From 6e1ffbc012028523bc8ff1af8a58821d71f30c0e Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Wed, 24 Dec 2025 21:30:35 +0000 Subject: [PATCH] chore: Update manifests after change --- .../manifests/blocky/ConfigMap-blocky.yaml | 1 + .../manifests/blocky/Deployment-blocky.yaml | 2 +- .../manifests/gatus/ConfigMap-gatus.yaml | 9 ++ .../manifests/gatus/Deployment-gatus.yaml | 2 +- .../homepage/ConfigMap-homepage.yaml | 6 + .../homepage/Deployment-homepage.yaml | 2 +- .../soulsync/Deployment-soulsync.yaml | 111 ++++++++++++++++++ ...oulsync-config-backup-secret-external.yaml | 58 +++++++++ ...t-soulsync-config-backup-secret-local.yaml | 58 +++++++++ ...-soulsync-config-backup-secret-remote.yaml | 58 +++++++++ ...ExternalSecret-soulsync-config-secret.yaml | 21 ++++ ...lsync-database-backup-secret-external.yaml | 58 +++++++++ ...soulsync-database-backup-secret-local.yaml | 58 +++++++++ ...oulsync-database-backup-secret-remote.yaml | 58 +++++++++ .../soulsync/HTTPRoute-soulsync.yaml | 30 +++++ ...tentVolume-soulsync-music-nfs-storage.yaml | 23 ++++ ...tentVolume-soulsync-slskd-nfs-storage.yaml | 23 ++++ ...PersistentVolumeClaim-soulsync-config.yaml | 17 +++ ...olumeClaim-soulsync-music-nfs-storage.yaml | 17 +++ ...olumeClaim-soulsync-slskd-nfs-storage.yaml | 17 +++ ...oulsync-config-backup-source-external.yaml | 34 ++++++ ...e-soulsync-config-backup-source-local.yaml | 34 ++++++ ...-soulsync-config-backup-source-remote.yaml | 34 ++++++ ...lsync-database-backup-source-external.yaml | 34 ++++++ ...soulsync-database-backup-source-local.yaml | 34 ++++++ ...oulsync-database-backup-source-remote.yaml | 34 ++++++ .../manifests/soulsync/Service-soulsync.yaml | 22 ++++ .../soulsync/ServiceMonitor-soulsync.yaml | 25 ++++ 28 files changed, 877 insertions(+), 3 deletions(-) create mode 100644 clusters/cl01tl/manifests/soulsync/Deployment-soulsync.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-external.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-secret.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-external.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/HTTPRoute-soulsync.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/PersistentVolume-soulsync-music-nfs-storage.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/PersistentVolume-soulsync-slskd-nfs-storage.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-config.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-music-nfs-storage.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-slskd-nfs-storage.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-external.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-external.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/Service-soulsync.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ServiceMonitor-soulsync.yaml diff --git a/clusters/cl01tl/manifests/blocky/ConfigMap-blocky.yaml b/clusters/cl01tl/manifests/blocky/ConfigMap-blocky.yaml index a0cee7602..d9c6e1f1a 100644 --- a/clusters/cl01tl/manifests/blocky/ConfigMap-blocky.yaml +++ b/clusters/cl01tl/manifests/blocky/ConfigMap-blocky.yaml @@ -148,6 +148,7 @@ data: sonarr IN CNAME traefik-cl01tl sonarr-4k IN CNAME traefik-cl01tl sonarr-anime IN CNAME traefik-cl01tl + soulsync IN CNAME traefik-cl01tl stalwart IN CNAME traefik-cl01tl tautulli IN CNAME traefik-cl01tl tdarr IN CNAME traefik-cl01tl diff --git a/clusters/cl01tl/manifests/blocky/Deployment-blocky.yaml b/clusters/cl01tl/manifests/blocky/Deployment-blocky.yaml index 8ca40b4f4..252f95316 100644 --- a/clusters/cl01tl/manifests/blocky/Deployment-blocky.yaml +++ b/clusters/cl01tl/manifests/blocky/Deployment-blocky.yaml @@ -22,7 +22,7 @@ spec: template: metadata: annotations: - checksum/configMaps: 0d72ae2a8abbffc7aa6b92f8004bb9909c3dfd10167c2056df64e4d5c614dea2 + checksum/configMaps: af4579d3e23b8c983dffcde52e3c0980a18608de2ae90ccb8e8bc02463343613 labels: app.kubernetes.io/controller: main app.kubernetes.io/instance: blocky diff --git a/clusters/cl01tl/manifests/gatus/ConfigMap-gatus.yaml b/clusters/cl01tl/manifests/gatus/ConfigMap-gatus.yaml index d4c7e17c8..2ef044408 100644 --- a/clusters/cl01tl/manifests/gatus/ConfigMap-gatus.yaml +++ b/clusters/cl01tl/manifests/gatus/ConfigMap-gatus.yaml @@ -590,6 +590,15 @@ data: interval: 30s name: lidatube url: https://lidatube.alexlebens.net + - alerts: + - type: ntfy + conditions: + - '[STATUS] == 200' + - '[CERTIFICATE_EXPIRATION] > 240h' + group: core + interval: 30s + name: soulsync + url: https://soulsync.alexlebens.net - alerts: - type: ntfy conditions: diff --git a/clusters/cl01tl/manifests/gatus/Deployment-gatus.yaml b/clusters/cl01tl/manifests/gatus/Deployment-gatus.yaml index f7c40f34b..e8fe07e28 100644 --- a/clusters/cl01tl/manifests/gatus/Deployment-gatus.yaml +++ b/clusters/cl01tl/manifests/gatus/Deployment-gatus.yaml @@ -26,7 +26,7 @@ spec: app.kubernetes.io/name: gatus app.kubernetes.io/instance: gatus annotations: - checksum/config: e60422d26b228fd76e8325e351f264759f1491f593f751f33793dd2c178df3ec + checksum/config: b3dffc4c31763cf533054191cd2d8bbbb3d6a6c2dcdfb3c7655e4c2bd5bfc498 spec: serviceAccountName: default automountServiceAccountToken: false diff --git a/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml b/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml index e3b61bb03..542343fdb 100644 --- a/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml +++ b/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml @@ -600,6 +600,12 @@ data: href: https://lidatube.alexlebens.net siteMonitor: http://lidatube.lidatube:80 statusStyle: dot + - SoulSync: + icon: sh-soulsync.webp + description: Playlist Sync + href: https://soulsync.alexlebens.net + siteMonitor: http://soulsync.soulsync:80 + statusStyle: dot - Soulseek: icon: sh-slskd.webp description: slskd diff --git a/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml b/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml index aaee28fb5..0edec86c6 100644 --- a/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml +++ b/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml @@ -24,7 +24,7 @@ spec: template: metadata: annotations: - checksum/configMaps: aee998ca5590044f77425625183880d24585999da2112bab5c8467aac53ff01d + checksum/configMaps: cd4356ed6fe93da4601d56cbe79e93190eaf2489cfe8e1f9a96f2d3e49620a20 checksum/secrets: d3ba83f111cd32f92c909268c55ad8bbd4f9e299b74b35b33c1a011180d8b378 labels: app.kubernetes.io/controller: main diff --git a/clusters/cl01tl/manifests/soulsync/Deployment-soulsync.yaml b/clusters/cl01tl/manifests/soulsync/Deployment-soulsync.yaml new file mode 100644 index 000000000..93e2bfa4f --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/Deployment-soulsync.yaml @@ -0,0 +1,111 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: soulsync + labels: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: soulsync + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync + helm.sh/chart: soulsync-4.5.0 + namespace: soulsync +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/controller: main + app.kubernetes.io/name: soulsync + app.kubernetes.io/instance: soulsync + template: + metadata: + labels: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: soulsync + app.kubernetes.io/name: soulsync + spec: + enableServiceLinks: false + serviceAccountName: default + automountServiceAccountToken: true + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + hostIPC: false + hostNetwork: false + hostPID: false + dnsPolicy: ClusterFirst + containers: + - env: + - name: TZ + value: US/Central + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: UMASK + value: "18" + - name: FLASK_ENV + value: production + - name: PYTHONPATH + value: /app + - name: SOULSYNC_CONFIG_PATH + value: /app/config/config.json + image: boulderbadgedad/soulsync:latest@sha256:6cb116bd7c0d0a56a017a7d84245d0356f372345fc3f98c820abae681b5e41c5 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - CMD + - curl + - -f + - http://localhost:8888/ + failureThreshold: 5 + initialDelaySeconds: 60 + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 10 + name: main + resources: + requests: + cpu: 100m + memory: 512Mi + volumeMounts: + - mountPath: /app/config + name: config + - mountPath: /app/config/config.json + mountPropagation: None + name: config-file + readOnly: true + subPath: config.json + - mountPath: /app/database + name: database + - mountPath: /app/downloads + name: downloads + readOnly: true + - mountPath: /music + name: music + readOnly: true + - mountPath: /app/Transfer + name: transfer + volumes: + - name: config + persistentVolumeClaim: + claimName: soulsync-config + - name: config-file + secret: + secretName: soulsync + - name: database + persistentVolumeClaim: + claimName: soulsync-config + - name: downloads + persistentVolumeClaim: + claimName: soulsync-slskd-nfs-storage + - name: music + persistentVolumeClaim: + claimName: soulsync-music-nfs-storage + - emptyDir: {} + name: transfer diff --git a/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-external.yaml b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-external.yaml new file mode 100644 index 000000000..ac85422fc --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-external.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: soulsync-config-backup-secret-external + namespace: soulsync + labels: + helm.sh/chart: volsync-target-config-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-config-backup-secret-external +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/soulsync/soulsync-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/digital-ocean + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/digital-ocean + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_DEFAULT_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_SECRET_ACCESS_KEY diff --git a/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-local.yaml new file mode 100644 index 000000000..b8b42148d --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: soulsync-config-backup-secret-local + namespace: soulsync + labels: + helm.sh/chart: volsync-target-config-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/soulsync/soulsync-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-remote.yaml new file mode 100644 index 000000000..d15d4d9bf --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: soulsync-config-backup-secret-remote + namespace: soulsync + labels: + helm.sh/chart: volsync-target-config-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/soulsync/soulsync-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-secret.yaml b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-secret.yaml new file mode 100644 index 000000000..bc3fc2258 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-secret.yaml @@ -0,0 +1,21 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: soulsync-config-secret + namespace: soulsync + labels: + app.kubernetes.io/name: soulsync-config-secret + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: config.json + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/soulsync/config + metadataPolicy: None + property: config.json diff --git a/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-external.yaml b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-external.yaml new file mode 100644 index 000000000..f9f4cf271 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-external.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: soulsync-database-backup-secret-external + namespace: soulsync + labels: + helm.sh/chart: volsync-target-database-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-database-backup-secret-external +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/soulsync/soulsync-database" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/digital-ocean + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/digital-ocean + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_DEFAULT_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_SECRET_ACCESS_KEY diff --git a/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-local.yaml b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-local.yaml new file mode 100644 index 000000000..1fcd2fbe1 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: soulsync-database-backup-secret-local + namespace: soulsync + labels: + helm.sh/chart: volsync-target-database-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-database-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/soulsync/soulsync-database" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-remote.yaml b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-remote.yaml new file mode 100644 index 000000000..551f28f3c --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: soulsync-database-backup-secret-remote + namespace: soulsync + labels: + helm.sh/chart: volsync-target-database-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-database-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/soulsync/soulsync-database" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/soulsync/HTTPRoute-soulsync.yaml b/clusters/cl01tl/manifests/soulsync/HTTPRoute-soulsync.yaml new file mode 100644 index 000000000..457ab22b2 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/HTTPRoute-soulsync.yaml @@ -0,0 +1,30 @@ +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: soulsync + labels: + app.kubernetes.io/instance: soulsync + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync + helm.sh/chart: soulsync-4.5.0 + namespace: soulsync +spec: + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - "soulsync.alexlebens.net" + rules: + - backendRefs: + - group: "" + kind: Service + name: soulsync + namespace: soulsync + port: 80 + weight: 100 + matches: + - path: + type: PathPrefix + value: / diff --git a/clusters/cl01tl/manifests/soulsync/PersistentVolume-soulsync-music-nfs-storage.yaml b/clusters/cl01tl/manifests/soulsync/PersistentVolume-soulsync-music-nfs-storage.yaml new file mode 100644 index 000000000..519bb0546 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/PersistentVolume-soulsync-music-nfs-storage.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: soulsync-music-nfs-storage + namespace: soulsync + labels: + app.kubernetes.io/name: soulsync-music-nfs-storage + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync +spec: + persistentVolumeReclaimPolicy: Retain + storageClassName: nfs-client + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + nfs: + path: /volume2/Storage/Music + server: synologybond.alexlebens.net + mountOptions: + - vers=4 + - minorversion=1 + - noac diff --git a/clusters/cl01tl/manifests/soulsync/PersistentVolume-soulsync-slskd-nfs-storage.yaml b/clusters/cl01tl/manifests/soulsync/PersistentVolume-soulsync-slskd-nfs-storage.yaml new file mode 100644 index 000000000..1de4a8f72 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/PersistentVolume-soulsync-slskd-nfs-storage.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: soulsync-slskd-nfs-storage + namespace: soulsync + labels: + app.kubernetes.io/name: soulsync-slskd-nfs-storage + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync +spec: + persistentVolumeReclaimPolicy: Retain + storageClassName: nfs-client + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + nfs: + path: /volume2/Storage/slskd/Downloads + server: synologybond.alexlebens.net + mountOptions: + - vers=4 + - minorversion=1 + - noac diff --git a/clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-config.yaml b/clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-config.yaml new file mode 100644 index 000000000..76d1fad03 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-config.yaml @@ -0,0 +1,17 @@ +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: soulsync-config + labels: + app.kubernetes.io/instance: soulsync + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync + helm.sh/chart: soulsync-4.5.0 + namespace: soulsync +spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "10Gi" + storageClassName: "ceph-block" diff --git a/clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-music-nfs-storage.yaml b/clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-music-nfs-storage.yaml new file mode 100644 index 000000000..ab45b88b1 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-music-nfs-storage.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: soulsync-music-nfs-storage + namespace: soulsync + labels: + app.kubernetes.io/name: soulsync-music-nfs-storage + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync +spec: + volumeName: soulsync-music-nfs-storage + storageClassName: nfs-client + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi diff --git a/clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-slskd-nfs-storage.yaml b/clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-slskd-nfs-storage.yaml new file mode 100644 index 000000000..0e837d7c4 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/PersistentVolumeClaim-soulsync-slskd-nfs-storage.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: soulsync-slskd-nfs-storage + namespace: soulsync + labels: + app.kubernetes.io/name: soulsync-slskd-nfs-storage + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync +spec: + volumeName: soulsync-slskd-nfs-storage + storageClassName: nfs-client + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi diff --git a/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-external.yaml b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-external.yaml new file mode 100644 index 000000000..439863fc0 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-external.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: soulsync-config-backup-source-external + namespace: soulsync + labels: + helm.sh/chart: volsync-target-config-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-config-backup +spec: + sourcePVC: soulsync-config + trigger: + schedule: 0 9 * * * + restic: + pruneIntervalDays: 7 + repository: soulsync-config-backup-secret-external + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-local.yaml b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-local.yaml new file mode 100644 index 000000000..ab93e1291 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: soulsync-config-backup-source-local + namespace: soulsync + labels: + helm.sh/chart: volsync-target-config-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-config-backup +spec: + sourcePVC: soulsync-config + trigger: + schedule: 0 8 * * * + restic: + pruneIntervalDays: 7 + repository: soulsync-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-remote.yaml new file mode 100644 index 000000000..d687d376b --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-remote.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: soulsync-config-backup-source-remote + namespace: soulsync + labels: + helm.sh/chart: volsync-target-config-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-config-backup +spec: + sourcePVC: soulsync-config + trigger: + schedule: 0 10 * * * + restic: + pruneIntervalDays: 7 + repository: soulsync-config-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-external.yaml b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-external.yaml new file mode 100644 index 000000000..cdf7b2965 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-external.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: soulsync-database-backup-source-external + namespace: soulsync + labels: + helm.sh/chart: volsync-target-database-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-database-backup +spec: + sourcePVC: soulsync-database + trigger: + schedule: 0 9 * * * + restic: + pruneIntervalDays: 7 + repository: soulsync-database-backup-secret-external + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-local.yaml b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-local.yaml new file mode 100644 index 000000000..65fc1a9a2 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: soulsync-database-backup-source-local + namespace: soulsync + labels: + helm.sh/chart: volsync-target-database-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-database-backup +spec: + sourcePVC: soulsync-database + trigger: + schedule: 0 8 * * * + restic: + pruneIntervalDays: 7 + repository: soulsync-database-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-remote.yaml b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-remote.yaml new file mode 100644 index 000000000..71ef1fcc1 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-remote.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: soulsync-database-backup-source-remote + namespace: soulsync + labels: + helm.sh/chart: volsync-target-database-0.6.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.6.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-database-backup +spec: + sourcePVC: soulsync-database + trigger: + schedule: 0 10 * * * + restic: + pruneIntervalDays: 7 + repository: soulsync-database-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/soulsync/Service-soulsync.yaml b/clusters/cl01tl/manifests/soulsync/Service-soulsync.yaml new file mode 100644 index 000000000..34fa494bc --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/Service-soulsync.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: soulsync + labels: + app.kubernetes.io/instance: soulsync + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync + app.kubernetes.io/service: soulsync + helm.sh/chart: soulsync-4.5.0 + namespace: soulsync +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 8008 + protocol: TCP + name: http + selector: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: soulsync + app.kubernetes.io/name: soulsync diff --git a/clusters/cl01tl/manifests/soulsync/ServiceMonitor-soulsync.yaml b/clusters/cl01tl/manifests/soulsync/ServiceMonitor-soulsync.yaml new file mode 100644 index 000000000..0a93a6aa1 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ServiceMonitor-soulsync.yaml @@ -0,0 +1,25 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: soulsync + labels: + app.kubernetes.io/instance: soulsync + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync + helm.sh/chart: soulsync-4.5.0 + namespace: soulsync +spec: + jobLabel: "soulsync" + namespaceSelector: + matchNames: + - soulsync + selector: + matchLabels: + app.kubernetes.io/instance: soulsync + app.kubernetes.io/name: soulsync + endpoints: + - interval: 30s + path: /metrics + port: http + scheme: http + scrapeTimeout: 15s -- 2.49.1