From a2134737a858842ba2ed6aa4d880a806aaff4726 Mon Sep 17 00:00:00 2001
From: auricom <27022259+auricom@users.noreply.github.com>
Date: Sun, 29 Oct 2023 09:55:01 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=9A=80=20atuin?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../default/atuin/app/externalsecret.yaml     | 30 +++++++
 kubernetes/apps/default/atuin/app/gatus.yaml  | 22 +++++
 .../apps/default/atuin/app/helmrelease.yaml   | 86 +++++++++++++++++++
 .../apps/default/atuin/app/kustomization.yaml |  9 ++
 kubernetes/apps/default/atuin/ks.yaml         | 22 +++++
 kubernetes/apps/default/kustomization.yaml    |  1 +
 6 files changed, 170 insertions(+)
 create mode 100644 kubernetes/apps/default/atuin/app/externalsecret.yaml
 create mode 100644 kubernetes/apps/default/atuin/app/gatus.yaml
 create mode 100644 kubernetes/apps/default/atuin/app/helmrelease.yaml
 create mode 100644 kubernetes/apps/default/atuin/app/kustomization.yaml
 create mode 100644 kubernetes/apps/default/atuin/ks.yaml

diff --git a/kubernetes/apps/default/atuin/app/externalsecret.yaml b/kubernetes/apps/default/atuin/app/externalsecret.yaml
new file mode 100644
index 000000000..df1891b0a
--- /dev/null
+++ b/kubernetes/apps/default/atuin/app/externalsecret.yaml
@@ -0,0 +1,30 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: atuin
+  namespace: default
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: onepassword-connect
+  target:
+    name: atuin-secret
+    creationPolicy: Owner
+    template:
+      engineVersion: v2
+      data:
+        # App
+        ATUIN_DB_URI: "postgres://{{ .POSTGRES_USER }}:{{ .POSTGRES_PASS }}@postgres-rw.default.svc.cluster.local/atuin"
+        # Postgres Init
+        INIT_POSTGRES_DBNAME: atuin
+        INIT_POSTGRES_HOST: postgres-rw.default.svc.cluster.local
+        INIT_POSTGRES_USER: "{{ .POSTGRES_USER }}"
+        INIT_POSTGRES_PASS: "{{ .POSTGRES_PASS }}"
+        INIT_POSTGRES_SUPER_PASS: "{{ .POSTGRES_SUPER_PASS }}"
+  dataFrom:
+    - extract:
+        key: atuin
+    - extract:
+        key: cloudnative-pg
diff --git a/kubernetes/apps/default/atuin/app/gatus.yaml b/kubernetes/apps/default/atuin/app/gatus.yaml
new file mode 100644
index 000000000..2889dfcc7
--- /dev/null
+++ b/kubernetes/apps/default/atuin/app/gatus.yaml
@@ -0,0 +1,22 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: atuin-gatus-ep
+  namespace: default
+  labels:
+    gatus.io/enabled: "true"
+data:
+  config.yaml: |
+    endpoints:
+      - name: atuin
+        group: external
+        url: https://atuin.${SECRET_CLUSTER_DOMAIN}
+        interval: 1m
+        client:
+          dns-resolver: tcp://1.1.1.1:53
+          insecure: true
+        conditions:
+          - "[STATUS] == 200"
+        alerts:
+          - type: pushover
diff --git a/kubernetes/apps/default/atuin/app/helmrelease.yaml b/kubernetes/apps/default/atuin/app/helmrelease.yaml
new file mode 100644
index 000000000..eee129472
--- /dev/null
+++ b/kubernetes/apps/default/atuin/app/helmrelease.yaml
@@ -0,0 +1,86 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: atuin
+  namespace: default
+spec:
+  interval: 30m
+  chart:
+    spec:
+      chart: app-template
+      version: 2.0.3
+      sourceRef:
+        kind: HelmRepository
+        name: bjw-s
+        namespace: flux-system
+  maxHistory: 2
+  install:
+    remediation:
+      retries: 3
+  upgrade:
+    cleanupOnFail: true
+    remediation:
+      retries: 3
+  uninstall:
+    keepHistory: false
+  values:
+    controllers:
+      main:
+        strategy: RollingUpdate
+        annotations:
+          reloader.stakater.com/auto: "true"
+        initContainers:
+          init-db:
+            image:
+              repository: ghcr.io/auricom/postgres-init
+              tag: 15.4@sha256:83e1abf06be5741bdfb8cb53fc03a1ade6e6b5ec7b92a8aac0c69ba5dc7e51f0
+              pullPolicy: IfNotPresent
+            envFrom: &envFrom
+              - secretRef:
+                  name: atuin-secret
+        containers:
+          main:
+            image:
+              repository: ghcr.io/atuinsh/atuin
+              tag: 17.0.1
+            env:
+              ATUIN_HOST: 0.0.0.0
+              ATUIN_PORT: &port 8888
+              ATUIN_OPEN_REGISTRATION: "true"
+            envFrom: *envFrom
+            args: ["server", "start"]
+            resources:
+              requests:
+                memory: 128Mi
+                cpu: 10m
+              limits:
+                memory: 512Mi
+        pod:
+          enableServiceLinks: false
+    service:
+      main:
+        ports:
+          http:
+            port: *port
+    ingress:
+      main:
+        enabled: true
+        className: "nginx"
+        annotations:
+          hajimari.io/icon: mdi:powershell
+        hosts:
+          - host: &host "sh.${SECRET_CLUSTER_DOMAIN}"
+            paths:
+              - path: /
+                service:
+                  name: main
+                  port: http
+        tls:
+          - hosts:
+              - *host
+    persistence:
+      config:
+        enabled: true
+        type: emptyDir
diff --git a/kubernetes/apps/default/atuin/app/kustomization.yaml b/kubernetes/apps/default/atuin/app/kustomization.yaml
new file mode 100644
index 000000000..7a5a3fa1d
--- /dev/null
+++ b/kubernetes/apps/default/atuin/app/kustomization.yaml
@@ -0,0 +1,9 @@
+---
+# yaml-language-server: $schema=https://json.schemastore.org/kustomization
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: default
+resources:
+  - ./externalsecret.yaml
+  - ./helmrelease.yaml
+  - ./gatus.yaml
diff --git a/kubernetes/apps/default/atuin/ks.yaml b/kubernetes/apps/default/atuin/ks.yaml
new file mode 100644
index 000000000..9d058f06b
--- /dev/null
+++ b/kubernetes/apps/default/atuin/ks.yaml
@@ -0,0 +1,22 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: cluster-apps-atuin
+  namespace: flux-system
+  labels:
+    substitution.flux.home.arpa/enabled: "true"
+spec:
+  dependsOn:
+    - name: cluster-apps-cloudnative-pg-cluster
+    - name: cluster-apps-external-secrets-stores
+  path: ./kubernetes/apps/default/atuin/app
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: home-ops-kubernetes
+  wait: false
+  interval: 30m
+  retryInterval: 1m
+  timeout: 5m
diff --git a/kubernetes/apps/default/kustomization.yaml b/kubernetes/apps/default/kustomization.yaml
index 34a52ea27..3f2efcd8f 100644
--- a/kubernetes/apps/default/kustomization.yaml
+++ b/kubernetes/apps/default/kustomization.yaml
@@ -6,6 +6,7 @@ resources:
   # Pre Flux-Kustomizations
   - ./namespace.yaml
   # Flux-Kustomizations
+  - ./atuin/ks.yaml
   - ./authelia/ks.yaml
   - ./babybuddy/ks.yaml
   - ./bazarr/ks.yaml