--- # Source: booklore/templates/namespace.yaml apiVersion: v1 kind: Namespace metadata: name: booklore annotations: volsync.backube/privileged-movers: "true" labels: app.kubernetes.io/name: booklore app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore --- # Source: booklore/templates/persistent-volume.yaml apiVersion: v1 kind: PersistentVolume metadata: name: booklore-books-nfs-storage namespace: booklore labels: app.kubernetes.io/name: booklore-books-nfs-storage app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client capacity: storage: 1Gi accessModes: - ReadWriteMany nfs: path: /volume2/Storage/Books server: synologybond.alexlebens.net mountOptions: - vers=4 - minorversion=1 - noac --- # Source: booklore/templates/persistent-volume.yaml apiVersion: v1 kind: PersistentVolume metadata: name: booklore-books-import-nfs-storage namespace: booklore labels: app.kubernetes.io/name: booklore-books-import-nfs-storage app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: persistentVolumeReclaimPolicy: Retain storageClassName: nfs-client capacity: storage: 1Gi accessModes: - ReadWriteMany nfs: path: /volume2/Storage/Books Import server: synologybond.alexlebens.net mountOptions: - vers=4 - minorversion=1 - noac --- # Source: booklore/charts/booklore/templates/common.yaml --- kind: PersistentVolumeClaim apiVersion: v1 metadata: name: booklore-config labels: app.kubernetes.io/instance: booklore app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: booklore helm.sh/chart: booklore-4.4.0 annotations: helm.sh/resource-policy: keep namespace: booklore spec: accessModes: - "ReadWriteOnce" resources: requests: storage: "5Gi" storageClassName: "ceph-block" --- # Source: booklore/charts/booklore/templates/common.yaml kind: PersistentVolumeClaim apiVersion: v1 metadata: name: booklore-data labels: app.kubernetes.io/instance: booklore app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: booklore helm.sh/chart: booklore-4.4.0 annotations: helm.sh/resource-policy: keep namespace: booklore spec: accessModes: - "ReadWriteOnce" resources: requests: storage: "10Gi" storageClassName: "ceph-block" --- # Source: booklore/templates/persistent-volume-claim.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: booklore-books-nfs-storage namespace: booklore labels: app.kubernetes.io/name: booklore-books-nfs-storage app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: volumeName: booklore-books-nfs-storage storageClassName: nfs-client accessModes: - ReadWriteMany resources: requests: storage: 1Gi --- # Source: booklore/templates/persistent-volume-claim.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: booklore-books-import-nfs-storage namespace: booklore labels: app.kubernetes.io/name: booklore-books-import-nfs-storage app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: volumeName: booklore-books-import-nfs-storage storageClassName: nfs-client accessModes: - ReadWriteMany resources: requests: storage: 1Gi --- # Source: booklore/charts/booklore/templates/common.yaml apiVersion: v1 kind: Service metadata: name: booklore labels: app.kubernetes.io/instance: booklore app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: booklore app.kubernetes.io/service: booklore helm.sh/chart: booklore-4.4.0 namespace: booklore spec: type: ClusterIP ports: - port: 80 targetPort: 6060 protocol: TCP name: http selector: app.kubernetes.io/controller: main app.kubernetes.io/instance: booklore app.kubernetes.io/name: booklore --- # Source: booklore/templates/service.yaml apiVersion: v1 kind: Service metadata: name: garage-ps10rp namespace: booklore labels: app.kubernetes.io/name: garage-ps10rp app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore annotations: tailscale.com/tailnet-fqdn: garage-ps10rp.boreal-beaufort.ts.net spec: externalName: placeholder type: ExternalName --- # Source: booklore/charts/booklore/templates/common.yaml apiVersion: apps/v1 kind: Deployment metadata: name: booklore labels: app.kubernetes.io/controller: main app.kubernetes.io/instance: booklore app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: booklore helm.sh/chart: booklore-4.4.0 namespace: booklore spec: revisionHistoryLimit: 3 replicas: 1 strategy: type: Recreate selector: matchLabels: app.kubernetes.io/controller: main app.kubernetes.io/name: booklore app.kubernetes.io/instance: booklore template: metadata: labels: app.kubernetes.io/controller: main app.kubernetes.io/instance: booklore app.kubernetes.io/name: booklore spec: enableServiceLinks: false serviceAccountName: default automountServiceAccountToken: true hostIPC: false hostNetwork: false hostPID: false dnsPolicy: ClusterFirst containers: - env: - name: TZ value: America/Chicago - name: DATABASE_URL value: jdbc:mariadb://booklore-mariadb-cluster-primary.booklore:3306/booklore - name: DATABASE_USERNAME value: booklore - name: DATABASE_PASSWORD valueFrom: secretKeyRef: key: password name: booklore-database-secret - name: BOOKLORE_PORT value: "6060" - name: SWAGGER_ENABLED value: "false" image: ghcr.io/booklore-app/booklore:v1.12.0 imagePullPolicy: IfNotPresent name: main resources: requests: cpu: 50m memory: 128Mi volumeMounts: - mountPath: /bookdrop name: books-import - mountPath: /app/data name: config - mountPath: /data name: data - mountPath: /bookdrop/ingest name: ingest volumes: - emptyDir: {} name: books-import - name: config persistentVolumeClaim: claimName: booklore-config - name: data persistentVolumeClaim: claimName: booklore-data - name: ingest persistentVolumeClaim: claimName: booklore-books-import-nfs-storage --- # Source: booklore/charts/mariadb-cluster/templates/database.yaml apiVersion: k8s.mariadb.com/v1alpha1 kind: Database metadata: name: booklore-mariadb-cluster-booklore namespace: booklore labels: helm.sh/chart: mariadb-cluster-25.10.2 app.kubernetes.io/name: mariadb-cluster app.kubernetes.io/instance: booklore app.kubernetes.io/version: "0.0.0" app.kubernetes.io/managed-by: Helm spec: mariaDbRef: name: booklore-mariadb-cluster namespace: booklore characterSet: utf8 cleanupPolicy: Delete collate: utf8_general_ci name: booklore requeueInterval: 10h --- # Source: booklore/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: booklore-database-secret namespace: booklore labels: app.kubernetes.io/name: booklore-database-secret app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: secretStoreRef: kind: ClusterSecretStore name: vault data: - secretKey: password remoteRef: conversionStrategy: Default decodingStrategy: None key: /cl01tl/booklore/database metadataPolicy: None property: password --- # Source: booklore/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: booklore-data-replication-secret namespace: booklore labels: app.kubernetes.io/name: booklore-data-replication-secret app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: secretStoreRef: kind: ClusterSecretStore name: vault data: - secretKey: psk.txt remoteRef: conversionStrategy: Default decodingStrategy: None key: /cl01tl/booklore/replication metadataPolicy: None property: psk.txt --- # Source: booklore/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: booklore-config-backup-secret namespace: booklore labels: app.kubernetes.io/name: booklore-config-backup-secret app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: secretStoreRef: kind: ClusterSecretStore name: vault target: template: mergePolicy: Merge engineVersion: v2 data: RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/booklore/booklore-config" data: - secretKey: BUCKET_ENDPOINT remoteRef: conversionStrategy: Default decodingStrategy: None key: /volsync/restic/digital-ocean metadataPolicy: None property: BUCKET_ENDPOINT - secretKey: RESTIC_PASSWORD remoteRef: conversionStrategy: Default decodingStrategy: None key: /volsync/restic/digital-ocean metadataPolicy: None property: RESTIC_PASSWORD - secretKey: AWS_DEFAULT_REGION remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None property: AWS_DEFAULT_REGION - secretKey: AWS_ACCESS_KEY_ID remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None property: AWS_ACCESS_KEY_ID - secretKey: AWS_SECRET_ACCESS_KEY remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None property: AWS_SECRET_ACCESS_KEY --- # Source: booklore/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: booklore-data-backup-secret-local namespace: booklore labels: app.kubernetes.io/name: booklore-data-backup-secret-local app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: secretStoreRef: kind: ClusterSecretStore name: vault target: template: mergePolicy: Merge engineVersion: v2 data: RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/booklore/booklore-data" data: - secretKey: BUCKET_ENDPOINT remoteRef: conversionStrategy: Default decodingStrategy: None key: /volsync/restic/garage-local metadataPolicy: None property: BUCKET_ENDPOINT - secretKey: RESTIC_PASSWORD remoteRef: conversionStrategy: Default decodingStrategy: None key: /volsync/restic/garage-local metadataPolicy: None property: RESTIC_PASSWORD - secretKey: AWS_DEFAULT_REGION remoteRef: conversionStrategy: Default decodingStrategy: None key: /garage/home-infra/volsync-backups metadataPolicy: None property: ACCESS_REGION - secretKey: AWS_ACCESS_KEY_ID remoteRef: conversionStrategy: Default decodingStrategy: None key: /garage/home-infra/volsync-backups metadataPolicy: None property: ACCESS_KEY_ID - secretKey: AWS_SECRET_ACCESS_KEY remoteRef: conversionStrategy: Default decodingStrategy: None key: /garage/home-infra/volsync-backups metadataPolicy: None property: ACCESS_SECRET_KEY --- # Source: booklore/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: booklore-data-backup-secret-remote namespace: booklore labels: app.kubernetes.io/name: booklore-data-backup-secret-remote app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: secretStoreRef: kind: ClusterSecretStore name: vault target: template: mergePolicy: Merge engineVersion: v2 data: RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/booklore/booklore-data" data: - secretKey: BUCKET_ENDPOINT remoteRef: conversionStrategy: Default decodingStrategy: None key: /volsync/restic/garage-remote metadataPolicy: None property: BUCKET_ENDPOINT - secretKey: RESTIC_PASSWORD remoteRef: conversionStrategy: Default decodingStrategy: None key: /volsync/restic/garage-remote metadataPolicy: None property: RESTIC_PASSWORD - secretKey: AWS_DEFAULT_REGION remoteRef: conversionStrategy: Default decodingStrategy: None key: /garage/home-infra/volsync-backups metadataPolicy: None property: ACCESS_REGION - secretKey: AWS_ACCESS_KEY_ID remoteRef: conversionStrategy: Default decodingStrategy: None key: /garage/home-infra/volsync-backups metadataPolicy: None property: ACCESS_KEY_ID - secretKey: AWS_SECRET_ACCESS_KEY remoteRef: conversionStrategy: Default decodingStrategy: None key: /garage/home-infra/volsync-backups metadataPolicy: None property: ACCESS_SECRET_KEY --- # Source: booklore/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: booklore-data-backup-secret-external namespace: booklore labels: app.kubernetes.io/name: booklore-data-backup-secret-external app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: secretStoreRef: kind: ClusterSecretStore name: vault target: template: mergePolicy: Merge engineVersion: v2 data: RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/booklore/booklore-data" data: - secretKey: BUCKET_ENDPOINT remoteRef: conversionStrategy: Default decodingStrategy: None key: /volsync/restic/digital-ocean metadataPolicy: None property: BUCKET_ENDPOINT - secretKey: RESTIC_PASSWORD remoteRef: conversionStrategy: Default decodingStrategy: None key: /volsync/restic/digital-ocean metadataPolicy: None property: RESTIC_PASSWORD - secretKey: AWS_DEFAULT_REGION remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None property: AWS_DEFAULT_REGION - secretKey: AWS_ACCESS_KEY_ID remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None property: AWS_ACCESS_KEY_ID - secretKey: AWS_SECRET_ACCESS_KEY remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None property: AWS_SECRET_ACCESS_KEY --- # Source: booklore/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: booklore-mariadb-cluster-backup-secret-external namespace: booklore labels: app.kubernetes.io/name: booklore-mariadb-cluster-backup-secret-external app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: secretStoreRef: kind: ClusterSecretStore name: vault data: - secretKey: access remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/mariadb-backups metadataPolicy: None property: access - secretKey: secret remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/mariadb-backups metadataPolicy: None property: secret --- # Source: booklore/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: booklore-mariadb-cluster-backup-secret-garage namespace: booklore labels: app.kubernetes.io/name: booklore-mariadb-cluster-backup-secret-garage app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: secretStoreRef: kind: ClusterSecretStore name: vault data: - secretKey: access remoteRef: conversionStrategy: Default decodingStrategy: None key: /garage/home-infra/mariadb-backups metadataPolicy: None property: access - secretKey: secret remoteRef: conversionStrategy: Default decodingStrategy: None key: /garage/home-infra/mariadb-backups metadataPolicy: None property: secret --- # Source: booklore/charts/mariadb-cluster/templates/grant.yaml apiVersion: k8s.mariadb.com/v1alpha1 kind: Grant metadata: name: booklore-mariadb-cluster-booklore namespace: booklore labels: helm.sh/chart: mariadb-cluster-25.10.2 app.kubernetes.io/name: mariadb-cluster app.kubernetes.io/instance: booklore app.kubernetes.io/version: "0.0.0" app.kubernetes.io/managed-by: Helm spec: mariaDbRef: name: booklore-mariadb-cluster namespace: booklore cleanupPolicy: Delete database: booklore grantOption: true host: '%' privileges: - ALL PRIVILEGES requeueInterval: 10h retryInterval: 30s table: '*' username: booklore --- # Source: booklore/templates/http-route.yaml apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: name: http-route-booklore namespace: booklore labels: app.kubernetes.io/name: http-route-booklore app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: parentRefs: - group: gateway.networking.k8s.io kind: Gateway name: traefik-gateway namespace: traefik hostnames: - booklore.alexlebens.net rules: - matches: - path: type: PathPrefix value: / backendRefs: - group: '' kind: Service name: booklore port: 80 weight: 100 --- # Source: booklore/charts/mariadb-cluster/templates/mariadb.yaml apiVersion: k8s.mariadb.com/v1alpha1 kind: MariaDB metadata: name: booklore-mariadb-cluster namespace: booklore labels: helm.sh/chart: mariadb-cluster-25.10.2 app.kubernetes.io/name: mariadb-cluster app.kubernetes.io/instance: booklore app.kubernetes.io/version: "0.0.0" app.kubernetes.io/managed-by: Helm spec: galera: enabled: true replicas: 3 rootPasswordSecretKeyRef: generate: false key: password name: booklore-database-secret storage: size: 5Gi --- # Source: booklore/charts/mariadb-cluster/templates/physicalbackup.yaml apiVersion: k8s.mariadb.com/v1alpha1 kind: PhysicalBackup metadata: name: booklore-mariadb-cluster-backup-external namespace: booklore labels: helm.sh/chart: mariadb-cluster-25.10.2 app.kubernetes.io/name: mariadb-cluster app.kubernetes.io/instance: booklore app.kubernetes.io/version: "0.0.0" app.kubernetes.io/managed-by: Helm spec: mariaDbRef: name: booklore-mariadb-cluster namespace: booklore compression: gzip maxRetention: 720h schedule: cron: 0 0 * * 0 immediate: true suspend: false storage: s3: accessKeyIdSecretKeyRef: key: access name: booklore-mariadb-cluster-backup-secret-external bucket: mariadb-backups-b230a2f5aecf080a4b372c08 endpoint: nyc3.digitaloceanspaces.com prefix: cl01tl/booklore region: us-east-1 secretAccessKeySecretKeyRef: key: secret name: booklore-mariadb-cluster-backup-secret-external tls: enabled: true --- # Source: booklore/charts/mariadb-cluster/templates/physicalbackup.yaml apiVersion: k8s.mariadb.com/v1alpha1 kind: PhysicalBackup metadata: name: booklore-mariadb-cluster-backup-garage namespace: booklore labels: helm.sh/chart: mariadb-cluster-25.10.2 app.kubernetes.io/name: mariadb-cluster app.kubernetes.io/instance: booklore app.kubernetes.io/version: "0.0.0" app.kubernetes.io/managed-by: Helm spec: mariaDbRef: name: booklore-mariadb-cluster namespace: booklore compression: gzip maxRetention: 360h schedule: cron: 0 0 * * * immediate: true suspend: false storage: s3: accessKeyIdSecretKeyRef: key: access name: booklore-mariadb-cluster-backup-secret-garage bucket: mariadb-backups endpoint: garage-main.garage:3900 prefix: cl01tl/booklore region: us-east-1 secretAccessKeySecretKeyRef: key: secret name: booklore-mariadb-cluster-backup-secret-garage --- # Source: booklore/templates/replication-destination.yaml apiVersion: volsync.backube/v1alpha1 kind: ReplicationDestination metadata: name: booklore-data-replication-destination namespace: booklore labels: app.kubernetes.io/name: booklore-data-replication-destination app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: rsyncTLS: copyMethod: Direct accessModes: ["ReadWriteMany"] destinationPVC: booklore-books-nfs-storage keySecret: booklore-data-replication-secret --- # Source: booklore/templates/replication-source.yaml apiVersion: volsync.backube/v1alpha1 kind: ReplicationSource metadata: name: booklore-data-replication-source namespace: booklore labels: app.kubernetes.io/name: booklore-data-replication-source app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: sourcePVC: booklore-data trigger: schedule: "0 0 * * *" rsyncTLS: keySecret: booklore-data-replication-secret address: volsync-rsync-tls-dst-booklore-data-replication-destination copyMethod: Snapshot --- # Source: booklore/templates/replication-source.yaml apiVersion: volsync.backube/v1alpha1 kind: ReplicationSource metadata: name: booklore-config-backup-source namespace: booklore labels: app.kubernetes.io/name: booklore-config-backup-source app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: sourcePVC: booklore-config trigger: schedule: 0 4 * * * restic: pruneIntervalDays: 7 repository: booklore-config-backup-secret retain: hourly: 1 daily: 3 weekly: 2 monthly: 2 yearly: 4 copyMethod: Snapshot storageClassName: ceph-block volumeSnapshotClassName: ceph-blockpool-snapshot cacheCapacity: 10Gi --- # Source: booklore/templates/replication-source.yaml apiVersion: volsync.backube/v1alpha1 kind: ReplicationSource metadata: name: booklore-data-backup-source-local namespace: booklore labels: app.kubernetes.io/name: booklore-data-backup-source-local app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: sourcePVC: booklore-data trigger: schedule: 0 2 * * * restic: pruneIntervalDays: 7 repository: booklore-data-backup-secret-local retain: hourly: 1 daily: 3 weekly: 2 monthly: 2 yearly: 4 copyMethod: Snapshot storageClassName: ceph-block volumeSnapshotClassName: ceph-blockpool-snapshot cacheCapacity: 10Gi --- # Source: booklore/templates/replication-source.yaml apiVersion: volsync.backube/v1alpha1 kind: ReplicationSource metadata: name: booklore-data-backup-source-remote namespace: booklore labels: app.kubernetes.io/name: booklore-data-backup-source-remote app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: sourcePVC: booklore-data trigger: schedule: 0 3 * * * restic: pruneIntervalDays: 7 repository: booklore-data-backup-secret-remote retain: hourly: 1 daily: 3 weekly: 2 monthly: 2 yearly: 4 copyMethod: Snapshot storageClassName: ceph-block volumeSnapshotClassName: ceph-blockpool-snapshot cacheCapacity: 10Gi --- # Source: booklore/templates/replication-source.yaml apiVersion: volsync.backube/v1alpha1 kind: ReplicationSource metadata: name: booklore-data-backup-source-external namespace: booklore labels: app.kubernetes.io/name: booklore-data-backup-source-external app.kubernetes.io/instance: booklore app.kubernetes.io/part-of: booklore spec: sourcePVC: booklore-data trigger: schedule: 0 4 * * * restic: pruneIntervalDays: 7 repository: booklore-data-backup-secret-external retain: hourly: 1 daily: 3 weekly: 2 monthly: 2 yearly: 4 copyMethod: Snapshot storageClassName: ceph-block volumeSnapshotClassName: ceph-blockpool-snapshot cacheCapacity: 10Gi --- # Source: booklore/charts/mariadb-cluster/templates/user.yaml apiVersion: k8s.mariadb.com/v1alpha1 kind: User metadata: name: booklore-mariadb-cluster-booklore namespace: booklore labels: helm.sh/chart: mariadb-cluster-25.10.2 app.kubernetes.io/name: mariadb-cluster app.kubernetes.io/instance: booklore app.kubernetes.io/version: "0.0.0" app.kubernetes.io/managed-by: Helm spec: mariaDbRef: name: booklore-mariadb-cluster namespace: booklore cleanupPolicy: Delete host: '%' name: booklore passwordSecretKeyRef: key: password name: booklore-database-secret requeueInterval: 10h retryInterval: 30s