diff --git a/kubernetes/apps/default/kustomization.yaml b/kubernetes/apps/default/kustomization.yaml index 5074ea0c2..fd623cc20 100644 --- a/kubernetes/apps/default/kustomization.yaml +++ b/kubernetes/apps/default/kustomization.yaml @@ -34,6 +34,7 @@ resources: - ./lms/ks.yaml - ./lychee/ks.yaml - ./mailrise/ks.yaml + - ./maybe/ks.yaml - ./music-transcode/ks.yaml - ./navidrome/ks.yaml - ./outline/ks.yaml diff --git a/kubernetes/apps/default/maybe/app/externalsecret.yaml b/kubernetes/apps/default/maybe/app/externalsecret.yaml new file mode 100644 index 000000000..3eae93e00 --- /dev/null +++ b/kubernetes/apps/default/maybe/app/externalsecret.yaml @@ -0,0 +1,33 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: maybe + namespace: default +spec: + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-connect + target: + name: maybe-secret + template: + engineVersion: v2 + data: + # App + SECRET_KEY_BASE: "{{ .MAYBE__SECRET_KEY_BASE }}" + DB_HOST: &dbHost postgres16-rw.database.svc.cluster.local + POSTGRES_DB: &dbName maybe + POSTGRES_USER: &dbUser "{{ .MAYBE__POSTGRES_USER }}" + POSTGRES_PASSWORD: &dbPass "{{ .MAYBE__POSTGRES_PASS }}" + # Postgres Init + INIT_POSTGRES_DBNAME: *dbName + INIT_POSTGRES_HOST: *dbHost + INIT_POSTGRES_USER: *dbUser + INIT_POSTGRES_PASS: *dbPass + INIT_POSTGRES_SUPER_PASS: "{{ .POSTGRES_SUPER_PASS }}" + dataFrom: + - extract: + key: maybe + - extract: + key: cloudnative-pg diff --git a/kubernetes/apps/default/maybe/app/helmrelease.yaml b/kubernetes/apps/default/maybe/app/helmrelease.yaml new file mode 100644 index 000000000..964afa2e9 --- /dev/null +++ b/kubernetes/apps/default/maybe/app/helmrelease.yaml @@ -0,0 +1,96 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app maybe + namespace: default +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 3.3.2 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + maxHistory: 2 + install: + createNamespace: true + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + uninstall: + keepHistory: false + dependsOn: + - name: rook-ceph-cluster + namespace: rook-ceph + - name: volsync + namespace: volsync + values: + controllers: + maybe: + annotations: + reloader.stakater.com/auto: "true" + initContainers: + init-db: + image: + repository: ghcr.io/onedr0p/postgres-init + tag: 16 + envFrom: &envFrom + - secretRef: + name: maybe-secret + containers: + app: + image: + repository: ghcr.io/maybe-finance/maybe + tag: 0.1.0-alpha.16@sha256:d8db0b5c277140f19bc4fc5208295e0db0d9ba3f951dd02c8aad5addf8f0ef5b + env: + SELF_HOSTING_ENABLED: "true" + RAILS_FORCE_SSL: "false" + RAILS_ASSUME_SSL: "false" + GOOD_JOB_EXECUTION_MODE: async + envFrom: *envFrom + resources: + requests: + cpu: 23m + memory: 204M + limits: + memory: 1Gi + service: + app: + controller: *app + ports: + http: + port: 3000 + ingress: + app: + enabled: true + className: nginx + annotations: + hajimari.io/icon: mdi:cash-multiple + gethomepage.dev/enabled: "true" + gethomepage.dev/group: Media + gethomepage.dev/name: maybe + gethomepage.dev/icon: maybe.png + hosts: + - host: &host "{{ .Release.Name }}.${SECRET_EXTERNAL_DOMAIN}" + paths: + - path: / + service: + identifier: app + port: http + tls: + - hosts: + - *host + persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /rails/storage diff --git a/kubernetes/apps/default/maybe/app/kustomization.yaml b/kubernetes/apps/default/maybe/app/kustomization.yaml new file mode 100644 index 000000000..48e972b27 --- /dev/null +++ b/kubernetes/apps/default/maybe/app/kustomization.yaml @@ -0,0 +1,10 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: default +resources: + - ./externalsecret.yaml + - ./helmrelease.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/maybe/ks.yaml b/kubernetes/apps/default/maybe/ks.yaml new file mode 100644 index 000000000..e877f0c1a --- /dev/null +++ b/kubernetes/apps/default/maybe/ks.yaml @@ -0,0 +1,28 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app maybe + namespace: flux-system +spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: external-secrets-stores + - name: volsync + path: ./kubernetes/apps/default/maybe/app + prune: true + sourceRef: + kind: GitRepository + name: home-ops-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi