shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: remove truenas stuff

Browse Source
This commit is contained in:
auricom
2024-05-16 03:45:24 +02:00
parent da83a983cb
commit a0da057fd0
11 changed files with 54 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.vscode/extensions.json vendored Normal file
View File

@@ -0,0 +1,5 @@
{
"recommendations": [
"zamerick.vscode-caddyfile-syntax"
]
}

5
.vscode/settings.json vendored Normal file
View File

@@ -0,0 +1,5 @@
{
"yaml.schemas": {
"https://raw.githubusercontent.com/ansible/ansible-lint/main/src/ansiblelint/schemas/ansible.json#/$defs/tasks": "file:///var/home/claude/repositories/auricom/home-ops/ansible/roles/storage/tasks/quadlets/traefik.yml"
}
}

29
ansible/inventory/host_vars/storage.sops.yaml Normal file
View File

@@ -0,0 +1,29 @@
kind: Secret
ansible_password: ENC[AES256_GCM,data:QKiW/9ARHg==,iv:UEAQglzSMYkWDoBvrdtEf3RE6FlBX8y0QZwqZWv6fdY=,tag:9N5onkoUBAAZsHp1bDKoCg==,type:str]
ansible_become_pass: ENC[AES256_GCM,data:xF8pLJRXLQ==,iv:cv0e1CoAoOoSlI1D7yxl1BSKaSuttyCkBg9+63ohvxM=,tag:GYu39reCXDM6Uu2j7FVybA==,type:str]
minio_root_user: ENC[AES256_GCM,data:DdNuALL99AnFr272Gs0noQ==,iv:Fx9XZQblytbMFOFMC2ay/l+eFR26ufNcLJfIEbPuSDg=,tag:00llM76qqqCNzp3XxDqwOg==,type:str]
minio_root_password: ENC[AES256_GCM,data:MQK+WFFstwnPVBJve4Y/Ag==,iv:et4mljyjUUE54glfK5JLBwXquZMBOiU54yXj3VCtExc=,tag:lknG5JeBqyJs1zd461tTzw==,type:str]
ovh_endpoint: ENC[AES256_GCM,data:bKy/sMlw,iv:o6lc/f/S5QOkDHF8iLJinOV93joLGP9YHINDc/AuivE=,tag:4mB81IJthXJf2V4Qv591pA==,type:str]
ovh_application_key: ENC[AES256_GCM,data:XUZMwWrwSDUk+VyQXHyhdA==,iv:0PAKRsCiTeIy4d6S8aF3T3pp/GPNXWCMCKBGo6t+aQQ=,tag:UWlkrvXZS1vP1GUSMs3hGw==,type:str]
ovh_application_secret: ENC[AES256_GCM,data:debtTD7GbiLrFwMtFkh7UHBbxMtcjIUXnWVgLy76Vi4=,iv:tNwTr+0P/r9/FSjVlCuVXYFpOyZJWvvsVwUr4FNIVRs=,tag:eeju5p9AywRLkJuXNuyHhA==,type:str]
ovh_consumer_key: ENC[AES256_GCM,data:mfA7cEa5aHowmUEpUZn6N3ylb2bjdj2ejwgZDLjrnNM=,iv:aYDHOqeoa5Q4SBQj3upBfW9u0hVOqM7IGBObkt1Ap0c=,tag:1yVumvVlvI77PrOiX1pgYQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtVllLOFcwWXVoNXZobFF1
VGJmczlkL1V3blhvcnFzN2V6S1B1Ui81alRNClVEUWFmSWxKbENBRVZJN01PSWM5
d2M3OHFhOGpadEdrWUIxZGpMNTR2aVkKLS0tIE84ZkxzTlBpZVlqR2xQRmM0V0ZR
aG5zWW1XclBOS2cxMkwzZ3c1R1psNGsKzeSHHV7AYXCUNiiXJlBRFVWMZtfK3naj
VRtF22+DYfjumQuwam2ZzhdLQ//1ciHnkJc58dKeTbYUHzC+fWpaZQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-05-10T19:19:48Z"
mac: ENC[AES256_GCM,data:zZMPejKZawGE/ejtG5Kue8efIKY8pRH0v/cO4pfH1M6zHpAg2eaDG1wWPC2O7xbEfkUstGu8YFNVPO+tOYWR5oGBEbeJVm/ZieolHOWYcCasBDgnUX3UnPXibvevbm7xxC9o8mdRH9rENzQo4NZEv1/y9sCXLtQvtsfVswmywKA=,iv:JezVNspVQP3wLfneM1L1U+QDom88l01Q+lwFJNJmco8=,tag:IRc1hvPvsfvvXb51PKx4cg==,type:str]
pgp: []
unencrypted_regex: ^(kind)$
version: 3.8.1

7
ansible/playbooks/storage.yml Normal file
View File

@@ -0,0 +1,7 @@
---
- hosts: storage
become: false
gather_facts: true
any_errors_fatal: true
roles:
- role: storage

3
kubernetes/apps/default/hajimari/app/helmrelease.yaml
View File

@@ -59,9 +59,6 @@ spec:
- name: opnsense - name: opnsense
icon: mdi:router-network icon: mdi:router-network
url: "https://opnsense.${SECRET_DOMAIN}" url: "https://opnsense.${SECRET_DOMAIN}"
- name: truenas
icon: mdi:nas
url: "https://truenas.${SECRET_DOMAIN}"
- name: truenas-remote - name: truenas-remote
icon: mdi:nas icon: mdi:nas
url: "https://truenas-remote.${SECRET_DOMAIN}" url: "https://truenas-remote.${SECRET_DOMAIN}"

5
kubernetes/apps/default/homelab/ks.yaml
View File

@@ -24,9 +24,6 @@ spec:
postBuild: postBuild:
substitute: substitute:
APP: *app APP: *app
GATUS_SUBDOMAIN: minio
GATUS_DOMAIN: ${SECRET_DOMAIN}
GATUS_PATH: :9001
--- ---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1 apiVersion: kustomize.toolkit.fluxcd.io/v1
@@ -79,5 +76,3 @@ spec:
postBuild: postBuild:
substitute: substitute:
APP: *app APP: *app
GATUS_SUBDOMAIN: truenas
GATUS_DOMAIN: ${SECRET_DOMAIN}

1
kubernetes/apps/default/homelab/minio/kustomization.yaml
View File

@@ -6,4 +6,3 @@ namespace: default
resources: resources:
- ./backup - ./backup
- ./externalsecret.yaml - ./externalsecret.yaml
- ../../../../templates/gatus/guarded

14
kubernetes/apps/default/homelab/truenas/backup/helmrelease.yaml
View File

@@ -35,16 +35,6 @@ spec:
concurrencyPolicy: Forbid concurrencyPolicy: Forbid
schedule: "@daily" schedule: "@daily"
containers: containers:
app:
image:
repository: ghcr.io/auricom/kubectl
tag: 1.29.2@sha256:693ced2697bb7c7349419d4035a62bd474fc41710675b344f71773d8a687dfc3
command: [/bin/bash, /app/truenas-backup.sh]
env:
HOSTNAME: truenas
envFrom: &envFrom
- secretRef:
name: &secret homelab-truenas-secret
truenas-remote-backup: truenas-remote-backup:
image: image:
repository: ghcr.io/auricom/kubectl repository: ghcr.io/auricom/kubectl
@@ -52,7 +42,9 @@ spec:
command: [/bin/bash, /app/truenas-backup.sh] command: [/bin/bash, /app/truenas-backup.sh]
env: env:
HOSTNAME: truenas-remote HOSTNAME: truenas-remote
envFrom: *envFrom envFrom:
- secretRef:
name: &secret homelab-truenas-secret
service: service:
app: app:
controller: *app controller: *app

8
kubernetes/apps/default/homelab/truenas/backup/truenas-backup.sh
View File

@@ -9,21 +9,21 @@ chmod 600 ~/.ssh/id_rsa
printf -v aws_access_key_id_str %q "$TRUENAS_AWS_ACCESS_KEY_ID" printf -v aws_access_key_id_str %q "$TRUENAS_AWS_ACCESS_KEY_ID"
printf -v aws_secret_access_key_str %q "$TRUENAS_AWS_SECRET_ACCESS_KEY" printf -v aws_secret_access_key_str %q "$TRUENAS_AWS_SECRET_ACCESS_KEY"
printf -v secret_domain_str %q "$SECRET_DOMAIN" printf -v secret_internal_domain_str %q "$SECRET_INTERNAL_DOMAIN"
ssh -o StrictHostKeyChecking=no root@${HOSTNAME}.${SECRET_DOMAIN} "/bin/bash -s $aws_access_key_id_str $aws_secret_access_key_str $secret_domain_str" << 'EOF' ssh -o StrictHostKeyChecking=no root@${HOSTNAME}.${SECRET_INTERNAL_DOMAIN} "/bin/bash -s $aws_access_key_id_str $aws_secret_access_key_str $secret_internal_domain_str" << 'EOF'
set -o nounset set -o nounset
set -o errexit set -o errexit
AWS_ACCESS_KEY_ID=$1 AWS_ACCESS_KEY_ID=$1
AWS_SECRET_ACCESS_KEY=$2 AWS_SECRET_ACCESS_KEY=$2
SECRET_DOMAIN=$3 SECRET_INTERNAL_DOMAIN=$3
config_filename="$(date "+%Y%m%d-%H%M%S").tar" config_filename="$(date "+%Y%m%d-%H%M%S").tar"
http_host=truenas.${SECRET_DOMAIN} http_host=s3.${SECRET_INTERNAL_DOMAIN}
http_request_date=$(date -R) http_request_date=$(date -R)
http_content_type="application/x-tar" http_content_type="application/x-tar"
http_filepath="truenas/$(hostname)/${config_filename}" http_filepath="truenas/$(hostname)/${config_filename}"

1
kubernetes/apps/default/homelab/truenas/kustomization.yaml
View File

@@ -7,4 +7,3 @@ resources:
- ./backup - ./backup
- ./externalsecret.yaml - ./externalsecret.yaml
- ./photo-sort - ./photo-sort
- ../../../../templates/gatus/guarded

2
kubernetes/apps/default/homelab/truenas/photo-sort/helmrelease.yaml
View File

@@ -3,7 +3,7 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta2 apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease kind: HelmRelease
metadata: metadata:
name: &app homelab-truenas-photo-sort name: &app homelab-storage-photo-sort
namespace: default namespace: default
spec: spec:
interval: 30m interval: 30m