shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-10-02 08:47:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: migrate to namespace home-automation

Browse Source
This commit is contained in:
auricom
2021-07-22 16:39:13 +02:00
parent eb8d2ccd4a
commit 477df28686
24 changed files with 12 additions and 193 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
cluster/apps/home-automation/emqx/helm-release.yaml Normal file
View File

@@ -0,0 +1,97 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: emqx
namespace: home-automation
spec:
interval: 5m
chart:
spec:
# renovate: registryUrl=https://repos.emqx.io/charts
chart: emqx
version: 4.3.5
sourceRef:
kind: HelmRepository
name: emqx-charts
namespace: flux-system
interval: 5m
values:
replicaCount: 3
recreatePods: true
service:
annotations:
prometheus.io/probe: "true"
prometheus.io/protocol: tcp
type: LoadBalancer
loadBalancerIP: ${CLUSTER_LB_EMQX}
externalTrafficPolicy: Local
ingress:
dashboard:
enabled: true
annotations:
kubernetes.io/ingress.class: "nginx"
path: /
hosts:
- emqx.${SECRET_CLUSTER_DOMAIN}
tls:
- hosts:
- emqx.${SECRET_CLUSTER_DOMAIN}
emqxConfig:
EMQX_ALLOW_ANONYMOUS: "false"
EMQX_ADMIN_PASSWORD: "${SECRET_EMQX_ADMIN_PASSWORD}"
EMQX_AUTH__MNESIA__PASSWORD_HASH: plain
EMQX_AUTH__USER__1__USERNAME: "${SECRET_MQTT_USERNAME}"
EMQX_AUTH__USER__1__PASSWORD: "${SECRET_MQTT_PASSWORD}"
emqxAclConfig: >
{allow, {user, "dashboard"}, subscribe, ["$SYS/#"]}.
{allow, {ipaddr, "127.0.0.1"}, pubsub, ["$SYS/#", "#"]}.
{allow, all, subscribe, ["$SYS/#", {eq, "#"}]}.
{allow, all}.
emqxLoadedPlugins: >
{emqx_management, true}.
{emqx_recon, true}.
{emqx_retainer, true}.
{emqx_dashboard, true}.
{emqx_telemetry, false}.
{emqx_rule_engine, true}.
{emqx_bridge_mqtt, false}.
{emqx_auth_mnesia, true}.
{emqx_prometheus, true}.
emqxLoadedModules: >
{emqx_mod_presence, true}.
{emqx_mod_delayed, false}.
{emqx_mod_rewrite, false}.
{emqx_mod_subscription, false}.
{emqx_mod_topic_metrics, true}.
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- emqx
topologyKey: kubernetes.io/hostname
resources:
requests:
cpu: 100m
memory: 150Mi
limits:
memory: 512Mi
postRenderers:
- kustomize:
patchesJson6902:
- target:
kind: Service
name: emqx
patch:
- op: remove
path: /spec/loadBalancerIP
- op: add
path: /spec/externalIPs
value:
- "${CLUSTER_LB_EMQX}"

4
cluster/apps/home-automation/emqx/kustomization.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helm-release.yaml

125
cluster/apps/home-automation/frigate/helm-release.yaml Normal file
View File

@@ -0,0 +1,125 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: frigate
namespace: home-automation
spec:
interval: 5m
chart:
spec:
# renovate: registryUrl=https://k8s-at-home.com/charts/
chart: frigate
version: 5.0.0
sourceRef:
kind: HelmRepository
name: k8s-at-home-charts
namespace: flux-system
interval: 5m
values:
image:
repository: blakeblackshear/frigate
tag: 0.8.4-amd64
ingress:
main:
enabled: true
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/"
hosts:
- host: "frigate.${SECRET_CLUSTER_DOMAIN}"
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- "frigate.${SECRET_CLUSTER_DOMAIN}"
service:
main:
annotations:
prometheus.io/probe: "true"
prometheus.io/protocol: http
securityContext:
privileged: true
persistence:
data:
enabled: true
existingClaim: frigate-config
mountPath: /data
usb:
enabled: true
type: hostPath
hostPath: /dev/bus/usb
cache:
enabled: true
type: emptyDir
medium: Memory
sizeLimit: 2Gi
mountPath: /dev/shm
config: |
mqtt:
host: emqx
topic_prefix: frigate
user: ${SECRET_MQTT_USERNAME}
password: ${SECRET_MQTT_PASSWORD}
database:
path: /data/frigate.db
detectors:
coral:
type: edgetpu
device: usb
objects:
track:
- person
- dog
- cat
filters:
person:
min_area: 2500
max_area: 100000
threshold: 0.7
dog:
min_area: 1000
max_area: 10000
threshold: 0.7
cat:
min_area: 1000
max_area: 10000
threshold: 0.7
ffmpeg:
hwaccel_args:
- -hwaccel
- vaapi
- -hwaccel_device
- /dev/dri/renderD128
- -hwaccel_output_format
- yuv420p
podAnnotations:
configmap.reloader.stakater.com/reload: "frigate"
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: feature.node.kubernetes.io/custom-coral-tpu
operator: In
values:
- "true"
- key: feature.node.kubernetes.io/custom-intel-gpu
operator: In
values:
- "true"
resources:
requests:
gpu.intel.com/i915: 1
memory: 100Mi
cpu: 500m
limits:
gpu.intel.com/i915: 1
memory: 2000Mi

5
cluster/apps/home-automation/frigate/kustomization.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helm-release.yaml
- volume.yaml

15
cluster/apps/home-automation/frigate/volume.yaml Normal file
View File

@@ -0,0 +1,15 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: frigate-config
namespace: home-automation
labels:
kasten-io-snapshots: "enable"
spec:
accessModes:
- ReadWriteOnce
storageClassName: rook-ceph-block
resources:
requests:
storage: 1Gi

111
cluster/apps/home-automation/home-assistant/helm-release.yaml Normal file
View File

@@ -0,0 +1,111 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: home-assistant
namespace: home-automation
spec:
interval: 5m
chart:
spec:
# renovate: registryUrl=https://k8s-at-home.com/charts/
chart: home-assistant
version: 9.3.0
sourceRef:
kind: HelmRepository
name: k8s-at-home-charts
namespace: flux-system
interval: 5m
values:
controllerType: deployment
image:
repository: ghcr.io/home-assistant/home-assistant
tag: 2021.7.3
env:
TZ: "Europe/Paris"
HASS_SECRET_URL: https://home-assistant.${SECRET_CLUSTER_DOMAIN}
HASS_SECRET_LATITUDE: ${SECRET_HASS_LATITUDE}
HASS_SECRET_LONGITUDE: ${SECRET_HASS_LONGITUDE}
HASS_SECRET_ELEVATION: ${SECRET_HASS_ELEVATION}
HASS_SECRET_MQTT_USERNAME: ${SECRET_MQTT_USERNAME}
HASS_SECRET_MQTT_PASSWORD: ${SECRET_MQTT_PASSWORD}
HASS_SECRET_DB_URL: ${SECRET_HASS_DB_URL}
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
service:
main:
annotations:
prometheus.io/probe: "true"
prometheus.io/protocol: http
type: LoadBalancer
externalIPs:
- ${CLUSTER_LB_HASS}
externalTrafficPolicy: Local
ingress:
main:
enabled: true
annotations:
kubernetes.io/ingress.class: "nginx"
hosts:
- host: hass.${SECRET_CLUSTER_DOMAIN}
paths:
- path: /
pathType: Prefix
- host: home-assistant.${SECRET_CLUSTER_DOMAIN}
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- "home-assistant.${SECRET_CLUSTER_DOMAIN}"
prometheus:
serviceMonitor:
enabled: false
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
persistence:
config:
enabled: true
existingClaim: hass-config
addons:
codeserver:
enabled: true
image:
repository: codercom/code-server
tag: 3.10.2
workingDir: "/config"
args:
- --auth
- "none"
- --user-data-dir
- "/config/.vscode"
- --extensions-dir
- "/config/.vscode"
ingress:
enabled: true
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/"
hosts:
- host: hass-config.${SECRET_CLUSTER_DOMAIN}
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- hass-config.${SECRET_CLUSTER_DOMAIN}
volumeMounts:
- name: config
mountPath: /config
resources:
requests:
cpu: 500m
memory: 1000Mi
postgresql:
enabled: false

5
cluster/apps/home-automation/home-assistant/kustomization.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helm-release.yaml
- volume.yaml

15
cluster/apps/home-automation/home-assistant/volume.yaml Normal file
View File

@@ -0,0 +1,15 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: hass-config
namespace: home-automation
labels:
kasten-io-snapshots: "enable"
spec:
accessModes:
- ReadWriteOnce
storageClassName: rook-ceph-block
resources:
requests:
storage: 10Gi

8
cluster/apps/home-automation/kustomization.yaml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- emqx
- frigate
- home-assistant
- zigbee2mqtt
- zwavejs2mqtt

103
cluster/apps/home-automation/zigbee2mqtt/helm-release.yaml Normal file
View File

@@ -0,0 +1,103 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: zigbee2mqtt
namespace: home-automation
spec:
interval: 5m
chart:
spec:
# renovate: registryUrl=https://k8s-at-home.com/charts/
chart: zigbee2mqtt
version: 8.3.0
sourceRef:
kind: HelmRepository
name: k8s-at-home-charts
namespace: flux-system
interval: 5m
values:
image:
repository: koenkk/zigbee2mqtt
tag: 1.20.0
env:
TZ: Europe/Paris
ZIGBEE2MQTT_DATA: /data
config:
homeassistant: true
device_options:
retain: true
permit_join: false
mqtt:
base_topic: zigbee2mqtt
server: "mqtt://emqx"
user: "${SECRET_MQTT_USERNAME}"
password: "${SECRET_MQTT_PASSWORD}"
serial:
port: /dev/serial/by-id/usb-1a86_USB_Serial-if00-port0
advanced:
log_output:
- console
network_key:
- 204
- 61
- 75
- 23
- 44
- 230
- 24
- 203
- 53
- 5
- 248
- 32
- 50
- 84
- 44
- 159
frontend:
port: 8080
experimental:
new_api: true
securityContext:
privileged: true
service:
main:
annotations:
prometheus.io/probe: "true"
prometheus.io/protocol: "http"
ingress:
main:
enabled: true
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/"
hosts:
- host: "zigbee.${SECRET_CLUSTER_DOMAIN}"
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- "zigbee.${SECRET_CLUSTER_DOMAIN}"
persistence:
config:
enabled: true
existingClaim: zigbee2mqtt-config
mountPath: "/data"
usb:
enabled: true
type: hostPath
hostPath: /dev/serial/by-id/usb-1a86_USB_Serial-if00-port0
hostPathType: CharDevice
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- {
key: "feature.node.kubernetes.io/custom-zigbee",
operator: In,
values: ["true"],
}

5
cluster/apps/home-automation/zigbee2mqtt/kustomization.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helm-release.yaml
- volume.yaml

15
cluster/apps/home-automation/zigbee2mqtt/volume.yaml Normal file
View File

@@ -0,0 +1,15 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: zigbee2mqtt-config
namespace: home-automation
labels:
kasten-io-snapshots: "enable"
spec:
accessModes:
- ReadWriteOnce
storageClassName: rook-ceph-block
resources:
requests:
storage: 1Gi

67
cluster/apps/home-automation/zwavejs2mqtt/helm-release.yaml Normal file
View File

@@ -0,0 +1,67 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: zwavejs2mqtt
namespace: home-automation
spec:
releaseName: zwavejs2mqtt
interval: 5m
chart:
spec:
# renovate: registryUrl=https://k8s-at-home.com/charts/
chart: zwavejs2mqtt
version: 4.2.0
sourceRef:
kind: HelmRepository
name: k8s-at-home-charts
namespace: flux-system
interval: 5m
values:
image:
repository: ghcr.io/zwave-js/zwavejs2mqtt
tag: 5.4.1
env:
TZ: "Europe/Paris"
securityContext:
privileged: true
ingress:
main:
enabled: true
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/"
hosts:
- host: zwave.${SECRET_CLUSTER_DOMAIN}
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- zwave.${SECRET_CLUSTER_DOMAIN}
service:
main:
annotations:
prometheus.io/probe: "true"
prometheus.io/protocol: http
persistence:
config:
enabled: true
existingClaim: zwavejs2mqtt-config
mountPath: /usr/src/app/store
usb:
enabled: true
type: hostPath
hostPath: /dev/serial/by-id/usb-0658_0200-if00
hostPathType: CharDevice
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- {
key: "feature.node.kubernetes.io/custom-zwave",
operator: In,
values: ["true"],
}

5
cluster/apps/home-automation/zwavejs2mqtt/kustomization.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helm-release.yaml
- volume.yaml

15
cluster/apps/home-automation/zwavejs2mqtt/volume.yaml Normal file
View File

@@ -0,0 +1,15 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: zwavejs2mqtt-config
namespace: home-automation
labels:
kasten-io-snapshots: "enable"
spec:
accessModes:
- ReadWriteOnce
storageClassName: rook-ceph-block
resources:
requests:
storage: 10Gi