✨ new talos cluster

kubernetes/cluster-0/apps/web-tools/sharry/config/sharry.conf

@@ -0,0 +1,100 @@
+sharry.restserver {
+  base-url = "https://sharry.${SECRET_CLUSTER_DOMAIN}"
+  bind {
+    address = "0.0.0.0"
+    port =9090
+  }
+  # Configures logging
+  logging {
+    format = "Fancy"
+    minimum-level = "Info"
+  }
+  backend {
+    auth {
+      fixed.enabled = false
+    }
+    jdbc {
+      url = "jdbc:postgresql://postgres-rw.default.svc.cluster.local.:5432/sharry"
+      user = "${SECRET_SHARRY_DB_USERNAME}"
+      password = "${SECRET_SHARRY_DB_PASSWORD}"
+    }
+
+    # How files are stored.
+    files {
+      # The id of an enabled store from the `stores` array that should
+      # be used.
+      default-store = "minio"
+      # A list of possible file stores. Each entry must have a unique
+      # id. The `type` is one of: default-database, filesystem, s3.
+      #
+      # All stores with enabled=false are
+      # removed from the list. The `default-store` must be enabled.
+      stores = {
+        minio =
+          { enabled = true
+            type = "s3"
+            endpoint = "https://truenas.${SECRET_DOMAIN}:9000"
+            access-key = "${SECRET_SHARRY_MINIO_S3_ACCESS_KEY}"
+            secret-key = "${SECRET_SHARRY_MINIO_S3_SECRET_KEY}"
+            bucket = "sharry"
+          }
+        }
+      }
+    webapp {
+      # This is shown in the top right corner of the web application
+      app-name = "Sharry"
+      # The icon next to the app-name. Needs to be an URL to a image.
+      app-icon = ""
+      # The login and register page displays a logo image, by default
+      # the Sharry logo. This can be changed here. It needs to be an URL
+      # to an image.
+      app-logo = ""
+      # This is markdown that is inserted as the footer on each page in
+      # the ui. If left empty, a link to the project is rendered.
+      app-footer = ""
+      # Whether to display the footer on each page in the ui. Set it to
+      # false to hide it.
+      app-footer-visible = true
+      # Chunk size used for one request. The server will re-chunk the
+      # stream into smaller chunks. But the client can transfer more in
+      # one requests, resulting in faster uploads.
+      #
+      # You might need to adjust this value depending on your setup. A
+      # higher value usually means faster uploads.
+      chunk-size = "100M"
+      # Number of milliseconds the client should wait before doing a new
+      # upload attempt after something failed. The length of the array
+      # denotes the number of retries.
+      retry-delays = [0, 3000, 6000, 12000, 24000, 48000]
+      # The login page can display a welcome message that is readable by
+      # everyone. The text is processed as markdown.
+      welcome-message = ""
+    }
+    share {
+      # When storing binary data use chunks of this size.
+      chunk-size = "512K"
+      # Maximum size of a share.
+      max-size = "1.5G"
+      # Maximum validity for uploads
+      max-validity =31 days
+    }
+    signup {
+      mode = "invite"
+      invite-time = "14 days"
+      invite-password = "generate-invite"
+    }
+    mail {
+      enabled = true
+      smtp {
+        host = "smtp-relay.default.svc.cluster.local."
+        port = 2525
+        user = ""
+        password = ""
+
+        ssl-type = "none"
+
+        default-from = "Sharry <sharry@${SECRET_DOMAIN}>"
+      }
+    }
+  }
+}

kubernetes/cluster-0/apps/web-tools/sharry/helm-release.yaml

@@ -0,0 +1,71 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: &app sharry
+  namespace: default
+spec:
+  interval: 15m
+  chart:
+    spec:
+      chart: app-template
+      version: 1.0.1
+      sourceRef:
+        kind: HelmRepository
+        name: bjw-s
+        namespace: flux-system
+  install:
+    createNamespace: true
+    remediation:
+      retries: 5
+  upgrade:
+    remediation:
+      retries: 5
+  dependsOn:
+    - name: postgres-cluster
+      namespace: default
+  values:
+    controller:
+      replicas: 1
+      strategy: Recreate
+    image:
+      repository: eikek0/sharry
+      tag: v1.11.0
+    args:
+      - "/opt/sharry.conf"
+    service:
+      main:
+        ports:
+          http:
+            port: 9090
+    ingress:
+      main:
+        enabled: true
+        ingressClassName: "nginx"
+        annotations:
+          external-dns.home.arpa/enabled: "true"
+          nginx.ingress.kubernetes.io/proxy-body-size: "0"
+        hosts:
+          - host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}"
+            paths:
+              - path: /
+                pathType: Prefix
+        tls:
+          - hosts:
+              - *host
+    podAnnotations:
+      configMap.reloader.stakater.com/reload: *app
+      secret.reloader.stakater.com/reload: *app
+    resources:
+      requests:
+        cpu: 50m
+        memory: 250Mi
+      limits:
+        memory: 1Gi
+    persistence:
+      config:
+        enabled: true
+        type: configMap
+        name: sharry
+        mountPath: /opt/sharry.conf
+        subPath: sharry.conf

kubernetes/cluster-0/apps/web-tools/sharry/kustomization.yaml

@@ -0,0 +1,14 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: default
+resources:
+  - helm-release.yaml
+patchesStrategicMerge:
+  - patches/postgres.yaml
+configMapGenerator:
+  - name: sharry
+    files:
+      - config/sharry.conf
+generatorOptions:
+  disableNameSuffixHash: true

kubernetes/cluster-0/apps/web-tools/sharry/patches/postgres.yaml

@@ -0,0 +1,25 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: sharry
+  namespace: default
+spec:
+  values:
+    initContainers:
+      init-db:
+        image: ghcr.io/onedr0p/postgres-initdb:14.5
+        env:
+          - name: POSTGRES_HOST
+            value: postgres-rw.default.svc.cluster.local.
+          - name: POSTGRES_DB
+            value: sharry
+          - name: POSTGRES_SUPER_PASS
+            valueFrom:
+              secretKeyRef:
+                name: postgres-superuser
+                key: password
+          - name: POSTGRES_USER
+            value: ${SECRET_SHARRY_DB_USERNAME}
+          - name: POSTGRES_PASS
+            value: ${SECRET_SHARRY_DB_PASSWORD}