feat: refactor cronjobs

ansible/.envrc

@@ -1 +1,7 @@
-use nix
+# Automatically sets up your devbox environment whenever you cd into this
+# directory via our direnv integration:
+
+eval "$(devbox generate direnv --print-envrc)"
+
+# check out https://www.jetpack.io/devbox/docs/ide_configuration/direnv/
+# for more details

ansible/devbox.json

@@ -0,0 +1,4 @@
+{
+  "$schema": "https://raw.githubusercontent.com/jetify-com/devbox/0.12.0/.schema/devbox.schema.json",
+  "packages": ["ansible@latest", "sshpass@latest"]
+}

ansible/devbox.lock

@@ -0,0 +1,117 @@
+{
+  "lockfile_version": "1",
+  "packages": {
+    "ansible@latest": {
+      "last_modified": "2024-07-07T07:43:47Z",
+      "resolved": "github:NixOS/nixpkgs/b60793b86201040d9dee019a05089a9150d08b5b#ansible",
+      "source": "devbox-search",
+      "version": "2.16.5",
+      "systems": {
+        "aarch64-darwin": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/iib6zk86p80bnhp0yshswrlb4n7jwa27-python3.12-ansible-core-2.16.5",
+              "default": true
+            },
+            {
+              "name": "dist",
+              "path": "/nix/store/9parf4f1ysgrxnv627b42q4i3g43y6xn-python3.12-ansible-core-2.16.5-dist"
+            }
+          ],
+          "store_path": "/nix/store/iib6zk86p80bnhp0yshswrlb4n7jwa27-python3.12-ansible-core-2.16.5"
+        },
+        "aarch64-linux": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/karakqxirk7fzqcqrk76q908gxrhqbdj-python3.12-ansible-core-2.16.5",
+              "default": true
+            },
+            {
+              "name": "dist",
+              "path": "/nix/store/2yja52manchr4pl09xpz5xc7f0717n8g-python3.12-ansible-core-2.16.5-dist"
+            }
+          ],
+          "store_path": "/nix/store/karakqxirk7fzqcqrk76q908gxrhqbdj-python3.12-ansible-core-2.16.5"
+        },
+        "x86_64-darwin": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/rda1qbxlmz6djni83pndqw9gxbbr85cg-python3.12-ansible-core-2.16.5",
+              "default": true
+            },
+            {
+              "name": "dist",
+              "path": "/nix/store/mc7l7avn2za2rl6hv69jzs31ybi4m7dc-python3.12-ansible-core-2.16.5-dist"
+            }
+          ],
+          "store_path": "/nix/store/rda1qbxlmz6djni83pndqw9gxbbr85cg-python3.12-ansible-core-2.16.5"
+        },
+        "x86_64-linux": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/whq5kfbhx2ci4hrm6bl8z98fpi33mvkd-python3.12-ansible-core-2.16.5",
+              "default": true
+            },
+            {
+              "name": "dist",
+              "path": "/nix/store/ih4c11ss3d96ljawj0ywyfyia70g8v2j-python3.12-ansible-core-2.16.5-dist"
+            }
+          ],
+          "store_path": "/nix/store/whq5kfbhx2ci4hrm6bl8z98fpi33mvkd-python3.12-ansible-core-2.16.5"
+        }
+      }
+    },
+    "sshpass@latest": {
+      "last_modified": "2024-07-07T07:43:47Z",
+      "resolved": "github:NixOS/nixpkgs/b60793b86201040d9dee019a05089a9150d08b5b#sshpass",
+      "source": "devbox-search",
+      "version": "1.10",
+      "systems": {
+        "aarch64-darwin": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/48y6jzhm0w7y0hpb7447765w83jlhmgn-sshpass-1.10",
+              "default": true
+            }
+          ],
+          "store_path": "/nix/store/48y6jzhm0w7y0hpb7447765w83jlhmgn-sshpass-1.10"
+        },
+        "aarch64-linux": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/cw68ibl6qw9d9f7m7p4al3fp4759xnkx-sshpass-1.10",
+              "default": true
+            }
+          ],
+          "store_path": "/nix/store/cw68ibl6qw9d9f7m7p4al3fp4759xnkx-sshpass-1.10"
+        },
+        "x86_64-darwin": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/x93zzyzkpzmr6n3iniyvihlglibln1rf-sshpass-1.10",
+              "default": true
+            }
+          ],
+          "store_path": "/nix/store/x93zzyzkpzmr6n3iniyvihlglibln1rf-sshpass-1.10"
+        },
+        "x86_64-linux": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/6x512hbxjip723wvfsdf24h6ql3hyh99-sshpass-1.10",
+              "default": true
+            }
+          ],
+          "store_path": "/nix/store/6x512hbxjip723wvfsdf24h6ql3hyh99-sshpass-1.10"
+        }
+      }
+    }
+  }
+}

ansible/roles/coreelec/tasks/backup.yml

@@ -1,13 +0,0 @@
----
-- name: backup | copy script
-  ansible.builtin.template:
-    src: backup.bash.j2
-    dest: /storage/backup.bash
-    mode: "0755"
-
-- name: backup | crontab
-  ansible.builtin.cron:
-    name: daily backup
-    minute: "14"
-    hour: "4"
-    job: /storage/backup.bash

ansible/roles/coreelec/tasks/main.yml

@@ -1,8 +1,4 @@
 ---
-- ansible.builtin.include_tasks: backup.yml
-  tags:
-    - backup
-
 - ansible.builtin.include_tasks: nfs.yml
   tags:
     - nfs

ansible/roles/coreelec/templates/backup.bash.j2

@@ -1,37 +0,0 @@
-#!/bin/bash
-
-# Variables
-DATE=$(date +%Y%m%d%H%M)
-BACKUP_SRC="/storage/backup"
-BACKUP_DEST="homelab@storage.{{ internal_domain }}:/vol1/backups/servers/coreelec.{{ internal_domain }}/"
-
-error_handler() {
-    local error_line=$1
-    local error_message=$2
-    script_name=$(basename "$0")
-    local script_name
-
-    echo "Error occurred in script '${script_name}' at line: ${error_line}"
-    echo "Error message: ${error_message}"
-
-    curl -s \
-        --form-string "token={{ pushover_api_token }}" \
-        --form-string "user={{ pushover_user_key }}" \
-        --form-string "message=coreelec.{{ internal_domain }}
-script: ${script_name}
-error_line: ${error_line}
-error_message: ${error_message}" \
-        https://api.pushover.net/1/messages.json
-        exit 1
-}
-
-trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
-
-tar cvf "${BACKUP_SRC}/${DATE}.tar" \
-    storage/.kodi storage/.config storage/.cache storage/.ssh \
-    --exclude=storage/.kodi/userdata/Thumbnails
-
-# Keep the last 5 backups on disk
-find "${BACKUP_SRC}/*.tar" -mtime +5 -type f -delete
-
-rsync -avh "${BACKUP_SRC}/" "${BACKUP_DEST}" --delete

ansible/shell.nix

@@ -1,8 +0,0 @@
-{pkgs ? import <nixpkgs> {}}:
-with pkgs;
-  mkShell {
-    buildInputs = [
-      ansible
-      sshpass
-    ];
-  }

kubernetes/apps/default/homelab/ks.yaml

@@ -1,78 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: &app homelab-minio
-  namespace: flux-system
-spec:
-  targetNamespace: default
-  commonMetadata:
-    labels:
-      app.kubernetes.io/name: *app
-  path: ./kubernetes/apps/default/homelab/minio
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: home-ops-kubernetes
-  dependsOn:
-    - name: external-secrets-stores
-  wait: false
-  interval: 30m
-  retryInterval: 1m
-  timeout: 5m
-  postBuild:
-    substitute:
-      APP: *app
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: &app homelab-opnsense
-  namespace: flux-system
-spec:
-  targetNamespace: default
-  commonMetadata:
-    labels:
-      app.kubernetes.io/name: *app
-  path: ./kubernetes/apps/default/homelab/opnsense
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: home-ops-kubernetes
-  dependsOn:
-    - name: external-secrets-stores
-  wait: false
-  interval: 30m
-  retryInterval: 1m
-  timeout: 5m
-  postBuild:
-    substitute:
-      APP: *app
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: &app homelab-storage
-  namespace: flux-system
-spec:
-  targetNamespace: default
-  commonMetadata:
-    labels:
-      app.kubernetes.io/name: *app
-  path: ./kubernetes/apps/default/homelab/storage
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: home-ops-kubernetes
-  dependsOn:
-    - name: external-secrets-stores
-  wait: false
-  interval: 30m
-  retryInterval: 1m
-  timeout: 5m
-  postBuild:
-    substitute:
-      APP: *app

kubernetes/apps/default/homelab/minio/backup/helmrelease.yaml

@@ -1,62 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: &app homelab-minio-backup
-  namespace: default
-spec:
-  interval: 30m
-  chart:
-    spec:
-      chart: app-template
-      version: 3.3.2
-      sourceRef:
-        kind: HelmRepository
-        name: bjw-s
-        namespace: flux-system
-  maxHistory: 2
-  install:
-    createNamespace: true
-    remediation:
-      retries: 3
-  upgrade:
-    cleanupOnFail: true
-    remediation:
-      strategy: rollback
-      retries: 3
-  uninstall:
-    keepHistory: false
-  values:
-    controllers:
-      homelab-minio-backup:
-        type: cronjob
-        cronjob:
-          concurrencyPolicy: Forbid
-          schedule: "@daily"
-        containers:
-          app:
-            image:
-              repository: ghcr.io/auricom/rclone
-              tag: 1.62.2@sha256:8d3ae01ed5295974be1b229f7398ce93a03c77a3fdaf301ea35bf929bb19389a
-            command: [/bin/bash, /app/minio-rclone.sh]
-            envFrom:
-              - secretRef:
-                  name: homelab-minio-secret
-    service:
-      app:
-        controller: *app
-        enabled: false
-    persistence:
-      config:
-        enabled: true
-        type: configMap
-        name: homelab-minio-configmap
-        defaultMode: 0775
-        globalMounts:
-          - path: /app/minio-rclone.sh
-            subPath: minio-rclone.sh
-            readOnly: true
-          - path: /config/rclone.conf
-            subPath: rclone.conf
-            readOnly: true

kubernetes/apps/default/homelab/minio/backup/kustomization.yaml

@@ -1,15 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: default
-resources:
-  - ./helmrelease.yaml
-configMapGenerator:
-  - name: homelab-minio-configmap
-    files:
-      - ./minio-rclone.sh
-      - ./rclone.conf
-generatorOptions:
-  disableNameSuffixHash: true
-

kubernetes/apps/default/homelab/minio/backup/minio-rclone.sh

@@ -1,17 +0,0 @@
-#!/usr/bin/env bash
-
-set -o nounset
-set -o errexit
-
-# Replace the placeholders in the file with the environment variables values
-cp /config/rclone.conf /tmp/rclone.conf
-sed -i "s@__RCLONE_ACCESS_ID__@$RCLONE_ACCESS_ID@g" "/tmp/rclone.conf"
-sed -i "s@__RCLONE_SECRET_KEY__@$RCLONE_SECRET_KEY@g" "/tmp/rclone.conf"
-sed -i "s@__PASSWORD__@$GDRIVE_PASSWORD@g" "/tmp/rclone.conf"
-sed -i "s@__PASSWORD2__@$GDRIVE_PASSWORD2@g" "/tmp/rclone.conf"
-sed -i "s@__GDRIVE_CLIENT_ID__@$GDRIVE_CLIENT_ID@g" "/tmp/rclone.conf"
-sed -i "s@__GDRIVE_CLIENT_SECRET__@$GDRIVE_CLIENT_SECRET@g" "/tmp/rclone.conf"
-sed -i "s@__GDRIVE_TOKEN__@$GDRIVE_TOKEN@g" "/tmp/rclone.conf"
-
-echo "Sync minio buckets with encrypted remote gdrive-homelab-backups ..."
-rclone --config /tmp/rclone.conf sync minio: gdrive-homelab-backups:

kubernetes/apps/default/homelab/minio/backup/rclone.conf

@@ -1,22 +0,0 @@
-[minio]
-type = s3
-provider = Minio
-access_key_id = __RCLONE_ACCESS_ID__
-secret_access_key = __RCLONE_SECRET_KEY__
-endpoint = https://s3.${SECRET_INTERNAL_DOMAIN}
-acl = private
-
-[gdrive-homelab-backups]
-type = crypt
-remote = gdrive:homelab-backups
-directory_name_encryption = false
-password = __PASSWORD__
-password2 = __PASSWORD2__
-
-[gdrive]
-type = drive
-client_id = __GDRIVE_CLIENT_ID__
-client_secret = __GDRIVE_CLIENT_SECRET__
-scope = drive.file
-token = __GDRIVE_TOKEN__
-team_drive =

kubernetes/apps/default/homelab/minio/externalsecret.yaml

@@ -1,27 +0,0 @@
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: homelab-minio
-  namespace: default
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: onepassword-connect
-  target:
-    name: homelab-minio-secret
-    template:
-      data:
-        # App
-        GDRIVE_CLIENT_ID: "{{ .GDRIVE_CLIENT_ID }}"
-        GDRIVE_CLIENT_SECRET: "{{ .GDRIVE_CLIENT_SECRET }}"
-        GDRIVE_TOKEN: "{{ .GDRIVE_TOKEN }}"
-        GDRIVE_PASSWORD: "{{ .GDRIVE_PASSWORD }}"
-        GDRIVE_PASSWORD2: "{{ .GDRIVE_PASSWORD2 }}"
-        RCLONE_ACCESS_ID: "{{ .RCLONE_ACCESS_ID }}"
-        RCLONE_SECRET_KEY: "{{ .RCLONE_SECRET_KEY }}"
-
-  dataFrom:
-    - extract:
-        key: homelab-minio

kubernetes/apps/default/homelab/minio/kustomization.yaml

@@ -1,8 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: default
-resources:
-  - ./backup
-  - ./externalsecret.yaml

kubernetes/apps/default/homelab/opnsense/backup/helmrelease.yaml

@@ -1,62 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: &app homelab-opnsense-backup
-  namespace: default
-spec:
-  interval: 30m
-  chart:
-    spec:
-      chart: app-template
-      version: 3.3.2
-      sourceRef:
-        kind: HelmRepository
-        name: bjw-s
-        namespace: flux-system
-  maxHistory: 2
-  install:
-    createNamespace: true
-    remediation:
-      retries: 3
-  upgrade:
-    cleanupOnFail: true
-    remediation:
-      strategy: rollback
-      retries: 3
-  uninstall:
-    keepHistory: false
-  values:
-    controllers:
-      homelab-opnsense-backup:
-        type: cronjob
-        cronjob:
-          concurrencyPolicy: Forbid
-          schedule: "@daily"
-        containers:
-          app:
-            image:
-              repository: ghcr.io/auricom/kubectl
-              tag: 1.29.2@sha256:693ced2697bb7c7349419d4035a62bd474fc41710675b344f71773d8a687dfc3
-            command: [/bin/bash, /app/opnsense-backup.sh]
-            env:
-              OPNSENSE_URL: "https://opnsense.${SECRET_INTERNAL_DOMAIN}"
-              S3_URL: "https://s3.${SECRET_INTERNAL_DOMAIN}"
-            envFrom:
-              - secretRef:
-                  name: homelab-opnsense-secret
-    service:
-      app:
-        controller: *app
-        enabled: false
-    persistence:
-      config:
-        enabled: true
-        type: configMap
-        name: homelab-opnsense-backup-configmap
-        defaultMode: 0775
-        globalMounts:
-          - path: /app/opnsense-backup.sh
-            subPath: opnsense-backup.sh
-            readOnly: true

kubernetes/apps/default/homelab/opnsense/backup/kustomization.yaml

@@ -1,15 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: default
-resources:
-  - ./helmrelease.yaml
-configMapGenerator:
-  - name: homelab-opnsense-backup-configmap
-    files:
-      - ./opnsense-backup.sh
-generatorOptions:
-  disableNameSuffixHash: true
-  annotations:
-    kustomize.toolkit.fluxcd.io/substitute: disabled

kubernetes/apps/default/homelab/opnsense/backup/opnsense-backup.sh

@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-set -o nounset
-set -o errexit
-
-config_filename="$(date "+%Y%m%d-%H%M%S").xml"
-
-http_host=${S3_URL#*//}
-http_host=${http_host%:*}
-http_request_date=$(date -R)
-http_filepath="opnsense/${config_filename}"
-http_signature=$(
-    printf "PUT\n\ntext/xml\n%s\n/%s" "${http_request_date}" "${http_filepath}" \
-        | openssl sha1 -hmac "${AWS_SECRET_ACCESS_KEY}" -binary \
-        | base64
-)
-
-echo "Download Opnsense config file ..."
-curl -fsSL \
-    --user "${OPNSENSE_KEY}:${OPNSENSE_SECRET}" \
-    --output "/tmp/${config_filename}" \
-    "${OPNSENSE_URL}/api/core/backup/download/this"
-
-echo "Upload backup to s3 bucket ..."
-curl -fsSL \
-    -X PUT -T "/tmp/${config_filename}" \
-    -H "Host: ${http_host}" \
-    -H "Date: ${http_request_date}" \
-    -H "Content-Type: text/xml" \
-    -H "Authorization: AWS ${AWS_ACCESS_KEY_ID}:${http_signature}" \
-    "${S3_URL}/${http_filepath}"

kubernetes/apps/default/homelab/opnsense/externalsecret.yaml

@@ -1,17 +0,0 @@
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: homelab-opnsense
-  namespace: default
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: onepassword-connect
-  target:
-    name: homelab-opnsense-secret
-  dataFrom:
-    - extract:
-        # OPNSENSE_KEY, OPNSENSE_SECRET, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
-        key: homelab-opnsense

kubernetes/apps/default/homelab/opnsense/kustomization.yaml

@@ -1,18 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: default
-resources:
-  - ./backup
-  - ./externalsecret.yaml
-configMapGenerator:
-  - name: opnsense-dashboard
-    files:
-      - opnsense-dashboard.json=./dashboard.json
-generatorOptions:
-  disableNameSuffixHash: true
-  annotations:
-    kustomize.toolkit.fluxcd.io/substitute: disabled
-  labels:
-    grafana_dashboard: "true"

kubernetes/apps/default/homelab/storage/kustomization.yaml

@@ -1,7 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: default
-resources:
-  - ./photo-sort

kubernetes/apps/default/homelab/storage/photo-sort/helmrelease.yaml

@@ -1,73 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: &app homelab-storage-photo-sort
-  namespace: default
-spec:
-  interval: 30m
-  chart:
-    spec:
-      chart: app-template
-      version: 3.3.2
-      sourceRef:
-        kind: HelmRepository
-        name: bjw-s
-        namespace: flux-system
-  maxHistory: 2
-  install:
-    createNamespace: true
-    remediation:
-      retries: 3
-  upgrade:
-    cleanupOnFail: true
-    remediation:
-      strategy: rollback
-      retries: 3
-  uninstall:
-    keepHistory: false
-  values:
-    controllers:
-      homelab-storage-photo-sort:
-        type: cronjob
-        cronjob:
-          concurrencyPolicy: Forbid
-          schedule: 23 */3 * * *
-        containers:
-          app:
-            image:
-              repository: ghcr.io/auricom/kubectl
-              tag: 1.29.2@sha256:41af2d2a69bfff5c4f4dc7aafb654c46d2c44e1fca89a44b463b75c53f02f7aa
-            command:
-              - /bin/bash
-              - -c
-              - |
-                #!/bin/bash
-
-                set -o errexit
-                set -o nounset
-
-                /app/sort.sh
-            env:
-              SORT_SOURCE_DIR: /var/mnt/vol1/photo/mobile
-              SORT_DEST_DIR: /var/mnt/vol1/photo
-    service:
-      app:
-        controller: *app
-        enabled: false
-    persistence:
-      scripts:
-        type: configMap
-        name: homelab-storage-photo-sort-configmap
-        defaultMode: 0775
-        globalMounts:
-          - path: /app/sort.sh
-            subPath: sort.sh
-            readOnly: true
-      photo:
-        type: nfs
-        path: /var/mnt/vol1/photo
-        server: 192.168.9.10
-        globalMounts:
-          - path: /var/mnt/vol1/photo

kubernetes/apps/default/homelab/storage/photo-sort/kustomization.yaml

@@ -1,15 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: default
-resources:
-  - ./helmrelease.yaml
-configMapGenerator:
-  - name: homelab-storage-photo-sort-configmap
-    files:
-      - ./scripts/sort.sh
-generatorOptions:
-  disableNameSuffixHash: true
-  annotations:
-    kustomize.toolkit.fluxcd.io/substitute: disabled

kubernetes/apps/default/homelab/storage/photo-sort/scripts/sort.sh

@@ -1,96 +0,0 @@
-#!/bin/bash
-
-# set -x
-
-# Check if necessary environment variables are set
-if [ -z "$SORT_SOURCE_DIR" ] || [ -z "$SORT_DEST_DIR" ]; then
-    echo "SORT_SOURCE_DIR and SORT_DEST_DIR environment variables must be set."
-    exit 1
-fi
-
-grep -q ID_LIKE=debian /etc/os-release
-
-# Function to log messages to stdout
-log_message() {
-    echo "$(date '+%Y-%m-%d %H:%M:%S') - $1"
-}
-
-# Function to cleanup orphaned symlinks
-cleanup_orphans() {
-    log_message "Cleaning up orphaned symlinks."
-
-    # Use fd to find all broken symlinks in SORT_DEST_DIR
-    fd --follow --type symlink '' "$SORT_DEST_DIR" | while IFS= read -r symlink; do
-        # Check if the symlink is broken
-        if [ ! -e "$symlink" ]; then
-            echo "Removing broken symlink newer than 6 months: $symlink"
-            rm "$symlink"  # Remove the broken symlink
-            log_message "Removed symlink $symlink."
-        fi
-    done
-}
-
-# Function to process files
-process_file() {
-    local file="$1"
-
-    # Check if "DCIM" is in the file's full path
-    if [[ "$file" == *"/Camera/"* ]]; then
-        log_message "Processing file: $file"
-
-        # Extract the EXIF creation date using exiftool
-        local exif_date=$(exiftool -d "%Y-%m-%d" -CreateDate -S -s "$file")
-
-        if [ -z "$exif_date" ]; then
-            log_message "EXIF data not found for $file"
-            return  # Skip files without EXIF data
-        fi
-
-        # Parse the year, month, and day from the EXIF date
-        local year=$(echo "$exif_date" | cut -d "-" -f 1)
-        local month=$(echo "$exif_date" | cut -d "-" -f 2)
-        local day=$(echo "$exif_date" | cut -d "-" -f 3)
-
-        # Construct the destination directory path based on the EXIF date
-        local dest_path="$SORT_DEST_DIR/$year/${year}-${month}/${year}-${month}-${day}"
-
-        # Create the destination directory if it doesn't exist
-        mkdir -p "$dest_path"
-
-        # Extract the device name (subfolder name in SORT_SOURCE_DIR)
-        local device_name=$(basename "$(dirname "$(dirname "$file")")")
-
-        # Calculate the relative path from the destination directory back to the original file
-        local relative_path=$(realpath --relative-to="$dest_path" "$file")
-
-        # Create a symlink for the file in the destination directory, prefixed with the device name
-        local symlink_name="${device_name}_$(basename "$file")"
-        local symlink_path="$dest_path/$symlink_name"
-
-        # Check if the symlink already exists to avoid creating duplicates
-        if [ ! -L "$symlink_path" ]; then  # -L tests if the file is a symlink
-            ln -s "$relative_path" "$symlink_path"
-            log_message "Processed and linked: $file -> $symlink_path"
-        else
-            log_message "Skipping symlink creation; already exists: $symlink_path"
-        fi
-    else
-        log_message "Skipping file (not in Camera directory): $file"
-    fi
-}
-
-
-export -f process_file log_message
-export SORT_SOURCE_DIR SORT_DEST_DIR
-
-# Start processing
-log_message "Starting to process files."
-
-cd $SORT_SOURCE_DIR
-
-# Use fd to find image files and process them
-fd --type file --changed-within 15days --exec bash -c 'process_file "$@"' bash {}
-
-cleanup_orphans
-
-log_message "Processing complete."

kubernetes/apps/default/kustomization.yaml

@@ -20,7 +20,6 @@ resources:
   - ./hajimari/ks.yaml
   - ./home-assistant/ks.yaml
   - ./homebox/ks.yaml
-  - ./homelab/ks.yaml
   - ./homepage/ks.yaml
   - ./invidious/ks.yaml
   - ./jellyfin/ks.yaml

kubernetes/apps/default/mailrise/app/mailrise.yaml

@@ -1,10 +1,5 @@
 ---
 configs:
-  truenas@mailrise.home.arpa:
-    mailrise:
-      title_template: "TRUENAS"
-    urls:
-      - !env_var PUSHOVER_TRUENAS
   kresus@mailrise.home.arpa:
     mailrise:
       title_template: "KRESUS"