From 532c18f025713a437247d7b526b7d50e3fb0dd03 Mon Sep 17 00:00:00 2001 From: auricom <27022259+auricom@users.noreply.github.com> Date: Sat, 4 Nov 2023 15:37:01 +0100 Subject: [PATCH] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20truenas=20app-template=20v?= =?UTF-8?q?2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../truenas/app/backup/helmrelease.yaml | 77 +++++++-------- .../truenas/app/certs-deploy/helmrelease.yaml | 95 ++++++++----------- .../truenas/app/minio-rclone/helmrelease.yaml | 41 ++++---- 3 files changed, 99 insertions(+), 114 deletions(-) diff --git a/kubernetes/apps/default/truenas/app/backup/helmrelease.yaml b/kubernetes/apps/default/truenas/app/backup/helmrelease.yaml index bf4c6ba21..6c0ee773b 100644 --- a/kubernetes/apps/default/truenas/app/backup/helmrelease.yaml +++ b/kubernetes/apps/default/truenas/app/backup/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: app-template - version: 1.5.1 + version: 2.0.3 sourceRef: kind: HelmRepository name: bjw-s @@ -27,21 +27,32 @@ spec: uninstall: keepHistory: false values: - controller: - type: cronjob - cronjob: - concurrencyPolicy: Forbid - schedule: "@daily" - restartPolicy: OnFailure - image: - repository: ghcr.io/auricom/kubectl - tag: 1.28.2@sha256:c501dc41a29b62346cc791b83e1f0d6755dcc1776b89d506f4c4a8e3fb63be41 - command: ["/bin/bash", "/app/truenas-backup.sh"] - env: - HOSTNAME: truenas - envFrom: - - secretRef: - name: truenas-secret + controllers: + main: + type: cronjob + cronjob: + concurrencyPolicy: Forbid + schedule: "@daily" + containers: + main: + image: + repository: ghcr.io/auricom/kubectl + tag: 1.28.2@sha256:c501dc41a29b62346cc791b83e1f0d6755dcc1776b89d506f4c4a8e3fb63be41 + command: ["/bin/bash", "/app/truenas-backup.sh"] + env: + HOSTNAME: truenas + envFrom: &envFrom + - secretRef: + name: truenas-secret + truenas-remote-backup: + name: truenas-remote-backup + image: + repository: ghcr.io/auricom/kubectl + tag: 1.28.2@sha256:c501dc41a29b62346cc791b83e1f0d6755dcc1776b89d506f4c4a8e3fb63be41 + command: ["/bin/bash", "/app/truenas-backup.sh"] + env: + HOSTNAME: truenas-remote + envFrom: *envFrom service: main: enabled: false @@ -50,35 +61,17 @@ spec: enabled: true type: configMap name: truenas-backup-configmap - subPath: truenas-backup.sh - mountPath: /app/truenas-backup.sh defaultMode: 0775 - readOnly: true + globalMounts: + - path: /app/truenas-backup.sh + subPath: truenas-backup.sh + readOnly: true ssh: - enabled: true type: secret name: truenas-secret - subPath: TRUENAS_SSH_KEY - mountPath: /opt/id_rsa defaultMode: 0775 - readOnly: true - additionalContainers: - truenas-remote-backup: - name: truenas-remote-backup - image: ghcr.io/auricom/kubectl:1.28.2@sha256:c501dc41a29b62346cc791b83e1f0d6755dcc1776b89d506f4c4a8e3fb63be41 - command: ["/bin/bash", "/app/truenas-backup.sh"] - env: - - name: HOSTNAME - value: truenas-remote - envFrom: - - secretRef: - name: truenas-secret - volumeMounts: - - name: config - readOnly: true - mountPath: /app/truenas-backup.sh - subPath: truenas-backup.sh - - name: ssh - readOnly: true - mountPath: /opt/id_rsa + globalMounts: + - path: /opt/id_rsa subPath: TRUENAS_SSH_KEY + readOnly: true + diff --git a/kubernetes/apps/default/truenas/app/certs-deploy/helmrelease.yaml b/kubernetes/apps/default/truenas/app/certs-deploy/helmrelease.yaml index 7bda9bb77..e4fb47854 100644 --- a/kubernetes/apps/default/truenas/app/certs-deploy/helmrelease.yaml +++ b/kubernetes/apps/default/truenas/app/certs-deploy/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: app-template - version: 1.5.1 + version: 2.0.3 sourceRef: kind: HelmRepository name: bjw-s @@ -27,23 +27,33 @@ spec: uninstall: keepHistory: false values: - controller: - type: cronjob - cronjob: - concurrencyPolicy: Forbid - schedule: "@daily" - restartPolicy: OnFailure - image: - repository: ghcr.io/auricom/kubectl - tag: 1.28.2@sha256:c501dc41a29b62346cc791b83e1f0d6755dcc1776b89d506f4c4a8e3fb63be41 - command: ["/bin/bash", "/app/truenas-certs-deploy.sh"] - env: - HOSTNAME: truenas - TRUENAS_HOME: /mnt/storage/home/homelab - CERTS_DEPLOY_S3_ENABLED: "True" - envFrom: - - secretRef: - name: truenas-secret + controllers: + main: + type: cronjob + cronjob: + concurrencyPolicy: Forbid + schedule: "@daily" + containers: + main: + image: + repository: ghcr.io/auricom/kubectl + tag: 1.28.2@sha256:c501dc41a29b62346cc791b83e1f0d6755dcc1776b89d506f4c4a8e3fb63be41 + command: ["/bin/bash", "/app/truenas-certs-deploy.sh"] + env: + HOSTNAME: truenas + TRUENAS_HOME: /mnt/storage/home/homelab + CERTS_DEPLOY_S3_ENABLED: "True" + envFrom: &envFrom + truenas-remote-certs-deploy: + image: + repository: ghcr.io/auricom/kubectl + tag: 1.28.2@sha256:c501dc41a29b62346cc791b83e1f0d6755dcc1776b89d506f4c4a8e3fb63be41 + command: ["/bin/bash", "/app/truenas-certs-deploy.sh"] + env: + HOSTNAME: truenas-remote + TRUENAS_HOME: /mnt/vol1/home/homelab + CERTS_DEPLOY_S3_ENABLED: "False" + envFrom: *envFrom service: main: enabled: false @@ -52,50 +62,25 @@ spec: enabled: true type: configMap name: truenas-certs-deploy-configmap - subPath: truenas-certs-deploy.sh - mountPath: /app/truenas-certs-deploy.sh defaultMode: 0775 - readOnly: true + globalMounts: + - path: /app/truenas-certs-deploy.sh + subPath: truenas-certs-deploy.sh + readOnly: true config-python: - enabled: true type: configMap name: truenas-certs-deploy-configmap - subPath: truenas-certs-deploy.py - mountPath: /app/truenas-certs-deploy.py defaultMode: 0775 - readOnly: true + globalMounts: + - path: /app/truenas-certs-deploy.py + subPath: truenas-certs-deploy.py + readOnly: true ssh: - enabled: true type: secret name: truenas-secret - subPath: TRUENAS_SSH_KEY - mountPath: /opt/id_rsa defaultMode: 0775 - readOnly: true - sidecars: - truenas-remote-certs-deploy: - image: ghcr.io/auricom/kubectl:1.28.2@sha256:c501dc41a29b62346cc791b83e1f0d6755dcc1776b89d506f4c4a8e3fb63be41 - command: ["/bin/bash", "/app/truenas-certs-deploy.sh"] - env: - - name: HOSTNAME - value: truenas-remote - - name: TRUENAS_HOME - value: /mnt/vol1/home/homelab - - name: CERTS_DEPLOY_S3_ENABLED - value: "False" - envFrom: - - secretRef: - name: truenas-secret - volumeMounts: - - name: config - readOnly: true - mountPath: /app/truenas-certs-deploy.sh - subPath: truenas-certs-deploy.sh - - name: config-python - readOnly: true - mountPath: /app/truenas-certs-deploy.py - subPath: truenas-certs-deploy.py - - name: ssh - readOnly: true - mountPath: /opt/id_rsa + globalMounts: + - path: /opt/id_rsa subPath: TRUENAS_SSH_KEY + readOnly: true + diff --git a/kubernetes/apps/default/truenas/app/minio-rclone/helmrelease.yaml b/kubernetes/apps/default/truenas/app/minio-rclone/helmrelease.yaml index 642fba408..a42bf5778 100644 --- a/kubernetes/apps/default/truenas/app/minio-rclone/helmrelease.yaml +++ b/kubernetes/apps/default/truenas/app/minio-rclone/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: app-template - version: 1.5.1 + version: 2.0.3 sourceRef: kind: HelmRepository name: bjw-s @@ -27,16 +27,21 @@ spec: uninstall: keepHistory: false values: - controller: - type: cronjob - cronjob: - concurrencyPolicy: Forbid - schedule: "15 0 * * *" - restartPolicy: OnFailure - image: - repository: ghcr.io/auricom/rclone - tag: 1.62.2@sha256:8d3ae01ed5295974be1b229f7398ce93a03c77a3fdaf301ea35bf929bb19389a - command: ["/bin/bash", "/app/minio-rclone.sh"] + controllers: + main: + type: cronjob + cronjob: + concurrencyPolicy: Forbid + schedule: "@daily" + containers: + main: + image: + repository: ghcr.io/auricom/rclone + tag: 1.62.2@sha256:8d3ae01ed5295974be1b229f7398ce93a03c77a3fdaf301ea35bf929bb19389a + command: ["/bin/bash", "/app/minio-rclone.sh"] + service: + main: + enabled: false service: main: enabled: false @@ -45,14 +50,16 @@ spec: enabled: true type: configMap name: truenas-minio-rclone-configmap - subPath: minio-rclone.sh - mountPath: /app/minio-rclone.sh defaultMode: 0775 - readOnly: true + globalMounts: + - path: /app/minio-rclone.sh + subPath: minio-rclone.sh + readOnly: true age: enabled: true type: secret name: truenas-secret - subPath: SOPS_AGE_KEY - mountPath: /app/age_key - readOnly: true + globalMounts: + - path: /app/age_key + subPath: SOPS_AGE_KEY + readOnly: true