From 74f73a477b5d633972c8a4b5359c20ec1b53bf6a Mon Sep 17 00:00:00 2001 From: auricom <27022259+auricom@users.noreply.github.com> Date: Sun, 4 Aug 2024 13:47:04 +0200 Subject: [PATCH] feat: refactor cronjobs --- ansible/.envrc | 8 +- ansible/devbox.json | 4 + ansible/devbox.lock | 117 ++++++++++++++++++ ansible/roles/coreelec/tasks/backup.yml | 13 -- ansible/roles/coreelec/tasks/main.yml | 4 - .../roles/coreelec/templates/backup.bash.j2 | 37 ------ ansible/shell.nix | 8 -- kubernetes/apps/default/homelab/ks.yaml | 78 ------------ .../homelab/minio/backup/helmrelease.yaml | 62 ---------- .../homelab/minio/backup/kustomization.yaml | 15 --- .../homelab/minio/backup/minio-rclone.sh | 17 --- .../default/homelab/minio/backup/rclone.conf | 22 ---- .../default/homelab/minio/externalsecret.yaml | 27 ---- .../default/homelab/minio/kustomization.yaml | 8 -- .../homelab/opnsense/backup/helmrelease.yaml | 62 ---------- .../opnsense/backup/kustomization.yaml | 15 --- .../opnsense/backup/opnsense-backup.sh | 31 ----- .../homelab/opnsense/externalsecret.yaml | 17 --- .../homelab/opnsense/kustomization.yaml | 18 --- .../homelab/storage/kustomization.yaml | 7 -- .../storage/photo-sort/helmrelease.yaml | 73 ----------- .../storage/photo-sort/kustomization.yaml | 15 --- .../storage/photo-sort/scripts/sort.sh | 96 -------------- kubernetes/apps/default/kustomization.yaml | 1 - .../apps/default/mailrise/app/mailrise.yaml | 5 - 25 files changed, 128 insertions(+), 632 deletions(-) create mode 100644 ansible/devbox.json create mode 100644 ansible/devbox.lock delete mode 100644 ansible/roles/coreelec/tasks/backup.yml delete mode 100644 ansible/roles/coreelec/templates/backup.bash.j2 delete mode 100644 ansible/shell.nix delete mode 100644 kubernetes/apps/default/homelab/ks.yaml delete mode 100644 kubernetes/apps/default/homelab/minio/backup/helmrelease.yaml delete mode 100644 kubernetes/apps/default/homelab/minio/backup/kustomization.yaml delete mode 100755 kubernetes/apps/default/homelab/minio/backup/minio-rclone.sh delete mode 100644 kubernetes/apps/default/homelab/minio/backup/rclone.conf delete mode 100644 kubernetes/apps/default/homelab/minio/externalsecret.yaml delete mode 100644 kubernetes/apps/default/homelab/minio/kustomization.yaml delete mode 100644 kubernetes/apps/default/homelab/opnsense/backup/helmrelease.yaml delete mode 100644 kubernetes/apps/default/homelab/opnsense/backup/kustomization.yaml delete mode 100755 kubernetes/apps/default/homelab/opnsense/backup/opnsense-backup.sh delete mode 100644 kubernetes/apps/default/homelab/opnsense/externalsecret.yaml delete mode 100644 kubernetes/apps/default/homelab/opnsense/kustomization.yaml delete mode 100644 kubernetes/apps/default/homelab/storage/kustomization.yaml delete mode 100644 kubernetes/apps/default/homelab/storage/photo-sort/helmrelease.yaml delete mode 100644 kubernetes/apps/default/homelab/storage/photo-sort/kustomization.yaml delete mode 100755 kubernetes/apps/default/homelab/storage/photo-sort/scripts/sort.sh diff --git a/ansible/.envrc b/ansible/.envrc index 1d953f4bd..84fc8e536 100644 --- a/ansible/.envrc +++ b/ansible/.envrc @@ -1 +1,7 @@ -use nix +# Automatically sets up your devbox environment whenever you cd into this +# directory via our direnv integration: + +eval "$(devbox generate direnv --print-envrc)" + +# check out https://www.jetpack.io/devbox/docs/ide_configuration/direnv/ +# for more details diff --git a/ansible/devbox.json b/ansible/devbox.json new file mode 100644 index 000000000..72f2af489 --- /dev/null +++ b/ansible/devbox.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://raw.githubusercontent.com/jetify-com/devbox/0.12.0/.schema/devbox.schema.json", + "packages": ["ansible@latest", "sshpass@latest"] +} diff --git a/ansible/devbox.lock b/ansible/devbox.lock new file mode 100644 index 000000000..8ea289d13 --- /dev/null +++ b/ansible/devbox.lock @@ -0,0 +1,117 @@ +{ + "lockfile_version": "1", + "packages": { + "ansible@latest": { + "last_modified": "2024-07-07T07:43:47Z", + "resolved": "github:NixOS/nixpkgs/b60793b86201040d9dee019a05089a9150d08b5b#ansible", + "source": "devbox-search", + "version": "2.16.5", + "systems": { + "aarch64-darwin": { + "outputs": [ + { + "name": "out", + "path": "/nix/store/iib6zk86p80bnhp0yshswrlb4n7jwa27-python3.12-ansible-core-2.16.5", + "default": true + }, + { + "name": "dist", + "path": "/nix/store/9parf4f1ysgrxnv627b42q4i3g43y6xn-python3.12-ansible-core-2.16.5-dist" + } + ], + "store_path": "/nix/store/iib6zk86p80bnhp0yshswrlb4n7jwa27-python3.12-ansible-core-2.16.5" + }, + "aarch64-linux": { + "outputs": [ + { + "name": "out", + "path": "/nix/store/karakqxirk7fzqcqrk76q908gxrhqbdj-python3.12-ansible-core-2.16.5", + "default": true + }, + { + "name": "dist", + "path": "/nix/store/2yja52manchr4pl09xpz5xc7f0717n8g-python3.12-ansible-core-2.16.5-dist" + } + ], + "store_path": "/nix/store/karakqxirk7fzqcqrk76q908gxrhqbdj-python3.12-ansible-core-2.16.5" + }, + "x86_64-darwin": { + "outputs": [ + { + "name": "out", + "path": "/nix/store/rda1qbxlmz6djni83pndqw9gxbbr85cg-python3.12-ansible-core-2.16.5", + "default": true + }, + { + "name": "dist", + "path": "/nix/store/mc7l7avn2za2rl6hv69jzs31ybi4m7dc-python3.12-ansible-core-2.16.5-dist" + } + ], + "store_path": "/nix/store/rda1qbxlmz6djni83pndqw9gxbbr85cg-python3.12-ansible-core-2.16.5" + }, + "x86_64-linux": { + "outputs": [ + { + "name": "out", + "path": "/nix/store/whq5kfbhx2ci4hrm6bl8z98fpi33mvkd-python3.12-ansible-core-2.16.5", + "default": true + }, + { + "name": "dist", + "path": "/nix/store/ih4c11ss3d96ljawj0ywyfyia70g8v2j-python3.12-ansible-core-2.16.5-dist" + } + ], + "store_path": "/nix/store/whq5kfbhx2ci4hrm6bl8z98fpi33mvkd-python3.12-ansible-core-2.16.5" + } + } + }, + "sshpass@latest": { + "last_modified": "2024-07-07T07:43:47Z", + "resolved": "github:NixOS/nixpkgs/b60793b86201040d9dee019a05089a9150d08b5b#sshpass", + "source": "devbox-search", + "version": "1.10", + "systems": { + "aarch64-darwin": { + "outputs": [ + { + "name": "out", + "path": "/nix/store/48y6jzhm0w7y0hpb7447765w83jlhmgn-sshpass-1.10", + "default": true + } + ], + "store_path": "/nix/store/48y6jzhm0w7y0hpb7447765w83jlhmgn-sshpass-1.10" + }, + "aarch64-linux": { + "outputs": [ + { + "name": "out", + "path": "/nix/store/cw68ibl6qw9d9f7m7p4al3fp4759xnkx-sshpass-1.10", + "default": true + } + ], + "store_path": "/nix/store/cw68ibl6qw9d9f7m7p4al3fp4759xnkx-sshpass-1.10" + }, + "x86_64-darwin": { + "outputs": [ + { + "name": "out", + "path": "/nix/store/x93zzyzkpzmr6n3iniyvihlglibln1rf-sshpass-1.10", + "default": true + } + ], + "store_path": "/nix/store/x93zzyzkpzmr6n3iniyvihlglibln1rf-sshpass-1.10" + }, + "x86_64-linux": { + "outputs": [ + { + "name": "out", + "path": "/nix/store/6x512hbxjip723wvfsdf24h6ql3hyh99-sshpass-1.10", + "default": true + } + ], + "store_path": "/nix/store/6x512hbxjip723wvfsdf24h6ql3hyh99-sshpass-1.10" + } + } + } + } +} diff --git a/ansible/roles/coreelec/tasks/backup.yml b/ansible/roles/coreelec/tasks/backup.yml deleted file mode 100644 index e363ccb2c..000000000 --- a/ansible/roles/coreelec/tasks/backup.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: backup | copy script - ansible.builtin.template: - src: backup.bash.j2 - dest: /storage/backup.bash - mode: "0755" - -- name: backup | crontab - ansible.builtin.cron: - name: daily backup - minute: "14" - hour: "4" - job: /storage/backup.bash diff --git a/ansible/roles/coreelec/tasks/main.yml b/ansible/roles/coreelec/tasks/main.yml index 445ef9052..f6386d09f 100644 --- a/ansible/roles/coreelec/tasks/main.yml +++ b/ansible/roles/coreelec/tasks/main.yml @@ -1,8 +1,4 @@ --- -- ansible.builtin.include_tasks: backup.yml - tags: - - backup - - ansible.builtin.include_tasks: nfs.yml tags: - nfs diff --git a/ansible/roles/coreelec/templates/backup.bash.j2 b/ansible/roles/coreelec/templates/backup.bash.j2 deleted file mode 100644 index ae290e03a..000000000 --- a/ansible/roles/coreelec/templates/backup.bash.j2 +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash - -# Variables -DATE=$(date +%Y%m%d%H%M) -BACKUP_SRC="/storage/backup" -BACKUP_DEST="homelab@storage.{{ internal_domain }}:/vol1/backups/servers/coreelec.{{ internal_domain }}/" - -error_handler() { - local error_line=$1 - local error_message=$2 - script_name=$(basename "$0") - local script_name - - echo "Error occurred in script '${script_name}' at line: ${error_line}" - echo "Error message: ${error_message}" - - curl -s \ - --form-string "token={{ pushover_api_token }}" \ - --form-string "user={{ pushover_user_key }}" \ - --form-string "message=coreelec.{{ internal_domain }} -script: ${script_name} -error_line: ${error_line} -error_message: ${error_message}" \ - https://api.pushover.net/1/messages.json - exit 1 -} - -trap 'error_handler $LINENO "$BASH_COMMAND"' ERR - -tar cvf "${BACKUP_SRC}/${DATE}.tar" \ - storage/.kodi storage/.config storage/.cache storage/.ssh \ - --exclude=storage/.kodi/userdata/Thumbnails - -# Keep the last 5 backups on disk -find "${BACKUP_SRC}/*.tar" -mtime +5 -type f -delete - -rsync -avh "${BACKUP_SRC}/" "${BACKUP_DEST}" --delete diff --git a/ansible/shell.nix b/ansible/shell.nix deleted file mode 100644 index f936cb8d7..000000000 --- a/ansible/shell.nix +++ /dev/null @@ -1,8 +0,0 @@ -{pkgs ? import {}}: -with pkgs; - mkShell { - buildInputs = [ - ansible - sshpass - ]; - } diff --git a/kubernetes/apps/default/homelab/ks.yaml b/kubernetes/apps/default/homelab/ks.yaml deleted file mode 100644 index 3eadde505..000000000 --- a/kubernetes/apps/default/homelab/ks.yaml +++ /dev/null @@ -1,78 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app homelab-minio - namespace: flux-system -spec: - targetNamespace: default - commonMetadata: - labels: - app.kubernetes.io/name: *app - path: ./kubernetes/apps/default/homelab/minio - prune: true - sourceRef: - kind: GitRepository - name: home-ops-kubernetes - dependsOn: - - name: external-secrets-stores - wait: false - interval: 30m - retryInterval: 1m - timeout: 5m - postBuild: - substitute: - APP: *app ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app homelab-opnsense - namespace: flux-system -spec: - targetNamespace: default - commonMetadata: - labels: - app.kubernetes.io/name: *app - path: ./kubernetes/apps/default/homelab/opnsense - prune: true - sourceRef: - kind: GitRepository - name: home-ops-kubernetes - dependsOn: - - name: external-secrets-stores - wait: false - interval: 30m - retryInterval: 1m - timeout: 5m - postBuild: - substitute: - APP: *app ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app homelab-storage - namespace: flux-system -spec: - targetNamespace: default - commonMetadata: - labels: - app.kubernetes.io/name: *app - path: ./kubernetes/apps/default/homelab/storage - prune: true - sourceRef: - kind: GitRepository - name: home-ops-kubernetes - dependsOn: - - name: external-secrets-stores - wait: false - interval: 30m - retryInterval: 1m - timeout: 5m - postBuild: - substitute: - APP: *app diff --git a/kubernetes/apps/default/homelab/minio/backup/helmrelease.yaml b/kubernetes/apps/default/homelab/minio/backup/helmrelease.yaml deleted file mode 100644 index 911b61a3a..000000000 --- a/kubernetes/apps/default/homelab/minio/backup/helmrelease.yaml +++ /dev/null @@ -1,62 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: &app homelab-minio-backup - namespace: default -spec: - interval: 30m - chart: - spec: - chart: app-template - version: 3.3.2 - sourceRef: - kind: HelmRepository - name: bjw-s - namespace: flux-system - maxHistory: 2 - install: - createNamespace: true - remediation: - retries: 3 - upgrade: - cleanupOnFail: true - remediation: - strategy: rollback - retries: 3 - uninstall: - keepHistory: false - values: - controllers: - homelab-minio-backup: - type: cronjob - cronjob: - concurrencyPolicy: Forbid - schedule: "@daily" - containers: - app: - image: - repository: ghcr.io/auricom/rclone - tag: 1.62.2@sha256:8d3ae01ed5295974be1b229f7398ce93a03c77a3fdaf301ea35bf929bb19389a - command: [/bin/bash, /app/minio-rclone.sh] - envFrom: - - secretRef: - name: homelab-minio-secret - service: - app: - controller: *app - enabled: false - persistence: - config: - enabled: true - type: configMap - name: homelab-minio-configmap - defaultMode: 0775 - globalMounts: - - path: /app/minio-rclone.sh - subPath: minio-rclone.sh - readOnly: true - - path: /config/rclone.conf - subPath: rclone.conf - readOnly: true diff --git a/kubernetes/apps/default/homelab/minio/backup/kustomization.yaml b/kubernetes/apps/default/homelab/minio/backup/kustomization.yaml deleted file mode 100644 index 1cc6f222d..000000000 --- a/kubernetes/apps/default/homelab/minio/backup/kustomization.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: default -resources: - - ./helmrelease.yaml -configMapGenerator: - - name: homelab-minio-configmap - files: - - ./minio-rclone.sh - - ./rclone.conf -generatorOptions: - disableNameSuffixHash: true - diff --git a/kubernetes/apps/default/homelab/minio/backup/minio-rclone.sh b/kubernetes/apps/default/homelab/minio/backup/minio-rclone.sh deleted file mode 100755 index 85fdd6e27..000000000 --- a/kubernetes/apps/default/homelab/minio/backup/minio-rclone.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/env bash - -set -o nounset -set -o errexit - -# Replace the placeholders in the file with the environment variables values -cp /config/rclone.conf /tmp/rclone.conf -sed -i "s@__RCLONE_ACCESS_ID__@$RCLONE_ACCESS_ID@g" "/tmp/rclone.conf" -sed -i "s@__RCLONE_SECRET_KEY__@$RCLONE_SECRET_KEY@g" "/tmp/rclone.conf" -sed -i "s@__PASSWORD__@$GDRIVE_PASSWORD@g" "/tmp/rclone.conf" -sed -i "s@__PASSWORD2__@$GDRIVE_PASSWORD2@g" "/tmp/rclone.conf" -sed -i "s@__GDRIVE_CLIENT_ID__@$GDRIVE_CLIENT_ID@g" "/tmp/rclone.conf" -sed -i "s@__GDRIVE_CLIENT_SECRET__@$GDRIVE_CLIENT_SECRET@g" "/tmp/rclone.conf" -sed -i "s@__GDRIVE_TOKEN__@$GDRIVE_TOKEN@g" "/tmp/rclone.conf" - -echo "Sync minio buckets with encrypted remote gdrive-homelab-backups ..." -rclone --config /tmp/rclone.conf sync minio: gdrive-homelab-backups: diff --git a/kubernetes/apps/default/homelab/minio/backup/rclone.conf b/kubernetes/apps/default/homelab/minio/backup/rclone.conf deleted file mode 100644 index 201dca5e2..000000000 --- a/kubernetes/apps/default/homelab/minio/backup/rclone.conf +++ /dev/null @@ -1,22 +0,0 @@ -[minio] -type = s3 -provider = Minio -access_key_id = __RCLONE_ACCESS_ID__ -secret_access_key = __RCLONE_SECRET_KEY__ -endpoint = https://s3.${SECRET_INTERNAL_DOMAIN} -acl = private - -[gdrive-homelab-backups] -type = crypt -remote = gdrive:homelab-backups -directory_name_encryption = false -password = __PASSWORD__ -password2 = __PASSWORD2__ - -[gdrive] -type = drive -client_id = __GDRIVE_CLIENT_ID__ -client_secret = __GDRIVE_CLIENT_SECRET__ -scope = drive.file -token = __GDRIVE_TOKEN__ -team_drive = diff --git a/kubernetes/apps/default/homelab/minio/externalsecret.yaml b/kubernetes/apps/default/homelab/minio/externalsecret.yaml deleted file mode 100644 index 14c9ad5ef..000000000 --- a/kubernetes/apps/default/homelab/minio/externalsecret.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: homelab-minio - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: homelab-minio-secret - template: - data: - # App - GDRIVE_CLIENT_ID: "{{ .GDRIVE_CLIENT_ID }}" - GDRIVE_CLIENT_SECRET: "{{ .GDRIVE_CLIENT_SECRET }}" - GDRIVE_TOKEN: "{{ .GDRIVE_TOKEN }}" - GDRIVE_PASSWORD: "{{ .GDRIVE_PASSWORD }}" - GDRIVE_PASSWORD2: "{{ .GDRIVE_PASSWORD2 }}" - RCLONE_ACCESS_ID: "{{ .RCLONE_ACCESS_ID }}" - RCLONE_SECRET_KEY: "{{ .RCLONE_SECRET_KEY }}" - - dataFrom: - - extract: - key: homelab-minio diff --git a/kubernetes/apps/default/homelab/minio/kustomization.yaml b/kubernetes/apps/default/homelab/minio/kustomization.yaml deleted file mode 100644 index 96d93b3f1..000000000 --- a/kubernetes/apps/default/homelab/minio/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: default -resources: - - ./backup - - ./externalsecret.yaml diff --git a/kubernetes/apps/default/homelab/opnsense/backup/helmrelease.yaml b/kubernetes/apps/default/homelab/opnsense/backup/helmrelease.yaml deleted file mode 100644 index 9fe36196d..000000000 --- a/kubernetes/apps/default/homelab/opnsense/backup/helmrelease.yaml +++ /dev/null @@ -1,62 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: &app homelab-opnsense-backup - namespace: default -spec: - interval: 30m - chart: - spec: - chart: app-template - version: 3.3.2 - sourceRef: - kind: HelmRepository - name: bjw-s - namespace: flux-system - maxHistory: 2 - install: - createNamespace: true - remediation: - retries: 3 - upgrade: - cleanupOnFail: true - remediation: - strategy: rollback - retries: 3 - uninstall: - keepHistory: false - values: - controllers: - homelab-opnsense-backup: - type: cronjob - cronjob: - concurrencyPolicy: Forbid - schedule: "@daily" - containers: - app: - image: - repository: ghcr.io/auricom/kubectl - tag: 1.29.2@sha256:693ced2697bb7c7349419d4035a62bd474fc41710675b344f71773d8a687dfc3 - command: [/bin/bash, /app/opnsense-backup.sh] - env: - OPNSENSE_URL: "https://opnsense.${SECRET_INTERNAL_DOMAIN}" - S3_URL: "https://s3.${SECRET_INTERNAL_DOMAIN}" - envFrom: - - secretRef: - name: homelab-opnsense-secret - service: - app: - controller: *app - enabled: false - persistence: - config: - enabled: true - type: configMap - name: homelab-opnsense-backup-configmap - defaultMode: 0775 - globalMounts: - - path: /app/opnsense-backup.sh - subPath: opnsense-backup.sh - readOnly: true diff --git a/kubernetes/apps/default/homelab/opnsense/backup/kustomization.yaml b/kubernetes/apps/default/homelab/opnsense/backup/kustomization.yaml deleted file mode 100644 index f2a9021f6..000000000 --- a/kubernetes/apps/default/homelab/opnsense/backup/kustomization.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: default -resources: - - ./helmrelease.yaml -configMapGenerator: - - name: homelab-opnsense-backup-configmap - files: - - ./opnsense-backup.sh -generatorOptions: - disableNameSuffixHash: true - annotations: - kustomize.toolkit.fluxcd.io/substitute: disabled diff --git a/kubernetes/apps/default/homelab/opnsense/backup/opnsense-backup.sh b/kubernetes/apps/default/homelab/opnsense/backup/opnsense-backup.sh deleted file mode 100755 index 42164a27a..000000000 --- a/kubernetes/apps/default/homelab/opnsense/backup/opnsense-backup.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/env bash - -set -o nounset -set -o errexit - -config_filename="$(date "+%Y%m%d-%H%M%S").xml" - -http_host=${S3_URL#*//} -http_host=${http_host%:*} -http_request_date=$(date -R) -http_filepath="opnsense/${config_filename}" -http_signature=$( - printf "PUT\n\ntext/xml\n%s\n/%s" "${http_request_date}" "${http_filepath}" \ - | openssl sha1 -hmac "${AWS_SECRET_ACCESS_KEY}" -binary \ - | base64 -) - -echo "Download Opnsense config file ..." -curl -fsSL \ - --user "${OPNSENSE_KEY}:${OPNSENSE_SECRET}" \ - --output "/tmp/${config_filename}" \ - "${OPNSENSE_URL}/api/core/backup/download/this" - -echo "Upload backup to s3 bucket ..." -curl -fsSL \ - -X PUT -T "/tmp/${config_filename}" \ - -H "Host: ${http_host}" \ - -H "Date: ${http_request_date}" \ - -H "Content-Type: text/xml" \ - -H "Authorization: AWS ${AWS_ACCESS_KEY_ID}:${http_signature}" \ - "${S3_URL}/${http_filepath}" diff --git a/kubernetes/apps/default/homelab/opnsense/externalsecret.yaml b/kubernetes/apps/default/homelab/opnsense/externalsecret.yaml deleted file mode 100644 index 235398155..000000000 --- a/kubernetes/apps/default/homelab/opnsense/externalsecret.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: homelab-opnsense - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: homelab-opnsense-secret - dataFrom: - - extract: - # OPNSENSE_KEY, OPNSENSE_SECRET, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY - key: homelab-opnsense diff --git a/kubernetes/apps/default/homelab/opnsense/kustomization.yaml b/kubernetes/apps/default/homelab/opnsense/kustomization.yaml deleted file mode 100644 index f1ded82cb..000000000 --- a/kubernetes/apps/default/homelab/opnsense/kustomization.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: default -resources: - - ./backup - - ./externalsecret.yaml -configMapGenerator: - - name: opnsense-dashboard - files: - - opnsense-dashboard.json=./dashboard.json -generatorOptions: - disableNameSuffixHash: true - annotations: - kustomize.toolkit.fluxcd.io/substitute: disabled - labels: - grafana_dashboard: "true" diff --git a/kubernetes/apps/default/homelab/storage/kustomization.yaml b/kubernetes/apps/default/homelab/storage/kustomization.yaml deleted file mode 100644 index 034a33f03..000000000 --- a/kubernetes/apps/default/homelab/storage/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: default -resources: - - ./photo-sort diff --git a/kubernetes/apps/default/homelab/storage/photo-sort/helmrelease.yaml b/kubernetes/apps/default/homelab/storage/photo-sort/helmrelease.yaml deleted file mode 100644 index 8296dafec..000000000 --- a/kubernetes/apps/default/homelab/storage/photo-sort/helmrelease.yaml +++ /dev/null @@ -1,73 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: &app homelab-storage-photo-sort - namespace: default -spec: - interval: 30m - chart: - spec: - chart: app-template - version: 3.3.2 - sourceRef: - kind: HelmRepository - name: bjw-s - namespace: flux-system - maxHistory: 2 - install: - createNamespace: true - remediation: - retries: 3 - upgrade: - cleanupOnFail: true - remediation: - strategy: rollback - retries: 3 - uninstall: - keepHistory: false - values: - controllers: - homelab-storage-photo-sort: - type: cronjob - cronjob: - concurrencyPolicy: Forbid - schedule: 23 */3 * * * - containers: - app: - image: - repository: ghcr.io/auricom/kubectl - tag: 1.29.2@sha256:41af2d2a69bfff5c4f4dc7aafb654c46d2c44e1fca89a44b463b75c53f02f7aa - command: - - /bin/bash - - -c - - | - #!/bin/bash - - set -o errexit - set -o nounset - - /app/sort.sh - env: - SORT_SOURCE_DIR: /var/mnt/vol1/photo/mobile - SORT_DEST_DIR: /var/mnt/vol1/photo - service: - app: - controller: *app - enabled: false - persistence: - scripts: - type: configMap - name: homelab-storage-photo-sort-configmap - defaultMode: 0775 - globalMounts: - - path: /app/sort.sh - subPath: sort.sh - readOnly: true - photo: - type: nfs - path: /var/mnt/vol1/photo - server: 192.168.9.10 - globalMounts: - - path: /var/mnt/vol1/photo diff --git a/kubernetes/apps/default/homelab/storage/photo-sort/kustomization.yaml b/kubernetes/apps/default/homelab/storage/photo-sort/kustomization.yaml deleted file mode 100644 index 69815076c..000000000 --- a/kubernetes/apps/default/homelab/storage/photo-sort/kustomization.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: default -resources: - - ./helmrelease.yaml -configMapGenerator: - - name: homelab-storage-photo-sort-configmap - files: - - ./scripts/sort.sh -generatorOptions: - disableNameSuffixHash: true - annotations: - kustomize.toolkit.fluxcd.io/substitute: disabled diff --git a/kubernetes/apps/default/homelab/storage/photo-sort/scripts/sort.sh b/kubernetes/apps/default/homelab/storage/photo-sort/scripts/sort.sh deleted file mode 100755 index f76c4df36..000000000 --- a/kubernetes/apps/default/homelab/storage/photo-sort/scripts/sort.sh +++ /dev/null @@ -1,96 +0,0 @@ -#!/bin/bash - -# set -x - -# Check if necessary environment variables are set -if [ -z "$SORT_SOURCE_DIR" ] || [ -z "$SORT_DEST_DIR" ]; then - echo "SORT_SOURCE_DIR and SORT_DEST_DIR environment variables must be set." - exit 1 -fi - -grep -q ID_LIKE=debian /etc/os-release - -# Function to log messages to stdout -log_message() { - echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" -} - -# Function to cleanup orphaned symlinks -cleanup_orphans() { - log_message "Cleaning up orphaned symlinks." - - # Use fd to find all broken symlinks in SORT_DEST_DIR - fd --follow --type symlink '' "$SORT_DEST_DIR" | while IFS= read -r symlink; do - # Check if the symlink is broken - if [ ! -e "$symlink" ]; then - echo "Removing broken symlink newer than 6 months: $symlink" - rm "$symlink" # Remove the broken symlink - log_message "Removed symlink $symlink." - fi - done -} - -# Function to process files -process_file() { - local file="$1" - - # Check if "DCIM" is in the file's full path - if [[ "$file" == *"/Camera/"* ]]; then - log_message "Processing file: $file" - - # Extract the EXIF creation date using exiftool - local exif_date=$(exiftool -d "%Y-%m-%d" -CreateDate -S -s "$file") - - if [ -z "$exif_date" ]; then - log_message "EXIF data not found for $file" - return # Skip files without EXIF data - fi - - # Parse the year, month, and day from the EXIF date - local year=$(echo "$exif_date" | cut -d "-" -f 1) - local month=$(echo "$exif_date" | cut -d "-" -f 2) - local day=$(echo "$exif_date" | cut -d "-" -f 3) - - # Construct the destination directory path based on the EXIF date - local dest_path="$SORT_DEST_DIR/$year/${year}-${month}/${year}-${month}-${day}" - - # Create the destination directory if it doesn't exist - mkdir -p "$dest_path" - - # Extract the device name (subfolder name in SORT_SOURCE_DIR) - local device_name=$(basename "$(dirname "$(dirname "$file")")") - - # Calculate the relative path from the destination directory back to the original file - local relative_path=$(realpath --relative-to="$dest_path" "$file") - - # Create a symlink for the file in the destination directory, prefixed with the device name - local symlink_name="${device_name}_$(basename "$file")" - local symlink_path="$dest_path/$symlink_name" - - # Check if the symlink already exists to avoid creating duplicates - if [ ! -L "$symlink_path" ]; then # -L tests if the file is a symlink - ln -s "$relative_path" "$symlink_path" - log_message "Processed and linked: $file -> $symlink_path" - else - log_message "Skipping symlink creation; already exists: $symlink_path" - fi - else - log_message "Skipping file (not in Camera directory): $file" - fi -} - - -export -f process_file log_message -export SORT_SOURCE_DIR SORT_DEST_DIR - -# Start processing -log_message "Starting to process files." - -cd $SORT_SOURCE_DIR - -# Use fd to find image files and process them -fd --type file --changed-within 15days --exec bash -c 'process_file "$@"' bash {} - -cleanup_orphans - -log_message "Processing complete." diff --git a/kubernetes/apps/default/kustomization.yaml b/kubernetes/apps/default/kustomization.yaml index c91bc3c37..e85c8e75f 100644 --- a/kubernetes/apps/default/kustomization.yaml +++ b/kubernetes/apps/default/kustomization.yaml @@ -20,7 +20,6 @@ resources: - ./hajimari/ks.yaml - ./home-assistant/ks.yaml - ./homebox/ks.yaml - - ./homelab/ks.yaml - ./homepage/ks.yaml - ./invidious/ks.yaml - ./jellyfin/ks.yaml diff --git a/kubernetes/apps/default/mailrise/app/mailrise.yaml b/kubernetes/apps/default/mailrise/app/mailrise.yaml index aa500bad7..0955e4aaf 100644 --- a/kubernetes/apps/default/mailrise/app/mailrise.yaml +++ b/kubernetes/apps/default/mailrise/app/mailrise.yaml @@ -1,10 +1,5 @@ --- configs: - truenas@mailrise.home.arpa: - mailrise: - title_template: "TRUENAS" - urls: - - !env_var PUSHOVER_TRUENAS kresus@mailrise.home.arpa: mailrise: title_template: "KRESUS"