diff --git a/kubernetes/apps/default/home-assistant/app/gatus.yaml b/kubernetes/apps/default/home-assistant/app/gatus.yaml index d4524bfbf..3ed5435bd 100644 --- a/kubernetes/apps/default/home-assistant/app/gatus.yaml +++ b/kubernetes/apps/default/home-assistant/app/gatus.yaml @@ -11,7 +11,7 @@ data: endpoints: - name: home-assistant group: internal - url: https://home-assistant.${SECRET_CLUSTER_DOMAIN} + url: https://hass.${SECRET_CLUSTER_DOMAIN} interval: 1m client: insecure: true diff --git a/kubernetes/apps/default/home-assistant/app/helmrelease.yaml b/kubernetes/apps/default/home-assistant/app/helmrelease.yaml index 6a005daca..d706153d5 100644 --- a/kubernetes/apps/default/home-assistant/app/helmrelease.yaml +++ b/kubernetes/apps/default/home-assistant/app/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: app-template - version: 1.5.1 + version: 2.0.3 sourceRef: kind: HelmRepository name: bjw-s @@ -27,24 +27,61 @@ spec: uninstall: keepHistory: false values: - initContainers: - 01-init-db: - image: ghcr.io/auricom/postgres-init:15.4 - imagePullPolicy: IfNotPresent - envFrom: &envFrom - - secretRef: - name: home-assistant-secret - controller: - annotations: - reloader.stakater.com/auto: "true" - image: - repository: ghcr.io/onedr0p/home-assistant - tag: 2023.10.5@sha256:24ce89830111fe19bb2df00621dfd631fd20abe07a453ea60c2027890d5b934e - env: - TZ: "${TIMEZONE}" - POSTGRES_HOST: ${POSTGRES_HOST} - POSTGRES_DB: home_assistant - envFrom: *envFrom + defaultPodOptions: + securityContext: + runAsUser: 0 + runAsGroup: 0 + fsGroup: 0 + fsGroupChangePolicy: OnRootMismatch + nodeSelector: + nodo.feature.node.kubernetes.io/rflink: "true" + controllers: + main: + type: statefulset + annotations: + reloader.stakater.com/auto: "true" + initContainers: + init-db: + image: + repository: ghcr.io/auricom/postgres-init + tag: 15.4@sha256:83e1abf06be5741bdfb8cb53fc03a1ade6e6b5ec7b92a8aac0c69ba5dc7e51f0 + pullPolicy: IfNotPresent + envFrom: &envFrom + - secretRef: + name: home-assistant-secret + containers: + main: + image: + repository: ghcr.io/onedr0p/home-assistant + tag: 2023.10.5@sha256:24ce89830111fe19bb2df00621dfd631fd20abe07a453ea60c2027890d5b934e + env: + TZ: "${TIMEZONE}" + POSTGRES_HOST: ${POSTGRES_HOST} + POSTGRES_DB: home_assistant + envFrom: *envFrom + probes: + liveness: + enabled: false + readiness: + enabled: false + startup: + enabled: false + resources: + requests: + cpu: 10m + memory: 128Mi + limits: + memory: 1Gi + securityContext: + privileged: true + statefulset: + volumeClaimTemplates: + - name: config + accessMode: ReadWriteOnce + size: 10Gi + storageClass: rook-ceph-block + globalMounts: + - path: /config service: main: type: LoadBalancer @@ -56,61 +93,24 @@ spec: ingress: main: enabled: true - ingressClassName: "nginx" + className: "nginx" annotations: hajimari.io/icon: mdi:home-assistant hosts: - host: &host "hass.${SECRET_CLUSTER_DOMAIN}" paths: - path: / - pathType: Prefix - - host: &host2 "home-assistant.${SECRET_CLUSTER_DOMAIN}" - paths: - - path: / - pathType: Prefix + service: + name: main + port: http tls: - hosts: - *host - - *host2 - probes: - liveness: - enabled: false - readiness: - enabled: false - startup: - enabled: false - podSecurityContext: - runAsUser: 0 - runAsGroup: 0 - fsGroup: 0 - fsGroupChangePolicy: "OnRootMismatch" - securityContext: - privileged: true - podAnnotations: - secret.reloader.stakater.com/reload: *app persistence: - config: - enabled: true - existingClaim: hass-config usb: enabled: true type: hostPath hostPath: /dev/serial/by-id/usb-Arduino__www.arduino.cc__0042_5503731323735171A241-if00 hostPathType: CharDevice - mountPath: /dev/ttyUSB0 - resources: - requests: - cpu: 10m - memory: 100Mi - limits: - memory: 750Mi - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - { - key: "feature.node.kubernetes.io/custom-rflink", - operator: In, - values: ["true"], - } + globalMounts: + - path: /dev/ttyUSB0 diff --git a/kubernetes/apps/default/home-assistant/app/kustomization.yaml b/kubernetes/apps/default/home-assistant/app/kustomization.yaml index d06896c35..c005815a3 100644 --- a/kubernetes/apps/default/home-assistant/app/kustomization.yaml +++ b/kubernetes/apps/default/home-assistant/app/kustomization.yaml @@ -8,6 +8,3 @@ resources: - ./helmrelease.yaml - ./podmonitor.yaml - ./volsync.yaml -- ./volume.yaml -patches: -- path: ./patches/addons.yaml diff --git a/kubernetes/apps/default/home-assistant/app/patches/addons.yaml b/kubernetes/apps/default/home-assistant/app/patches/addons.yaml deleted file mode 100644 index a61be4bd1..000000000 --- a/kubernetes/apps/default/home-assistant/app/patches/addons.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: home-assistant - namespace: default -spec: - values: - addons: - codeserver: - enabled: true - image: - repository: ghcr.io/coder/code-server - tag: 4.18.0 - env: - TZ: ${TIMEZONE} - GIT_SSH_COMMAND: "ssh -i /config/.ssh/id_rsa -o IdentitiesOnly=yes" - workingDir: /config - args: - - --auth - - "none" - - --user-data-dir - - "/config/.vscode" - - --extensions-dir - - "/config/.vscode" - ingress: - enabled: true - ingressClassName: nginx - annotations: - hajimari.io/appName: "Hass Config" - hajimari.io/icon: cib:visual-studio-code - hosts: - - host: &host hass-code.${SECRET_CLUSTER_DOMAIN} - paths: - - path: / - pathType: Prefix - tls: - - hosts: - - *host - volumeMounts: - - name: config - mountPath: /config diff --git a/kubernetes/apps/default/home-assistant/app/volsync.yaml b/kubernetes/apps/default/home-assistant/app/volsync.yaml index 3e1460713..1f40377b2 100644 --- a/kubernetes/apps/default/home-assistant/app/volsync.yaml +++ b/kubernetes/apps/default/home-assistant/app/volsync.yaml @@ -30,7 +30,7 @@ metadata: name: home-assistant namespace: default spec: - sourcePVC: hass-config + sourcePVC: config-home-assistant-0 trigger: schedule: "0 7 * * *" restic: diff --git a/kubernetes/apps/default/home-assistant/app/volume.yaml b/kubernetes/apps/default/home-assistant/app/volume.yaml deleted file mode 100644 index e8661256f..000000000 --- a/kubernetes/apps/default/home-assistant/app/volume.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: hass-config - namespace: default - labels: - app.kubernetes.io/name: &name home-assistant - app.kubernetes.io/instance: *name - snapshot.home.arpa/enabled: "true" -spec: - accessModes: - - ReadWriteOnce - storageClassName: rook-ceph-block - resources: - requests: - storage: 10Gi diff --git a/kubernetes/apps/default/home-assistant/code/gatus.yaml b/kubernetes/apps/default/home-assistant/code/gatus.yaml new file mode 100644 index 000000000..6da4c5536 --- /dev/null +++ b/kubernetes/apps/default/home-assistant/code/gatus.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: hass-code-gatus-ep + namespace: default + labels: + gatus.io/enabled: "true" +data: + config.yaml: | + endpoints: + - name: hass-code + group: internal + url: https://hass-code.${SECRET_CLUSTER_DOMAIN} + interval: 1m + client: + insecure: true + conditions: + - "[STATUS] == 200" + alerts: + - type: pushover + diff --git a/kubernetes/apps/default/home-assistant/code/helmrelease.yaml b/kubernetes/apps/default/home-assistant/code/helmrelease.yaml new file mode 100644 index 000000000..822e036f6 --- /dev/null +++ b/kubernetes/apps/default/home-assistant/code/helmrelease.yaml @@ -0,0 +1,88 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta1.json +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: home-assistant-code + namespace: default +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 2.0.3 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + maxHistory: 2 + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + uninstall: + keepHistory: false + dependsOn: + - name: home-assistant + namespace: default + values: + controllers: + main: + annotations: + reloader.stakater.com/auto: "true" + containers: + main: + image: + repository: ghcr.io/coder/code-server + tag: 4.18.0 + env: + TZ: ${TIMEZONE} + GIT_SSH_COMMAND: "ssh -i /config/.ssh/id_rsa -o IdentitiesOnly=yes" + args: + - --auth + - "none" + - --user-data-dir + - "/config/.vscode" + - --extensions-dir + - "/config/.vscode" + - "--port" + - "8888" + - /config + resources: + requests: + cpu: 10m + memory: 128Mi + limits: + memory: 1Gi + pod: + securityContext: + runAsUser: 568 + runAsGroup: 568 + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + service: + main: + ports: + http: + port: 8888 + ingress: + main: + enabled: true + className: internal + hosts: + - host: &host hass-code.${SECRET_CLUSTER_DOMAIN} + paths: + - path: / + service: + name: main + port: http + tls: + - hosts: + - *host + persistence: + config: + enabled: true + existingClaim: config-home-assistant-0 diff --git a/kubernetes/apps/default/home-assistant/code/kustomization.yaml b/kubernetes/apps/default/home-assistant/code/kustomization.yaml new file mode 100644 index 000000000..c4d294242 --- /dev/null +++ b/kubernetes/apps/default/home-assistant/code/kustomization.yaml @@ -0,0 +1,8 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: default +resources: + - ./gatus.yaml + - ./helmrelease.yaml diff --git a/kubernetes/apps/default/home-assistant/ks.yaml b/kubernetes/apps/default/home-assistant/ks.yaml index 0272daa0d..9a5f5b6f3 100644 --- a/kubernetes/apps/default/home-assistant/ks.yaml +++ b/kubernetes/apps/default/home-assistant/ks.yaml @@ -17,11 +17,26 @@ spec: sourceRef: kind: GitRepository name: home-ops-kubernetes - healthChecks: - - apiVersion: helm.toolkit.fluxcd.io/v2beta1 - kind: HelmRelease - name: home-assistant - namespace: default + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: cluster-apps-home-assistant-code + namespace: flux-system + labels: + substitution.flux.home.arpa/enabled: "true" +spec: + path: ./kubernetes/apps/default/home-assistant/code + prune: true + sourceRef: + kind: GitRepository + name: home-ops-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/apps/kube-system/node-feature-discovery/app/helmrelease.yaml b/kubernetes/apps/kube-system/node-feature-discovery/app/helmrelease.yaml index a1514f31f..670f42f9d 100644 --- a/kubernetes/apps/kube-system/node-feature-discovery/app/helmrelease.yaml +++ b/kubernetes/apps/kube-system/node-feature-discovery/app/helmrelease.yaml @@ -51,10 +51,3 @@ spec: - class - vendor - device - custom: - - name: "rflink" - matchOn: - - usbId: - class: ["02"] - vendor: ["2341"] - device: ["0042"] diff --git a/kubernetes/apps/kube-system/node-feature-discovery/rules/kustomization.yaml b/kubernetes/apps/kube-system/node-feature-discovery/rules/kustomization.yaml index e79db879e..f8ec2088a 100644 --- a/kubernetes/apps/kube-system/node-feature-discovery/rules/kustomization.yaml +++ b/kubernetes/apps/kube-system/node-feature-discovery/rules/kustomization.yaml @@ -6,4 +6,5 @@ namespace: kube-system resources: - ./aeotec-zwave-device.yaml - ./google-coral-device.yaml + - ./nodo-rflink-device.yaml - ./zzh-zigbee-device.yaml diff --git a/kubernetes/apps/kube-system/node-feature-discovery/rules/nodo-rflink-device.yaml b/kubernetes/apps/kube-system/node-feature-discovery/rules/nodo-rflink-device.yaml new file mode 100644 index 000000000..9a07f96a2 --- /dev/null +++ b/kubernetes/apps/kube-system/node-feature-discovery/rules/nodo-rflink-device.yaml @@ -0,0 +1,18 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/nfd.k8s-sigs.io/nodefeaturerule_v1alpha1.json +apiVersion: nfd.k8s-sigs.io/v1alpha1 +kind: NodeFeatureRule +metadata: + name: nodo-rflink-device +spec: + rules: + - # Nodo-Shop RFlink SOMFY + name: nodo.rflink + labels: + nodo.feature.node.kubernetes.io/rflink: "true" + matchFeatures: + - feature: usb.device + matchExpressions: + class: { op: In, value: ["02"] } + vendor: { op: In, value: ["2341"] } + device: { op: In, value: ["0042"] }