From c9ccc3838e9ffd8b4aa82c440ab6e50cb05e4847 Mon Sep 17 00:00:00 2001 From: auricom Date: Mon, 23 Nov 2020 18:43:44 +0100 Subject: [PATCH] add bazarr & lidarr --- .../flux-system/helm-chart-repositories.yaml | 20 ++++++ cluster/flux-system/kustomization.yaml | 2 + cluster/flux-system/secrets.yaml | 17 +++++ cluster/media/_namespace.yaml | 7 +++ cluster/media/_volumes.yaml | 26 ++++++++ cluster/media/bazarr.yaml | 62 +++++++++++++++++++ cluster/media/lidarr.yaml | 62 +++++++++++++++++++ cluster/volumes.yaml | 44 +++++++++++++ secrets/helmrelease-media-bazarr.yaml | 36 +++++++++++ secrets/helmrelease-media-lidarr.yaml | 36 +++++++++++ 10 files changed, 312 insertions(+) create mode 100644 cluster/flux-system/helm-chart-repositories.yaml create mode 100644 cluster/flux-system/secrets.yaml create mode 100644 cluster/media/_namespace.yaml create mode 100644 cluster/media/_volumes.yaml create mode 100644 cluster/media/bazarr.yaml create mode 100644 cluster/media/lidarr.yaml create mode 100644 cluster/volumes.yaml create mode 100644 secrets/helmrelease-media-bazarr.yaml create mode 100644 secrets/helmrelease-media-lidarr.yaml diff --git a/cluster/flux-system/helm-chart-repositories.yaml b/cluster/flux-system/helm-chart-repositories.yaml new file mode 100644 index 000000000..e5b928120 --- /dev/null +++ b/cluster/flux-system/helm-chart-repositories.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: k8s-at-home-charts + namespace: flux-system +spec: + interval: 10m + url: https://k8s-at-home.com/charts/ + timeout: 3m +--- +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: prometheus-community-charts + namespace: flux-system +spec: + interval: 10m + url: https://prometheus-community.github.io/helm-charts + timeout: 3m \ No newline at end of file diff --git a/cluster/flux-system/kustomization.yaml b/cluster/flux-system/kustomization.yaml index 18517c8c3..958fc02e4 100644 --- a/cluster/flux-system/kustomization.yaml +++ b/cluster/flux-system/kustomization.yaml @@ -3,3 +3,5 @@ kind: Kustomization resources: - ./gotk-components.yaml - ./gotk-sync.yaml +- ./helm-chart-repositories.yaml +- ./secrets.yaml \ No newline at end of file diff --git a/cluster/flux-system/secrets.yaml b/cluster/flux-system/secrets.yaml new file mode 100644 index 000000000..f4dc3871c --- /dev/null +++ b/cluster/flux-system/secrets.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta1 +kind: Kustomization +metadata: + name: secrets + namespace: flux-system +spec: + interval: 10m0s + sourceRef: + kind: GitRepository + name: flux-system + path: ./secrets + prune: true + decryption: + provider: sops + secretRef: + name: sops-gpg \ No newline at end of file diff --git a/cluster/media/_namespace.yaml b/cluster/media/_namespace.yaml new file mode 100644 index 000000000..cdff7ddb5 --- /dev/null +++ b/cluster/media/_namespace.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: media + labels: + goldilocks.fairwinds.com/enabled: "true" \ No newline at end of file diff --git a/cluster/media/_volumes.yaml b/cluster/media/_volumes.yaml new file mode 100644 index 000000000..0db8776c5 --- /dev/null +++ b/cluster/media/_volumes.yaml @@ -0,0 +1,26 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: nfs-music + namespace: media +spec: + accessModes: + - ReadWriteMany + storageClassName: nfs-music + resources: + requests: + storage: 1Mi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: nfs-video + namespace: media +spec: + accessModes: + - ReadWriteMany + storageClassName: nfs-video + resources: + requests: + storage: 1Mi \ No newline at end of file diff --git a/cluster/media/bazarr.yaml b/cluster/media/bazarr.yaml new file mode 100644 index 000000000..b505d2b9b --- /dev/null +++ b/cluster/media/bazarr.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: bazarr + namespace: media +spec: + interval: 5m + chart: + spec: + chart: bazarr + version: 4.4.0 + sourceRef: + kind: HelmRepository + name: k8s-at-home-charts + namespace: flux-system + interval: 5m + values: + controllerType: deployment + image: + repository: k8sathome/bazarr + tag: v0.9.0.6 + pullPolicy: IfNotPresent + env: + TZ: "Europe/Paris" + podSecurityContext: + runAsUser: 568 + runAsGroup: 568 + fsGroup: 568 + persistence: + config: + enabled: true + existingClaim: bazarr-config + additionalVolumeMounts: + - name: nfs-video + mountPath: "/mnt/storage/video" + additionalVolumes: + - name: nfs-video + persistentVolumeClaim: + claimName: nfs-video + resources: + requests: + memory: 500Mi + cpu: 500m + limits: + memory: 1500Mi + valuesFrom: + - kind: ConfigMap + name: helmrelease-media-bazarr +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: bazarr-config + namespace: media +spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn-backups + resources: + requests: + storage: 5Gi diff --git a/cluster/media/lidarr.yaml b/cluster/media/lidarr.yaml new file mode 100644 index 000000000..12d57bf83 --- /dev/null +++ b/cluster/media/lidarr.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: lidarr + namespace: media +spec: + interval: 5m + chart: + spec: + chart: lidarr + version: 5.4.0 + sourceRef: + kind: HelmRepository + name: k8s-at-home-charts + namespace: flux-system + interval: 5m + values: + controllerType: deployment + image: + repository: k8sathome/lidarr + tag: v0.8.0.1896 + pullPolicy: IfNotPresent + env: + TZ: "Europe/Paris" + podSecurityContext: + runAsUser: 568 + runAsGroup: 568 + fsGroup: 568 + persistence: + config: + enabled: true + existingClaim: lidarr-config + additionalVolumeMounts: + - name: nfs-music + mountPath: "/mnt/storage/music" + additionalVolumes: + - name: nfs-music + persistentVolumeClaim: + claimName: nfs-music + resources: + requests: + memory: 500Mi + cpu: 500m + limits: + memory: 1500Mi + valuesFrom: + - kind: ConfigMap + name: helmrelease-media-lidarr +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: lidarr-config + namespace: media +spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn-backups + resources: + requests: + storage: 5Gi diff --git a/cluster/volumes.yaml b/cluster/volumes.yaml new file mode 100644 index 000000000..fe0a2ac00 --- /dev/null +++ b/cluster/volumes.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: nfs-music +spec: + storageClassName: nfs-music + capacity: + storage: 1Mi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + nfs: + server: truenas + path: "/mnt/storage/music" +--- +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: nfs-music +provisioner: nfs +reclaimPolicy: Retain +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: nfs-video +spec: + storageClassName: nfs-video + capacity: + storage: 1Mi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + nfs: + server: truenas + path: "/mnt/storage/video" +--- +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: nfs-video +provisioner: nfs +reclaimPolicy: Retain \ No newline at end of file diff --git a/secrets/helmrelease-media-bazarr.yaml b/secrets/helmrelease-media-bazarr.yaml new file mode 100644 index 000000000..68dbe0f85 --- /dev/null +++ b/secrets/helmrelease-media-bazarr.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +data: + values.yaml: ENC[AES256_GCM,data:3ZJOnNsa7uIOQEVh+JbOjg5S+FtdFAe0rM3QlVHY+qic19As3UU1IGM4vjMIi0VVvhq/ZssBZ2SVfEivz0nKQ1ukGyLf6q9bWK7sNM0LDjrLrrxxdOESFPga4Q18XE5RegNhJzTNkAL8IPBwed4ZCMWXKEjbhni9hDnhzqHlxibZQfmxcQZaJPAAXmiwS/dwxKwUR9saT3YLEy+b8aaJqzqYnzIaDabQnen22SyxX3szKsE/6ukc6zji+TkXPT18yEIbhNtrqgia8a1VbQRqw0J+227TXKL78FepEqXrC5R5tT/tlKWnN/o+NcbZjuZn5jNDqfQRSXEEVeek1ItQt2scNQ5ufnaIo5HQ8dhmtR8Gw4iSJU3DF3FqxssmcBLj6+riQNZObtleE0P+D3yN1si5EX+is6fDyk58fmEfTi6YKd5KQ9Jtp7PTKwmcVqXJL0Mxkml+8SyoOVYRtu5LHbWgeqAkGtrhUitXLYV9HjrzX+i6+09c6ZZ//0jnUDasrTTPsZaPo7g=,iv:4iCjAc5Y3ovIhj6WeH9i+6SDPR7B4+iBaOGuBJieBdE=,tag:6i9bmwBy5VXFoKDvHQ543g==,type:str] +kind: ConfigMap +metadata: + creationTimestamp: null + name: helmrelease-media-bazarr + namespace: media +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-11-23T17:43:23Z' + mac: ENC[AES256_GCM,data:PmERPQPHlueaSPfLCjmU8t9s9NEFhCyUK9Cr0vY0B4u8JZb8NHO8F7vgZtAwKeIqeV51jYOTmywpb65+qdOOpwe9ZVJdihEDmW874Vk8s84v/l0emLHo0T/82Se/tRHK2QxePCvr7cj0SGSFEAkBPNaeWSqiir8UnW9fxCWa3Mw=,iv:jhpGKRppev6twl4L6H6CHbFfaY4yZhQo3cH4UkLN9Io=,tag:HEKXiq9+qj4xbZ0b2e+tgA==,type:str] + pgp: + - created_at: '2020-11-23T17:43:23Z' + enc: | + -----BEGIN PGP MESSAGE----- + + hQGMA/JorPHm1g9XAQwAhLOfuPZQnGmj9+54hO6N616v+BzP7cemwirHf58X2NQ/ + lDW54Ju4IL7EFE3ICBD8qPywmPznOx+7zKPvaVQFtt4Y4fQQpkYGL2tNTSvW95hs + aTD+ZKJzVmDhn0PfvFmdC8zspRqS+mvs8sBtpNAKG9XMXafz20Acq8rEToNpHjHZ + sDf3VtW3eI8e76OTO5OGpH2dZR6NhFMEYDTi9K830LrRANkdZk/7nwq1p3jS0vfz + wdkchvHUr8SnsuRRJYom90XK2DBIe9CTUscTe4ff30OI9YTpGESlYy55uC3vZHNE + fUo0iXyK+bFv0MxOVl2QcOLlwVNJiU7aWGLqlDZP+Qfv2YBAFDoUulT587XT1DMt + pQlpDJt5dYHsZNypSB8yjAbR2H3renCtaQbY2W/pgzc3OYhZN1k4U6PxrDGK1tvy + EZtXqZ7o+N3F8e995BA68ZZU2wUgApj8M9iD/k5CFdsGC9FObJTTDCQooAdmekw3 + Q3L16DGlP4HbW4jNKCtx0l4BWnvfGYQgT21jomayT9YXlZfoyxjgJwM2N8w8dzLv + Re5DmsFOkGOGJbMehHjzZ4eHeEhz5Rj1OR4zQ7eU9+AmMoJ0Yy5DboQFm9Q49Qqd + 6xx8toMKs2NRND+x0is0 + =7suV + -----END PGP MESSAGE----- + fp: C8F8A49D04A1AB639F8EA21CDBA4B1DCB1FA5BDD + encrypted_regex: ^(data|stringData)$ + version: 3.6.1 diff --git a/secrets/helmrelease-media-lidarr.yaml b/secrets/helmrelease-media-lidarr.yaml new file mode 100644 index 000000000..95df55f6c --- /dev/null +++ b/secrets/helmrelease-media-lidarr.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +data: + values.yaml: ENC[AES256_GCM,data:2Ea2ge09eHeIi67YyZYBdDd+FbjtD5YCZhLhDn1HVRKieCVblw36oXIjTDlXVDF5l0QMWfaEXnm7Q9rSmNIkC7a1Q94U8lMPeYojHQiXa5CF9dsI4RcHvTklrJcMHn3dWmF7GDEYRYEkDQIRBIs8DycyxWG5LZkXI15UkxuYBJACWuV54O6CXQlBZGHk7t3V7AlmYRfA5eN2DLt0sS/2R1TXH5AEfI63CTBpTUqrBuFyXxuc5AFsyxW65xKlguqMWoB2lFaDkfN2671W4wmtcTMoLGT/cysS+JuPiGexpGGmDg9F8GcAijcDAVwhMzRJKWr1OK3lHPC1jnabP/dtYmcmdNoUuZhamsFm7oCqfQgloRz52d85SNW4rx7IK0kMI7WJwl8Si+9qiyqx2xEkRJeZTwbGLDA2BsECZqEnO0Kza3F1L71yn47OUseRGJqodCuPryjfZtFr0Ghgnhmryk1v8MGXNuoGoPI4pBnSKfwZNaxs3fW67ZhNkkU45t2FZQJXKy8iWPC2zmK+GLvwGeFRb4nWNw3YhIAAoZuZ3DXTw9Oug8I17GaVQegd2R6AZLpLSGmBXjCUN6eexnsyjzoAKO2b4hSw/1ieVyS4v6YJLDu5UrxKUChswzdDi4tkfEcTNkc6YgmgNhUQXL0n//1kNE+yusrvLBqxhIC03eE0ISI3tmINY3SBTUNm5hIejSaRdsjZr38EbRvd0aY/H0Ox7iA0ZeRQGSGYjwJwBWXVYR9+LavmaVZ5a6SleeAPkXtZMtIOjW9uM+3N4a7be1Pla+xKJbfeENVO0YbPgGbc0bYMAmMACB1JIWAtU8327LK19MW0y7V/FupVLsFf+ZibOSsEFLFC2N23peFi1hqoB6eusqV6sX3YAVP7brfWRg==,iv:BYe9W546yQv1p1H78v59i5CmbgPZaOFkoFYJxEv7fUE=,tag:CK2iDukxyAgkIuXNOhUY5g==,type:str] +kind: ConfigMap +metadata: + creationTimestamp: null + name: helmrelease-media-lidarr + namespace: media +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-11-23T17:43:20Z' + mac: ENC[AES256_GCM,data:+ON2Tn6VOwaGk64fHzKMjin0txXwALv7y4DIrQAL4cuIe95YQ15B9CSj3ROd1J5x54k+K9W0+QIdv/f6VhjlHRblSIb970tNGnqkU/08Rwn9jSrrxX2pd380UbzHPKnYemEithNYKQodw+Y7Uq6SUGX7Dhw8E9PVEP9xJx8UJ+o=,iv:HTMw3qKfn898u5cY+/ABL42XxuphUXo8ugUii34aDKY=,tag:pqeAREfl85c1zoT+o893Wg==,type:str] + pgp: + - created_at: '2020-11-23T17:43:19Z' + enc: | + -----BEGIN PGP MESSAGE----- + + hQGMA/JorPHm1g9XAQv/f6zBE9e/9WCT3DYewSp7spOlyWWpH5OrsL5vLlHEFAnn + bV8pTi0WV18PtaLfggltUQ3srvJOs4cUbJbUGJOPXkeBTiwuGOHcJbMX4qe2c7a4 + WgyyRGeGfen1/+Pu/rmfY2G9TtxUqVTQT1eSSfT2EMGaeaL5hyJYDlH9whRUVftV + PK2s177qg1jVL1FK88djmA5pW+vuTXN9sATqaW2+C+HBsxYDWuAdwdh9v7f8lZfS + T/UHeEurR5CIH3jXvM9ZsiNEa4HS7asfvqUEhOu/WtpfhEh+3uUCe/El0yHp9Mzj + AEaqV+Nck6d9MwGC/pt9pKrflTtF06ToQyA6gFhCXeF2KCsi0IlKO+dWSnOWn+mK + KxIF0yOmalvtDCGKpPTxABD2mSP1ZcRotpXOh0ow/7dq3B5zDKZWAgjuZ9ueo1ga + Sm54C+xFsmHcE6ZTmWs7RJstOzArTfL8FAO5nzdsToERxCY8vSMHd4IL7zprPUtj + AxwLv3LN4LN5tnMY7Z9T0l4BKNfd8x14cIerOQ1Kii+rAU0BMOPcY+1+Yzd/PLB2 + /CdZTfambO5AWEn3U43oNA4ASP7O6x0kLi2kDF0BmzBaw8JOt3KTE6djeH/Xq62k + hNa6ejYReZRTjtL/MBYc + =/ETC + -----END PGP MESSAGE----- + fp: C8F8A49D04A1AB639F8EA21CDBA4B1DCB1FA5BDD + encrypted_regex: ^(data|stringData)$ + version: 3.6.1