5.0
|
tag: v1.2.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: HOMEPAGE_ALLOWED_HOSTS
|
- name: HOMEPAGE_ALLOWED_HOSTS
|
||||||
@@ -27,18 +27,18 @@ homepage:
|
|||||||
docker.yaml: ""
|
docker.yaml: ""
|
||||||
kubernetes.yaml: ""
|
kubernetes.yaml: ""
|
||||||
settings.yaml: |
|
settings.yaml: |
|
||||||
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.svg
|
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||||
headerStyle: clean
|
headerStyle: clean
|
||||||
hideVersion: true
|
hideVersion: true
|
||||||
color: zinc
|
color: zinc
|
||||||
background:
|
background:
|
||||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||||
brightness: 50
|
brightness: 50
|
||||||
theme: dark
|
theme: dark
|
||||||
disableCollapse: true
|
disableCollapse: true
|
||||||
widgets.yaml: |
|
widgets.yaml: |
|
||||||
- logo:
|
- logo:
|
||||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||||
- datetime:
|
- datetime:
|
||||||
text_size: xl
|
text_size: xl
|
||||||
format:
|
format:
|
||||||
@@ -68,20 +68,14 @@ homepage:
|
|||||||
href: https://gitea.alexlebens.dev
|
href: https://gitea.alexlebens.dev
|
||||||
siteMonitor: https://gitea.alexlebens.dev
|
siteMonitor: https://gitea.alexlebens.dev
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Code:
|
|
||||||
icon: sh-visual-studio-code.webp
|
|
||||||
description: VS Code
|
|
||||||
href: https://codeserver.alexlebens.dev
|
|
||||||
siteMonitor: https://codeserver.alexlebens.dev
|
|
||||||
statusStyle: dot
|
|
||||||
- Site:
|
- Site:
|
||||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||||
description: Profile Website
|
description: Profile Website
|
||||||
href: https://www.alexlebens.dev
|
href: https://www.alexlebens.dev
|
||||||
siteMonitor: https://www.alexlebens.dev
|
siteMonitor: https://www.alexlebens.dev
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Content Management:
|
- Content Management:
|
||||||
icon: directus.png
|
icon: sh-directus.webp
|
||||||
description: Directus
|
description: Directus
|
||||||
href: https://directus.alexlebens.dev
|
href: https://directus.alexlebens.dev
|
||||||
siteMonitor: https://directus.alexlebens.dev
|
siteMonitor: https://directus.alexlebens.dev
|
||||||
|
@@ -16,6 +16,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: homepage
|
alias: homepage
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/homepage.png
|
||||||
appVersion: v1.2.0
|
appVersion: v1.2.0
|
||||||
|
@@ -28,19 +28,3 @@ metadata:
|
|||||||
spec:
|
spec:
|
||||||
externalName: placeholder
|
externalName: placeholder
|
||||||
type: ExternalName
|
type: ExternalName
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: garage-ps10rp
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: garage-ps10rp
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
annotations:
|
|
||||||
tailscale.com/tailnet-fqdn: garage-ps10rp.boreal-beaufort.ts.net
|
|
||||||
spec:
|
|
||||||
externalName: placeholder
|
|
||||||
type: ExternalName
|
|
||||||
|
@@ -15,7 +15,7 @@ homepage:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/gethomepage/homepage
|
repository: ghcr.io/gethomepage/homepage
|
||||||
tag: v1.5.0
|
tag: v1.2.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: HOMEPAGE_ALLOWED_HOSTS
|
- name: HOMEPAGE_ALLOWED_HOSTS
|
||||||
@@ -39,12 +39,12 @@ homepage:
|
|||||||
kubernetes.yaml: |
|
kubernetes.yaml: |
|
||||||
mode: cluster
|
mode: cluster
|
||||||
settings.yaml: |
|
settings.yaml: |
|
||||||
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.svg
|
favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||||
headerStyle: clean
|
headerStyle: clean
|
||||||
hideVersion: true
|
hideVersion: true
|
||||||
color: zinc
|
color: zinc
|
||||||
background:
|
background:
|
||||||
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-5.png
|
image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background-4.jpg
|
||||||
brightness: 50
|
brightness: 50
|
||||||
theme: dark
|
theme: dark
|
||||||
disableCollapse: true
|
disableCollapse: true
|
||||||
@@ -61,9 +61,6 @@ homepage:
|
|||||||
- Code:
|
- Code:
|
||||||
tab: Tools
|
tab: Tools
|
||||||
icon: mdi-code-block-braces-#ffffff
|
icon: mdi-code-block-braces-#ffffff
|
||||||
- Automation:
|
|
||||||
tab: Tools
|
|
||||||
icon: mdi-wrench-#ffffff
|
|
||||||
- Monitoring:
|
- Monitoring:
|
||||||
tab: Tools
|
tab: Tools
|
||||||
icon: mdi-chart-line-#ffffff
|
icon: mdi-chart-line-#ffffff
|
||||||
@@ -99,7 +96,7 @@ homepage:
|
|||||||
icon: mdi-cloud-#ffffff
|
icon: mdi-cloud-#ffffff
|
||||||
widgets.yaml: |
|
widgets.yaml: |
|
||||||
- logo:
|
- logo:
|
||||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||||
- kubernetes:
|
- kubernetes:
|
||||||
cluster:
|
cluster:
|
||||||
show: true
|
show: true
|
||||||
@@ -132,21 +129,21 @@ homepage:
|
|||||||
href: https://plex.alexlebens.net
|
href: https://plex.alexlebens.net
|
||||||
siteMonitor: http://plex.plex:32400
|
siteMonitor: http://plex.plex:32400
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Jellyfin:
|
|
||||||
icon: sh-jellyfin.webp
|
|
||||||
description: Media server
|
|
||||||
href: https://jellyfin.alexlebens.net
|
|
||||||
siteMonitor: http://jellyfin.jellyfin:80
|
|
||||||
statusStyle: dot
|
|
||||||
- Media Requests:
|
- Media Requests:
|
||||||
icon: sh-overseerr.webp
|
icon: sh-overseerr.webp
|
||||||
description: Overseer
|
description: Overseer
|
||||||
href: https://overseerr.alexlebens.net
|
href: https://overseerr.alexlebens.net
|
||||||
siteMonitor: http://overseerr.overseerr:80
|
siteMonitor: http://overseerr.overseerr:80
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Media Tracking:
|
- Jellyfin:
|
||||||
|
icon: sh-jellyfin.webp
|
||||||
|
description: Media server
|
||||||
|
href: https://jellyfin.alexlebens.net
|
||||||
|
siteMonitor: http://jellyfin.jellyfin:80
|
||||||
|
statusStyle: dot
|
||||||
|
- Yamtrack:
|
||||||
icon: sh-yamtrack.webp
|
icon: sh-yamtrack.webp
|
||||||
description: Yamtrack
|
description: Watched Media Tracking
|
||||||
href: https://yamtrack.alexlebens.net
|
href: https://yamtrack.alexlebens.net
|
||||||
siteMonitor: http://yamtrack.yamtrack:80
|
siteMonitor: http://yamtrack.yamtrack:80
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
@@ -182,7 +179,7 @@ homepage:
|
|||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Public:
|
- Public:
|
||||||
- Site:
|
- Site:
|
||||||
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png
|
icon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/icon_white.png
|
||||||
description: Profile Website
|
description: Profile Website
|
||||||
href: https://www.alexlebens.dev
|
href: https://www.alexlebens.dev
|
||||||
siteMonitor: https://www.alexlebens.dev
|
siteMonitor: https://www.alexlebens.dev
|
||||||
@@ -242,6 +239,12 @@ homepage:
|
|||||||
href: https://actual.alexlebens.net
|
href: https://actual.alexlebens.net
|
||||||
siteMonitor: http://actual.actual:80
|
siteMonitor: http://actual.actual:80
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
|
- Project Management:
|
||||||
|
icon: sh-eigenfocus.webp
|
||||||
|
description: Eigenfocus
|
||||||
|
href: https://eigenfocus.alexlebens.net
|
||||||
|
siteMonitor: http://eigenfocus.eigenfocus:80
|
||||||
|
statusStyle: dot
|
||||||
- AI:
|
- AI:
|
||||||
icon: sh-ollama.webp
|
icon: sh-ollama.webp
|
||||||
description: Ollama
|
description: Ollama
|
||||||
@@ -288,8 +291,8 @@ homepage:
|
|||||||
- Code (ps10rp):
|
- Code (ps10rp):
|
||||||
icon: sh-gitea.webp
|
icon: sh-gitea.webp
|
||||||
description: Gitea
|
description: Gitea
|
||||||
href: https://gitea-ps10rp.boreal-beaufort.ts.net
|
href: https://gitea.lebens-home.net
|
||||||
siteMonitor: https://gitea-ps10rp.boreal-beaufort.ts.net
|
siteMonitor: https://gitea.lebens-home.net
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- IDE (Public):
|
- IDE (Public):
|
||||||
icon: sh-visual-studio-code.webp
|
icon: sh-visual-studio-code.webp
|
||||||
@@ -309,43 +312,28 @@ homepage:
|
|||||||
href: https://argocd.alexlebens.net
|
href: https://argocd.alexlebens.net
|
||||||
siteMonitor: http://argocd-server.argocd:80
|
siteMonitor: http://argocd-server.argocd:80
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Docker Deployment:
|
namespace: argocd
|
||||||
icon: sh-komodo-light.webp
|
- Workflows:
|
||||||
description: Komodo
|
|
||||||
href: https://komodo.alexlebens.net
|
|
||||||
siteMonitor: http://komodo-main.komodo:80
|
|
||||||
statusStyle: dot
|
|
||||||
- Automation:
|
|
||||||
- Deployment Workflows:
|
|
||||||
icon: sh-argo-cd.webp
|
icon: sh-argo-cd.webp
|
||||||
description: Argo Workflows
|
description: Argo Workflows
|
||||||
href: https://argo-workflows.alexlebens.net
|
href: https://argo-workflows.alexlebens.net
|
||||||
siteMonitor: http://argo-workflows-server.argo-workflows:2746
|
siteMonitor: http://argo-workflows-server.argo-workflows:2746
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- API Workflows:
|
namespace: argocd
|
||||||
|
- Deployment:
|
||||||
|
icon: sh-komodo-light.webp
|
||||||
|
description: Komodo
|
||||||
|
href: https://komodo.alexlebens.net
|
||||||
|
siteMonitor: http://komodo.komodo:80
|
||||||
|
statusStyle: dot
|
||||||
|
namespace: komodo
|
||||||
|
- Automation:
|
||||||
icon: sh-n8n.webp
|
icon: sh-n8n.webp
|
||||||
description: n8n
|
description: n8n
|
||||||
href: https://n8n.alexlebens.net
|
href: https://n8n.alexlebens.net
|
||||||
siteMonitor: http://n8n-main.n8n:80
|
siteMonitor: http://n8n-main.n8n:80
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Jobs:
|
namespace: komodo
|
||||||
icon: https://raw.githubusercontent.com/mshade/kronic/main/static/android-chrome-192x192.png
|
|
||||||
description: Kronic
|
|
||||||
href: https://kronic.alexlebens.net
|
|
||||||
siteMonitor: http://kronic.kronic:80
|
|
||||||
statusStyle: dot
|
|
||||||
- Uptime:
|
|
||||||
icon: sh-gatus.webp
|
|
||||||
description: Gatus
|
|
||||||
href: https://gatus.alexlebens.net
|
|
||||||
siteMonitor: http://gatus.gatus:80
|
|
||||||
statusStyle: dot
|
|
||||||
- Tools:
|
|
||||||
icon: sh-omnitools.webp
|
|
||||||
description: OmniTools
|
|
||||||
href: https://omni-tools.alexlebens.net
|
|
||||||
siteMonitor: http://omni-tools.omni-tools:80
|
|
||||||
statusStyle: dot
|
|
||||||
- Monitoring:
|
- Monitoring:
|
||||||
- Kubernetes:
|
- Kubernetes:
|
||||||
icon: sh-headlamp.webp
|
icon: sh-headlamp.webp
|
||||||
@@ -417,7 +405,7 @@ homepage:
|
|||||||
siteMonitor: http://authentik-server.authentik:80
|
siteMonitor: http://authentik-server.authentik:80
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Email:
|
- Email:
|
||||||
icon: sh-stalwart.webp
|
icon: sh-stalwart-mail-server.webp
|
||||||
description: Stalwart
|
description: Stalwart
|
||||||
href: https://stalwart.alexlebens.net
|
href: https://stalwart.alexlebens.net
|
||||||
siteMonitor: http://stalwart.stalwart:80
|
siteMonitor: http://stalwart.stalwart:80
|
||||||
@@ -479,12 +467,6 @@ homepage:
|
|||||||
href: https://pikvm.alexlebens.net
|
href: https://pikvm.alexlebens.net
|
||||||
siteMonitor: https://pikvm.alexlebens.net
|
siteMonitor: https://pikvm.alexlebens.net
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Server Plug:
|
|
||||||
icon: sh-shelly.webp
|
|
||||||
description: Shelly
|
|
||||||
href: http://it05sp.alexlebens.net
|
|
||||||
siteMonitor: http://it05sp.alexlebens.net
|
|
||||||
statusStyle: dot
|
|
||||||
- Storage:
|
- Storage:
|
||||||
- Cluster Storage:
|
- Cluster Storage:
|
||||||
icon: sh-ceph.webp
|
icon: sh-ceph.webp
|
||||||
@@ -492,12 +474,6 @@ homepage:
|
|||||||
href: https://ceph.alexlebens.net
|
href: https://ceph.alexlebens.net
|
||||||
siteMonitor: http://rook-ceph-mgr-dashboard.rook-ceph:7000
|
siteMonitor: http://rook-ceph-mgr-dashboard.rook-ceph:7000
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Remote Storage:
|
|
||||||
icon: sh-garage.webp
|
|
||||||
description: Garage
|
|
||||||
href: https://garage-ps10rp.boreal-beaufort.ts.net
|
|
||||||
siteMonitor: https://garage-ps10rp.boreal-beaufort.ts.net
|
|
||||||
statusStyle: dot
|
|
||||||
- Database:
|
- Database:
|
||||||
icon: sh-pgadmin-light.webp
|
icon: sh-pgadmin-light.webp
|
||||||
description: PGAdmin
|
description: PGAdmin
|
||||||
@@ -516,6 +492,18 @@ homepage:
|
|||||||
href: https://vault.alexlebens.net
|
href: https://vault.alexlebens.net
|
||||||
siteMonitor: http://vault.vault:8200
|
siteMonitor: http://vault.vault:8200
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
|
- Object Storage (Outline):
|
||||||
|
icon: sh-minio.webp
|
||||||
|
description: Minio Tenant
|
||||||
|
href: https://minio-outline.alexlebens.net
|
||||||
|
siteMonitor: http://minio-outline-console.outline:9090
|
||||||
|
statusStyle: dot
|
||||||
|
- Object Storage (Directus):
|
||||||
|
icon: sh-minio.webp
|
||||||
|
description: Minio Tenant
|
||||||
|
href: https://minio-directus.alexlebens.net
|
||||||
|
siteMonitor: http://minio-directus-console.directus:9090
|
||||||
|
statusStyle: dot
|
||||||
- TV Shows:
|
- TV Shows:
|
||||||
- Sonarr:
|
- Sonarr:
|
||||||
icon: sh-sonarr.webp
|
icon: sh-sonarr.webp
|
||||||
@@ -627,11 +615,11 @@ homepage:
|
|||||||
siteMonitor: http://slskd.slskd:5030
|
siteMonitor: http://slskd.slskd:5030
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
- Services (Servarr):
|
- Services (Servarr):
|
||||||
- qUI:
|
- qBittorrent:
|
||||||
icon: https://raw.githubusercontent.com/autobrr/qui/8487c818886df9abb2b1456f43b54e0ba180a2bd/web/public/icons.svg
|
icon: sh-qbittorrent.webp
|
||||||
description: qbitorrent
|
description: P2P Downloads
|
||||||
href: https://qui.alexlebens.net
|
href: https://qbittorrent.alexlebens.net
|
||||||
siteMonitor: http://qbittorrent-qui.qbittorrent:80
|
siteMonitor: http://qbittorrent.qbittorrent:8080
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
widget:
|
widget:
|
||||||
type: qbittorrent
|
type: qbittorrent
|
||||||
@@ -688,6 +676,9 @@ homepage:
|
|||||||
- Github:
|
- Github:
|
||||||
- abbr: GH
|
- abbr: GH
|
||||||
href: https://github.com/alexlebens
|
href: https://github.com/alexlebens
|
||||||
|
- Renovate:
|
||||||
|
- abbr: RN
|
||||||
|
href: https://developer.mend.io/[platform]/alexlebens/infrastructure
|
||||||
- Digital Ocean:
|
- Digital Ocean:
|
||||||
- abbr: DO
|
- abbr: DO
|
||||||
href: https://www.digitalocean.com/
|
href: https://www.digitalocean.com/
|
||||||
|
@@ -16,6 +16,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: huntarr
|
alias: huntarr
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/huntarr.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/huntarr.png
|
||||||
appVersion: 7.0.0
|
appVersion: 7.0.0
|
||||||
|
@@ -9,7 +9,7 @@ huntarr:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/plexguide/huntarr
|
repository: ghcr.io/plexguide/huntarr
|
||||||
tag: 8.2.10
|
tag: 7.4.2
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
@@ -31,7 +31,7 @@ huntarr:
|
|||||||
forceRename: huntarr-config
|
forceRename: huntarr-config
|
||||||
storageClass: ceph-block
|
storageClass: ceph-block
|
||||||
accessMode: ReadWriteOnce
|
accessMode: ReadWriteOnce
|
||||||
size: 5Gi
|
size: 1Gi
|
||||||
advancedMounts:
|
advancedMounts:
|
||||||
main:
|
main:
|
||||||
main:
|
main:
|
||||||
|
@@ -8,8 +8,10 @@ keywords:
|
|||||||
home: https://wiki.alexlebens.dev/s/9377ae08-2041-4b6d-bc2b-61a4f5e8faae
|
home: https://wiki.alexlebens.dev/s/9377ae08-2041-4b6d-bc2b-61a4f5e8faae
|
||||||
sources:
|
sources:
|
||||||
- https://github.com/immich-app/immich
|
- https://github.com/immich-app/immich
|
||||||
|
- https://github.com/valkey-io/valkey
|
||||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||||
|
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||||
maintainers:
|
maintainers:
|
||||||
- name: alexlebens
|
- name: alexlebens
|
||||||
@@ -17,10 +19,13 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: immich
|
alias: immich
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
|
- name: valkey
|
||||||
|
version: 3.0.9
|
||||||
|
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-16-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/immich.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/immich.png
|
||||||
appVersion: v2.0.1
|
appVersion: v1.132.3
|
||||||
|
@@ -24,10 +24,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: immich-postgresql-17-cluster-backup-secret
|
name: immich-postgresql-16-cluster-backup-secret
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret
|
app.kubernetes.io/name: immich-postgresql-16-cluster-backup-secret
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -49,33 +49,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: immich-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
@@ -1,32 +0,0 @@
|
|||||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
|
||||||
kind: RedisReplication
|
|
||||||
metadata:
|
|
||||||
name: redis-replication-immich
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-replication-immich
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
clusterSize: 3
|
|
||||||
podSecurityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
fsGroup: 1000
|
|
||||||
kubernetesConfig:
|
|
||||||
image: quay.io/opstree/redis:v8.0.3
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 50m
|
|
||||||
memory: 128Mi
|
|
||||||
storage:
|
|
||||||
volumeClaimTemplate:
|
|
||||||
spec:
|
|
||||||
storageClassName: ceph-block
|
|
||||||
accessModes: ["ReadWriteOnce"]
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 1Gi
|
|
||||||
redisExporter:
|
|
||||||
enabled: true
|
|
||||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
|
@@ -21,24 +21,3 @@ spec:
|
|||||||
interval: 3m
|
interval: 3m
|
||||||
scrapeTimeout: 1m
|
scrapeTimeout: 1m
|
||||||
path: /metrics
|
path: /metrics
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: monitoring.coreos.com/v1
|
|
||||||
kind: ServiceMonitor
|
|
||||||
metadata:
|
|
||||||
name: redis-replication-immich
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-replication-immich
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
redis-operator: "true"
|
|
||||||
env: production
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
redis_setup_type: replication
|
|
||||||
endpoints:
|
|
||||||
- port: redis-exporter
|
|
||||||
interval: 30s
|
|
||||||
scrapeTimeout: 10s
|
|
||||||
|
@@ -9,7 +9,7 @@ immich:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/immich-app/immich-server
|
repository: ghcr.io/immich-app/immich-server
|
||||||
tag: v2.1.0
|
tag: v1.134.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
@@ -21,33 +21,33 @@ immich:
|
|||||||
- name: IMMICH_MACHINE_LEARNING_URL
|
- name: IMMICH_MACHINE_LEARNING_URL
|
||||||
value: http://immich-machine-learning.immich:3003
|
value: http://immich-machine-learning.immich:3003
|
||||||
- name: REDIS_HOSTNAME
|
- name: REDIS_HOSTNAME
|
||||||
value: redis-replication-immich-master
|
value: immich-valkey-primary
|
||||||
- name: DB_VECTOR_EXTENSION
|
- name: DB_VECTOR_EXTENSION
|
||||||
value: vectorchord
|
value: pgvecto.rs
|
||||||
- name: DB_HOSTNAME
|
- name: DB_HOSTNAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: immich-postgresql-17-cluster-app
|
name: immich-postgresql-16-cluster-app
|
||||||
key: host
|
key: host
|
||||||
- name: DB_DATABASE_NAME
|
- name: DB_DATABASE_NAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: immich-postgresql-17-cluster-app
|
name: immich-postgresql-16-cluster-app
|
||||||
key: dbname
|
key: dbname
|
||||||
- name: DB_PORT
|
- name: DB_PORT
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: immich-postgresql-17-cluster-app
|
name: immich-postgresql-16-cluster-app
|
||||||
key: port
|
key: port
|
||||||
- name: DB_USERNAME
|
- name: DB_USERNAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: immich-postgresql-17-cluster-app
|
name: immich-postgresql-16-cluster-app
|
||||||
key: user
|
key: user
|
||||||
- name: DB_PASSWORD
|
- name: DB_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: immich-postgresql-17-cluster-app
|
name: immich-postgresql-16-cluster-app
|
||||||
key: password
|
key: password
|
||||||
probes:
|
probes:
|
||||||
liveness:
|
liveness:
|
||||||
@@ -99,7 +99,7 @@ immich:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/immich-app/immich-machine-learning
|
repository: ghcr.io/immich-app/immich-machine-learning
|
||||||
tag: v2.1.0
|
tag: v1.132.1
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TRANSFORMERS_CACHE
|
- name: TRANSFORMERS_CACHE
|
||||||
@@ -188,16 +188,48 @@ immich:
|
|||||||
main:
|
main:
|
||||||
- path: /usr/src/app/upload
|
- path: /usr/src/app/upload
|
||||||
readOnly: false
|
readOnly: false
|
||||||
postgres-17-cluster:
|
valkey:
|
||||||
|
architecture: replication
|
||||||
|
auth:
|
||||||
|
enabled: false
|
||||||
|
usePasswordFiles: false
|
||||||
|
primary:
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 64Mi
|
||||||
|
persistence:
|
||||||
|
enabled: true
|
||||||
|
size: 1Gi
|
||||||
|
replica:
|
||||||
|
replicaCount: 1
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 64Mi
|
||||||
|
persistence:
|
||||||
|
enabled: true
|
||||||
|
size: 1Gi
|
||||||
|
postgres-16-cluster:
|
||||||
|
# Tensorchord
|
||||||
|
#--- https://github.com/immich-app/immich/discussions/9060
|
||||||
|
#--- https://docs.pgvecto.rs/admin/kubernetes.html
|
||||||
|
#--- https://github.com/tensorchord/cloudnative-pgvecto.rs
|
||||||
|
#--- https://github.com/immich-app/immich/discussions/17025
|
||||||
|
type: tensorchord
|
||||||
mode: recovery
|
mode: recovery
|
||||||
cluster:
|
cluster:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/tensorchord/cloudnative-vectorchord
|
repository: ghcr.io/tensorchord/cloudnative-pgvecto.rs
|
||||||
tag: 17.5-0.4.3
|
tag: 16.3-v0.2.1
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
walStorage:
|
walStorage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
memory: 384Mi
|
||||||
|
cpu: 200m
|
||||||
monitoring:
|
monitoring:
|
||||||
enabled: true
|
enabled: true
|
||||||
prometheusRule:
|
prometheusRule:
|
||||||
@@ -205,41 +237,16 @@ postgres-17-cluster:
|
|||||||
postgresql:
|
postgresql:
|
||||||
parameters:
|
parameters:
|
||||||
shared_buffers: 256MB
|
shared_buffers: 256MB
|
||||||
shared_preload_libraries:
|
|
||||||
- "vchord.so"
|
|
||||||
initdb:
|
|
||||||
postInitSQL:
|
|
||||||
- CREATE EXTENSION IF NOT EXISTS "vector";
|
|
||||||
- CREATE EXTENSION IF NOT EXISTS "vchord" CASCADE;
|
|
||||||
- CREATE EXTENSION IF NOT EXISTS "cube" CASCADE;
|
|
||||||
- CREATE EXTENSION IF NOT EXISTS "earthdistance" CASCADE;
|
|
||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster
|
||||||
index: 2
|
endpointCredentials: immich-postgresql-17-cluster-backup-secret
|
||||||
|
recoveryIndex: 2
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
enabled: true
|
||||||
- name: external
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-16-cluster
|
||||||
index: 2
|
endpointCredentials: immich-postgresql-16-cluster-backup-secret
|
||||||
retentionPolicy: "2d"
|
backupIndex: 2
|
||||||
isWALArchiver: true
|
|
||||||
- name: garage
|
|
||||||
destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster
|
|
||||||
index: 1
|
|
||||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
||||||
endpointCredentials: immich-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
retentionPolicy: "30d"
|
|
||||||
data:
|
|
||||||
compression: bzip2
|
|
||||||
jobs: 2
|
|
||||||
scheduledBackups:
|
|
||||||
- name: daily-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 0 * * *"
|
|
||||||
backupName: external
|
|
||||||
- name: weekly-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 4 4 * * SAT"
|
|
||||||
backupName: garage
|
|
||||||
|
@@ -20,6 +20,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: jellyfin
|
alias: jellyfin
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellyfin.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellyfin.png
|
||||||
appVersion: 10.10.7
|
appVersion: 10.10.7
|
||||||
|
@@ -9,7 +9,7 @@ jellyfin:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/jellyfin/jellyfin
|
repository: ghcr.io/jellyfin/jellyfin
|
||||||
tag: 10.11.0
|
tag: 10.10.7
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
|
@@ -18,10 +18,10 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: jellystat
|
alias: jellystat
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellystat.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/jellystat.png
|
||||||
appVersion: 1.1.6
|
appVersion: 1.1.6
|
||||||
|
@@ -120,33 +120,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: jellystat-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: jellystat-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
@@ -79,7 +79,7 @@ jellystat:
|
|||||||
- path: /app/backend/backup-data
|
- path: /app/backend/backup-data
|
||||||
readOnly: false
|
readOnly: false
|
||||||
postgres-17-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: standalone
|
||||||
cluster:
|
cluster:
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
@@ -92,30 +92,14 @@ postgres-17-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret
|
||||||
|
recoveryIndex: 2
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
enabled: true
|
||||||
- name: external
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret
|
||||||
retentionPolicy: "2d"
|
backupIndex: 2
|
||||||
isWALArchiver: true
|
retentionPolicy: "7d"
|
||||||
- name: garage
|
|
||||||
destinationPath: s3://postgres-backups/cl01tl/jellystat/jellystat-postgresql-17-cluster
|
|
||||||
index: 1
|
|
||||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
||||||
endpointCredentials: jellystat-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
retentionPolicy: "30d"
|
|
||||||
data:
|
|
||||||
compression: bzip2
|
|
||||||
jobs: 2
|
|
||||||
scheduledBackups:
|
|
||||||
- name: daily-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 0 * * *"
|
|
||||||
backupName: external
|
|
||||||
- name: weekly-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 6 4 * * SAT"
|
|
||||||
backupName: garage
|
|
||||||
|
@@ -1,11 +0,0 @@
|
|||||||
apiVersion: objectbucket.io/v1alpha1
|
|
||||||
kind: ObjectBucketClaim
|
|
||||||
metadata:
|
|
||||||
name: ceph-bucket-karakeep
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: ceph-bucket-karakeep
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
generateBucketName: bucket-karakeep
|
|
||||||
storageClassName: ceph-bucket
|
|
@@ -1,23 +0,0 @@
|
|||||||
apiVersion: monitoring.coreos.com/v1
|
|
||||||
kind: ServiceMonitor
|
|
||||||
metadata:
|
|
||||||
name: karakeep
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: karakeep
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
endpoints:
|
|
||||||
- port: http
|
|
||||||
interval: 30s
|
|
||||||
scrapeTimeout: 15s
|
|
||||||
path: /api/metrics
|
|
||||||
authorization:
|
|
||||||
credentials:
|
|
||||||
key: prometheus-token
|
|
||||||
name: karakeep-key-secret
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app.kubernetes.io/name: karakeep
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
@@ -16,6 +16,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: kiwix
|
alias: kiwix
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kiwix-dark.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kiwix-dark.png
|
||||||
appVersion: 3.7.0
|
appVersion: 3.7.0
|
||||||
|
@@ -17,6 +17,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: libation
|
alias: libation
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/libation.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/libation.png
|
||||||
appVersion: 12.4.3
|
appVersion: 12.4.3
|
||||||
|
@@ -6,7 +6,7 @@ libation:
|
|||||||
suspend: false
|
suspend: false
|
||||||
concurrencyPolicy: Forbid
|
concurrencyPolicy: Forbid
|
||||||
timeZone: US/Central
|
timeZone: US/Central
|
||||||
schedule: "30 4 * * *"
|
schedule: "0 * * * *"
|
||||||
startingDeadlineSeconds: 90
|
startingDeadlineSeconds: 90
|
||||||
successfulJobsHistory: 3
|
successfulJobsHistory: 3
|
||||||
failedJobsHistory: 3
|
failedJobsHistory: 3
|
||||||
@@ -16,7 +16,7 @@ libation:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: rmcrackan/libation
|
repository: rmcrackan/libation
|
||||||
tag: 12.5.5
|
tag: 12.4.3
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: SLEEP_TIME
|
- name: SLEEP_TIME
|
||||||
|
@@ -21,10 +21,10 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: lidarr
|
alias: lidarr
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/lidarr.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/lidarr.png
|
||||||
appVersion: 2.13.3
|
appVersion: 2.11.2
|
||||||
|
@@ -83,33 +83,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: lidarr-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: lidarr-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
@@ -15,7 +15,7 @@ lidarr:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linuxserver/lidarr
|
repository: ghcr.io/linuxserver/lidarr
|
||||||
tag: 2.14.5@sha256:5f58fcb45a15cb33ef153f74b14c724ba073553afdc9b078e7701f15b7ce1433
|
tag: 2.11.2@sha256:e01a6968d2c58f04278a67da9690e62b0cba07f5dbacb03b0cfbf195940f94a7
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
@@ -31,7 +31,7 @@ lidarr:
|
|||||||
metrics:
|
metrics:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/exportarr
|
repository: ghcr.io/onedr0p/exportarr
|
||||||
tag: v2.3.0
|
tag: v2.2.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
args: ["lidarr"]
|
args: ["lidarr"]
|
||||||
env:
|
env:
|
||||||
@@ -85,20 +85,21 @@ lidarr:
|
|||||||
readOnly: false
|
readOnly: false
|
||||||
postgres-17-cluster:
|
postgres-17-cluster:
|
||||||
nameOverride: lidarr2-postgresql-17
|
nameOverride: lidarr2-postgresql-17
|
||||||
mode: recovery
|
mode: standalone
|
||||||
cluster:
|
cluster:
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
walStorage:
|
walStorage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
monitoring:
|
|
||||||
enabled: true
|
|
||||||
prometheusRule:
|
|
||||||
enabled: true
|
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: 1Gi
|
memory: 1Gi
|
||||||
cpu: 200m
|
cpu: 200m
|
||||||
|
monitoring:
|
||||||
|
enabled: true
|
||||||
|
prometheusRule:
|
||||||
|
enabled: true
|
||||||
|
bootstrap:
|
||||||
initdb:
|
initdb:
|
||||||
postInitSQL:
|
postInitSQL:
|
||||||
- CREATE DATABASE "lidarr-main" OWNER "app";
|
- CREATE DATABASE "lidarr-main" OWNER "app";
|
||||||
@@ -106,32 +107,14 @@ postgres-17-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster
|
||||||
index: 1
|
|
||||||
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret
|
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret
|
||||||
|
recoveryIndex: 3
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
enabled: true
|
||||||
- name: external
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret
|
||||||
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret
|
backupIndex: 3
|
||||||
retentionPolicy: "1d"
|
retentionPolicy: "7d"
|
||||||
isWALArchiver: true
|
|
||||||
- name: garage
|
|
||||||
destinationPath: s3://postgres-backups/cl01tl/lidarr/lidarr2-postgresql-17-cluster
|
|
||||||
index: 1
|
|
||||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
||||||
endpointCredentials: lidarr-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
retentionPolicy: "30d"
|
|
||||||
data:
|
|
||||||
compression: bzip2
|
|
||||||
jobs: 2
|
|
||||||
scheduledBackups:
|
|
||||||
- name: daily-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 */12 * * *"
|
|
||||||
backupName: external
|
|
||||||
- name: weekly-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 8 4 * * SAT"
|
|
||||||
backupName: garage
|
|
||||||
|
@@ -17,6 +17,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: lidatube
|
alias: lidatube
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/lidatube.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/lidatube.png
|
||||||
appVersion: 0.2.22
|
appVersion: 0.2.22
|
||||||
|
@@ -13,7 +13,7 @@ lidatube:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: thewicklowwolf/lidatube
|
repository: thewicklowwolf/lidatube
|
||||||
tag: 0.2.40
|
tag: 0.2.23
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: PUID
|
- name: PUID
|
||||||
|
@@ -1,20 +0,0 @@
|
|||||||
apiVersion: v2
|
|
||||||
name: omni-tools
|
|
||||||
version: 1.0.0
|
|
||||||
description: OmniTools
|
|
||||||
keywords:
|
|
||||||
- omni-tools
|
|
||||||
home: https://wiki.alexlebens.dev/s/8820cd36-dcf6-4ddf-8b2f-584271628a54
|
|
||||||
sources:
|
|
||||||
- https://github.com/iib0011/omni-tools
|
|
||||||
- https://hub.docker.com/r/iib0011/omni-tools
|
|
||||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
|
||||||
maintainers:
|
|
||||||
- name: alexlebens
|
|
||||||
dependencies:
|
|
||||||
- name: app-template
|
|
||||||
alias: omni-tools
|
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
|
||||||
version: 4.4.0
|
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/omnitools.png
|
|
||||||
appVersion: 0.4.0
|
|
@@ -1,25 +0,0 @@
|
|||||||
omni-tools:
|
|
||||||
controllers:
|
|
||||||
main:
|
|
||||||
type: deployment
|
|
||||||
replicas: 1
|
|
||||||
strategy: Recreate
|
|
||||||
revisionHistoryLimit: 3
|
|
||||||
containers:
|
|
||||||
main:
|
|
||||||
image:
|
|
||||||
repository: iib0011/omni-tools
|
|
||||||
tag: 0.6.0
|
|
||||||
pullPolicy: IfNotPresent
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 50m
|
|
||||||
memory: 512Mi
|
|
||||||
service:
|
|
||||||
main:
|
|
||||||
controller: main
|
|
||||||
ports:
|
|
||||||
http:
|
|
||||||
port: 80
|
|
||||||
targetPort: 80
|
|
||||||
protocol: HTTP
|
|
@@ -9,10 +9,14 @@ keywords:
|
|||||||
home: https://wiki.alexlebens.dev/s/c530c2b9-82b7-44df-b7ef-870c8b29242f
|
home: https://wiki.alexlebens.dev/s/c530c2b9-82b7-44df-b7ef-870c8b29242f
|
||||||
sources:
|
sources:
|
||||||
- https://github.com/outline/outline
|
- https://github.com/outline/outline
|
||||||
|
- https://github.com/minio/operator
|
||||||
|
- https://github.com/valkey-io/valkey
|
||||||
- https://github.com/cloudflare/cloudflared
|
- https://github.com/cloudflare/cloudflared
|
||||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||||
- https://hub.docker.com/r/outlinewiki/outline
|
- https://hub.docker.com/r/outlinewiki/outline
|
||||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||||
|
- https://github.com/minio/operator/tree/master/helm/tenant
|
||||||
|
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||||
maintainers:
|
maintainers:
|
||||||
@@ -21,14 +25,25 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: outline
|
alias: outline
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
|
- name: tenant
|
||||||
|
alias: minio
|
||||||
|
version: 7.1.1
|
||||||
|
repository: https://operator.min.io/
|
||||||
|
- name: valkey
|
||||||
|
version: 3.0.9
|
||||||
|
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
alias: cloudflared-outline
|
alias: cloudflared-outline
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.22.1
|
version: 1.15.0
|
||||||
|
- name: cloudflared
|
||||||
|
alias: cloudflared-minio
|
||||||
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
|
version: 1.15.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/outline.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/outline.png
|
||||||
appVersion: 0.84.0
|
appVersion: 0.84.0
|
||||||
|
@@ -57,6 +57,82 @@ spec:
|
|||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: outline-minio-user-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: outline-minio-user-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: AWS_ACCESS_KEY_ID
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/outline/minio/auth
|
||||||
|
metadataPolicy: None
|
||||||
|
property: AWS_ACCESS_KEY_ID
|
||||||
|
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/outline/minio/auth
|
||||||
|
metadataPolicy: None
|
||||||
|
property: AWS_SECRET_ACCESS_KEY
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: outline-minio-root-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: outline-minio-root-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: config.env
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/outline/minio/config
|
||||||
|
metadataPolicy: None
|
||||||
|
property: root-config.env
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: outline-minio-config-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: outline-minio-config-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: config.env
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/outline/minio/config
|
||||||
|
metadataPolicy: None
|
||||||
|
property: config.env
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
@@ -80,6 +156,29 @@ spec:
|
|||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: token
|
property: token
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: outline-minio-cloudflared-secret
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: outline-minio-cloudflared-secret
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: vault
|
||||||
|
data:
|
||||||
|
- secretKey: cf-tunnel-token
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cloudflare/tunnels/outline-minio
|
||||||
|
metadataPolicy: None
|
||||||
|
property: token
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
@@ -109,33 +208,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: outline-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: outline-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
@@ -1,10 +1,10 @@
|
|||||||
apiVersion: gateway.networking.k8s.io/v1
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
kind: HTTPRoute
|
kind: HTTPRoute
|
||||||
metadata:
|
metadata:
|
||||||
name: http-route-omni-tools
|
name: http-route-outline-minio
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: http-route-omni-tools
|
app.kubernetes.io/name: http-route-outline-minio
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -14,7 +14,7 @@ spec:
|
|||||||
name: traefik-gateway
|
name: traefik-gateway
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
hostnames:
|
hostnames:
|
||||||
- omni-tools.alexlebens.net
|
- minio-outline.alexlebens.net
|
||||||
rules:
|
rules:
|
||||||
- matches:
|
- matches:
|
||||||
- path:
|
- path:
|
||||||
@@ -23,6 +23,6 @@ spec:
|
|||||||
backendRefs:
|
backendRefs:
|
||||||
- group: ''
|
- group: ''
|
||||||
kind: Service
|
kind: Service
|
||||||
name: omni-tools
|
name: minio-outline-console
|
||||||
port: 80
|
port: 9090
|
||||||
weight: 100
|
weight: 100
|
@@ -1,30 +0,0 @@
|
|||||||
apiVersion: objectbucket.io/v1alpha1
|
|
||||||
kind: ObjectBucketClaim
|
|
||||||
metadata:
|
|
||||||
name: ceph-bucket-outline
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: ceph-bucket-outline
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
generateBucketName: bucket-outline
|
|
||||||
storageClassName: ceph-bucket
|
|
||||||
additionalConfig:
|
|
||||||
bucketPolicy: |
|
|
||||||
{
|
|
||||||
"Version": "2012-10-17",
|
|
||||||
"Statement": [
|
|
||||||
{
|
|
||||||
"Sid": "VisualEditor",
|
|
||||||
"Effect": "Allow",
|
|
||||||
"Action": [
|
|
||||||
"s3:GetObjectAcl",
|
|
||||||
"s3:DeleteObject",
|
|
||||||
"s3:PutObject",
|
|
||||||
"s3:GetObject",
|
|
||||||
"s3:PutObjectAcl"
|
|
||||||
],
|
|
||||||
"Resource": "arn:aws:s3:::bucket-outline-630c57e0-d475-4d78-926c-c1c082291d73/*"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
@@ -1,32 +0,0 @@
|
|||||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
|
||||||
kind: RedisReplication
|
|
||||||
metadata:
|
|
||||||
name: redis-replication-outline
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-replication-outline
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
clusterSize: 3
|
|
||||||
podSecurityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
fsGroup: 1000
|
|
||||||
kubernetesConfig:
|
|
||||||
image: quay.io/opstree/redis:v8.0.3
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 50m
|
|
||||||
memory: 128Mi
|
|
||||||
storage:
|
|
||||||
volumeClaimTemplate:
|
|
||||||
spec:
|
|
||||||
storageClassName: ceph-block
|
|
||||||
accessModes: ["ReadWriteOnce"]
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 1Gi
|
|
||||||
redisExporter:
|
|
||||||
enabled: true
|
|
||||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
|
@@ -1,19 +0,0 @@
|
|||||||
apiVersion: monitoring.coreos.com/v1
|
|
||||||
kind: ServiceMonitor
|
|
||||||
metadata:
|
|
||||||
name: redis-replication-outline
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-replication-outline
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
redis-operator: "true"
|
|
||||||
env: production
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
redis_setup_type: replication
|
|
||||||
endpoints:
|
|
||||||
- port: redis-exporter
|
|
||||||
interval: 30s
|
|
||||||
scrapeTimeout: 10s
|
|
@@ -9,7 +9,7 @@ outline:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: outlinewiki/outline
|
repository: outlinewiki/outline
|
||||||
tag: 0.87.4
|
tag: 0.84.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: NODE_ENV
|
- name: NODE_ENV
|
||||||
@@ -64,30 +64,29 @@ outline:
|
|||||||
- name: PGSSLMODE
|
- name: PGSSLMODE
|
||||||
value: disable
|
value: disable
|
||||||
- name: REDIS_URL
|
- name: REDIS_URL
|
||||||
value: redis://redis-replication-outline-master.outline:6379
|
value: redis://outline-valkey-primary.outline:6379
|
||||||
- name: FILE_STORAGE
|
- name: FILE_STORAGE
|
||||||
value: s3
|
value: s3
|
||||||
- name: AWS_ACCESS_KEY_ID
|
- name: AWS_ACCESS_KEY_ID
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: ceph-bucket-outline
|
name: outline-minio-user-secret
|
||||||
key: AWS_ACCESS_KEY_ID
|
key: AWS_ACCESS_KEY_ID
|
||||||
- name: AWS_SECRET_ACCESS_KEY
|
- name: AWS_SECRET_ACCESS_KEY
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: ceph-bucket-outline
|
name: outline-minio-user-secret
|
||||||
key: AWS_SECRET_ACCESS_KEY
|
key: AWS_SECRET_ACCESS_KEY
|
||||||
- name: AWS_REGION
|
- name: AWS_REGION
|
||||||
value: us-east-1
|
value: us-east-1
|
||||||
- name: AWS_S3_UPLOAD_BUCKET_NAME
|
- name: AWS_S3_UPLOAD_BUCKET_NAME
|
||||||
valueFrom:
|
value: outline
|
||||||
configMapKeyRef:
|
|
||||||
name: ceph-bucket-outline
|
|
||||||
key: BUCKET_NAME
|
|
||||||
- name: AWS_S3_UPLOAD_BUCKET_URL
|
- name: AWS_S3_UPLOAD_BUCKET_URL
|
||||||
value: https://objects.alexlebens.dev
|
value: https://outline-storage.alexlebens.dev/outline
|
||||||
|
- name: AWS_S3_ACCELERATE_URL
|
||||||
|
value: https://outline-storage.alexlebens.dev/outline
|
||||||
- name: AWS_S3_FORCE_PATH_STYLE
|
- name: AWS_S3_FORCE_PATH_STYLE
|
||||||
value: true
|
value: false
|
||||||
- name: AWS_S3_ACL
|
- name: AWS_S3_ACL
|
||||||
value: private
|
value: private
|
||||||
- name: FILE_STORAGE_UPLOAD_MAX_SIZE
|
- name: FILE_STORAGE_UPLOAD_MAX_SIZE
|
||||||
@@ -142,11 +141,60 @@ outline:
|
|||||||
port: 3000
|
port: 3000
|
||||||
targetPort: 3000
|
targetPort: 3000
|
||||||
protocol: HTTP
|
protocol: HTTP
|
||||||
|
minio:
|
||||||
|
existingSecret:
|
||||||
|
name: outline-minio-root-secret
|
||||||
|
tenant:
|
||||||
|
name: minio-outline
|
||||||
|
configSecret:
|
||||||
|
name: outline-minio-config-secret
|
||||||
|
pools:
|
||||||
|
- servers: 3
|
||||||
|
name: pool
|
||||||
|
volumesPerServer: 2
|
||||||
|
size: 10Gi
|
||||||
|
storageClassName: ceph-block
|
||||||
|
mountPath: /export
|
||||||
|
subPath: /data
|
||||||
|
metrics:
|
||||||
|
enabled: true
|
||||||
|
port: 9000
|
||||||
|
protocol: http
|
||||||
|
certificate:
|
||||||
|
requestAutoCert: false
|
||||||
|
ingress:
|
||||||
|
console:
|
||||||
|
enabled: false
|
||||||
|
valkey:
|
||||||
|
architecture: replication
|
||||||
|
auth:
|
||||||
|
enabled: false
|
||||||
|
usePasswordFiles: false
|
||||||
|
primary:
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 64Mi
|
||||||
|
persistence:
|
||||||
|
enabled: true
|
||||||
|
size: 1Gi
|
||||||
|
replica:
|
||||||
|
replicaCount: 1
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 64Mi
|
||||||
|
persistence:
|
||||||
|
enabled: true
|
||||||
|
size: 1Gi
|
||||||
cloudflared-outline:
|
cloudflared-outline:
|
||||||
existingSecretName: outline-cloudflared-secret
|
existingSecretName: outline-cloudflared-secret
|
||||||
name: cloudflared-outline
|
name: cloudflared-outline
|
||||||
|
cloudflared-minio:
|
||||||
|
existingSecretName: outline-minio-cloudflared-secret
|
||||||
|
name: cloudflared-minio
|
||||||
postgres-17-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: standalone
|
||||||
cluster:
|
cluster:
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
@@ -159,30 +207,13 @@ postgres-17-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: outline-postgresql-17-cluster-backup-secret
|
||||||
|
recoveryIndex: 2
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
enabled: true
|
||||||
- name: external
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: outline-postgresql-17-cluster-backup-secret
|
||||||
retentionPolicy: "2d"
|
backupIndex: 2
|
||||||
isWALArchiver: true
|
|
||||||
- name: garage
|
|
||||||
destinationPath: s3://postgres-backups/cl01tl/outline/outline-postgresql-17-cluster
|
|
||||||
index: 1
|
|
||||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
||||||
endpointCredentials: outline-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
retentionPolicy: "30d"
|
|
||||||
data:
|
|
||||||
compression: bzip2
|
|
||||||
jobs: 2
|
|
||||||
scheduledBackups:
|
|
||||||
- name: daily-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 0 * * *"
|
|
||||||
backupName: external
|
|
||||||
- name: weekly-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 10 4 * * SAT"
|
|
||||||
backupName: garage
|
|
||||||
|
@@ -16,6 +16,6 @@ maintainers:
|
|||||||
dependencies:
|
dependencies:
|
||||||
- name: app-template
|
- name: app-template
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/overseerr.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/overseerr.png
|
||||||
appVersion: 1.34.0
|
appVersion: 1.34.0
|
||||||
|
@@ -17,10 +17,10 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: photoview
|
alias: photoview
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/photoview.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/photoview.png
|
||||||
appVersion: 2.4.0
|
appVersion: 2.4.0
|
||||||
|
@@ -26,33 +26,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: photoview-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: photoview-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
@@ -73,7 +73,7 @@ photoview:
|
|||||||
- path: /photos
|
- path: /photos
|
||||||
readOnly: true
|
readOnly: true
|
||||||
postgres-17-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: standalone
|
||||||
cluster:
|
cluster:
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
@@ -86,30 +86,14 @@ postgres-17-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: photoview-postgresql-17-cluster-backup-secret
|
||||||
|
recoveryIndex: 3
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
enabled: true
|
||||||
- name: external
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: photoview-postgresql-17-cluster-backup-secret
|
||||||
retentionPolicy: "2d"
|
backupIndex: 3
|
||||||
isWALArchiver: true
|
retentionPolicy: "7d"
|
||||||
- name: garage
|
|
||||||
destinationPath: s3://postgres-backups/cl01tl/photoview/photoview-postgresql-17-cluster
|
|
||||||
index: 1
|
|
||||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
||||||
endpointCredentials: photoview-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
retentionPolicy: "30d"
|
|
||||||
data:
|
|
||||||
compression: bzip2
|
|
||||||
jobs: 2
|
|
||||||
scheduledBackups:
|
|
||||||
- name: daily-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 0 * * *"
|
|
||||||
backupName: external
|
|
||||||
- name: weekly-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 12 4 * * SAT"
|
|
||||||
backupName: garage
|
|
||||||
|
@@ -21,6 +21,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: plex
|
alias: plex
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/plex.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/plex.png
|
||||||
appVersion: 1.41.6
|
appVersion: 1.41.6
|
||||||
|
@@ -9,7 +9,7 @@ plex:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linuxserver/plex
|
repository: ghcr.io/linuxserver/plex
|
||||||
tag: 1.42.2@sha256:b13c1a01150225d88085214dc3deabb41985fa5427766c0126c84780d156b9a9
|
tag: 1.41.7@sha256:fad37d3811bbd089f95886cd14768addf009648a4913a01ea3db0a623e633025
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
|
@@ -8,10 +8,12 @@ keywords:
|
|||||||
home: https://wiki.alexlebens.dev/s/f483a06b-860b-423c-8d51-a1ce82e0fd43
|
home: https://wiki.alexlebens.dev/s/f483a06b-860b-423c-8d51-a1ce82e0fd43
|
||||||
sources:
|
sources:
|
||||||
- https://github.com/gitroomhq/postiz-app
|
- https://github.com/gitroomhq/postiz-app
|
||||||
|
- https://github.com/valkey-io/valkey
|
||||||
- https://github.com/cloudflare/cloudflared
|
- https://github.com/cloudflare/cloudflared
|
||||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||||
- https://github.com/gitroomhq/postiz-app/pkgs/container/postiz-app
|
- https://github.com/gitroomhq/postiz-app/pkgs/container/postiz-app
|
||||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
|
||||||
|
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
|
||||||
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
|
||||||
maintainers:
|
maintainers:
|
||||||
@@ -20,13 +22,16 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: postiz
|
alias: postiz
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
|
- name: valkey
|
||||||
|
version: 3.0.9
|
||||||
|
repository: oci://harbor.alexlebens.net/proxy-registry-1.docker.io/bitnamicharts
|
||||||
- name: cloudflared
|
- name: cloudflared
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
version: 1.22.1
|
version: 1.15.0
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/postiz.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/postiz.png
|
||||||
appVersion: v1.43.3
|
appVersion: v1.43.3
|
||||||
|
@@ -24,10 +24,10 @@ spec:
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: postiz-redis-config
|
name: postiz-valkey-config
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: postiz-redis-config
|
app.kubernetes.io/name: postiz-valkey-config
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
spec:
|
spec:
|
||||||
@@ -35,27 +35,27 @@ spec:
|
|||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: vault
|
name: vault
|
||||||
data:
|
data:
|
||||||
- secretKey: REDIS_URL
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/postiz/redis
|
|
||||||
metadataPolicy: None
|
|
||||||
property: REDIS_URL
|
|
||||||
- secretKey: user
|
- secretKey: user
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
conversionStrategy: Default
|
||||||
decodingStrategy: None
|
decodingStrategy: None
|
||||||
key: /cl01tl/postiz/redis
|
key: /cl01tl/postiz/valkey
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: user
|
property: user
|
||||||
- secretKey: password
|
- secretKey: password
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
conversionStrategy: Default
|
||||||
decodingStrategy: None
|
decodingStrategy: None
|
||||||
key: /cl01tl/postiz/redis
|
key: /cl01tl/postiz/valkey
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: password
|
property: password
|
||||||
|
- secretKey: REDIS_URL
|
||||||
|
remoteRef:
|
||||||
|
conversionStrategy: Default
|
||||||
|
decodingStrategy: None
|
||||||
|
key: /cl01tl/postiz/valkey
|
||||||
|
metadataPolicy: None
|
||||||
|
property: REDIS_URL
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
@@ -253,33 +253,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: postiz-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: postiz-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
@@ -1,35 +0,0 @@
|
|||||||
apiVersion: redis.redis.opstreelabs.in/v1beta2
|
|
||||||
kind: RedisReplication
|
|
||||||
metadata:
|
|
||||||
name: redis-replication-postiz
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-replication-postiz
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
clusterSize: 3
|
|
||||||
podSecurityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
fsGroup: 1000
|
|
||||||
kubernetesConfig:
|
|
||||||
image: quay.io/opstree/redis:v8.0.3
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
redisSecret:
|
|
||||||
name: postiz-redis-config
|
|
||||||
key: password
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 50m
|
|
||||||
memory: 128Mi
|
|
||||||
storage:
|
|
||||||
volumeClaimTemplate:
|
|
||||||
spec:
|
|
||||||
storageClassName: ceph-block
|
|
||||||
accessModes: ["ReadWriteOnce"]
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 1Gi
|
|
||||||
redisExporter:
|
|
||||||
enabled: true
|
|
||||||
image: quay.io/opstree/redis-exporter:v1.48.0
|
|
@@ -1,19 +0,0 @@
|
|||||||
apiVersion: monitoring.coreos.com/v1
|
|
||||||
kind: ServiceMonitor
|
|
||||||
metadata:
|
|
||||||
name: redis-replication-postiz
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: redis-replication-postiz
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
redis-operator: "true"
|
|
||||||
env: production
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
redis_setup_type: replication
|
|
||||||
endpoints:
|
|
||||||
- port: redis-exporter
|
|
||||||
interval: 30s
|
|
||||||
scrapeTimeout: 10s
|
|
@@ -9,7 +9,7 @@ postiz:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/gitroomhq/postiz-app
|
repository: ghcr.io/gitroomhq/postiz-app
|
||||||
tag: v2.7.0
|
tag: v1.44.2
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: MAIN_URL
|
- name: MAIN_URL
|
||||||
@@ -31,12 +31,12 @@ postiz:
|
|||||||
- name: REDIS_URL
|
- name: REDIS_URL
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: postiz-redis-config
|
name: postiz-valkey-config
|
||||||
key: REDIS_URL
|
key: REDIS_URL
|
||||||
- name: BACKEND_INTERNAL_URL
|
- name: BACKEND_INTERNAL_URL
|
||||||
value: http://localhost:3000
|
value: http://localhost:3000
|
||||||
- name: IS_GENERAL
|
- name: IS_GENERAL
|
||||||
value: "true"
|
value: 'true'
|
||||||
- name: STORAGE_PROVIDER
|
- name: STORAGE_PROVIDER
|
||||||
value: local
|
value: local
|
||||||
- name: UPLOAD_DIRECTORY
|
- name: UPLOAD_DIRECTORY
|
||||||
@@ -48,7 +48,7 @@ postiz:
|
|||||||
- name: NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL
|
- name: NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL
|
||||||
value: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png
|
value: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png
|
||||||
- name: POSTIZ_GENERIC_OAUTH
|
- name: POSTIZ_GENERIC_OAUTH
|
||||||
value: "true"
|
value: 'true'
|
||||||
- name: POSTIZ_OAUTH_URL
|
- name: POSTIZ_OAUTH_URL
|
||||||
value: https://auth.alexlebens.dev
|
value: https://auth.alexlebens.dev
|
||||||
- name: POSTIZ_OAUTH_AUTH_URL
|
- name: POSTIZ_OAUTH_AUTH_URL
|
||||||
@@ -102,11 +102,35 @@ postiz:
|
|||||||
main:
|
main:
|
||||||
- path: /uploads
|
- path: /uploads
|
||||||
readOnly: false
|
readOnly: false
|
||||||
|
valkey:
|
||||||
|
architecture: replication
|
||||||
|
auth:
|
||||||
|
enabled: true
|
||||||
|
existingSecret: postiz-valkey-config
|
||||||
|
existingSecretPasswordKey: password
|
||||||
|
usePasswordFiles: false
|
||||||
|
primary:
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 64Mi
|
||||||
|
persistence:
|
||||||
|
enabled: true
|
||||||
|
size: 1Gi
|
||||||
|
replica:
|
||||||
|
replicaCount: 1
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 64Mi
|
||||||
|
persistence:
|
||||||
|
enabled: true
|
||||||
|
size: 1Gi
|
||||||
cloudflared:
|
cloudflared:
|
||||||
name: cloudflared-postiz
|
name: cloudflared-postiz
|
||||||
existingSecretName: postiz-cloudflared-secret
|
existingSecretName: postiz-cloudflared-secret
|
||||||
postgres-17-cluster:
|
postgres-17-cluster:
|
||||||
mode: recovery
|
mode: standalone
|
||||||
cluster:
|
cluster:
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
@@ -119,30 +143,13 @@ postgres-17-cluster:
|
|||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||||
index: 2
|
endpointCredentials: postiz-postgresql-17-cluster-backup-secret
|
||||||
|
recoveryIndex: 1
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
enabled: true
|
||||||
- name: external
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster
|
||||||
index: 2
|
endpointCredentials: postiz-postgresql-17-cluster-backup-secret
|
||||||
retentionPolicy: "2d"
|
backupIndex: 1
|
||||||
isWALArchiver: true
|
|
||||||
- name: garage
|
|
||||||
destinationPath: s3://postgres-backups/cl01tl/postiz/postiz-postgresql-17-cluster
|
|
||||||
index: 1
|
|
||||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
||||||
endpointCredentials: postiz-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
retentionPolicy: "30d"
|
|
||||||
data:
|
|
||||||
compression: bzip2
|
|
||||||
jobs: 2
|
|
||||||
scheduledBackups:
|
|
||||||
- name: daily-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 0 * * *"
|
|
||||||
backupName: external
|
|
||||||
- name: weekly-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 14 4 * * SAT"
|
|
||||||
backupName: garage
|
|
||||||
|
@@ -18,6 +18,6 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: prowlarr
|
alias: prowlarr
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/prowlarr.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/prowlarr.png
|
||||||
appVersion: 1.35.1
|
appVersion: 1.35.1
|
||||||
|
@@ -20,7 +20,7 @@ prowlarr:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linuxserver/prowlarr
|
repository: ghcr.io/linuxserver/prowlarr
|
||||||
tag: 2.0.5@sha256:608935c38763920b25622a3d404bb14ea08fcaa7c2a9b1c93ce9bac61ad4b11d
|
tag: 1.36.3@sha256:1a6cdd0cc2350f8527dab39bc8467c9a2553bbbcf75a2c66f882fc53d73d5deb
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
|
@@ -24,10 +24,10 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: radarr-4k
|
alias: radarr-4k
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr-4k.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr-4k.png
|
||||||
appVersion: 5.22.4
|
appVersion: 5.22.4
|
||||||
|
@@ -83,33 +83,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: radarr-4k-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: radarr-4k-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
@@ -15,7 +15,7 @@ radarr-4k:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linuxserver/radarr
|
repository: ghcr.io/linuxserver/radarr
|
||||||
tag: 5.28.0@sha256:fae2aafa6ecace3524fc79d102f5bfd25fb151caed6a454cee46479236ac33bf
|
tag: 5.25.0@sha256:36e43720c130ec2d3ed80726d2134af3c6644729f4750abc830fdda7fa71d1e1
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
@@ -31,7 +31,7 @@ radarr-4k:
|
|||||||
metrics:
|
metrics:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/exportarr
|
repository: ghcr.io/onedr0p/exportarr
|
||||||
tag: v2.3.0
|
tag: v2.2.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
args: ["radarr"]
|
args: ["radarr"]
|
||||||
env:
|
env:
|
||||||
@@ -85,7 +85,7 @@ radarr-4k:
|
|||||||
readOnly: false
|
readOnly: false
|
||||||
postgres-17-cluster:
|
postgres-17-cluster:
|
||||||
nameOverride: radarr5-4k-postgresql-17
|
nameOverride: radarr5-4k-postgresql-17
|
||||||
mode: recovery
|
mode: standalone
|
||||||
cluster:
|
cluster:
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
@@ -95,43 +95,24 @@ postgres-17-cluster:
|
|||||||
enabled: true
|
enabled: true
|
||||||
prometheusRule:
|
prometheusRule:
|
||||||
enabled: true
|
enabled: true
|
||||||
resources:
|
bootstrap:
|
||||||
requests:
|
|
||||||
memory: 1Gi
|
|
||||||
cpu: 200m
|
|
||||||
initdb:
|
initdb:
|
||||||
|
database: app
|
||||||
|
owner: app
|
||||||
postInitSQL:
|
postInitSQL:
|
||||||
- CREATE DATABASE "radarr-main" OWNER "app";
|
- CREATE DATABASE "radarr-main" OWNER "app";
|
||||||
- CREATE DATABASE "radarr-log" OWNER "app";
|
- CREATE DATABASE "radarr-log" OWNER "app";
|
||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster
|
||||||
index: 1
|
|
||||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret
|
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret
|
||||||
|
recoveryIndex: 3
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
enabled: true
|
||||||
- name: external
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-4k/radarr5-4k-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret
|
||||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret
|
backupIndex: 3
|
||||||
retentionPolicy: "2d"
|
retentionPolicy: "7d"
|
||||||
isWALArchiver: true
|
|
||||||
- name: garage
|
|
||||||
destinationPath: s3://postgres-backups/cl01tl/radarr-4k/radarr5-4k-postgresql-17-cluster
|
|
||||||
index: 1
|
|
||||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
||||||
endpointCredentials: radarr-4k-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
retentionPolicy: "30d"
|
|
||||||
data:
|
|
||||||
compression: bzip2
|
|
||||||
jobs: 2
|
|
||||||
scheduledBackups:
|
|
||||||
- name: daily-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 0 * * *"
|
|
||||||
backupName: external
|
|
||||||
- name: weekly-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 18 4 * * SAT"
|
|
||||||
backupName: garage
|
|
||||||
|
@@ -24,10 +24,10 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: radarr-anime
|
alias: radarr-anime
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr-anime.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr-anime.png
|
||||||
appVersion: 5.22.4
|
appVersion: 5.22.4
|
||||||
|
@@ -83,33 +83,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: radarr-anime-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: radarr-anime-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
@@ -13,7 +13,7 @@ radarr-anime:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linuxserver/radarr
|
repository: ghcr.io/linuxserver/radarr
|
||||||
tag: 5.28.0@sha256:fae2aafa6ecace3524fc79d102f5bfd25fb151caed6a454cee46479236ac33bf
|
tag: 5.25.0@sha256:36e43720c130ec2d3ed80726d2134af3c6644729f4750abc830fdda7fa71d1e1
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
@@ -29,7 +29,7 @@ radarr-anime:
|
|||||||
metrics:
|
metrics:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/exportarr
|
repository: ghcr.io/onedr0p/exportarr
|
||||||
tag: v2.3.0
|
tag: v2.2.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
args: ["radarr"]
|
args: ["radarr"]
|
||||||
env:
|
env:
|
||||||
@@ -83,7 +83,7 @@ radarr-anime:
|
|||||||
readOnly: false
|
readOnly: false
|
||||||
postgres-17-cluster:
|
postgres-17-cluster:
|
||||||
nameOverride: radarr5-anime-postgresql-17
|
nameOverride: radarr5-anime-postgresql-17
|
||||||
mode: recovery
|
mode: standalone
|
||||||
cluster:
|
cluster:
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
@@ -93,39 +93,24 @@ postgres-17-cluster:
|
|||||||
enabled: true
|
enabled: true
|
||||||
prometheusRule:
|
prometheusRule:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
bootstrap:
|
||||||
initdb:
|
initdb:
|
||||||
|
database: app
|
||||||
|
owner: app
|
||||||
postInitSQL:
|
postInitSQL:
|
||||||
- CREATE DATABASE "radarr-main" OWNER "app";
|
- CREATE DATABASE "radarr-main" OWNER "app";
|
||||||
- CREATE DATABASE "radarr-log" OWNER "app";
|
- CREATE DATABASE "radarr-log" OWNER "app";
|
||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster
|
||||||
index: 1
|
|
||||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret
|
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret
|
||||||
|
recoveryIndex: 2
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
enabled: true
|
||||||
- name: external
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-anime/radarr5-anime-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret
|
||||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret
|
backupIndex: 3
|
||||||
retentionPolicy: "2d"
|
retentionPolicy: "7d"
|
||||||
isWALArchiver: true
|
|
||||||
- name: garage
|
|
||||||
destinationPath: s3://postgres-backups/cl01tl/radarr-anime/radarr5-anime-postgresql-17-cluster
|
|
||||||
index: 1
|
|
||||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
||||||
endpointCredentials: radarr-anime-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
retentionPolicy: "30d"
|
|
||||||
data:
|
|
||||||
compression: bzip2
|
|
||||||
jobs: 2
|
|
||||||
scheduledBackups:
|
|
||||||
- name: daily-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 0 * * *"
|
|
||||||
backupName: external
|
|
||||||
- name: weekly-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 20 4 * * SAT"
|
|
||||||
backupName: garage
|
|
||||||
|
@@ -23,10 +23,10 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: radarr-standup
|
alias: radarr-standup
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr.png
|
||||||
appVersion: 5.22.4
|
appVersion: 5.22.4
|
||||||
|
@@ -83,33 +83,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: radarr-standup-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: radarr-standup-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
@@ -13,7 +13,7 @@ radarr-standup:
|
|||||||
main:
|
main:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linuxserver/radarr
|
repository: ghcr.io/linuxserver/radarr
|
||||||
tag: 5.28.0@sha256:fae2aafa6ecace3524fc79d102f5bfd25fb151caed6a454cee46479236ac33bf
|
tag: 5.25.0@sha256:36e43720c130ec2d3ed80726d2134af3c6644729f4750abc830fdda7fa71d1e1
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
@@ -29,7 +29,7 @@ radarr-standup:
|
|||||||
metrics:
|
metrics:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/exportarr
|
repository: ghcr.io/onedr0p/exportarr
|
||||||
tag: v2.3.0
|
tag: v2.2.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
args: ["radarr"]
|
args: ["radarr"]
|
||||||
env:
|
env:
|
||||||
@@ -83,7 +83,7 @@ radarr-standup:
|
|||||||
readOnly: false
|
readOnly: false
|
||||||
postgres-17-cluster:
|
postgres-17-cluster:
|
||||||
nameOverride: radarr5-standup-postgresql-17
|
nameOverride: radarr5-standup-postgresql-17
|
||||||
mode: recovery
|
mode: standalone
|
||||||
cluster:
|
cluster:
|
||||||
storage:
|
storage:
|
||||||
storageClass: local-path
|
storageClass: local-path
|
||||||
@@ -93,39 +93,24 @@ postgres-17-cluster:
|
|||||||
enabled: true
|
enabled: true
|
||||||
prometheusRule:
|
prometheusRule:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
bootstrap:
|
||||||
initdb:
|
initdb:
|
||||||
|
database: app
|
||||||
|
owner: app
|
||||||
postInitSQL:
|
postInitSQL:
|
||||||
- CREATE DATABASE "radarr-main" OWNER "app";
|
- CREATE DATABASE "radarr-main" OWNER "app";
|
||||||
- CREATE DATABASE "radarr-log" OWNER "app";
|
- CREATE DATABASE "radarr-log" OWNER "app";
|
||||||
recovery:
|
recovery:
|
||||||
method: objectStore
|
method: objectStore
|
||||||
objectStore:
|
objectStore:
|
||||||
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster
|
||||||
index: 1
|
|
||||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret
|
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret
|
||||||
|
recoveryIndex: 3
|
||||||
backup:
|
backup:
|
||||||
objectStore:
|
enabled: true
|
||||||
- name: external
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/radarr5-standup/radarr5-standup-postgresql-17-cluster
|
||||||
index: 1
|
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret
|
||||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret
|
backupIndex: 3
|
||||||
retentionPolicy: "2d"
|
retentionPolicy: "7d"
|
||||||
isWALArchiver: true
|
|
||||||
- name: garage
|
|
||||||
destinationPath: s3://postgres-backups/cl01tl/radarr-standup/radarr5-standup-postgresql-17-cluster
|
|
||||||
index: 1
|
|
||||||
endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
|
|
||||||
endpointCredentials: radarr-standup-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
retentionPolicy: "30d"
|
|
||||||
data:
|
|
||||||
compression: bzip2
|
|
||||||
jobs: 2
|
|
||||||
scheduledBackups:
|
|
||||||
- name: daily-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 0 0 * * *"
|
|
||||||
backupName: external
|
|
||||||
- name: weekly-backup
|
|
||||||
suspend: false
|
|
||||||
schedule: "0 22 4 * * SAT"
|
|
||||||
backupName: garage
|
|
||||||
|
@@ -23,10 +23,10 @@ dependencies:
|
|||||||
- name: app-template
|
- name: app-template
|
||||||
alias: radarr
|
alias: radarr
|
||||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||||
version: 4.4.0
|
version: 4.0.1
|
||||||
- name: postgres-cluster
|
- name: postgres-cluster
|
||||||
alias: postgres-17-cluster
|
alias: postgres-17-cluster
|
||||||
version: 6.14.0
|
version: 5.1.0
|
||||||
repository: oci://harbor.alexlebens.net/helm-charts
|
repository: oci://harbor.alexlebens.net/helm-charts
|
||||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr.png
|
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/radarr.png
|
||||||
appVersion: 5.22.4
|
appVersion: 5.22.4
|
||||||
|
@@ -83,33 +83,3 @@ spec:
|
|||||||
key: /digital-ocean/home-infra/postgres-backups
|
key: /digital-ocean/home-infra/postgres-backups
|
||||||
metadataPolicy: None
|
metadataPolicy: None
|
||||||
property: secret
|
property: secret
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: external-secrets.io/v1
|
|
||||||
kind: ExternalSecret
|
|
||||||
metadata:
|
|
||||||
name: radarr-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: radarr-postgresql-17-cluster-backup-secret-weekly
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
secretStoreRef:
|
|
||||||
kind: ClusterSecretStore
|
|
||||||
name: vault
|
|
||||||
data:
|
|
||||||
- secretKey: ACCESS_KEY_ID
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_KEY_ID
|
|
||||||
- secretKey: ACCESS_SECRET_KEY
|
|
||||||
remoteRef:
|
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /garage/home-infra/postgres-backups
|
|
||||||
metadataPolicy: None
|
|
||||||
property: ACCESS_SECRET_KEY
|
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user