From 7ad9789d31d14c7a45d6acff75ccff58af57d3db Mon Sep 17 00:00:00 2001 From: auricom <27022259+auricom@users.noreply.github.com> Date: Tue, 15 Apr 2025 16:48:53 +0200 Subject: [PATCH] refactor: components --- .../database/influx/app/kustomization.yaml | 2 +- .../apps/default/atuin/app/kustomization.yaml | 4 +- .../default/authelia/app/kustomization.yaml | 2 +- .../default/bazarr/app/kustomization.yaml | 4 +- .../default/calibre/app/kustomization.yaml | 4 +- .../exercisediary/app/kustomization.yaml | 4 +- .../apps/default/flood/app/kustomization.yaml | 4 +- .../default/freshrss/app/kustomization.yaml | 4 +- .../default/frigate/app/kustomization.yaml | 4 +- .../default/ghostfolio/app/kustomization.yaml | 2 +- .../default/hajimari/app/kustomization.yaml | 2 +- .../home-assistant/app/kustomization.yaml | 4 +- .../home-assistant/code/kustomization.yaml | 2 +- .../default/homebox/app/kustomization.yaml | 4 +- .../default/homepage/app/kustomization.yaml | 2 +- .../default/jellyfin/app/kustomization.yaml | 4 +- .../default/jellyseerr/app/kustomization.yaml | 4 +- .../default/joplin/app/kustomization.yaml | 2 +- .../apps/default/komf/app/kustomization.yaml | 2 +- .../apps/default/komga/app/kustomization.yaml | 4 +- .../default/libmedium/app/kustomization.yaml | 2 +- .../default/lidarr/app/kustomization.yaml | 4 +- .../default/linkding/app/kustomization.yaml | 4 +- .../apps/default/lldap/app/kustomization.yaml | 2 +- .../apps/default/lms/app/kustomization.yaml | 4 +- .../default/lychee/app/kustomization.yaml | 4 +- .../default/navidrome/app/kustomization.yaml | 4 +- .../default/outline/app/kustomization.yaml | 2 +- .../default/paperless/app/kustomization.yaml | 2 +- .../default/prowlarr/app/kustomization.yaml | 2 +- .../qbittorrent/app/kustomization.yaml | 4 +- .../default/radarr/app/kustomization.yaml | 4 +- .../default/readeck/app/kustomization.yaml | 4 +- .../default/recyclarr/app/kustomization.yaml | 2 +- .../default/redlib/app/kustomization.yaml | 2 +- .../default/sabnzbd/app/kustomization.yaml | 4 +- .../default/sharry/app/kustomization.yaml | 4 +- .../default/sonarr/app/kustomization.yaml | 4 +- .../default/tandoor/app/kustomization.yaml | 4 +- .../apps/default/tdarr/app/kustomization.yaml | 4 +- .../apps/default/unifi/app/kustomization.yaml | 4 +- .../vaultwarden/app/kustomization.yaml | 4 +- .../default/vikunja/app/kustomization.yaml | 4 +- .../zigbee2mqtt/app/kustomization.yaml | 4 +- .../zwave-js-ui/app/kustomization.yaml | 4 +- .../apps/external-secrets/kustomization.yaml | 3 ++ .../app-staging/kustomization.yaml | 2 +- .../landing-page/app/kustomization.yaml | 2 +- .../apprise/app/kustomization.yaml | 4 +- .../pushgateway/app/kustomization.yaml | 2 +- .../scrutiny/app/kustomization.yaml | 2 +- .../common/alerts/alertmanager/alert.yaml | 29 ++++++++++++++ .../alerts/alertmanager/kustomization.yaml | 7 ++++ .../common/alerts/alertmanager/provider.yaml | 9 +++++ .../common/alerts/github-status/alert.yaml | 12 ++++++ .../alerts/github-status/externalsecret.yaml | 18 +++++++++ .../alerts/github-status/kustomization.yaml | 8 ++++ .../common/alerts/github-status/provider.yaml | 11 ++++++ .../common/alerts/kustomization.yaml | 7 ++++ .../components/common/kustomization.yaml | 10 +++++ kubernetes/components/common/namespace.yaml | 8 ++++ .../repos/app-template/kustomization.yaml | 6 +++ .../repos/app-template/ocirepository.yaml | 14 +++++++ .../common/repos/kustomization.yaml | 6 +++ .../components/common/sops/kustomization.yaml | 5 +++ .../components/common/sops/secret.sops.yaml | 21 ++++++++++ .../common/vars/cluster-secrets.sops.yaml | 39 +++++++++++++++++++ .../common/vars/cluster-settings.yaml | 34 ++++++++++++++++ .../components/common/vars/kustomization.yaml | 7 ++++ .../gatus/external/configmap.yaml | 0 .../gatus/external/kustomization.yaml | 0 .../gatus/guarded/configmap.yaml | 0 .../gatus/guarded/kustomization.yaml | 0 .../volsync/README.md | 2 +- .../volsync/claim.yaml | 0 .../volsync/kustomization.yaml | 0 .../volsync/minio.yaml | 0 77 files changed, 336 insertions(+), 82 deletions(-) create mode 100644 kubernetes/components/common/alerts/alertmanager/alert.yaml create mode 100644 kubernetes/components/common/alerts/alertmanager/kustomization.yaml create mode 100644 kubernetes/components/common/alerts/alertmanager/provider.yaml create mode 100644 kubernetes/components/common/alerts/github-status/alert.yaml create mode 100644 kubernetes/components/common/alerts/github-status/externalsecret.yaml create mode 100644 kubernetes/components/common/alerts/github-status/kustomization.yaml create mode 100644 kubernetes/components/common/alerts/github-status/provider.yaml create mode 100644 kubernetes/components/common/alerts/kustomization.yaml create mode 100644 kubernetes/components/common/kustomization.yaml create mode 100644 kubernetes/components/common/namespace.yaml create mode 100644 kubernetes/components/common/repos/app-template/kustomization.yaml create mode 100644 kubernetes/components/common/repos/app-template/ocirepository.yaml create mode 100644 kubernetes/components/common/repos/kustomization.yaml create mode 100644 kubernetes/components/common/sops/kustomization.yaml create mode 100644 kubernetes/components/common/sops/secret.sops.yaml create mode 100644 kubernetes/components/common/vars/cluster-secrets.sops.yaml create mode 100644 kubernetes/components/common/vars/cluster-settings.yaml create mode 100644 kubernetes/components/common/vars/kustomization.yaml rename kubernetes/{templates => components}/gatus/external/configmap.yaml (100%) rename kubernetes/{templates => components}/gatus/external/kustomization.yaml (100%) rename kubernetes/{templates => components}/gatus/guarded/configmap.yaml (100%) rename kubernetes/{templates => components}/gatus/guarded/kustomization.yaml (100%) rename kubernetes/{templates => components}/volsync/README.md (94%) rename kubernetes/{templates => components}/volsync/claim.yaml (100%) rename kubernetes/{templates => components}/volsync/kustomization.yaml (100%) rename kubernetes/{templates => components}/volsync/minio.yaml (100%) diff --git a/kubernetes/apps/database/influx/app/kustomization.yaml b/kubernetes/apps/database/influx/app/kustomization.yaml index adec24621..e230adf20 100644 --- a/kubernetes/apps/database/influx/app/kustomization.yaml +++ b/kubernetes/apps/database/influx/app/kustomization.yaml @@ -4,4 +4,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/volsync + - ../../../../components/volsync diff --git a/kubernetes/apps/default/atuin/app/kustomization.yaml b/kubernetes/apps/default/atuin/app/kustomization.yaml index 25da0aae3..adcaf40fc 100644 --- a/kubernetes/apps/default/atuin/app/kustomization.yaml +++ b/kubernetes/apps/default/atuin/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/authelia/app/kustomization.yaml b/kubernetes/apps/default/authelia/app/kustomization.yaml index 3409a00c9..059e16abb 100644 --- a/kubernetes/apps/default/authelia/app/kustomization.yaml +++ b/kubernetes/apps/default/authelia/app/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/external + - ../../../../components/gatus/external configMapGenerator: - name: authelia-configmap files: diff --git a/kubernetes/apps/default/bazarr/app/kustomization.yaml b/kubernetes/apps/default/bazarr/app/kustomization.yaml index a45c9b981..b1d0b6b73 100644 --- a/kubernetes/apps/default/bazarr/app/kustomization.yaml +++ b/kubernetes/apps/default/bazarr/app/kustomization.yaml @@ -6,8 +6,8 @@ namespace: default resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync configMapGenerator: - name: bazarr-scripts files: diff --git a/kubernetes/apps/default/calibre/app/kustomization.yaml b/kubernetes/apps/default/calibre/app/kustomization.yaml index 35ff57401..afadd96bd 100644 --- a/kubernetes/apps/default/calibre/app/kustomization.yaml +++ b/kubernetes/apps/default/calibre/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/exercisediary/app/kustomization.yaml b/kubernetes/apps/default/exercisediary/app/kustomization.yaml index 3170b928d..68984b3ba 100644 --- a/kubernetes/apps/default/exercisediary/app/kustomization.yaml +++ b/kubernetes/apps/default/exercisediary/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./helmrelease.yaml - - ../../../../templates/gatus/external - - ../../../../templates/volsync + - ../../../../components/gatus/external + - ../../../../components/volsync diff --git a/kubernetes/apps/default/flood/app/kustomization.yaml b/kubernetes/apps/default/flood/app/kustomization.yaml index 5d04acddd..44d709772 100644 --- a/kubernetes/apps/default/flood/app/kustomization.yaml +++ b/kubernetes/apps/default/flood/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/freshrss/app/kustomization.yaml b/kubernetes/apps/default/freshrss/app/kustomization.yaml index 5d04acddd..44d709772 100644 --- a/kubernetes/apps/default/freshrss/app/kustomization.yaml +++ b/kubernetes/apps/default/freshrss/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/frigate/app/kustomization.yaml b/kubernetes/apps/default/frigate/app/kustomization.yaml index a99c63c8c..b55fd838d 100644 --- a/kubernetes/apps/default/frigate/app/kustomization.yaml +++ b/kubernetes/apps/default/frigate/app/kustomization.yaml @@ -6,8 +6,8 @@ namespace: default resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync configMapGenerator: - name: frigate-configmap files: diff --git a/kubernetes/apps/default/ghostfolio/app/kustomization.yaml b/kubernetes/apps/default/ghostfolio/app/kustomization.yaml index f641102c1..2740e00c8 100644 --- a/kubernetes/apps/default/ghostfolio/app/kustomization.yaml +++ b/kubernetes/apps/default/ghostfolio/app/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded + - ../../../../components/gatus/guarded diff --git a/kubernetes/apps/default/hajimari/app/kustomization.yaml b/kubernetes/apps/default/hajimari/app/kustomization.yaml index f5bc67592..db575b725 100644 --- a/kubernetes/apps/default/hajimari/app/kustomization.yaml +++ b/kubernetes/apps/default/hajimari/app/kustomization.yaml @@ -4,4 +4,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded + - ../../../../components/gatus/guarded diff --git a/kubernetes/apps/default/home-assistant/app/kustomization.yaml b/kubernetes/apps/default/home-assistant/app/kustomization.yaml index 91837f11e..876d58a8e 100644 --- a/kubernetes/apps/default/home-assistant/app/kustomization.yaml +++ b/kubernetes/apps/default/home-assistant/app/kustomization.yaml @@ -5,5 +5,5 @@ resources: - ./externalsecret.yaml - ./helmrelease.yaml - ./podmonitor.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/home-assistant/code/kustomization.yaml b/kubernetes/apps/default/home-assistant/code/kustomization.yaml index 1ead35c4d..bd3d4e9c7 100644 --- a/kubernetes/apps/default/home-assistant/code/kustomization.yaml +++ b/kubernetes/apps/default/home-assistant/code/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization namespace: default resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded + - ../../../../components/gatus/guarded diff --git a/kubernetes/apps/default/homebox/app/kustomization.yaml b/kubernetes/apps/default/homebox/app/kustomization.yaml index fd54ff7cc..a102b1c1a 100644 --- a/kubernetes/apps/default/homebox/app/kustomization.yaml +++ b/kubernetes/apps/default/homebox/app/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/homepage/app/kustomization.yaml b/kubernetes/apps/default/homepage/app/kustomization.yaml index 0bd54a1ac..e1825ebc1 100644 --- a/kubernetes/apps/default/homepage/app/kustomization.yaml +++ b/kubernetes/apps/default/homepage/app/kustomization.yaml @@ -6,7 +6,7 @@ resources: - ./externalsecret.yaml - ./helmrelease.yaml - ./rbac.yaml - - ../../../../templates/gatus/guarded + - ../../../../components/gatus/guarded configMapGenerator: - name: homepage-config files: diff --git a/kubernetes/apps/default/jellyfin/app/kustomization.yaml b/kubernetes/apps/default/jellyfin/app/kustomization.yaml index 3170b928d..68984b3ba 100644 --- a/kubernetes/apps/default/jellyfin/app/kustomization.yaml +++ b/kubernetes/apps/default/jellyfin/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./helmrelease.yaml - - ../../../../templates/gatus/external - - ../../../../templates/volsync + - ../../../../components/gatus/external + - ../../../../components/volsync diff --git a/kubernetes/apps/default/jellyseerr/app/kustomization.yaml b/kubernetes/apps/default/jellyseerr/app/kustomization.yaml index df76fa3c1..293b99756 100644 --- a/kubernetes/apps/default/jellyseerr/app/kustomization.yaml +++ b/kubernetes/apps/default/jellyseerr/app/kustomization.yaml @@ -6,6 +6,6 @@ namespace: default resources: # - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/external - - ../../../../templates/volsync + - ../../../../components/gatus/external + - ../../../../components/volsync - ./pvc.yaml diff --git a/kubernetes/apps/default/joplin/app/kustomization.yaml b/kubernetes/apps/default/joplin/app/kustomization.yaml index 66e65aa34..b09ca642e 100644 --- a/kubernetes/apps/default/joplin/app/kustomization.yaml +++ b/kubernetes/apps/default/joplin/app/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/external + - ../../../../components/gatus/external diff --git a/kubernetes/apps/default/komf/app/kustomization.yaml b/kubernetes/apps/default/komf/app/kustomization.yaml index 10d4ee1d0..46ea563dc 100644 --- a/kubernetes/apps/default/komf/app/kustomization.yaml +++ b/kubernetes/apps/default/komf/app/kustomization.yaml @@ -6,7 +6,7 @@ namespace: default resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/volsync + - ../../../../components/volsync configMapGenerator: - name: komf-configmap files: diff --git a/kubernetes/apps/default/komga/app/kustomization.yaml b/kubernetes/apps/default/komga/app/kustomization.yaml index 35ff57401..afadd96bd 100644 --- a/kubernetes/apps/default/komga/app/kustomization.yaml +++ b/kubernetes/apps/default/komga/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/libmedium/app/kustomization.yaml b/kubernetes/apps/default/libmedium/app/kustomization.yaml index 882cc6ff6..b1ba7d5c4 100644 --- a/kubernetes/apps/default/libmedium/app/kustomization.yaml +++ b/kubernetes/apps/default/libmedium/app/kustomization.yaml @@ -4,7 +4,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/external + - ../../../../components/gatus/external configMapGenerator: - name: libmedium-configmap files: diff --git a/kubernetes/apps/default/lidarr/app/kustomization.yaml b/kubernetes/apps/default/lidarr/app/kustomization.yaml index d76fdd38e..7ce718111 100644 --- a/kubernetes/apps/default/lidarr/app/kustomization.yaml +++ b/kubernetes/apps/default/lidarr/app/kustomization.yaml @@ -6,8 +6,8 @@ namespace: default resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync configMapGenerator: - name: lidarr-pushover files: diff --git a/kubernetes/apps/default/linkding/app/kustomization.yaml b/kubernetes/apps/default/linkding/app/kustomization.yaml index 5d04acddd..44d709772 100644 --- a/kubernetes/apps/default/linkding/app/kustomization.yaml +++ b/kubernetes/apps/default/linkding/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/lldap/app/kustomization.yaml b/kubernetes/apps/default/lldap/app/kustomization.yaml index f641102c1..2740e00c8 100644 --- a/kubernetes/apps/default/lldap/app/kustomization.yaml +++ b/kubernetes/apps/default/lldap/app/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded + - ../../../../components/gatus/guarded diff --git a/kubernetes/apps/default/lms/app/kustomization.yaml b/kubernetes/apps/default/lms/app/kustomization.yaml index fd54ff7cc..a102b1c1a 100644 --- a/kubernetes/apps/default/lms/app/kustomization.yaml +++ b/kubernetes/apps/default/lms/app/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/lychee/app/kustomization.yaml b/kubernetes/apps/default/lychee/app/kustomization.yaml index f11802352..fe1cab0c3 100644 --- a/kubernetes/apps/default/lychee/app/kustomization.yaml +++ b/kubernetes/apps/default/lychee/app/kustomization.yaml @@ -6,5 +6,5 @@ resources: - ./externalsecret.yaml - ./helmrelease.yaml - ./sync - - ../../../../templates/gatus/external - - ../../../../templates/volsync + - ../../../../components/gatus/external + - ../../../../components/volsync diff --git a/kubernetes/apps/default/navidrome/app/kustomization.yaml b/kubernetes/apps/default/navidrome/app/kustomization.yaml index 3170b928d..68984b3ba 100644 --- a/kubernetes/apps/default/navidrome/app/kustomization.yaml +++ b/kubernetes/apps/default/navidrome/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./helmrelease.yaml - - ../../../../templates/gatus/external - - ../../../../templates/volsync + - ../../../../components/gatus/external + - ../../../../components/volsync diff --git a/kubernetes/apps/default/outline/app/kustomization.yaml b/kubernetes/apps/default/outline/app/kustomization.yaml index f641102c1..2740e00c8 100644 --- a/kubernetes/apps/default/outline/app/kustomization.yaml +++ b/kubernetes/apps/default/outline/app/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded + - ../../../../components/gatus/guarded diff --git a/kubernetes/apps/default/paperless/app/kustomization.yaml b/kubernetes/apps/default/paperless/app/kustomization.yaml index f641102c1..2740e00c8 100644 --- a/kubernetes/apps/default/paperless/app/kustomization.yaml +++ b/kubernetes/apps/default/paperless/app/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded + - ../../../../components/gatus/guarded diff --git a/kubernetes/apps/default/prowlarr/app/kustomization.yaml b/kubernetes/apps/default/prowlarr/app/kustomization.yaml index f641102c1..2740e00c8 100644 --- a/kubernetes/apps/default/prowlarr/app/kustomization.yaml +++ b/kubernetes/apps/default/prowlarr/app/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded + - ../../../../components/gatus/guarded diff --git a/kubernetes/apps/default/qbittorrent/app/kustomization.yaml b/kubernetes/apps/default/qbittorrent/app/kustomization.yaml index 83ecb8fbf..deca5380c 100644 --- a/kubernetes/apps/default/qbittorrent/app/kustomization.yaml +++ b/kubernetes/apps/default/qbittorrent/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization resources: - ./helmrelease.yaml - ./upgrade-p2pblocklist - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/radarr/app/kustomization.yaml b/kubernetes/apps/default/radarr/app/kustomization.yaml index 22afe0e44..4783298dc 100644 --- a/kubernetes/apps/default/radarr/app/kustomization.yaml +++ b/kubernetes/apps/default/radarr/app/kustomization.yaml @@ -6,8 +6,8 @@ namespace: default resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync configMapGenerator: - name: radarr-pushover files: diff --git a/kubernetes/apps/default/readeck/app/kustomization.yaml b/kubernetes/apps/default/readeck/app/kustomization.yaml index fd54ff7cc..a102b1c1a 100644 --- a/kubernetes/apps/default/readeck/app/kustomization.yaml +++ b/kubernetes/apps/default/readeck/app/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/recyclarr/app/kustomization.yaml b/kubernetes/apps/default/recyclarr/app/kustomization.yaml index 35c92f97d..0ecfcb95f 100644 --- a/kubernetes/apps/default/recyclarr/app/kustomization.yaml +++ b/kubernetes/apps/default/recyclarr/app/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/volsync + - ../../../../components/volsync configMapGenerator: - name: recyclarr-configmap files: diff --git a/kubernetes/apps/default/redlib/app/kustomization.yaml b/kubernetes/apps/default/redlib/app/kustomization.yaml index e147a8dec..197a01a14 100644 --- a/kubernetes/apps/default/redlib/app/kustomization.yaml +++ b/kubernetes/apps/default/redlib/app/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization namespace: default resources: - ./helmrelease.yaml - - ../../../../templates/gatus/external + - ../../../../components/gatus/external diff --git a/kubernetes/apps/default/sabnzbd/app/kustomization.yaml b/kubernetes/apps/default/sabnzbd/app/kustomization.yaml index 5d04acddd..44d709772 100644 --- a/kubernetes/apps/default/sabnzbd/app/kustomization.yaml +++ b/kubernetes/apps/default/sabnzbd/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/sharry/app/kustomization.yaml b/kubernetes/apps/default/sharry/app/kustomization.yaml index 270f29b13..8a4eed78a 100644 --- a/kubernetes/apps/default/sharry/app/kustomization.yaml +++ b/kubernetes/apps/default/sharry/app/kustomization.yaml @@ -5,8 +5,8 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/external - - ../../../../templates/volsync + - ../../../../components/gatus/external + - ../../../../components/volsync configMapGenerator: - name: sharry-configmap files: diff --git a/kubernetes/apps/default/sonarr/app/kustomization.yaml b/kubernetes/apps/default/sonarr/app/kustomization.yaml index 07f4e5d32..1d24cd29f 100644 --- a/kubernetes/apps/default/sonarr/app/kustomization.yaml +++ b/kubernetes/apps/default/sonarr/app/kustomization.yaml @@ -6,8 +6,8 @@ namespace: default resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync configMapGenerator: - name: sonarr-pushover files: diff --git a/kubernetes/apps/default/tandoor/app/kustomization.yaml b/kubernetes/apps/default/tandoor/app/kustomization.yaml index c8bb5d512..4110c45d4 100644 --- a/kubernetes/apps/default/tandoor/app/kustomization.yaml +++ b/kubernetes/apps/default/tandoor/app/kustomization.yaml @@ -6,8 +6,8 @@ namespace: default resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync configMapGenerator: - name: tandoor-configmap files: diff --git a/kubernetes/apps/default/tdarr/app/kustomization.yaml b/kubernetes/apps/default/tdarr/app/kustomization.yaml index fd54ff7cc..a102b1c1a 100644 --- a/kubernetes/apps/default/tdarr/app/kustomization.yaml +++ b/kubernetes/apps/default/tdarr/app/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/unifi/app/kustomization.yaml b/kubernetes/apps/default/unifi/app/kustomization.yaml index fd54ff7cc..a102b1c1a 100644 --- a/kubernetes/apps/default/unifi/app/kustomization.yaml +++ b/kubernetes/apps/default/unifi/app/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/vaultwarden/app/kustomization.yaml b/kubernetes/apps/default/vaultwarden/app/kustomization.yaml index 4c3bf6b62..6af961030 100644 --- a/kubernetes/apps/default/vaultwarden/app/kustomization.yaml +++ b/kubernetes/apps/default/vaultwarden/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/external - - ../../../../templates/volsync + - ../../../../components/gatus/external + - ../../../../components/volsync diff --git a/kubernetes/apps/default/vikunja/app/kustomization.yaml b/kubernetes/apps/default/vikunja/app/kustomization.yaml index f33be17e0..8766572f9 100644 --- a/kubernetes/apps/default/vikunja/app/kustomization.yaml +++ b/kubernetes/apps/default/vikunja/app/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/external - - ../../../../templates/volsync + - ../../../../components/gatus/external + - ../../../../components/volsync generatorOptions: disableNameSuffixHash: true diff --git a/kubernetes/apps/default/zigbee2mqtt/app/kustomization.yaml b/kubernetes/apps/default/zigbee2mqtt/app/kustomization.yaml index a2f0ea957..adc4cd03c 100644 --- a/kubernetes/apps/default/zigbee2mqtt/app/kustomization.yaml +++ b/kubernetes/apps/default/zigbee2mqtt/app/kustomization.yaml @@ -4,5 +4,5 @@ kind: Kustomization resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/default/zwave-js-ui/app/kustomization.yaml b/kubernetes/apps/default/zwave-js-ui/app/kustomization.yaml index fd54ff7cc..a102b1c1a 100644 --- a/kubernetes/apps/default/zwave-js-ui/app/kustomization.yaml +++ b/kubernetes/apps/default/zwave-js-ui/app/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/external-secrets/kustomization.yaml b/kubernetes/apps/external-secrets/kustomization.yaml index 6ef463cda..5a447ed03 100644 --- a/kubernetes/apps/external-secrets/kustomization.yaml +++ b/kubernetes/apps/external-secrets/kustomization.yaml @@ -2,5 +2,8 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: external-secrets +components: + - ../../components/common resources: - ./external-secrets/ks.yaml diff --git a/kubernetes/apps/ngnode/landing-page/app-staging/kustomization.yaml b/kubernetes/apps/ngnode/landing-page/app-staging/kustomization.yaml index 022692cb5..66135adf0 100644 --- a/kubernetes/apps/ngnode/landing-page/app-staging/kustomization.yaml +++ b/kubernetes/apps/ngnode/landing-page/app-staging/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/external + - ../../../../components/gatus/external generatorOptions: disableNameSuffixHash: true diff --git a/kubernetes/apps/ngnode/landing-page/app/kustomization.yaml b/kubernetes/apps/ngnode/landing-page/app/kustomization.yaml index 022692cb5..66135adf0 100644 --- a/kubernetes/apps/ngnode/landing-page/app/kustomization.yaml +++ b/kubernetes/apps/ngnode/landing-page/app/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/external + - ../../../../components/gatus/external generatorOptions: disableNameSuffixHash: true diff --git a/kubernetes/apps/observability/apprise/app/kustomization.yaml b/kubernetes/apps/observability/apprise/app/kustomization.yaml index fd54ff7cc..a102b1c1a 100644 --- a/kubernetes/apps/observability/apprise/app/kustomization.yaml +++ b/kubernetes/apps/observability/apprise/app/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded - - ../../../../templates/volsync + - ../../../../components/gatus/guarded + - ../../../../components/volsync diff --git a/kubernetes/apps/observability/pushgateway/app/kustomization.yaml b/kubernetes/apps/observability/pushgateway/app/kustomization.yaml index f5bc67592..db575b725 100644 --- a/kubernetes/apps/observability/pushgateway/app/kustomization.yaml +++ b/kubernetes/apps/observability/pushgateway/app/kustomization.yaml @@ -4,4 +4,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml - - ../../../../templates/gatus/guarded + - ../../../../components/gatus/guarded diff --git a/kubernetes/apps/observability/scrutiny/app/kustomization.yaml b/kubernetes/apps/observability/scrutiny/app/kustomization.yaml index a0f82d4cc..d4e51b18b 100644 --- a/kubernetes/apps/observability/scrutiny/app/kustomization.yaml +++ b/kubernetes/apps/observability/scrutiny/app/kustomization.yaml @@ -3,4 +3,4 @@ kind: Kustomization resources: - ./externalsecret.yaml - helmrelease.yaml - - ../../../../templates/volsync + - ../../../../components/volsync diff --git a/kubernetes/components/common/alerts/alertmanager/alert.yaml b/kubernetes/components/common/alerts/alertmanager/alert.yaml new file mode 100644 index 000000000..db682e2a2 --- /dev/null +++ b/kubernetes/components/common/alerts/alertmanager/alert.yaml @@ -0,0 +1,29 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/alert_v1beta3.json +apiVersion: notification.toolkit.fluxcd.io/v1beta3 +kind: Alert +metadata: + name: alertmanager +spec: + providerRef: + name: alertmanager + eventSeverity: error + eventSources: + - kind: FluxInstance + name: "*" + - kind: GitRepository + name: "*" + - kind: HelmRelease + name: "*" + - kind: HelmRepository + name: "*" + - kind: Kustomization + name: "*" + - kind: OCIRepository + name: "*" + exclusionList: + - "error.*lookup github\\.com" + - "error.*lookup raw\\.githubusercontent\\.com" + - "dial.*tcp.*timeout" + - "waiting.*socket" + suspend: false diff --git a/kubernetes/components/common/alerts/alertmanager/kustomization.yaml b/kubernetes/components/common/alerts/alertmanager/kustomization.yaml new file mode 100644 index 000000000..a39198cb6 --- /dev/null +++ b/kubernetes/components/common/alerts/alertmanager/kustomization.yaml @@ -0,0 +1,7 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./alert.yaml + - ./provider.yaml diff --git a/kubernetes/components/common/alerts/alertmanager/provider.yaml b/kubernetes/components/common/alerts/alertmanager/provider.yaml new file mode 100644 index 000000000..91fa8f0fc --- /dev/null +++ b/kubernetes/components/common/alerts/alertmanager/provider.yaml @@ -0,0 +1,9 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/provider_v1beta3.json +apiVersion: notification.toolkit.fluxcd.io/v1beta3 +kind: Provider +metadata: + name: alertmanager +spec: + type: alertmanager + address: http://alertmanager-operated.observability.svc.cluster.local:9093/api/v2/alerts/ diff --git a/kubernetes/components/common/alerts/github-status/alert.yaml b/kubernetes/components/common/alerts/github-status/alert.yaml new file mode 100644 index 000000000..0667d5be6 --- /dev/null +++ b/kubernetes/components/common/alerts/github-status/alert.yaml @@ -0,0 +1,12 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/alert_v1beta3.json +apiVersion: notification.toolkit.fluxcd.io/v1beta3 +kind: Alert +metadata: + name: github-status +spec: + providerRef: + name: github-status + eventSources: + - kind: Kustomization + name: "*" diff --git a/kubernetes/components/common/alerts/github-status/externalsecret.yaml b/kubernetes/components/common/alerts/github-status/externalsecret.yaml new file mode 100644 index 000000000..4558fad0f --- /dev/null +++ b/kubernetes/components/common/alerts/github-status/externalsecret.yaml @@ -0,0 +1,18 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: github-status-token +spec: + secretStoreRef: + kind: ClusterSecretStore + name: onepassword + target: + name: github-status-token-secret + template: + data: + token: "{{ .GITHUB_NOTIFICATION_TOKEN }}" + dataFrom: + - extract: + key: flux diff --git a/kubernetes/components/common/alerts/github-status/kustomization.yaml b/kubernetes/components/common/alerts/github-status/kustomization.yaml new file mode 100644 index 000000000..b5a9b4e3c --- /dev/null +++ b/kubernetes/components/common/alerts/github-status/kustomization.yaml @@ -0,0 +1,8 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./alert.yaml + - ./externalsecret.yaml + - ./provider.yaml diff --git a/kubernetes/components/common/alerts/github-status/provider.yaml b/kubernetes/components/common/alerts/github-status/provider.yaml new file mode 100644 index 000000000..99297aebd --- /dev/null +++ b/kubernetes/components/common/alerts/github-status/provider.yaml @@ -0,0 +1,11 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/provider_v1beta3.json +apiVersion: notification.toolkit.fluxcd.io/v1beta3 +kind: Provider +metadata: + name: github-status +spec: + type: github + address: https://github.com/onedr0p/home-ops + secretRef: + name: github-status-token-secret diff --git a/kubernetes/components/common/alerts/kustomization.yaml b/kubernetes/components/common/alerts/kustomization.yaml new file mode 100644 index 000000000..3cf1b36cf --- /dev/null +++ b/kubernetes/components/common/alerts/kustomization.yaml @@ -0,0 +1,7 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./alertmanager + - ./github-status diff --git a/kubernetes/components/common/kustomization.yaml b/kubernetes/components/common/kustomization.yaml new file mode 100644 index 000000000..35893cc1f --- /dev/null +++ b/kubernetes/components/common/kustomization.yaml @@ -0,0 +1,10 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component +resources: + - ./namespace.yaml + - ./alerts + - ./repos + - ./sops + - ./vars diff --git a/kubernetes/components/common/namespace.yaml b/kubernetes/components/common/namespace.yaml new file mode 100644 index 000000000..5ab319d7a --- /dev/null +++ b/kubernetes/components/common/namespace.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: not-used + annotations: + kustomize.toolkit.fluxcd.io/prune: disabled + volsync.backube/privileged-movers: "true" diff --git a/kubernetes/components/common/repos/app-template/kustomization.yaml b/kubernetes/components/common/repos/app-template/kustomization.yaml new file mode 100644 index 000000000..099a7c473 --- /dev/null +++ b/kubernetes/components/common/repos/app-template/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./ocirepository.yaml diff --git a/kubernetes/components/common/repos/app-template/ocirepository.yaml b/kubernetes/components/common/repos/app-template/ocirepository.yaml new file mode 100644 index 000000000..ad3209ac6 --- /dev/null +++ b/kubernetes/components/common/repos/app-template/ocirepository.yaml @@ -0,0 +1,14 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/source.toolkit.fluxcd.io/ocirepository_v1beta2.json +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: OCIRepository +metadata: + name: app-template +spec: + interval: 5m + layerSelector: + mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip + operation: copy + ref: + tag: 3.7.3 + url: oci://ghcr.io/bjw-s/helm/app-template diff --git a/kubernetes/components/common/repos/kustomization.yaml b/kubernetes/components/common/repos/kustomization.yaml new file mode 100644 index 000000000..9421de358 --- /dev/null +++ b/kubernetes/components/common/repos/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./app-template diff --git a/kubernetes/components/common/sops/kustomization.yaml b/kubernetes/components/common/sops/kustomization.yaml new file mode 100644 index 000000000..67d765802 --- /dev/null +++ b/kubernetes/components/common/sops/kustomization.yaml @@ -0,0 +1,5 @@ +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./secret.sops.yaml diff --git a/kubernetes/components/common/sops/secret.sops.yaml b/kubernetes/components/common/sops/secret.sops.yaml new file mode 100644 index 000000000..25a68165b --- /dev/null +++ b/kubernetes/components/common/sops/secret.sops.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Secret +metadata: + name: sops-age +stringData: + age.agekey: ENC[AES256_GCM,data:/z6xIc2fN9p3hBB41JNq+n/+HL8M4ASkTWD1F6UVIIUXGeah6sckemJHkg0EFON4pBYUsX7E9tQNsus9407AkXN1tfvA2EQ4ZbUkJVkPivtexne/KPtEb54WIsY8RR+L3CbN2sg3xAO4VpiA9Wpf4CJv96PVpBscSKyfTxioYPyDd20XEa+XCpH6bgzO19p6mpOPTjEJtI5ekVSs0ufG7qj3U9ZTz3gLBxPZOefhZIHgHl4VxOV//wlmlGNd,iv:pW9DeLKKEmHM1RdqwXwuByVh+VshO/szNIW5jK/k8mc=,tag:FHIbmdy0d/v5HGnyAggClQ==,type:str] +sops: + age: + - recipient: age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3dC92MU5MYWFLT2xYaE9W + N2ZQNjFIME1CQUdud3pBc2Z2UEhIU2tYZ2l3CnhCZkNibHUrZ0xUbXVHSFVHbWNq + SWlQR3h3Ulh0WXVyTlVSd2l6eFJLclUKLS0tIE1HS0dRODZyazN3aDJyamJtbUF5 + dnZnWEFBSzBXVks4cUVsK1hrRERiUGcKJ3ljBl1X6EQ/JFljcYOeXLS/BXKlCyYV + yiYyl6Ig+81OvOaHaTVvf0OBFpBgge0dHItCCzB+DYq4JPUKbFN9Ng== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-04-15T14:40:26Z" + mac: ENC[AES256_GCM,data:iqQH8X4MjuXSXOJVvqCjTM4Z8FQBVTLMBIk9TE27ojeOilgY/+pIKAcIRt2FPfmFaQn9UJtqgZ9QLb1FlPdsvvW7MBYDWBWtb1aD7ltpXPUUCg83zA6lb2nOqCEE29+k3LK/zSGynyItcoQOgh2TmZWhMxXIgUkUso7zg9XArEs=,iv:d/wdW80Ejdbq8YxtTVYV40/tuEa5FPD1kEJezk/4DfY=,tag:nFTu0tzOa6cGgQq0vYDsTw==,type:str] + encrypted_regex: ^(data|stringData)$ + version: 3.10.2 diff --git a/kubernetes/components/common/vars/cluster-secrets.sops.yaml b/kubernetes/components/common/vars/cluster-secrets.sops.yaml new file mode 100644 index 000000000..95d4ae3f4 --- /dev/null +++ b/kubernetes/components/common/vars/cluster-secrets.sops.yaml @@ -0,0 +1,39 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.26.1-standalone-strict/secret-v1.json +apiVersion: v1 +kind: Secret +metadata: + name: cluster-secrets + namespace: flux-system +stringData: + SECRET_CLUSTER_CERTIFICATE_DEFAULT: ENC[AES256_GCM,data:8HotHVJva77fd9S+j2BB,iv:fqCDD0NuK9ySCsGGT3G4QsfViM2L9oPp9ZLgwXf0tLI=,tag:rX1quD8RTjvzV75fmwmC6w==,type:str] + SECRET_CLUSTER_DOMAIN_EMAIL: ENC[AES256_GCM,data:j1yBajAlXKQeDuvbV2IyJp8IT3wA,iv:pxPgYZEZ6pvcr6trM1gkL5MZORewARaiVfwRTyWxny0=,tag:y31EGp46NgF/Pf3hQ2Iavw==,type:str] + SECRET_CLOUDFLARE_TUNNEL_ID: ENC[AES256_GCM,data:nS0cVHEiuEk1w43AjcWNjGVecEr8RZr4iXsMCO9152bn2wWc,iv:jDz8AP6eCF5+CASt3ogR8vzAO5VkbZQ3pY2+AFmz15U=,tag:DVKZ3xSZLrW9pQIx0HJRCQ==,type:str] + SECRET_DOMAIN: ENC[AES256_GCM,data:UtdBDs6+azVHO7Y=,iv:ZnWrBW+vW6HiMs1PbgY2LjcwUwuUh1HxYjqvOXvCrDk=,tag:r6uDIJhVoTIcizIfRW+lHw==,type:str] + SECRET_EXTERNAL_DOMAIN: ENC[AES256_GCM,data:Brd9H7gizPxew+4=,iv:YaIxv9TFF0mAks9gJXwXA1N7b8k5mcSJ6hs9lpaUV/M=,tag:8xdRoWun3IUVywagpsrsBw==,type:str] + SECRET_INTERNAL_DOMAIN: ENC[AES256_GCM,data:WLuQAi9JsUsD5Q==,iv:Zc+5/rQONxepZFVC/ia01aBdlVyG99thOeIipeAVS3E=,tag:FwwjDKoUMfZ/taFPRRThOQ==,type:str] + SECRET_CROWDSEC_NGINX_BOUNCER_API_KEY: ENC[AES256_GCM,data:ecukkFOK40WWIxJ48sXrxJUBaHx2BnzqxkIT+cXYZg4=,iv:y6AfslVPufBfrIL3GQqTw0cDAan64mB9J7RY9OzKQqw=,tag:+V4Rgz26wey2UtA32S0PJQ==,type:str] + SECRET_KOMF_MAL_CLIENT_ID: ENC[AES256_GCM,data:HuKHFrICgCj6nbcbix8u7qGeggFmmKht7Elk9dINZtE=,iv:c3mqFdFkIO9dctZ3ooPh4ajOZaY0ZudEeNWbG+lryPI=,tag:jWG2+pgkAf/XUgJyUvdrNg==,type:str] + SECRET_KUBE_PROMETHEUS_STACK_ALERTMANAGER_PUSHOVER_USER_KEY: ENC[AES256_GCM,data:X1J9WLT26soYzlDb8+YtPotGw8p0lJKMuNkn69WX,iv:mW2cJOq5gfzSE+U24IuvPVL+dL2nZcTFpPAkG77Ohus=,tag:kxokidtuE5RAGJlj4Q4P2A==,type:str] + SECRET_KUBE_PROMETHEUS_STACK_ALERTMANAGER_PUSHOVER_TOKEN: ENC[AES256_GCM,data:Bwvuy/jHIRduy/r1A8dOs0OE8ewdjCgs8g/br1oW,iv:PdnPH9I509MT6UJkUG1zLAGn9aV4AVrROgAVCD4a3Y0=,tag:59kBGx9qx3jeauokyoolQQ==,type:str] + SECRET_KUBE_PROMETHEUS_STACK_GRAFANA_ADMIN_PASSWORD: ENC[AES256_GCM,data:L7LS6+tuwPCyb5HN4zg=,iv:JM2KTtDN/VrKicjp5qwqusWiJKHRZnfTtsZE2hkLq6Q=,tag:XGF3L5P6JxVBrlGuKosdZA==,type:str] +type: Opaque +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGVkZXb3RYbEZ5eTVSbmFE + R1QxMmw0ZzkvT0NIa01URTAvQ0xWa2tZKzNvCnl0UDQ1MGV6dEtuVEd2S0NhcThS + MGZ1VWNXMmxHSi90eFBGbXE2V0hwamcKLS0tIEp3a2ZTeTNyaXBhSW5nSU0yN1hu + WG82VkdBMlNnRzBySFQzMk41cEtXSlEKBqOmq9UpO61C85+pj0ibdT31y4pmFsbm + pTi4N0vv81kcf4ilqBU5h1gudNCb42Q2iL0eGNR4e3JzH4iaNsvnEg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-01-03T20:27:58Z" + mac: ENC[AES256_GCM,data:QgFNCP1l74XISc2/6byMOzk4brz0SkbfjLxgoLRaBx08BHULaJRHiNqRRyhaKF5ZjxsOxVYiFpHrWgfu/mi/InwA6nBttwNSM/+bzKabRC6vdgrLIIXxJKGKu7BlmtILF4uZRqKqcOIK+nrZS8YWdlOY0Vyzunh4kMQoyIvugRk=,iv:0HYH18NEag1KqIXwoiMPHkFiW1jaQkK1LJ5XhENPalw=,tag:RO8oMhTRBLOzf31DgV38CQ==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.9.3 diff --git a/kubernetes/components/common/vars/cluster-settings.yaml b/kubernetes/components/common/vars/cluster-settings.yaml new file mode 100644 index 000000000..e9b406ca5 --- /dev/null +++ b/kubernetes/components/common/vars/cluster-settings.yaml @@ -0,0 +1,34 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: flux-system + name: cluster-settings +data: + CILIUM_BGP_SVC_RANGE: 192.168.169.0/24 + CILIUM_POD_CIDR: 10.69.0.0/16 + CLUSTER_LB_K8SGATEWAY: 192.168.169.100 + CLUSTER_LB_SMTP_RELAY: 192.168.169.102 + CLUSTER_LB_UNIFI: 192.168.169.103 + CLUSTER_LB_GITEA: 192.168.169.104 + CLUSTER_LB_QBITTORRENT: 192.168.169.105 + CLUSTER_LB_RESILIOSYNC_CLAUDE: 192.168.169.106 + CLUSTER_LB_HASS: 192.168.169.107 + CLUSTER_LB_VECTOR: 192.168.169.108 + CLUSTER_LB_EMQX: 192.168.169.109 + CLUSTER_LB_JELLYFIN: 192.168.169.110 + CLUSTER_LB_RESILIOSYNC_HELENE: 192.168.169.111 + CLUSTER_LB_MAILRISE: 192.168.169.112 + CLUSTER_LB_REDIS: 192.168.169.113 + CLUSTER_LB_FRIGATE: 192.168.169.114 + CLUSTER_LB_CILIUM: 192.168.169.115 + CLUSTER_LB_LMS: 192.168.169.116 + CLUSTER_LB_TDARR: 192.168.169.117 + CLUSTER_LB_POSTGRES: 192.168.169.118 + CLUSTER_LB_NGINX_INTERNAL: 192.168.169.119 + CLUSTER_LB_NGINX_EXTERNAL: 192.168.169.120 + LOCAL_LAN: 192.168.8.0/22 + LOCAL_LAN_OPNSENSE: 192.168.8.1 + LOCAL_LAN_TRUENAS: 192.168.9.10 + LOCAL_LAN_TRUENAS_REMOTE: 10.10.0.2 + TIMEZONE: Europe/Paris diff --git a/kubernetes/components/common/vars/kustomization.yaml b/kubernetes/components/common/vars/kustomization.yaml new file mode 100644 index 000000000..79c9bf9e5 --- /dev/null +++ b/kubernetes/components/common/vars/kustomization.yaml @@ -0,0 +1,7 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./cluster-secrets.sops.yaml + - ./cluster-settings.yaml diff --git a/kubernetes/templates/gatus/external/configmap.yaml b/kubernetes/components/gatus/external/configmap.yaml similarity index 100% rename from kubernetes/templates/gatus/external/configmap.yaml rename to kubernetes/components/gatus/external/configmap.yaml diff --git a/kubernetes/templates/gatus/external/kustomization.yaml b/kubernetes/components/gatus/external/kustomization.yaml similarity index 100% rename from kubernetes/templates/gatus/external/kustomization.yaml rename to kubernetes/components/gatus/external/kustomization.yaml diff --git a/kubernetes/templates/gatus/guarded/configmap.yaml b/kubernetes/components/gatus/guarded/configmap.yaml similarity index 100% rename from kubernetes/templates/gatus/guarded/configmap.yaml rename to kubernetes/components/gatus/guarded/configmap.yaml diff --git a/kubernetes/templates/gatus/guarded/kustomization.yaml b/kubernetes/components/gatus/guarded/kustomization.yaml similarity index 100% rename from kubernetes/templates/gatus/guarded/kustomization.yaml rename to kubernetes/components/gatus/guarded/kustomization.yaml diff --git a/kubernetes/templates/volsync/README.md b/kubernetes/components/volsync/README.md similarity index 94% rename from kubernetes/templates/volsync/README.md rename to kubernetes/components/volsync/README.md index e133d25f0..545d40ea6 100644 --- a/kubernetes/templates/volsync/README.md +++ b/kubernetes/components/volsync/README.md @@ -25,7 +25,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: # ... - - ../../../../templates/volsync + - ../../../../components/volsync ``` ## Required `postBuild` vars: diff --git a/kubernetes/templates/volsync/claim.yaml b/kubernetes/components/volsync/claim.yaml similarity index 100% rename from kubernetes/templates/volsync/claim.yaml rename to kubernetes/components/volsync/claim.yaml diff --git a/kubernetes/templates/volsync/kustomization.yaml b/kubernetes/components/volsync/kustomization.yaml similarity index 100% rename from kubernetes/templates/volsync/kustomization.yaml rename to kubernetes/components/volsync/kustomization.yaml diff --git a/kubernetes/templates/volsync/minio.yaml b/kubernetes/components/volsync/minio.yaml similarity index 100% rename from kubernetes/templates/volsync/minio.yaml rename to kubernetes/components/volsync/minio.yaml