⚡️ immich v1.1 / redis-lb

kubernetes/apps/default/authelia/ks.yaml

@@ -11,7 +11,7 @@ spec:
   dependsOn:
     - name: cluster-apps-cloudnative-pg-app
     - name: cluster-apps-glauth
-    - name: cluster-apps-redis-app
+    - name: cluster-apps-redis
     - name: cluster-apps-smtp-relay
   path: ./kubernetes/apps/default/authelia/app
   prune: true

kubernetes/apps/default/immich/app/configmap.yaml

@@ -10,9 +10,9 @@ data:
   ENABLE_MAPBOX: "false"
   LOG_LEVEL: verbose
   NODE_ENV: "production"
+  REDIS_HOSTNAME: redis-lb.default.svc.cluster.local
   REDIS_PORT: "6379"
-  REDIS_DBINDEX: "0"
+  REDIS_DBINDEX: "10"
-  UPLOAD_LOCATION: /usr/src/app/upload
   IMMICH_WEB_URL: http://immich-web.default.svc.cluster.local:3000
   IMMICH_SERVER_URL: http://immich-server.default.svc.cluster.local:3001
   IMMICH_MACHINE_LEARNING_URL: http://immich-machine-learning.default.svc.cluster.local:3003

kubernetes/apps/default/immich/app/kustomization.yaml

@@ -7,8 +7,6 @@ resources:
   - ./configmap.yaml
   - ./microservices
   - ./machine-learning
-  - ./proxy
-  - ./redis
   - ./secret.sops.yaml
   - ./server
   - ./volume.yaml

kubernetes/apps/default/immich/app/machine-learning/helmrelease.yaml

@@ -3,7 +3,7 @@
 apiVersion: helm.toolkit.fluxcd.io/v2beta1
 kind: HelmRelease
 metadata:
-  name: immich-machine-learning
+  name: &app immich-machine-learning
   namespace: default
 spec:
   interval: 15m
@@ -30,11 +30,13 @@ spec:
     - name: immich-server
   values:
     controller:
+      replicas: 3
+      strategy: RollingUpdate
       annotations:
         reloader.stakater.com/auto: "true"
     image:
       repository: ghcr.io/immich-app/immich-machine-learning
-      tag: v1.41.1_64-dev
+      tag: v1.42.0_65-dev
     command: /bin/sh
     args:
       - ./entrypoint.sh
@@ -53,9 +55,16 @@ spec:
         enabled: true
         existingClaim: immich-nfs
         mountPath: /usr/src/app/upload
+    topologySpreadConstraints:
+      - maxSkew: 1
+        topologyKey: kubernetes.io/hostname
+        whenUnsatisfiable: DoNotSchedule
+        labelSelector:
+          matchLabels:
+            app.kubernetes.io/name: *app
     resources:
       requests:
         cpu: 100m
         memory: 250Mi
       limits:
-        memory: 2000Mi
+        memory: 1000Mi

kubernetes/apps/default/immich/app/microservices/helmrelease.yaml

@@ -3,7 +3,7 @@
 apiVersion: helm.toolkit.fluxcd.io/v2beta1
 kind: HelmRelease
 metadata:
-  name: immich-microservices
+  name: &app immich-microservices
   namespace: default
 spec:
   interval: 15m
@@ -26,15 +26,15 @@ spec:
       retries: 3
   uninstall:
     keepHistory: false
-  dependsOn:
-    - name: immich-server
   values:
     controller:
+      replicas: 3
+      strategy: RollingUpdate
       annotations:
         reloader.stakater.com/auto: "true"
     image:
       repository: ghcr.io/immich-app/immich-server
-      tag: v1.41.1_64-dev
+      tag: v1.42.0_65-dev
     command: /bin/sh
     args:
       - ./start-microservices.sh
@@ -51,9 +51,16 @@ spec:
         enabled: true
         existingClaim: immich-nfs
         mountPath: /usr/src/app/upload
+    topologySpreadConstraints:
+      - maxSkew: 1
+        topologyKey: kubernetes.io/hostname
+        whenUnsatisfiable: DoNotSchedule
+        labelSelector:
+          matchLabels:
+            app.kubernetes.io/name: *app
     resources:
       requests:
-        cpu: 100m
+        cpu: 10m
-        memory: 250Mi
+        memory: 100Mi
       limits:
-        memory: 2000Mi
+        memory: 500Mi

kubernetes/apps/default/immich/app/proxy/helmrelease.yaml

@@ -1,69 +0,0 @@
----
-# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helmrelease_v2beta1.json
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
-  name: immich-proxy
-  namespace: default
-spec:
-  interval: 15m
-  chart:
-    spec:
-      chart: app-template
-      version: 1.2.1
-      sourceRef:
-        kind: HelmRepository
-        name: bjw-s
-        namespace: flux-system
-  maxHistory: 3
-  install:
-    createNamespace: true
-    remediation:
-      retries: 3
-  upgrade:
-    cleanupOnFail: true
-    remediation:
-      retries: 3
-  uninstall:
-    keepHistory: false
-  dependsOn:
-    - name: immich-server
-  values:
-    controller:
-      annotations:
-        reloader.stakater.com/auto: "true"
-    image:
-      repository: ghcr.io/immich-app/immich-proxy
-      tag: v1.41.1_64-dev
-    envFrom:
-      - secretRef:
-          name: immich-secret
-      - configMapRef:
-          name: immich-configmap
-    service:
-      main:
-        ports:
-          http:
-            port: 8080
-    ingress:
-      main:
-        enabled: true
-        ingressClassName: nginx
-        annotations:
-          nginx.ingress.kubernetes.io/proxy-body-size: "0"
-          hajimari.io/appName: "Immich"
-          hajimari.io/icon: heroicons:photo
-        hosts:
-          - host: &host photos.${SECRET_CLUSTER_DOMAIN}
-            paths:
-              - path: /
-                pathType: Prefix
-        tls:
-          - hosts:
-              - *host
-    resources:
-      requests:
-        cpu: 100m
-        memory: 250Mi
-      limits:
-        memory: 2000Mi

kubernetes/apps/default/immich/app/proxy/kustomization.yaml

@@ -1,6 +0,0 @@
----
-# yaml-language-server: $schema=https://json.schemastore.org/kustomization
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ./helmrelease.yaml

kubernetes/apps/default/immich/app/redis/helmrelease.yaml

@@ -1,52 +0,0 @@
----
-# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helmrelease_v2beta1.json
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
-  name: immich-redis
-  namespace: default
-spec:
-  interval: 15m
-  chart:
-    spec:
-      chart: app-template
-      version: 1.2.1
-      sourceRef:
-        kind: HelmRepository
-        name: bjw-s
-        namespace: flux-system
-  maxHistory: 3
-  install:
-    createNamespace: true
-    remediation:
-      retries: 3
-  upgrade:
-    cleanupOnFail: true
-    remediation:
-      retries: 3
-  uninstall:
-    keepHistory: false
-  values:
-    controller:
-      annotations:
-        reloader.stakater.com/auto: "true"
-    image:
-      repository: public.ecr.aws/docker/library/redis
-      tag: 7.0.7
-    env:
-      REDIS_REPLICATION_MODE: master
-    envFrom:
-      - secretRef:
-          name: immich-secret
-    command: ["redis-server", "--requirepass", "$(REDIS_PASSWORD)"]
-    service:
-      main:
-        ports:
-          http:
-            port: 6379
-    resources:
-      requests:
-        cpu: 10m
-        memory: 10Mi
-      limits:
-        memory: 100Mi

kubernetes/apps/default/immich/app/redis/kustomization.yaml

@@ -1,6 +0,0 @@
----
-# yaml-language-server: $schema=https://json.schemastore.org/kustomization
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ./helmrelease.yaml

kubernetes/apps/default/immich/app/secret.sops.yaml

@@ -12,8 +12,6 @@ stringData:
     DB_PASSWORD: ENC[AES256_GCM,data:xGc/+0jUa2FcMKSFyjaxYia1ZnU=,iv:A0i5vPLMXLmqNicsQI6vrlOnR8lEJXOMomABnGMOLAQ=,tag:RXPncaj3YxgdK4UpOp2oCw==,type:str]
     DB_USERNAME: ENC[AES256_GCM,data:usQAPAXx,iv:/dG1qJr2i1uwarjTn9RcxPt12DbY/gAO+rUdSDqeWNA=,tag:JM3zv0xI+rlX+1ju7kyVxw==,type:str]
     JWT_SECRET: ENC[AES256_GCM,data:177xddBgbYp4B1xLlfHsGqm1SdW6W7S7Z53ExG3dYw==,iv:LAX2iW9hj/fX7n1g6yWAZOtZNH3xXMSXn9nFoffCkvU=,tag:76Kxh3v7pqazzDJDuVcpNQ==,type:str]
-    REDIS_HOSTNAME: ENC[AES256_GCM,data:MjZKUZTEBTLkPh3f4DoK2cbvg7dVhWse5EE4C8ptvGlvC/XP49Y=,iv:9QHpHezHlccOFOIUXiZd2iqJZO6Z7lHoDdlRtyW2f68=,tag:vGdhYsqS3aBLVVc7m7x8wA==,type:str]
-    REDIS_PASSWORD: ENC[AES256_GCM,data:KSzXwFU1lnpaRKusVjnUhuHTy68=,iv:qe4nhzMOXrSKxjI32tL8fcEqDU7pmzOaryJI4O2U1nc=,tag:2WXAsx/9u8ty8bl47txorA==,type:str]
     #ENC[AES256_GCM,data:1+sGdHMiMe3clIg6KVo=,iv:II/LS19frtCXo/niP5/HPaVF6IcYr/FBqddAlKFytA0=,tag:IubpMI5HxdnxZB8mSezASA==,type:comment]
     POSTGRES_DB: ENC[AES256_GCM,data:NMVSQmNi,iv:/5aMX5er4zqsOVidsnaArmBwRreVPLBE9hn5jNSDkso=,tag:vGJDIQgfCOqUOtYFtlL51w==,type:str]
     POSTGRES_HOST: ENC[AES256_GCM,data:TpU9sKI32nQJ3pFnas9FjLXNlnAzX73heXQ7EwYVuur5AKQwdw==,iv:/SdWujct0FaDNMpUwk9ImuKDwDKL2oun8I6kPfU+P6s=,tag:LUqHoWf8wMkBM4sKri+5Ew==,type:str]
@@ -35,8 +33,8 @@ sops:
             MGN2VjZaRzhTM3JxeWlVelhvQUhlcTgKIQnk7XcpuK9ZWinZf9s/rYFAeFbF2yXX
             +afSzOZKXq6ENcnTY/Or0A76wXVpYAJ3yaNsfFhXY0QQw/wwE14cMA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2023-01-04T21:16:40Z"
+    lastmodified: "2023-01-20T22:21:49Z"
-    mac: ENC[AES256_GCM,data:mWyyhgs0zkHxwQzdGPQf+9uJB3H3GRDS0PcRfBt5J/cMQ3/UEHWBi07boxJoFZOyljW9wxFu4z0rt7Eo9FFJPRq0hddNbgRoEU17xoEn4BkzbKcvMmSsJLw0dLVHXvzm69sxAPwfWEB8+44Oan9xA78MUtNlHbZf/CpOW+WZ/ik=,iv:68cPaccLy2CqYxWvJ4EM+DT9VJMY2QH9NawyjveYiZg=,tag:Rjchcl/LqaDKAbEMPoVggQ==,type:str]
+    mac: ENC[AES256_GCM,data:4zfSBXGF24tFS1ZCnIXIbINKTjhIpX3apg/XlYAS2rfWbJY32eT3d7v+qjwzVzDB/YOMcTHDE1QjRheJKSB5HyM6i4abJrnxlza7asdcpFdFmPpn28nOwl6O6iRunKFp/Z/ha9WQIZMlW/X6ePNVT1N9ctgKxW5pQrI6c4Xzq2Y=,iv:NO8wfTB754LnKKy0YTpkWQVLrHzyZpuvQaqZSeaQSPg=,tag:tdPPzJ4cOSBB9CeK97IZdg==,type:str]
     pgp: []
     encrypted_regex: ^(data|stringData)$
     version: 3.7.3

kubernetes/apps/default/immich/app/server/helmrelease.yaml

@@ -3,7 +3,7 @@
 apiVersion: helm.toolkit.fluxcd.io/v2beta1
 kind: HelmRelease
 metadata:
-  name: immich-server
+  name: &app immich-server
   namespace: default
 spec:
   interval: 15m
@@ -26,8 +26,6 @@ spec:
       retries: 3
   uninstall:
     keepHistory: false
-  dependsOn:
-    - name: immich-redis
   values:
     initContainers:
       init-db:
@@ -36,11 +34,13 @@ spec:
           - secretRef:
               name: immich-secret
     controller:
+      replicas: 3
+      strategy: RollingUpdate
       annotations:
         reloader.stakater.com/auto: "true"
     image:
       repository: ghcr.io/immich-app/immich-server
-      tag: v1.41.1_64-dev
+      tag: v1.42.0_65-dev
     command: /bin/sh
     args:
       - ./start-server.sh
@@ -59,9 +59,16 @@ spec:
         enabled: true
         existingClaim: immich-nfs
         mountPath: /usr/src/app/upload
+    topologySpreadConstraints:
+      - maxSkew: 1
+        topologyKey: kubernetes.io/hostname
+        whenUnsatisfiable: DoNotSchedule
+        labelSelector:
+          matchLabels:
+            app.kubernetes.io/name: *app
     resources:
       requests:
-        cpu: 100m
+        cpu: 10m
-        memory: 250Mi
+        memory: 100Mi
       limits:
-        memory: 2000Mi
+        memory: 500Mi

kubernetes/apps/default/immich/app/volume.yaml

@@ -13,11 +13,6 @@ spec:
   nfs:
     server: ${LOCAL_LAN_TRUENAS}
     path: /mnt/storage/apps/immich
-  mountOptions:
-    - nfsvers=4.2
-    - nconnect=8
-    - hard
-    - noatime
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim

kubernetes/apps/default/immich/app/web/helmrelease.yaml

@@ -3,7 +3,7 @@
 apiVersion: helm.toolkit.fluxcd.io/v2beta1
 kind: HelmRelease
 metadata:
-  name: immich-web
+  name: &app immich-web
   namespace: default
 spec:
   interval: 15m
@@ -30,11 +30,13 @@ spec:
     - name: immich-server
   values:
     controller:
+      replicas: 3
+      strategy: RollingUpdate
       annotations:
         reloader.stakater.com/auto: "true"
     image:
       repository: ghcr.io/immich-app/immich-web
-      tag: v1.41.1_64-dev
+      tag: v1.42.0_65-dev
     command: /bin/sh
     args:
       - ./entrypoint.sh
@@ -48,14 +50,46 @@ spec:
         ports:
           http:
             port: 3000
+    ingress:
+      main:
+        enabled: true
+        ingressClassName: nginx
+        annotations:
+          external-dns.home.arpa/enabled: "true"
+          nginx.ingress.kubernetes.io/configuration-snippet: |
+            rewrite /api/(.*) /$1 break;
+          nignx.ingress.kubernetes.io/force-ssl-redirect: "true"
+          nginx.ingress.kubernetes.io/proxy-body-size: "0"
+          hajimari.io/appName: Immich
+          hajimari.io/icon: heroicons:photo
+        hosts:
+          - host: &host photos.${SECRET_CLUSTER_DOMAIN}
+            paths:
+              - path: /
+                pathType: Prefix
+              - path: /api
+                pathType: Prefix
+                service:
+                  name: immich-server
+                  port: 3001
+        tls:
+          - hosts:
+              - *host
     persistence:
       library:
         enabled: true
         existingClaim: immich-nfs
         mountPath: /usr/src/app/upload
+    topologySpreadConstraints:
+      - maxSkew: 1
+        topologyKey: kubernetes.io/hostname
+        whenUnsatisfiable: DoNotSchedule
+        labelSelector:
+          matchLabels:
+            app.kubernetes.io/name: *app
     resources:
       requests:
-        cpu: 100m
+        cpu: 10m
-        memory: 250Mi
+        memory: 100Mi
       limits:
-        memory: 2000Mi
+        memory: 500Mi

kubernetes/apps/default/immich/ks.yaml

@@ -10,7 +10,7 @@ metadata:
 spec:
   dependsOn:
     - name: cluster-apps-cloudnative-pg-app
-    - name: cluster-apps-volsync-app
+    - name: cluster-apps-redis-lb
   path: ./kubernetes/apps/default/immich/app
   prune: true
   sourceRef:
@@ -21,14 +21,6 @@ spec:
       kind: HelmRelease
       name: immich-microservices
       namespace: default
-    - apiVersion: helm.toolkit.fluxcd.io/v2beta1
-      kind: HelmRelease
-      name: immich-proxy
-      namespace: default
-    - apiVersion: helm.toolkit.fluxcd.io/v2beta1
-      kind: HelmRelease
-      name: immich-redis
-      namespace: default
     - apiVersion: helm.toolkit.fluxcd.io/v2beta1
       kind: HelmRelease
       name: immich-server

kubernetes/apps/default/redis/ks.yaml

@@ -3,7 +3,7 @@
 apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
 kind: Kustomization
 metadata:
-  name: cluster-apps-redis-app
+  name: cluster-apps-redis
   namespace: flux-system
   labels:
     substitution.flux.home.arpa/enabled: "true"
@@ -23,3 +23,28 @@ spec:
   interval: 30m
   retryInterval: 1m
   timeout: 3m
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/kustomization_v1beta2.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
+kind: Kustomization
+metadata:
+  name: cluster-apps-redis-lb
+  namespace: flux-system
+  labels:
+    substitution.flux.home.arpa/enabled: "true"
+spec:
+  dependsOn:
+    - name: cluster-apps-redis
+  path: ./kubernetes/apps/default/redis/lb
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: home-ops-kubernetes
+  healthChecks:
+    - apiVersion: helm.toolkit.fluxcd.io/v2beta1
+      kind: HelmRelease
+      name: redis-lb
+      namespace: default
+  interval: 30m
+  retryInterval: 1m
+  timeout: 3m

kubernetes/apps/default/redis/lb/config/haproxy.cfg

@@ -0,0 +1,88 @@
+global
+    daemon
+    maxconn 256
+
+defaults
+    mode tcp
+    timeout connect 4s
+    timeout client 30s
+    timeout server 30s
+    retry-on all-retryable-errors
+
+resolvers cluster_ns
+    parse-resolv-conf
+
+    hold valid    10s
+    hold other    30s
+    hold refused  30s
+    hold nx       30s
+    hold timeout  30s
+    hold obsolete 30s
+
+    resolve_retries 3
+    timeout retry 1s
+    timeout resolve 1s
+
+frontend http
+    bind :8080
+    http-request use-service prometheus-exporter if { path /metrics }
+    default_backend stats
+
+backend stats
+    mode http
+    stats enable
+    stats uri /
+    stats refresh 5s
+    stats show-legends
+    stats admin if TRUE
+
+resolvers k8s
+    parse-resolv-conf
+    hold other           10s
+    hold refused         10s
+    hold nx              10s
+    hold timeout         10s
+    hold valid           10s
+    hold obsolete        10s
+
+frontend redis-read
+    bind *:6380
+    default_backend redis-online
+
+frontend redis-write
+    bind *:6379
+    default_backend redis-primary
+
+frontend redis-sentinel
+    bind *:26379
+    default_backend redis-sentinel
+
+backend redis-primary
+    balance first
+    option tcp-check
+    tcp-check connect port 6379
+    tcp-check send info\ replication\r\n
+    tcp-check expect string role:master
+    server redis-0 redis-node-0.redis-headless.default.svc.cluster.local check inter 5s resolvers cluster_ns
+    server redis-1 redis-node-1.redis-headless.default.svc.cluster.local check inter 5s resolvers cluster_ns
+    server redis-2 redis-node-2.redis-headless.default.svc.cluster.local check inter 5s resolvers cluster_ns
+
+backend redis-online
+    balance roundrobin
+    option tcp-check
+    tcp-check connect port 6379
+    tcp-check send PING\r\n
+    tcp-check expect string +PONG
+    server redis-0 redis-node-0.redis-headless.default.svc.cluster.local check inter 5s resolvers cluster_ns
+    server redis-1 redis-node-1.redis-headless.default.svc.cluster.local check inter 5s resolvers cluster_ns
+    server redis-2 redis-node-2.redis-headless.default.svc.cluster.local check inter 5s resolvers cluster_ns
+
+backend redis-sentinel
+    balance roundrobin
+    option tcp-check
+    tcp-check connect port 26379
+    tcp-check send PING\r\n
+    tcp-check expect string +PONG
+    server redis-0 redis-node-0.redis-headless.default.svc.cluster.local check inter 5s resolvers cluster_ns
+    server redis-1 redis-node-1.redis-headless.default.svc.cluster.local check inter 5s resolvers cluster_ns
+    server redis-2 redis-node-2.redis-headless.default.svc.cluster.local check inter 5s resolvers cluster_ns

kubernetes/apps/default/redis/lb/helmrelease.yaml

@@ -0,0 +1,86 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helmrelease_v2beta1.json
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: redis-lb
+  namespace: default
+spec:
+  interval: 15m
+  chart:
+    spec:
+      chart: app-template
+      version: 1.2.1
+      sourceRef:
+        kind: HelmRepository
+        name: bjw-s
+        namespace: flux-system
+  maxHistory: 3
+  install:
+    createNamespace: true
+    remediation:
+      retries: 3
+  upgrade:
+    cleanupOnFail: true
+    remediation:
+      retries: 3
+  uninstall:
+    keepHistory: false
+  values:
+    controller:
+      replicas: 3
+      strategy: RollingUpdate
+    image:
+      repository: public.ecr.aws/docker/library/haproxy
+      tag: 2.7.1-alpine
+    service:
+      main:
+        type: LoadBalancer
+        loadBalacerIP: "${CLUSTER_LB_REDIS}"
+        externalTrafficPolicy: Local
+        ports:
+          http:
+            port: 8080
+            targetPort: 8080
+          redis-write:
+            port: 6379
+            targetPort: 6379
+          redis-read:
+            port: 6380
+            targetPort: 6380
+          redis-sentinel:
+            port: 26379
+            targetPort: 26379
+    serviceMonitor:
+      main:
+        enabled: true
+        endpoints:
+          - port: http
+            scheme: http
+            path: /metrics
+            interval: 1m
+            scrapeTimeout: 10s
+    ingress:
+      main:
+        enabled: true
+        ingressClassName: nginx
+        annotations:
+          hajimari.io/icon: simple-icons:redis
+        hosts:
+          - host: redis-lb.${SECRET_CLUSTER_DOMAIN}
+            paths:
+              - path: /
+                pathType: Prefix
+    podSecurityContext:
+      runAsUser: 99
+      runAsGroup: 99
+      fsGroup: 99
+      fsGroupChangePolicy: "OnRootMismatch"
+    persistence:
+      config:
+        enabled: true
+        type: configMap
+        name: redis-lb-configmap # overriden by kustomizeconfig
+        mountPath: /usr/local/etc/haproxy/haproxy.cfg
+        subPath: haproxy.cfg
+        readOnly: true

kubernetes/apps/default/redis/lb/kustomization.yaml

@@ -0,0 +1,13 @@
+---
+# yaml-language-server: $schema=https://json.schemastore.org/kustomization
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: default
+resources:
+  - helmrelease.yaml
+configMapGenerator:
+  - name: redis-lb-configmap
+    files:
+      - haproxy.cfg=./config/haproxy.cfg
+configurations:
+  - ./patches/kustomizeconfig.yaml

kubernetes/apps/default/redis/lb/patches/kustomizeconfig.yaml

@@ -0,0 +1,7 @@
+---
+nameReference:
+  - kind: ConfigMap
+    version: v1
+    fieldSpecs:
+      - path: spec/values/persistence/config/name
+        kind: HelmRelease

kubernetes/flux/vars/cluster-settings.yaml

@@ -20,6 +20,7 @@ data:
   CLUSTER_LB_JELLYFIN: 192.168.169.110
   CLUSTER_LB_RESILIOSYNC_HELENE: 192.168.169.111
   CLUSTER_LB_MAILRISE: 192.168.169.112
+  CLUSTER_LB_REDIS: 192.168.169.113
   LOCAL_LAN: 192.168.8.0/22
   LOCAL_LAN_OPNSENSE: 192.168.8.1
   LOCAL_LAN_TRUENAS: 192.168.9.10