From cb87a67dd20ae4ba8fca7d8efbb57b93671e34bd Mon Sep 17 00:00:00 2001 From: auricom <27022259+auricom@users.noreply.github.com> Date: Tue, 23 Jan 2024 17:22:40 +0100 Subject: [PATCH] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20apply=20kube=20templates?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .archive/kubernetes/attic/ks.yaml | 2 +- .archive/kubernetes/cloudnative-pg/ks.yaml | 2 +- .archive/kubernetes/gitea/ks.yaml | 4 +- .archive/kubernetes/pushover-notifier/ks.yaml | 2 +- .archive/kubernetes/semaphore/ks.yaml | 2 +- .../snapscheduler/app/helmrelease.yaml | 0 .../snapscheduler/app/kustomization.yaml | 0 .archive/kubernetes/snapscheduler/ks.yaml | 26 +++++++ .../schedules/kustomization.yaml | 0 .../snapscheduler/schedules/snapschedule.yaml | 0 .../actions-runner-controller/ks.yaml | 26 +++++-- .../apps/cert-manager/cert-manager/ks.yaml | 28 ++++++-- kubernetes/apps/default/atuin/ks.yaml | 11 ++- kubernetes/apps/default/authelia/ks.yaml | 32 +++++++-- .../apps/default/babybuddy/app/gatus.yaml | 22 ------ .../default/babybuddy/app/helmrelease.yaml | 15 ++-- .../default/babybuddy/app/kustomization.yaml | 4 +- .../apps/default/babybuddy/app/volsync.yaml | 48 ------------- kubernetes/apps/default/babybuddy/ks.yaml | 17 +++-- kubernetes/apps/default/bazarr/app/gatus.yaml | 26 ------- .../apps/default/bazarr/app/helmrelease.yaml | 16 ++--- .../default/bazarr/app/kustomization.yaml | 6 +- .../apps/default/bazarr/app/volsync.yaml | 48 ------------- kubernetes/apps/default/bazarr/ks.yaml | 17 +++-- .../apps/default/calibre/app/gatus.yaml | 26 ------- .../apps/default/calibre/app/helmrelease.yaml | 14 ++-- .../default/calibre/app/kustomization.yaml | 4 +- .../apps/default/calibre/app/volsync.yaml | 47 ------------- kubernetes/apps/default/calibre/ks.yaml | 19 ++++-- kubernetes/apps/default/emqx/ks.yaml | 16 +++-- kubernetes/apps/default/flood/app/gatus.yaml | 26 ------- .../apps/default/flood/app/helmrelease.yaml | 15 ++-- .../apps/default/flood/app/kustomization.yaml | 4 +- .../apps/default/flood/app/volsync.yaml | 48 ------------- kubernetes/apps/default/flood/ks.yaml | 19 ++++-- .../apps/default/freshrss/app/gatus.yaml | 22 ------ .../default/freshrss/app/helmrelease.yaml | 15 ++-- .../default/freshrss/app/kustomization.yaml | 4 +- .../apps/default/freshrss/app/volsync.yaml | 44 ------------ kubernetes/apps/default/freshrss/ks.yaml | 17 +++-- .../apps/default/frigate/app/gatus.yaml | 47 ------------- .../apps/default/frigate/app/helmrelease.yaml | 20 +++--- .../default/frigate/app/kustomization.yaml | 4 +- .../apps/default/frigate/app/volsync.yaml | 48 ------------- kubernetes/apps/default/frigate/ks.yaml | 14 +++- .../apps/default/ghostfolio/app/gatus.yaml | 22 ------ .../default/ghostfolio/app/helmrelease.yaml | 2 +- .../default/ghostfolio/app/kustomization.yaml | 2 +- kubernetes/apps/default/ghostfolio/ks.yaml | 31 +++++++-- kubernetes/apps/default/hajimari/ks.yaml | 12 +++- .../default/home-assistant/app/gatus.yaml | 22 ------ .../home-assistant/app/helmrelease.yaml | 14 ++-- .../home-assistant/app/kustomization.yaml | 10 +-- .../default/home-assistant/app/volsync.yaml | 48 ------------- .../default/home-assistant/code/gatus.yaml | 22 ------ .../home-assistant/code/kustomization.yaml | 2 +- .../apps/default/home-assistant/ks.yaml | 28 ++++++-- .../apps/default/homebox/app/gatus.yaml | 22 ------ .../apps/default/homebox/app/helmrelease.yaml | 15 ++-- .../default/homebox/app/kustomization.yaml | 4 +- .../apps/default/homebox/app/volsync.yaml | 44 ------------ kubernetes/apps/default/homebox/ks.yaml | 13 +++- kubernetes/apps/default/homelab/ks.yaml | 42 +++++++++--- kubernetes/apps/default/immich/app/gatus.yaml | 22 ------ .../default/immich/app/kustomization.yaml | 4 +- .../immich/app/typesense/helmrelease.yaml | 3 +- .../apps/default/immich/app/volsync.yaml | 65 ------------------ .../apps/default/immich/app/volumes.yaml | 16 ----- kubernetes/apps/default/immich/ks.yaml | 31 +++++++-- .../apps/default/invidious/app/gatus.yaml | 22 ------ .../default/invidious/app/kustomization.yaml | 2 +- kubernetes/apps/default/invidious/ks.yaml | 14 +++- .../apps/default/jellyfin/app/gatus.yaml | 21 ------ .../default/jellyfin/app/helmrelease.yaml | 14 ++-- .../default/jellyfin/app/kustomization.yaml | 4 +- .../apps/default/jellyfin/app/volsync.yaml | 48 ------------- kubernetes/apps/default/jellyfin/ks.yaml | 19 ++++-- kubernetes/apps/default/joplin/app/gatus.yaml | 22 ------ .../default/joplin/app/kustomization.yaml | 2 +- kubernetes/apps/default/joplin/ks.yaml | 14 +++- .../apps/default/komf/app/helmrelease.yaml | 24 +++---- .../apps/default/komf/app/kustomization.yaml | 2 +- kubernetes/apps/default/komf/app/volsync.yaml | 44 ------------ kubernetes/apps/default/komf/ks.yaml | 19 ++++-- kubernetes/apps/default/komga/app/gatus.yaml | 22 ------ .../apps/default/komga/app/helmrelease.yaml | 14 ++-- .../apps/default/komga/app/kustomization.yaml | 4 +- .../apps/default/komga/app/volsync.yaml | 48 ------------- kubernetes/apps/default/komga/ks.yaml | 19 ++++-- kubernetes/apps/default/kresus/app/gatus.yaml | 26 ------- .../apps/default/kresus/app/helmrelease.yaml | 14 ++-- .../default/kresus/app/kustomization.yaml | 4 +- .../apps/default/kresus/app/volsync.yaml | 48 ------------- kubernetes/apps/default/kresus/ks.yaml | 17 +++-- .../apps/default/libmedium/app/gatus.yaml | 22 ------ .../default/libmedium/app/kustomization.yaml | 3 +- kubernetes/apps/default/libmedium/ks.yaml | 18 +++-- .../apps/default/libreddit/app/gatus.yaml | 22 ------ .../default/libreddit/app/kustomization.yaml | 2 +- kubernetes/apps/default/libreddit/ks.yaml | 12 +++- kubernetes/apps/default/lidarr/app/gatus.yaml | 26 ------- .../apps/default/lidarr/app/helmrelease.yaml | 4 +- .../default/lidarr/app/kustomization.yaml | 3 +- kubernetes/apps/default/lidarr/ks.yaml | 20 ++++-- .../apps/default/linkding/app/gatus.yaml | 22 ------ .../default/linkding/app/kustomization.yaml | 2 +- kubernetes/apps/default/linkding/ks.yaml | 14 +++- kubernetes/apps/default/lldap/app/gatus.yaml | 21 ------ .../apps/default/lldap/app/kustomization.yaml | 2 +- kubernetes/apps/default/lldap/ks.yaml | 11 ++- kubernetes/apps/default/lms/app/gatus.yaml | 26 ------- .../apps/default/lms/app/helmrelease.yaml | 14 ++-- .../apps/default/lms/app/kustomization.yaml | 4 +- kubernetes/apps/default/lms/app/volsync.yaml | 48 ------------- kubernetes/apps/default/lms/ks.yaml | 15 +++- kubernetes/apps/default/lychee/app/gatus.yaml | 22 ------ .../apps/default/lychee/app/helmrelease.yaml | 14 ++-- .../default/lychee/app/kustomization.yaml | 4 +- .../apps/default/lychee/app/volsync.yaml | 48 ------------- kubernetes/apps/default/lychee/ks.yaml | 33 ++++++--- .../apps/default/mailrise/app/gatus.yaml | 26 ------- .../default/mailrise/app/kustomization.yaml | 2 +- kubernetes/apps/default/mailrise/ks.yaml | 14 +++- .../apps/default/media-browser/app/gatus.yaml | 26 ------- .../media-browser/app/helmrelease.yaml | 14 ++-- .../media-browser/app/kustomization.yaml | 4 +- kubernetes/apps/default/media-browser/ks.yaml | 19 ++++-- .../{helm-release.yaml => helmrelease.yaml} | 0 .../music-transcode/app/kustomization.yaml | 2 +- .../apps/default/music-transcode/ks.yaml | 13 +++- .../apps/default/navidrome/app/gatus.yaml | 26 ------- .../default/navidrome/app/helmrelease.yaml | 14 ++-- .../default/navidrome/app/kustomization.yaml | 4 +- .../apps/default/navidrome/app/volsync.yaml | 48 ------------- kubernetes/apps/default/navidrome/ks.yaml | 19 ++++-- .../apps/default/outline/app/gatus.yaml | 22 ------ .../default/outline/app/kustomization.yaml | 2 +- kubernetes/apps/default/outline/ks.yaml | 31 +++++++-- .../apps/default/paperless/app/gatus.yaml | 22 ------ .../default/paperless/app/kustomization.yaml | 2 +- kubernetes/apps/default/paperless/ks.yaml | 30 ++++++-- .../apps/default/pgadmin/app/gatus.yaml | 22 ------ .../apps/default/pgadmin/app/helmrelease.yaml | 15 ++-- .../default/pgadmin/app/kustomization.yaml | 4 +- .../apps/default/pgadmin/app/volsync.yaml | 48 ------------- kubernetes/apps/default/pgadmin/ks.yaml | 19 ++++-- .../apps/default/prowlarr/app/gatus.yaml | 26 ------- .../default/prowlarr/app/kustomization.yaml | 2 +- kubernetes/apps/default/prowlarr/ks.yaml | 18 +++-- .../apps/default/pushover-notifier/ks.yaml | 14 +++- kubernetes/apps/default/pyload/app/gatus.yaml | 26 ------- .../apps/default/pyload/app/helmrelease.yaml | 14 ++-- .../default/pyload/app/kustomization.yaml | 4 +- .../apps/default/pyload/app/volsync.yaml | 48 ------------- kubernetes/apps/default/pyload/ks.yaml | 19 ++++-- .../apps/default/qbittorrent/app/gatus.yaml | 22 ------ .../default/qbittorrent/app/helmrelease.yaml | 14 ++-- .../qbittorrent/app/kustomization.yaml | 4 +- .../app/upgrade-p2pblocklist/helmrelease.yaml | 4 +- .../apps/default/qbittorrent/app/volsync.yaml | 48 ------------- kubernetes/apps/default/qbittorrent/ks.yaml | 17 +++-- kubernetes/apps/default/radarr/app/gatus.yaml | 26 ------- .../apps/default/radarr/app/helmrelease.yaml | 6 +- .../default/radarr/app/kustomization.yaml | 3 +- kubernetes/apps/default/radarr/ks.yaml | 19 ++++-- .../default/recyclarr/app/helmrelease.yaml | 12 +--- .../default/recyclarr/app/kustomization.yaml | 2 +- .../apps/default/recyclarr/app/volsync.yaml | 48 ------------- kubernetes/apps/default/recyclarr/ks.yaml | 17 +++-- .../default/resilio-sync/claude/gatus.yaml | 26 ------- .../resilio-sync/claude/helmrelease.yaml | 14 ++-- .../resilio-sync/claude/kustomization.yaml | 4 +- .../default/resilio-sync/claude/volsync.yaml | 48 ------------- .../default/resilio-sync/helene/gatus.yaml | 26 ------- .../resilio-sync/helene/helmrelease.yaml | 14 ++-- .../resilio-sync/helene/kustomization.yaml | 4 +- .../default/resilio-sync/helene/volsync.yaml | 48 ------------- kubernetes/apps/default/resilio-sync/ks.yaml | 35 +++++++--- .../apps/default/sabnzbd/app/gatus.yaml | 26 ------- .../apps/default/sabnzbd/app/helmrelease.yaml | 14 ++-- .../default/sabnzbd/app/kustomization.yaml | 4 +- .../apps/default/sabnzbd/app/volsync.yaml | 48 ------------- kubernetes/apps/default/sabnzbd/ks.yaml | 19 ++++-- kubernetes/apps/default/sharry/app/gatus.yaml | 22 ------ .../default/sharry/app/kustomization.yaml | 2 +- kubernetes/apps/default/sharry/ks.yaml | 12 +++- kubernetes/apps/default/smtp-relay/ks.yaml | 15 +++- kubernetes/apps/default/sonarr/app/gatus.yaml | 26 ------- .../apps/default/sonarr/app/helmrelease.yaml | 4 +- .../default/sonarr/app/kustomization.yaml | 3 +- kubernetes/apps/default/sonarr/ks.yaml | 19 ++++-- .../apps/default/tandoor/app/gatus.yaml | 22 ------ .../apps/default/tandoor/app/helmrelease.yaml | 4 +- .../default/tandoor/app/kustomization.yaml | 5 +- .../apps/default/tandoor/app/volsync.yaml | 48 ------------- .../apps/default/tandoor/app/volume.yaml | 17 ----- kubernetes/apps/default/tandoor/ks.yaml | 19 ++++-- kubernetes/apps/default/unifi/app/gatus.yaml | 22 ------ .../apps/default/unifi/app/helmrelease.yaml | 15 ++-- .../apps/default/unifi/app/kustomization.yaml | 4 +- .../apps/default/unifi/app/volsync.yaml | 48 ------------- kubernetes/apps/default/unifi/ks.yaml | 17 +++-- .../apps/default/vaultwarden/app/gatus.yaml | 22 ------ .../default/vaultwarden/app/helmrelease.yaml | 15 ++-- .../vaultwarden/app/kustomization.yaml | 4 +- .../apps/default/vaultwarden/app/volsync.yaml | 48 ------------- kubernetes/apps/default/vaultwarden/ks.yaml | 19 ++++-- .../default/vikunja/app/externalsecret.yaml | 1 + .../apps/default/vikunja/app/gatus.yaml | 22 ------ .../apps/default/vikunja/app/helmrelease.yaml | 14 ++-- .../default/vikunja/app/kustomization.yaml | 4 +- .../apps/default/vikunja/app/volsync.yaml | 48 ------------- kubernetes/apps/default/vikunja/ks.yaml | 19 ++++-- .../apps/default/wallabag/app/gatus.yaml | 22 ------ .../default/wallabag/app/helmrelease.yaml | 15 ++-- .../default/wallabag/app/kustomization.yaml | 4 +- .../apps/default/wallabag/app/volsync.yaml | 44 ------------ kubernetes/apps/default/wallabag/ks.yaml | 35 +++++++--- .../apps/default/whoogle/app/gatus.yaml | 22 ------ .../default/whoogle/app/kustomization.yaml | 2 +- kubernetes/apps/default/whoogle/ks.yaml | 12 +++- .../apps/default/zigbee2mqtt/app/gatus.yaml | 26 ------- .../default/zigbee2mqtt/app/helmrelease.yaml | 14 ++-- .../zigbee2mqtt/app/kustomization.yaml | 6 +- .../apps/default/zigbee2mqtt/app/volsync.yaml | 44 ------------ kubernetes/apps/default/zigbee2mqtt/ks.yaml | 19 ++++-- .../apps/default/zwave-js-ui/app/gatus.yaml | 26 ------- .../default/zwave-js-ui/app/helmrelease.yaml | 14 ++-- .../zwave-js-ui/app/kustomization.yaml | 4 +- .../apps/default/zwave-js-ui/app/volsync.yaml | 44 ------------ kubernetes/apps/default/zwave-js-ui/ks.yaml | 19 ++++-- kubernetes/apps/flux-system/addons/ks.yaml | 39 ++++++++--- .../apps/flux-system/weave-gitops/ks.yaml | 14 +++- kubernetes/apps/kube-system/cilium/ks.yaml | 12 +++- .../apps/kube-system/descheduler/ks.yaml | 12 +++- .../apps/kube-system/external-secrets/ks.yaml | 24 +++++-- .../kube-system/intel-device-plugin/ks.yaml | 30 +++++++- kubernetes/apps/kube-system/k8s-ycl/ks.yaml | 12 +++- .../kube-system/kubelet-csr-approver/ks.yaml | 12 +++- .../apps/kube-system/metrics-server/ks.yaml | 12 +++- .../node-feature-discovery/ks.yaml | 25 +++++-- kubernetes/apps/kube-system/reloader/ks.yaml | 12 +++- .../kube-system/snapshot-controller/ks.yaml | 12 +++- kubernetes/apps/kube-system/spegel/ks.yaml | 12 +++- kubernetes/apps/monitoring/gatus/ks.yaml | 13 +++- kubernetes/apps/monitoring/grafana/ks.yaml | 12 +++- .../monitoring/kube-prometheus-stack/ks.yaml | 14 +++- kubernetes/apps/monitoring/loki/ks.yaml | 14 +++- .../monitoring/thanos/app/helmrelease.yaml | 2 +- kubernetes/apps/monitoring/thanos/ks.yaml | 14 +++- kubernetes/apps/monitoring/vector/ks.yaml | 14 +++- .../apps/networking/external-dns/ks.yaml | 14 +++- .../apps/networking/ingress-nginx/ks.yaml | 29 ++++++-- .../apps/networking/k8s-gateway/ks.yaml | 12 +++- .../apps/ngnode/landing-page/app/gatus.yaml | 22 ------ .../landing-page/app/kustomization.yaml | 2 +- kubernetes/apps/ngnode/landing-page/ks.yaml | 13 +++- kubernetes/apps/rook-ceph/rook-ceph/ks.yaml | 68 +++++++++++++------ kubernetes/apps/volsync/kustomization.yaml | 1 - kubernetes/apps/volsync/snapscheduler/ks.yaml | 37 ---------- kubernetes/apps/volsync/volsync/ks.yaml | 14 +++- kubernetes/flux/config/flux.yaml | 2 +- 262 files changed, 1510 insertions(+), 3360 deletions(-) rename {kubernetes/apps/volsync => .archive/kubernetes}/snapscheduler/app/helmrelease.yaml (100%) rename {kubernetes/apps/volsync => .archive/kubernetes}/snapscheduler/app/kustomization.yaml (100%) create mode 100644 .archive/kubernetes/snapscheduler/ks.yaml rename {kubernetes/apps/volsync => .archive/kubernetes}/snapscheduler/schedules/kustomization.yaml (100%) rename {kubernetes/apps/volsync => .archive/kubernetes}/snapscheduler/schedules/snapschedule.yaml (100%) delete mode 100644 kubernetes/apps/default/babybuddy/app/gatus.yaml delete mode 100644 kubernetes/apps/default/babybuddy/app/volsync.yaml delete mode 100644 kubernetes/apps/default/bazarr/app/gatus.yaml delete mode 100644 kubernetes/apps/default/bazarr/app/volsync.yaml delete mode 100644 kubernetes/apps/default/calibre/app/gatus.yaml delete mode 100644 kubernetes/apps/default/calibre/app/volsync.yaml delete mode 100644 kubernetes/apps/default/flood/app/gatus.yaml delete mode 100644 kubernetes/apps/default/flood/app/volsync.yaml delete mode 100644 kubernetes/apps/default/freshrss/app/gatus.yaml delete mode 100644 kubernetes/apps/default/freshrss/app/volsync.yaml delete mode 100644 kubernetes/apps/default/frigate/app/gatus.yaml delete mode 100644 kubernetes/apps/default/frigate/app/volsync.yaml delete mode 100644 kubernetes/apps/default/ghostfolio/app/gatus.yaml delete mode 100644 kubernetes/apps/default/home-assistant/app/gatus.yaml delete mode 100644 kubernetes/apps/default/home-assistant/app/volsync.yaml delete mode 100644 kubernetes/apps/default/home-assistant/code/gatus.yaml delete mode 100644 kubernetes/apps/default/homebox/app/gatus.yaml delete mode 100644 kubernetes/apps/default/homebox/app/volsync.yaml delete mode 100644 kubernetes/apps/default/immich/app/gatus.yaml delete mode 100644 kubernetes/apps/default/immich/app/volsync.yaml delete mode 100644 kubernetes/apps/default/invidious/app/gatus.yaml delete mode 100644 kubernetes/apps/default/jellyfin/app/gatus.yaml delete mode 100644 kubernetes/apps/default/jellyfin/app/volsync.yaml delete mode 100644 kubernetes/apps/default/joplin/app/gatus.yaml delete mode 100644 kubernetes/apps/default/komf/app/volsync.yaml delete mode 100644 kubernetes/apps/default/komga/app/gatus.yaml delete mode 100644 kubernetes/apps/default/komga/app/volsync.yaml delete mode 100644 kubernetes/apps/default/kresus/app/gatus.yaml delete mode 100644 kubernetes/apps/default/kresus/app/volsync.yaml delete mode 100644 kubernetes/apps/default/libmedium/app/gatus.yaml delete mode 100644 kubernetes/apps/default/libreddit/app/gatus.yaml delete mode 100644 kubernetes/apps/default/lidarr/app/gatus.yaml delete mode 100644 kubernetes/apps/default/linkding/app/gatus.yaml delete mode 100644 kubernetes/apps/default/lldap/app/gatus.yaml delete mode 100644 kubernetes/apps/default/lms/app/gatus.yaml delete mode 100644 kubernetes/apps/default/lms/app/volsync.yaml delete mode 100644 kubernetes/apps/default/lychee/app/gatus.yaml delete mode 100644 kubernetes/apps/default/lychee/app/volsync.yaml delete mode 100644 kubernetes/apps/default/mailrise/app/gatus.yaml delete mode 100644 kubernetes/apps/default/media-browser/app/gatus.yaml rename kubernetes/apps/default/music-transcode/app/{helm-release.yaml => helmrelease.yaml} (100%) delete mode 100644 kubernetes/apps/default/navidrome/app/gatus.yaml delete mode 100644 kubernetes/apps/default/navidrome/app/volsync.yaml delete mode 100644 kubernetes/apps/default/outline/app/gatus.yaml delete mode 100644 kubernetes/apps/default/paperless/app/gatus.yaml delete mode 100644 kubernetes/apps/default/pgadmin/app/gatus.yaml delete mode 100644 kubernetes/apps/default/pgadmin/app/volsync.yaml delete mode 100644 kubernetes/apps/default/prowlarr/app/gatus.yaml delete mode 100644 kubernetes/apps/default/pyload/app/gatus.yaml delete mode 100644 kubernetes/apps/default/pyload/app/volsync.yaml delete mode 100644 kubernetes/apps/default/qbittorrent/app/gatus.yaml delete mode 100644 kubernetes/apps/default/qbittorrent/app/volsync.yaml delete mode 100644 kubernetes/apps/default/radarr/app/gatus.yaml delete mode 100644 kubernetes/apps/default/recyclarr/app/volsync.yaml delete mode 100644 kubernetes/apps/default/resilio-sync/claude/gatus.yaml delete mode 100644 kubernetes/apps/default/resilio-sync/claude/volsync.yaml delete mode 100644 kubernetes/apps/default/resilio-sync/helene/gatus.yaml delete mode 100644 kubernetes/apps/default/resilio-sync/helene/volsync.yaml delete mode 100644 kubernetes/apps/default/sabnzbd/app/gatus.yaml delete mode 100644 kubernetes/apps/default/sabnzbd/app/volsync.yaml delete mode 100644 kubernetes/apps/default/sharry/app/gatus.yaml delete mode 100644 kubernetes/apps/default/sonarr/app/gatus.yaml delete mode 100644 kubernetes/apps/default/tandoor/app/gatus.yaml delete mode 100644 kubernetes/apps/default/tandoor/app/volsync.yaml delete mode 100644 kubernetes/apps/default/tandoor/app/volume.yaml delete mode 100644 kubernetes/apps/default/unifi/app/gatus.yaml delete mode 100644 kubernetes/apps/default/unifi/app/volsync.yaml delete mode 100644 kubernetes/apps/default/vaultwarden/app/gatus.yaml delete mode 100644 kubernetes/apps/default/vaultwarden/app/volsync.yaml delete mode 100644 kubernetes/apps/default/vikunja/app/gatus.yaml delete mode 100644 kubernetes/apps/default/vikunja/app/volsync.yaml delete mode 100644 kubernetes/apps/default/wallabag/app/gatus.yaml delete mode 100644 kubernetes/apps/default/wallabag/app/volsync.yaml delete mode 100644 kubernetes/apps/default/whoogle/app/gatus.yaml delete mode 100644 kubernetes/apps/default/zigbee2mqtt/app/gatus.yaml delete mode 100644 kubernetes/apps/default/zigbee2mqtt/app/volsync.yaml delete mode 100644 kubernetes/apps/default/zwave-js-ui/app/gatus.yaml delete mode 100644 kubernetes/apps/default/zwave-js-ui/app/volsync.yaml delete mode 100644 kubernetes/apps/ngnode/landing-page/app/gatus.yaml delete mode 100644 kubernetes/apps/volsync/snapscheduler/ks.yaml diff --git a/.archive/kubernetes/attic/ks.yaml b/.archive/kubernetes/attic/ks.yaml index 421979e5d..643840391 100644 --- a/.archive/kubernetes/attic/ks.yaml +++ b/.archive/kubernetes/attic/ks.yaml @@ -8,7 +8,7 @@ metadata: spec: dependsOn: - name: cluster-apps-cloudnative-pg-cluster - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores path: ./kubernetes/apps/default/attic/apiserver prune: true sourceRef: diff --git a/.archive/kubernetes/cloudnative-pg/ks.yaml b/.archive/kubernetes/cloudnative-pg/ks.yaml index 8f2935c5b..18722795b 100644 --- a/.archive/kubernetes/cloudnative-pg/ks.yaml +++ b/.archive/kubernetes/cloudnative-pg/ks.yaml @@ -7,7 +7,7 @@ metadata: namespace: flux-system spec: dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores path: ./kubernetes/apps/default/cloudnative-pg/app prune: true sourceRef: diff --git a/.archive/kubernetes/gitea/ks.yaml b/.archive/kubernetes/gitea/ks.yaml index d637f0527..9b8906434 100644 --- a/.archive/kubernetes/gitea/ks.yaml +++ b/.archive/kubernetes/gitea/ks.yaml @@ -13,8 +13,8 @@ spec: name: home-ops-kubernetes dependsOn: - name: cluster-apps-cloudnative-pg-cluster - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: volsync interval: 30m retryInterval: 1m timeout: 3m diff --git a/.archive/kubernetes/pushover-notifier/ks.yaml b/.archive/kubernetes/pushover-notifier/ks.yaml index f806a8c47..eb344e71b 100644 --- a/.archive/kubernetes/pushover-notifier/ks.yaml +++ b/.archive/kubernetes/pushover-notifier/ks.yaml @@ -8,7 +8,7 @@ metadata: spec: dependsOn: - name: cluster-apps-cloudnative-pg-cluster - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores path: ./kubernetes/apps/default/pushover-notifier/app prune: true sourceRef: diff --git a/.archive/kubernetes/semaphore/ks.yaml b/.archive/kubernetes/semaphore/ks.yaml index 51c79b04d..ab377eb0a 100644 --- a/.archive/kubernetes/semaphore/ks.yaml +++ b/.archive/kubernetes/semaphore/ks.yaml @@ -7,7 +7,7 @@ metadata: namespace: flux-system spec: dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores - name: cluster-apps-cloudnative-pg-app path: ./kubernetes/apps/default/semaphore/app prune: true diff --git a/kubernetes/apps/volsync/snapscheduler/app/helmrelease.yaml b/.archive/kubernetes/snapscheduler/app/helmrelease.yaml similarity index 100% rename from kubernetes/apps/volsync/snapscheduler/app/helmrelease.yaml rename to .archive/kubernetes/snapscheduler/app/helmrelease.yaml diff --git a/kubernetes/apps/volsync/snapscheduler/app/kustomization.yaml b/.archive/kubernetes/snapscheduler/app/kustomization.yaml similarity index 100% rename from kubernetes/apps/volsync/snapscheduler/app/kustomization.yaml rename to .archive/kubernetes/snapscheduler/app/kustomization.yaml diff --git a/.archive/kubernetes/snapscheduler/ks.yaml b/.archive/kubernetes/snapscheduler/ks.yaml new file mode 100644 index 000000000..af6505778 --- /dev/null +++ b/.archive/kubernetes/snapscheduler/ks.yaml @@ -0,0 +1,26 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app snapscheduler + namespace: flux-system +spec: + targetNamespace: volsync + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: snapshot-controller + path: ./kubernetes/apps/volsync/snapscheduler/app + prune: true + sourceRef: + kind: GitRepository + name: home-ops-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/volsync/snapscheduler/schedules/kustomization.yaml b/.archive/kubernetes/snapscheduler/schedules/kustomization.yaml similarity index 100% rename from kubernetes/apps/volsync/snapscheduler/schedules/kustomization.yaml rename to .archive/kubernetes/snapscheduler/schedules/kustomization.yaml diff --git a/kubernetes/apps/volsync/snapscheduler/schedules/snapschedule.yaml b/.archive/kubernetes/snapscheduler/schedules/snapschedule.yaml similarity index 100% rename from kubernetes/apps/volsync/snapscheduler/schedules/snapschedule.yaml rename to .archive/kubernetes/snapscheduler/schedules/snapschedule.yaml diff --git a/kubernetes/apps/actions-runner-system/actions-runner-controller/ks.yaml b/kubernetes/apps/actions-runner-system/actions-runner-controller/ks.yaml index 48b6b8177..081fff50a 100644 --- a/kubernetes/apps/actions-runner-system/actions-runner-controller/ks.yaml +++ b/kubernetes/apps/actions-runner-system/actions-runner-controller/ks.yaml @@ -3,36 +3,50 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-actions-runner-controller + name: &app actions-runner-controller namespace: flux-system spec: + targetNamespace: actions-runner-system + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores path: ./kubernetes/apps/actions-runner-system/actions-runner-controller/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: true + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-actions-runner-controller-runners + name: &app actions-runner-controller-runners namespace: flux-system spec: + targetNamespace: actions-runner-system + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-actions-runner-controller + - name: actions-runner-controller path: ./kubernetes/apps/actions-runner-system/actions-runner-controller/runners prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: false # no flux ks dependents + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/cert-manager/cert-manager/ks.yaml b/kubernetes/apps/cert-manager/cert-manager/ks.yaml index 65627b371..f0c5cd45f 100644 --- a/kubernetes/apps/cert-manager/cert-manager/ks.yaml +++ b/kubernetes/apps/cert-manager/cert-manager/ks.yaml @@ -3,33 +3,49 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-cert-manager + name: &app cert-manager namespace: flux-system spec: + targetNamespace: cert-manager + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/cert-manager/cert-manager/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-cert-manager-webhook-ovh + name: cert-manager-webhook-ovh namespace: flux-system spec: + targetNamespace: cert-manager + commonMetadata: + labels: + app.kubernetes.io/name: &app cert-manager dependsOn: - - name: cluster-apps-cert-manager - - name: cluster-apps-external-secrets-stores + - name: cert-manager + - name: external-secrets-stores path: ./kubernetes/apps/cert-manager/cert-manager/webhook-ovh prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/atuin/ks.yaml b/kubernetes/apps/default/atuin/ks.yaml index 1249b524f..172ff45af 100644 --- a/kubernetes/apps/default/atuin/ks.yaml +++ b/kubernetes/apps/default/atuin/ks.yaml @@ -3,11 +3,15 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-atuin + name: &app atuin namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores path: ./kubernetes/apps/default/atuin/app prune: true sourceRef: @@ -17,3 +21,6 @@ spec: interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/authelia/ks.yaml b/kubernetes/apps/default/authelia/ks.yaml index b2a082a84..465a091c3 100644 --- a/kubernetes/apps/default/authelia/ks.yaml +++ b/kubernetes/apps/default/authelia/ks.yaml @@ -3,32 +3,50 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-authelia-app + name: &app authelia namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-authelia-redis - - name: cluster-apps-external-secrets-stores + - name: authelia-redis + - name: external-secrets-stores path: ./kubernetes/apps/default/authelia/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + GATUS_SUBDOMAIN: auth --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-authelia-redis + name: authelia-redis namespace: flux-system spec: - interval: 10m + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: &app authelia path: ./kubernetes/apps/default/authelia/redis prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: false # no flux ks dependents + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/babybuddy/app/gatus.yaml b/kubernetes/apps/default/babybuddy/app/gatus.yaml deleted file mode 100644 index e7fc09042..000000000 --- a/kubernetes/apps/default/babybuddy/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: babybuddy-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: babybuddy - group: internal - url: https://babybuddy.${SECRET_CLUSTER_DOMAIN}/login/ - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/babybuddy/app/helmrelease.yaml b/kubernetes/apps/default/babybuddy/app/helmrelease.yaml index 1515c8dcb..f8cdf7fea 100644 --- a/kubernetes/apps/default/babybuddy/app/helmrelease.yaml +++ b/kubernetes/apps/default/babybuddy/app/helmrelease.yaml @@ -31,7 +31,6 @@ spec: main: annotations: reloader.stakater.com/auto: "true" - type: statefulset initContainers: init-db: order: 1 @@ -75,14 +74,6 @@ spec: requests: cpu: 100m memory: 256Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -104,3 +95,9 @@ spec: tls: - hosts: - *host + persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config diff --git a/kubernetes/apps/default/babybuddy/app/kustomization.yaml b/kubernetes/apps/default/babybuddy/app/kustomization.yaml index c254171ab..48e972b27 100644 --- a/kubernetes/apps/default/babybuddy/app/kustomization.yaml +++ b/kubernetes/apps/default/babybuddy/app/kustomization.yaml @@ -5,6 +5,6 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/babybuddy/app/volsync.yaml b/kubernetes/apps/default/babybuddy/app/volsync.yaml deleted file mode 100644 index 884e5a3b8..000000000 --- a/kubernetes/apps/default/babybuddy/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: babybuddy-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: babybuddy-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/babybuddy' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: babybuddy - namespace: default -spec: - sourcePVC: config-babybuddy-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: babybuddy-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/babybuddy/ks.yaml b/kubernetes/apps/default/babybuddy/ks.yaml index 32d66518d..5643c035e 100644 --- a/kubernetes/apps/default/babybuddy/ks.yaml +++ b/kubernetes/apps/default/babybuddy/ks.yaml @@ -3,17 +3,26 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-babybuddy + name: &app babybuddy namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/babybuddy/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores - # - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: volsync + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/bazarr/app/gatus.yaml b/kubernetes/apps/default/bazarr/app/gatus.yaml deleted file mode 100644 index cb47344b8..000000000 --- a/kubernetes/apps/default/bazarr/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: bazarr-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: bazarr - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: bazarr.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/bazarr/app/helmrelease.yaml b/kubernetes/apps/default/bazarr/app/helmrelease.yaml index 03f04067b..2ca16e94e 100644 --- a/kubernetes/apps/default/bazarr/app/helmrelease.yaml +++ b/kubernetes/apps/default/bazarr/app/helmrelease.yaml @@ -40,7 +40,6 @@ spec: fsGroupChangePolicy: OnRootMismatch controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" initContainers: @@ -51,7 +50,7 @@ spec: tag: 16 envFrom: &envFrom - secretRef: - name: atuin-secret + name: bazarr-secret containers: main: image: @@ -76,14 +75,6 @@ spec: - --branch=master - --wait=86400 # 1 day - --root=/add-ons - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -111,6 +102,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config add-ons: enabled: true type: emptyDir diff --git a/kubernetes/apps/default/bazarr/app/kustomization.yaml b/kubernetes/apps/default/bazarr/app/kustomization.yaml index 142978650..a45c9b981 100644 --- a/kubernetes/apps/default/bazarr/app/kustomization.yaml +++ b/kubernetes/apps/default/bazarr/app/kustomization.yaml @@ -5,12 +5,14 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync configMapGenerator: - name: bazarr-scripts files: - post-process.sh=./scripts/post-process.sh configurations: - ./patches/kustomizeconfig.yaml +generatorOptions: + disableNameSuffixHash: true diff --git a/kubernetes/apps/default/bazarr/app/volsync.yaml b/kubernetes/apps/default/bazarr/app/volsync.yaml deleted file mode 100644 index d425796b5..000000000 --- a/kubernetes/apps/default/bazarr/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: bazarr-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: bazarr-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/bazarr' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: bazarr - namespace: default -spec: - sourcePVC: config-bazarr-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: bazarr-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/bazarr/ks.yaml b/kubernetes/apps/default/bazarr/ks.yaml index 7ed02ec62..e36b4ff3e 100644 --- a/kubernetes/apps/default/bazarr/ks.yaml +++ b/kubernetes/apps/default/bazarr/ks.yaml @@ -3,17 +3,26 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-bazarr-app + name: &app bazarr namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: volsync path: ./kubernetes/apps/default/bazarr/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/calibre/app/gatus.yaml b/kubernetes/apps/default/calibre/app/gatus.yaml deleted file mode 100644 index 967f35bf9..000000000 --- a/kubernetes/apps/default/calibre/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: calibre-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: calibre - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: calibre.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/calibre/app/helmrelease.yaml b/kubernetes/apps/default/calibre/app/helmrelease.yaml index a66c73f6e..bee89fd14 100644 --- a/kubernetes/apps/default/calibre/app/helmrelease.yaml +++ b/kubernetes/apps/default/calibre/app/helmrelease.yaml @@ -29,7 +29,6 @@ spec: values: controllers: main: - type: statefulset containers: main: image: @@ -45,14 +44,6 @@ spec: memory: 324M limits: memory: 604M - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -80,6 +71,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config books: enabled: true type: nfs diff --git a/kubernetes/apps/default/calibre/app/kustomization.yaml b/kubernetes/apps/default/calibre/app/kustomization.yaml index 29079162f..35ff57401 100644 --- a/kubernetes/apps/default/calibre/app/kustomization.yaml +++ b/kubernetes/apps/default/calibre/app/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/calibre/app/volsync.yaml b/kubernetes/apps/default/calibre/app/volsync.yaml deleted file mode 100644 index 2e997dc99..000000000 --- a/kubernetes/apps/default/calibre/app/volsync.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: calibre-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: calibre-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/calibre' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: calibre - namespace: default -spec: - sourcePVC: config-calibre-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: calibre-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 1026 - runAsGroup: 1000 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/calibre/ks.yaml b/kubernetes/apps/default/calibre/ks.yaml index 489e5891e..6a231fea1 100644 --- a/kubernetes/apps/default/calibre/ks.yaml +++ b/kubernetes/apps/default/calibre/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-calibre + name: &app calibre namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/calibre/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/emqx/ks.yaml b/kubernetes/apps/default/emqx/ks.yaml index 7eb09a25c..8240dd6dd 100644 --- a/kubernetes/apps/default/emqx/ks.yaml +++ b/kubernetes/apps/default/emqx/ks.yaml @@ -3,17 +3,25 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-emqx-app + name: &app emqx namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-external-secrets-stores + - name: rook-ceph-cluster + - name: external-secrets-stores path: ./kubernetes/apps/default/emqx/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/flood/app/gatus.yaml b/kubernetes/apps/default/flood/app/gatus.yaml deleted file mode 100644 index c8c24e283..000000000 --- a/kubernetes/apps/default/flood/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: flood-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: flood - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: flood.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/flood/app/helmrelease.yaml b/kubernetes/apps/default/flood/app/helmrelease.yaml index 02931b586..ae5e10f5e 100644 --- a/kubernetes/apps/default/flood/app/helmrelease.yaml +++ b/kubernetes/apps/default/flood/app/helmrelease.yaml @@ -35,7 +35,6 @@ spec: fsGroupChangePolicy: "OnRootMismatch" controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -56,14 +55,6 @@ spec: cpu: 15m limits: memory: 512Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 50Gi - storageClass: rook-ceph-block - globalMounts: - - path: /data service: main: ports: @@ -90,3 +81,9 @@ spec: tls: - hosts: - *host + persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /data diff --git a/kubernetes/apps/default/flood/app/kustomization.yaml b/kubernetes/apps/default/flood/app/kustomization.yaml index c254171ab..48e972b27 100644 --- a/kubernetes/apps/default/flood/app/kustomization.yaml +++ b/kubernetes/apps/default/flood/app/kustomization.yaml @@ -5,6 +5,6 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/flood/app/volsync.yaml b/kubernetes/apps/default/flood/app/volsync.yaml deleted file mode 100644 index 592fbdcbf..000000000 --- a/kubernetes/apps/default/flood/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: flood-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: flood-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/flood' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: flood - namespace: default -spec: - sourcePVC: config-flood-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: flood-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/flood/ks.yaml b/kubernetes/apps/default/flood/ks.yaml index 798d60955..8adbc9b7e 100644 --- a/kubernetes/apps/default/flood/ks.yaml +++ b/kubernetes/apps/default/flood/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-flood-app + name: &app flood namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-qbittorrent-app - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: qbittorrent + - name: volsync path: ./kubernetes/apps/default/flood/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/freshrss/app/gatus.yaml b/kubernetes/apps/default/freshrss/app/gatus.yaml deleted file mode 100644 index 6cd9d4c0e..000000000 --- a/kubernetes/apps/default/freshrss/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: freshrss-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: freshrss - group: internal - url: https://freshrss.${SECRET_CLUSTER_DOMAIN}/i/ - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/freshrss/app/helmrelease.yaml b/kubernetes/apps/default/freshrss/app/helmrelease.yaml index b6a623caf..5f52d1187 100644 --- a/kubernetes/apps/default/freshrss/app/helmrelease.yaml +++ b/kubernetes/apps/default/freshrss/app/helmrelease.yaml @@ -29,7 +29,6 @@ spec: values: controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" initContainers: @@ -54,14 +53,6 @@ spec: requests: cpu: 50m memory: 256Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /var/www/FreshRSS/data service: main: ports: @@ -83,3 +74,9 @@ spec: tls: - hosts: - *host + persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /var/www/FreshRSS/data diff --git a/kubernetes/apps/default/freshrss/app/kustomization.yaml b/kubernetes/apps/default/freshrss/app/kustomization.yaml index c254171ab..72f9ab807 100644 --- a/kubernetes/apps/default/freshrss/app/kustomization.yaml +++ b/kubernetes/apps/default/freshrss/app/kustomization.yaml @@ -5,6 +5,6 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/external + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/freshrss/app/volsync.yaml b/kubernetes/apps/default/freshrss/app/volsync.yaml deleted file mode 100644 index 38d5089a0..000000000 --- a/kubernetes/apps/default/freshrss/app/volsync.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: freshrss-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: freshrss-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/freshrss' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: freshrss - namespace: default -spec: - sourcePVC: config-freshrss-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: freshrss-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/freshrss/ks.yaml b/kubernetes/apps/default/freshrss/ks.yaml index e978b0ccf..5db9b0971 100644 --- a/kubernetes/apps/default/freshrss/ks.yaml +++ b/kubernetes/apps/default/freshrss/ks.yaml @@ -3,17 +3,26 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-freshrss + name: &app freshrss namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/freshrss/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: volsync + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/frigate/app/gatus.yaml b/kubernetes/apps/default/frigate/app/gatus.yaml deleted file mode 100644 index 0693a9e67..000000000 --- a/kubernetes/apps/default/frigate/app/gatus.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: frigate-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: frigate - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: frigate.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: frigate-cam-01-bedroom-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: cam-01-bedroom - group: cameras - url: https://cam-01-bedroom.${SECRET_DOMAIN} - interval: 5m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/frigate/app/helmrelease.yaml b/kubernetes/apps/default/frigate/app/helmrelease.yaml index 78a159ce2..2f09bdc04 100644 --- a/kubernetes/apps/default/frigate/app/helmrelease.yaml +++ b/kubernetes/apps/default/frigate/app/helmrelease.yaml @@ -3,7 +3,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: - name: frigate + name: &app frigate namespace: default spec: interval: 30m @@ -41,7 +41,6 @@ spec: intel.feature.node.kubernetes.io/gpu: "true" controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -80,14 +79,6 @@ spec: gpu.intel.com/i915: 1 securityContext: privileged: true - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 5Gi - storageClass: rook-ceph-block - globalMounts: - - path: /data service: main: type: LoadBalancer @@ -121,12 +112,19 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /data config-file: type: configMap name: frigate-configmap readOnly: true globalMounts: - - path: /config + - path: /config/config.yml + subPath: config.yml + readOnly: true media: type: nfs server: "${LOCAL_LAN_TRUENAS}" diff --git a/kubernetes/apps/default/frigate/app/kustomization.yaml b/kubernetes/apps/default/frigate/app/kustomization.yaml index 9661b466e..a99c63c8c 100644 --- a/kubernetes/apps/default/frigate/app/kustomization.yaml +++ b/kubernetes/apps/default/frigate/app/kustomization.yaml @@ -5,9 +5,9 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync configMapGenerator: - name: frigate-configmap files: diff --git a/kubernetes/apps/default/frigate/app/volsync.yaml b/kubernetes/apps/default/frigate/app/volsync.yaml deleted file mode 100644 index fd7858917..000000000 --- a/kubernetes/apps/default/frigate/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: frigate-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: frigate-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/frigate' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: frigate - namespace: default -spec: - sourcePVC: config-frigate-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: frigate-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/frigate/ks.yaml b/kubernetes/apps/default/frigate/ks.yaml index 0973a4b12..be77d6588 100644 --- a/kubernetes/apps/default/frigate/ks.yaml +++ b/kubernetes/apps/default/frigate/ks.yaml @@ -3,12 +3,16 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-frigate + name: &app frigate namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-node-feature-discovery-rules + - name: external-secrets-stores + - name: node-feature-discovery-rules path: ./kubernetes/apps/default/frigate/app prune: true sourceRef: @@ -18,3 +22,7 @@ spec: interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 5Gi diff --git a/kubernetes/apps/default/ghostfolio/app/gatus.yaml b/kubernetes/apps/default/ghostfolio/app/gatus.yaml deleted file mode 100644 index c25bb97c8..000000000 --- a/kubernetes/apps/default/ghostfolio/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: ghostfolio-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: ghostfolio - group: internal - url: https://portfolio.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/ghostfolio/app/helmrelease.yaml b/kubernetes/apps/default/ghostfolio/app/helmrelease.yaml index 307965195..c7bc42be4 100644 --- a/kubernetes/apps/default/ghostfolio/app/helmrelease.yaml +++ b/kubernetes/apps/default/ghostfolio/app/helmrelease.yaml @@ -68,7 +68,7 @@ spec: annotations: hajimari.io/icon: mdi:cash-multiple hosts: - - host: &host "portfolio.${SECRET_CLUSTER_DOMAIN}" + - host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}" paths: - path: / service: diff --git a/kubernetes/apps/default/ghostfolio/app/kustomization.yaml b/kubernetes/apps/default/ghostfolio/app/kustomization.yaml index 504a7850d..f8c2e193c 100644 --- a/kubernetes/apps/default/ghostfolio/app/kustomization.yaml +++ b/kubernetes/apps/default/ghostfolio/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded diff --git a/kubernetes/apps/default/ghostfolio/ks.yaml b/kubernetes/apps/default/ghostfolio/ks.yaml index a01fd1382..38d6d28ac 100644 --- a/kubernetes/apps/default/ghostfolio/ks.yaml +++ b/kubernetes/apps/default/ghostfolio/ks.yaml @@ -3,32 +3,49 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-ghostfolio + name: &app ghostfolio namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/ghostfolio/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-ghostfolio-redis + - name: external-secrets-stores + - name: ghostfolio-redis + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-ghostfolio-redis + name: ghostfolio-redis namespace: flux-system spec: - interval: 10m + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: &app ghostfolio path: ./kubernetes/apps/default/ghostfolio/redis prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: false # no flux ks dependents + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/hajimari/ks.yaml b/kubernetes/apps/default/hajimari/ks.yaml index 321c73689..2236e927e 100644 --- a/kubernetes/apps/default/hajimari/ks.yaml +++ b/kubernetes/apps/default/hajimari/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-hajimari + name: &app hajimari namespace: flux-system spec: + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/hajimari/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + GATUS_SUBDOMAIN: apps diff --git a/kubernetes/apps/default/home-assistant/app/gatus.yaml b/kubernetes/apps/default/home-assistant/app/gatus.yaml deleted file mode 100644 index 3ed5435bd..000000000 --- a/kubernetes/apps/default/home-assistant/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: home-assistant-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: home-assistant - group: internal - url: https://hass.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/home-assistant/app/helmrelease.yaml b/kubernetes/apps/default/home-assistant/app/helmrelease.yaml index 6c61b9ed7..abaf0aecd 100644 --- a/kubernetes/apps/default/home-assistant/app/helmrelease.yaml +++ b/kubernetes/apps/default/home-assistant/app/helmrelease.yaml @@ -37,7 +37,6 @@ spec: nodo.feature.node.kubernetes.io/rflink: "true" controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" initContainers: @@ -73,14 +72,6 @@ spec: memory: 1Gi securityContext: privileged: true - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 10Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: type: LoadBalancer @@ -106,6 +97,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config usb: enabled: true type: hostPath diff --git a/kubernetes/apps/default/home-assistant/app/kustomization.yaml b/kubernetes/apps/default/home-assistant/app/kustomization.yaml index c005815a3..c6ffe4e11 100644 --- a/kubernetes/apps/default/home-assistant/app/kustomization.yaml +++ b/kubernetes/apps/default/home-assistant/app/kustomization.yaml @@ -3,8 +3,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: -- ./externalsecret.yaml -- ./gatus.yaml -- ./helmrelease.yaml -- ./podmonitor.yaml -- ./volsync.yaml + - ./externalsecret.yaml + - ./helmrelease.yaml + - ./podmonitor.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/home-assistant/app/volsync.yaml b/kubernetes/apps/default/home-assistant/app/volsync.yaml deleted file mode 100644 index 59bc084ec..000000000 --- a/kubernetes/apps/default/home-assistant/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: home-assistant-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: home-assistant-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/home-assistant' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: home-assistant - namespace: default -spec: - sourcePVC: config-home-assistant-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: home-assistant-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 0 - runAsGroup: 0 - fsGroup: 0 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/home-assistant/code/gatus.yaml b/kubernetes/apps/default/home-assistant/code/gatus.yaml deleted file mode 100644 index 6da4c5536..000000000 --- a/kubernetes/apps/default/home-assistant/code/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: hass-code-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: hass-code - group: internal - url: https://hass-code.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/home-assistant/code/kustomization.yaml b/kubernetes/apps/default/home-assistant/code/kustomization.yaml index c4d294242..1ead35c4d 100644 --- a/kubernetes/apps/default/home-assistant/code/kustomization.yaml +++ b/kubernetes/apps/default/home-assistant/code/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded diff --git a/kubernetes/apps/default/home-assistant/ks.yaml b/kubernetes/apps/default/home-assistant/ks.yaml index fde0cb418..7310aa8d3 100644 --- a/kubernetes/apps/default/home-assistant/ks.yaml +++ b/kubernetes/apps/default/home-assistant/ks.yaml @@ -3,12 +3,16 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-home-assistant-app + name: &app home-assistant namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: volsync path: ./kubernetes/apps/default/home-assistant/app prune: true sourceRef: @@ -18,14 +22,26 @@ spec: interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app + GATUS_SUBDOMAIN: hass + VOLSYNC_CAPACITY: 5Gi + VOLSYNC_ACCESSMODES: ReadWriteMany + VOLSYNC_STORAGECLASS: rook-ceph-filesystem + VOLSYNC_SNAPSHOTCLASS: csi-ceph-filesystem --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-home-assistant-code + name: home-assistant-code namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: &app home-assistant path: ./kubernetes/apps/default/home-assistant/code prune: true sourceRef: @@ -35,3 +51,7 @@ spec: interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app + GATUS_SUBDOMAIN: hass-code diff --git a/kubernetes/apps/default/homebox/app/gatus.yaml b/kubernetes/apps/default/homebox/app/gatus.yaml deleted file mode 100644 index 78aec0aa8..000000000 --- a/kubernetes/apps/default/homebox/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: homebox-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: homebox - group: internal - url: https://homebox.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/homebox/app/helmrelease.yaml b/kubernetes/apps/default/homebox/app/helmrelease.yaml index 83c6bb618..570072fdd 100644 --- a/kubernetes/apps/default/homebox/app/helmrelease.yaml +++ b/kubernetes/apps/default/homebox/app/helmrelease.yaml @@ -29,7 +29,6 @@ spec: values: controllers: main: - type: statefulset containers: main: image: @@ -46,14 +45,6 @@ spec: memory: 52M limits: memory: 256M - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -79,3 +70,9 @@ spec: tls: - hosts: - *host + persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config diff --git a/kubernetes/apps/default/homebox/app/kustomization.yaml b/kubernetes/apps/default/homebox/app/kustomization.yaml index 29079162f..35ff57401 100644 --- a/kubernetes/apps/default/homebox/app/kustomization.yaml +++ b/kubernetes/apps/default/homebox/app/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/homebox/app/volsync.yaml b/kubernetes/apps/default/homebox/app/volsync.yaml deleted file mode 100644 index 96e5ee038..000000000 --- a/kubernetes/apps/default/homebox/app/volsync.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: homebox-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: homebox-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/homebox' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: homebox - namespace: default -spec: - sourcePVC: config-homebox-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: homebox-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/homebox/ks.yaml b/kubernetes/apps/default/homebox/ks.yaml index 403773bd2..04eadac1d 100644 --- a/kubernetes/apps/default/homebox/ks.yaml +++ b/kubernetes/apps/default/homebox/ks.yaml @@ -3,14 +3,23 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-homebox + name: &app homebox namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/homebox/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/homelab/ks.yaml b/kubernetes/apps/default/homelab/ks.yaml index 94dacde60..629bbeeba 100644 --- a/kubernetes/apps/default/homelab/ks.yaml +++ b/kubernetes/apps/default/homelab/ks.yaml @@ -3,52 +3,76 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-homelab-minio + name: &app homelab-minio namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/homelab/minio prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-homelab-opnsense + name: &app homelab-opnsense namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/homelab/opnsense prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-homelab-truenas + name: &app homelab-truenas namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/homelab/truenas prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/immich/app/gatus.yaml b/kubernetes/apps/default/immich/app/gatus.yaml deleted file mode 100644 index dbc14e1c3..000000000 --- a/kubernetes/apps/default/immich/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: immich-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: immich - group: internal - url: https://photos.${SECRET_CLUSTER_DOMAIN}/auth/login - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/immich/app/kustomization.yaml b/kubernetes/apps/default/immich/app/kustomization.yaml index 72d3ef811..671a96a10 100644 --- a/kubernetes/apps/default/immich/app/kustomization.yaml +++ b/kubernetes/apps/default/immich/app/kustomization.yaml @@ -6,10 +6,10 @@ namespace: default resources: - ./configmap.yaml - ./externalsecret.yaml - - ./gatus.yaml - ./microservices - ./machine-learning - ./server - ./typesense - - ./volsync.yaml - ./volumes.yaml + - ../../../../templates/gatus/external + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/immich/app/typesense/helmrelease.yaml b/kubernetes/apps/default/immich/app/typesense/helmrelease.yaml index d554e09f8..92be50a75 100644 --- a/kubernetes/apps/default/immich/app/typesense/helmrelease.yaml +++ b/kubernetes/apps/default/immich/app/typesense/helmrelease.yaml @@ -32,7 +32,6 @@ spec: enableServiceLinks: false controllers: main: - type: statefulset strategy: RollingUpdate annotations: configmap.reloader.stakater.com/reload: &configMap immich-configmap @@ -84,6 +83,6 @@ spec: config: enabled: true type: persistentVolumeClaim - existingClaim: immich-config + existingClaim: immich globalMounts: - path: /config diff --git a/kubernetes/apps/default/immich/app/volsync.yaml b/kubernetes/apps/default/immich/app/volsync.yaml deleted file mode 100644 index 99e43fbd8..000000000 --- a/kubernetes/apps/default/immich/app/volsync.yaml +++ /dev/null @@ -1,65 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: immich-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: immich-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/immich' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: immich-config - namespace: default -spec: - sourcePVC: immich-config - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: immich-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - retain: - daily: 7 - within: 3d ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: immich-machine-learning-cache - namespace: default -spec: - sourcePVC: immich-machine-learning-cache - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: immich-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/immich/app/volumes.yaml b/kubernetes/apps/default/immich/app/volumes.yaml index 5ada0e35b..20ea50cf1 100644 --- a/kubernetes/apps/default/immich/app/volumes.yaml +++ b/kubernetes/apps/default/immich/app/volumes.yaml @@ -30,22 +30,6 @@ spec: --- apiVersion: v1 kind: PersistentVolumeClaim -metadata: - name: immich-config - namespace: default - labels: - app.kubernetes.io/name: &name immich - app.kubernetes.io/instance: *name -spec: - accessModes: - - ReadWriteOnce - storageClassName: rook-ceph-block - resources: - requests: - storage: 1Gi ---- -apiVersion: v1 -kind: PersistentVolumeClaim metadata: name: immich-machine-learning-cache namespace: default diff --git a/kubernetes/apps/default/immich/ks.yaml b/kubernetes/apps/default/immich/ks.yaml index 64764ff1e..954a4e88e 100644 --- a/kubernetes/apps/default/immich/ks.yaml +++ b/kubernetes/apps/default/immich/ks.yaml @@ -3,32 +3,51 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-immich-app + name: &app immich namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores path: ./kubernetes/apps/default/immich/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: false # no flux ks dependents + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app + GATUS_SUBDOMAIN: photos + VOLSYNC_CAPACITY: 2Gi --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-immich-redis + name: immich-redis namespace: flux-system spec: - interval: 10m + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: &app immich path: ./kubernetes/apps/default/immich/redis prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: false # no flux ks dependents + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/invidious/app/gatus.yaml b/kubernetes/apps/default/invidious/app/gatus.yaml deleted file mode 100644 index 5d32399f1..000000000 --- a/kubernetes/apps/default/invidious/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: invidious-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: invidious - group: external - url: https://invidious.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/invidious/app/kustomization.yaml b/kubernetes/apps/default/invidious/app/kustomization.yaml index 504a7850d..f8c2e193c 100644 --- a/kubernetes/apps/default/invidious/app/kustomization.yaml +++ b/kubernetes/apps/default/invidious/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded diff --git a/kubernetes/apps/default/invidious/ks.yaml b/kubernetes/apps/default/invidious/ks.yaml index 7ba10f098..7dadcd61c 100644 --- a/kubernetes/apps/default/invidious/ks.yaml +++ b/kubernetes/apps/default/invidious/ks.yaml @@ -3,16 +3,24 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-invidious + name: &app invidious namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/invidious/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/jellyfin/app/gatus.yaml b/kubernetes/apps/default/jellyfin/app/gatus.yaml deleted file mode 100644 index ac054f515..000000000 --- a/kubernetes/apps/default/jellyfin/app/gatus.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: jellyfin-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: jellyfin - group: internal - url: https://jellyfin.${SECRET_CLUSTER_DOMAIN}/web/index.html - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/jellyfin/app/helmrelease.yaml b/kubernetes/apps/default/jellyfin/app/helmrelease.yaml index 3bbde7c63..a00eed99a 100644 --- a/kubernetes/apps/default/jellyfin/app/helmrelease.yaml +++ b/kubernetes/apps/default/jellyfin/app/helmrelease.yaml @@ -38,7 +38,6 @@ spec: fsGroupChangePolicy: OnRootMismatch controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -75,14 +74,6 @@ spec: limits: gpu.intel.com/i915: 1 memory: 4Gi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 50Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: type: LoadBalancer @@ -108,6 +99,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config music: enabled: true type: nfs diff --git a/kubernetes/apps/default/jellyfin/app/kustomization.yaml b/kubernetes/apps/default/jellyfin/app/kustomization.yaml index 29079162f..3170b928d 100644 --- a/kubernetes/apps/default/jellyfin/app/kustomization.yaml +++ b/kubernetes/apps/default/jellyfin/app/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/external + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/jellyfin/app/volsync.yaml b/kubernetes/apps/default/jellyfin/app/volsync.yaml deleted file mode 100644 index f32466e6a..000000000 --- a/kubernetes/apps/default/jellyfin/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: jellyfin-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: jellyfin-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/jellyfin' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: jellyfin - namespace: default -spec: - sourcePVC: config-jellyfin-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: jellyfin-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/jellyfin/ks.yaml b/kubernetes/apps/default/jellyfin/ks.yaml index df4f0facb..0c5c9ef3f 100644 --- a/kubernetes/apps/default/jellyfin/ks.yaml +++ b/kubernetes/apps/default/jellyfin/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-jellyfin-app + name: &app jellyfin namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-volsync-app + - name: rook-ceph-cluster + - name: external-secrets-stores + - name: volsync path: ./kubernetes/apps/default/jellyfin/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 20Gi diff --git a/kubernetes/apps/default/joplin/app/gatus.yaml b/kubernetes/apps/default/joplin/app/gatus.yaml deleted file mode 100644 index f4434db68..000000000 --- a/kubernetes/apps/default/joplin/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: joplin-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: joplin - group: external - url: https://joplin.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/joplin/app/kustomization.yaml b/kubernetes/apps/default/joplin/app/kustomization.yaml index 504a7850d..c067a3946 100644 --- a/kubernetes/apps/default/joplin/app/kustomization.yaml +++ b/kubernetes/apps/default/joplin/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/external diff --git a/kubernetes/apps/default/joplin/ks.yaml b/kubernetes/apps/default/joplin/ks.yaml index 6c0311822..ec9b40296 100644 --- a/kubernetes/apps/default/joplin/ks.yaml +++ b/kubernetes/apps/default/joplin/ks.yaml @@ -3,16 +3,24 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-joplin + name: &app joplin namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/joplin/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/komf/app/helmrelease.yaml b/kubernetes/apps/default/komf/app/helmrelease.yaml index e471df424..748629a1b 100644 --- a/kubernetes/apps/default/komf/app/helmrelease.yaml +++ b/kubernetes/apps/default/komf/app/helmrelease.yaml @@ -31,7 +31,6 @@ spec: values: controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -51,27 +50,22 @@ spec: cpu: 15m limits: memory: 4282M - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: http: port: 8085 persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config configmap: enabled: true type: configMap name: komf-configmap - advancedMounts: - main: - main: - - path: /config/application.yml - readOnly: true - subPath: application.yml + globalMounts: + - path: /config/application.yml + readOnly: true + subPath: application.yml diff --git a/kubernetes/apps/default/komf/app/kustomization.yaml b/kubernetes/apps/default/komf/app/kustomization.yaml index c5e3fca7b..10d4ee1d0 100644 --- a/kubernetes/apps/default/komf/app/kustomization.yaml +++ b/kubernetes/apps/default/komf/app/kustomization.yaml @@ -6,7 +6,7 @@ namespace: default resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/volsync configMapGenerator: - name: komf-configmap files: diff --git a/kubernetes/apps/default/komf/app/volsync.yaml b/kubernetes/apps/default/komf/app/volsync.yaml deleted file mode 100644 index a5fe35474..000000000 --- a/kubernetes/apps/default/komf/app/volsync.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: komf-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: komf-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/komf' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: komf - namespace: default -spec: - sourcePVC: config-komf-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: komf-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/komf/ks.yaml b/kubernetes/apps/default/komf/ks.yaml index 6a4655d74..4c47de685 100644 --- a/kubernetes/apps/default/komf/ks.yaml +++ b/kubernetes/apps/default/komf/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-komf + name: &app komf namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/komf/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/komga/app/gatus.yaml b/kubernetes/apps/default/komga/app/gatus.yaml deleted file mode 100644 index f8aa4011e..000000000 --- a/kubernetes/apps/default/komga/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: komga-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: komga - group: internal - url: https://komga.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/komga/app/helmrelease.yaml b/kubernetes/apps/default/komga/app/helmrelease.yaml index 0993ab4cb..ae0d98772 100644 --- a/kubernetes/apps/default/komga/app/helmrelease.yaml +++ b/kubernetes/apps/default/komga/app/helmrelease.yaml @@ -29,7 +29,6 @@ spec: values: controllers: main: - type: statefulset containers: main: image: @@ -44,14 +43,6 @@ spec: cpu: 15m limits: memory: 4282M - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 20Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -74,6 +65,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config comics: type: nfs server: "${LOCAL_LAN_TRUENAS}" diff --git a/kubernetes/apps/default/komga/app/kustomization.yaml b/kubernetes/apps/default/komga/app/kustomization.yaml index 29079162f..35ff57401 100644 --- a/kubernetes/apps/default/komga/app/kustomization.yaml +++ b/kubernetes/apps/default/komga/app/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/komga/app/volsync.yaml b/kubernetes/apps/default/komga/app/volsync.yaml deleted file mode 100644 index 799a9cb54..000000000 --- a/kubernetes/apps/default/komga/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: komga-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: komga-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/komga' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: komga - namespace: default -spec: - sourcePVC: config-komga-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: komga-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/komga/ks.yaml b/kubernetes/apps/default/komga/ks.yaml index 03e46b645..e735aaded 100644 --- a/kubernetes/apps/default/komga/ks.yaml +++ b/kubernetes/apps/default/komga/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-komga + name: &app komga namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/komga/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/kresus/app/gatus.yaml b/kubernetes/apps/default/kresus/app/gatus.yaml deleted file mode 100644 index abf7d301a..000000000 --- a/kubernetes/apps/default/kresus/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: kresus-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: kresus - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: cash.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/kresus/app/helmrelease.yaml b/kubernetes/apps/default/kresus/app/helmrelease.yaml index 62e2b04c2..9b091cc6c 100644 --- a/kubernetes/apps/default/kresus/app/helmrelease.yaml +++ b/kubernetes/apps/default/kresus/app/helmrelease.yaml @@ -35,7 +35,6 @@ spec: fsGroupChangePolicy: OnRootMismatch controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" initContainers: @@ -71,14 +70,6 @@ spec: requests: cpu: 100m memory: 256Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -106,6 +97,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config woob: enabled: true type: emptyDir diff --git a/kubernetes/apps/default/kresus/app/kustomization.yaml b/kubernetes/apps/default/kresus/app/kustomization.yaml index c254171ab..48e972b27 100644 --- a/kubernetes/apps/default/kresus/app/kustomization.yaml +++ b/kubernetes/apps/default/kresus/app/kustomization.yaml @@ -5,6 +5,6 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/kresus/app/volsync.yaml b/kubernetes/apps/default/kresus/app/volsync.yaml deleted file mode 100644 index b7087e0cb..000000000 --- a/kubernetes/apps/default/kresus/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: kresus-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: kresus-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/kresus' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: kresus - namespace: default -spec: - sourcePVC: config-kresus-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: kresus-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/kresus/ks.yaml b/kubernetes/apps/default/kresus/ks.yaml index d5e252df4..fcb4f4b3d 100644 --- a/kubernetes/apps/default/kresus/ks.yaml +++ b/kubernetes/apps/default/kresus/ks.yaml @@ -3,17 +3,26 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-kresus + name: &app kresus namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/kresus/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: volsync + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/libmedium/app/gatus.yaml b/kubernetes/apps/default/libmedium/app/gatus.yaml deleted file mode 100644 index df56a9ed4..000000000 --- a/kubernetes/apps/default/libmedium/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: libmedium-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: libmedium - group: external - url: https://libmedium.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/libmedium/app/kustomization.yaml b/kubernetes/apps/default/libmedium/app/kustomization.yaml index b5202b76b..b70c92613 100644 --- a/kubernetes/apps/default/libmedium/app/kustomization.yaml +++ b/kubernetes/apps/default/libmedium/app/kustomization.yaml @@ -4,12 +4,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded configMapGenerator: - name: libmedium-configmap files: - config.toml=./config/config.toml generatorOptions: disableNameSuffixHash: true - diff --git a/kubernetes/apps/default/libmedium/ks.yaml b/kubernetes/apps/default/libmedium/ks.yaml index 47b4c03ea..a00994674 100644 --- a/kubernetes/apps/default/libmedium/ks.yaml +++ b/kubernetes/apps/default/libmedium/ks.yaml @@ -3,16 +3,26 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-libmedium + name: &app libmedium namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/apps/default/libmedium/app + dependsOn: + - name: external-secrets-stores prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - dependsOn: - - name: cluster-apps-external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/libreddit/app/gatus.yaml b/kubernetes/apps/default/libreddit/app/gatus.yaml deleted file mode 100644 index 5d32399f1..000000000 --- a/kubernetes/apps/default/libreddit/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: invidious-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: invidious - group: external - url: https://invidious.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/libreddit/app/kustomization.yaml b/kubernetes/apps/default/libreddit/app/kustomization.yaml index 6d9428ee4..839d732b8 100644 --- a/kubernetes/apps/default/libreddit/app/kustomization.yaml +++ b/kubernetes/apps/default/libreddit/app/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded diff --git a/kubernetes/apps/default/libreddit/ks.yaml b/kubernetes/apps/default/libreddit/ks.yaml index dee5c9eee..427ad74e4 100644 --- a/kubernetes/apps/default/libreddit/ks.yaml +++ b/kubernetes/apps/default/libreddit/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-libreddit + name: &app libreddit namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/libreddit/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/lidarr/app/gatus.yaml b/kubernetes/apps/default/lidarr/app/gatus.yaml deleted file mode 100644 index 93d0afc55..000000000 --- a/kubernetes/apps/default/lidarr/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: lidarr-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: lidarr - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: lidarr.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/lidarr/app/helmrelease.yaml b/kubernetes/apps/default/lidarr/app/helmrelease.yaml index 2d0bded8b..203415714 100644 --- a/kubernetes/apps/default/lidarr/app/helmrelease.yaml +++ b/kubernetes/apps/default/lidarr/app/helmrelease.yaml @@ -97,7 +97,9 @@ spec: persistence: config: enabled: true - type: emptyDir + existingClaim: *app + globalMounts: + - path: /config music: type: nfs server: "${LOCAL_LAN_TRUENAS}" diff --git a/kubernetes/apps/default/lidarr/app/kustomization.yaml b/kubernetes/apps/default/lidarr/app/kustomization.yaml index d98526453..d76fdd38e 100644 --- a/kubernetes/apps/default/lidarr/app/kustomization.yaml +++ b/kubernetes/apps/default/lidarr/app/kustomization.yaml @@ -5,8 +5,9 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync configMapGenerator: - name: lidarr-pushover files: diff --git a/kubernetes/apps/default/lidarr/ks.yaml b/kubernetes/apps/default/lidarr/ks.yaml index a79f35b60..4f1d3388c 100644 --- a/kubernetes/apps/default/lidarr/ks.yaml +++ b/kubernetes/apps/default/lidarr/ks.yaml @@ -3,18 +3,28 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-lidarr-app + name: &app lidarr namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/lidarr/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 20Gi diff --git a/kubernetes/apps/default/linkding/app/gatus.yaml b/kubernetes/apps/default/linkding/app/gatus.yaml deleted file mode 100644 index 2df767f49..000000000 --- a/kubernetes/apps/default/linkding/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: linkding-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: linkding - group: internal - url: https://links.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/linkding/app/kustomization.yaml b/kubernetes/apps/default/linkding/app/kustomization.yaml index 504a7850d..f8c2e193c 100644 --- a/kubernetes/apps/default/linkding/app/kustomization.yaml +++ b/kubernetes/apps/default/linkding/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded diff --git a/kubernetes/apps/default/linkding/ks.yaml b/kubernetes/apps/default/linkding/ks.yaml index 211c22df7..5fb762299 100644 --- a/kubernetes/apps/default/linkding/ks.yaml +++ b/kubernetes/apps/default/linkding/ks.yaml @@ -3,16 +3,24 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-linkding + name: &app linkding namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/linkding/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/lldap/app/gatus.yaml b/kubernetes/apps/default/lldap/app/gatus.yaml deleted file mode 100644 index ea3fedb65..000000000 --- a/kubernetes/apps/default/lldap/app/gatus.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: lldap-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: lldap - group: internal - url: https://lldap.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/lldap/app/kustomization.yaml b/kubernetes/apps/default/lldap/app/kustomization.yaml index 504a7850d..f8c2e193c 100644 --- a/kubernetes/apps/default/lldap/app/kustomization.yaml +++ b/kubernetes/apps/default/lldap/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded diff --git a/kubernetes/apps/default/lldap/ks.yaml b/kubernetes/apps/default/lldap/ks.yaml index 7c5b11a13..f95381c36 100644 --- a/kubernetes/apps/default/lldap/ks.yaml +++ b/kubernetes/apps/default/lldap/ks.yaml @@ -3,15 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-lldap + name: &app lldap namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/lldap/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: true + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/lms/app/gatus.yaml b/kubernetes/apps/default/lms/app/gatus.yaml deleted file mode 100644 index f79dcc654..000000000 --- a/kubernetes/apps/default/lms/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: lms-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: lms - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: lms.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/lms/app/helmrelease.yaml b/kubernetes/apps/default/lms/app/helmrelease.yaml index 667a0e40f..61bddd007 100644 --- a/kubernetes/apps/default/lms/app/helmrelease.yaml +++ b/kubernetes/apps/default/lms/app/helmrelease.yaml @@ -29,7 +29,6 @@ spec: values: controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -46,14 +45,6 @@ spec: cpu: 15m limits: memory: 4096Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 10Gi - storageClass: rook-ceph-block - globalMounts: - - path: /srv/squeezebox service: main: type: LoadBalancer @@ -91,6 +82,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /srv/squeezebox music: type: nfs server: "${LOCAL_LAN_TRUENAS}" diff --git a/kubernetes/apps/default/lms/app/kustomization.yaml b/kubernetes/apps/default/lms/app/kustomization.yaml index 29079162f..35ff57401 100644 --- a/kubernetes/apps/default/lms/app/kustomization.yaml +++ b/kubernetes/apps/default/lms/app/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/lms/app/volsync.yaml b/kubernetes/apps/default/lms/app/volsync.yaml deleted file mode 100644 index 465bc0fda..000000000 --- a/kubernetes/apps/default/lms/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: lms-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: lms-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/lms' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: lms - namespace: default -spec: - sourcePVC: config-lms-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: lms-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/lms/ks.yaml b/kubernetes/apps/default/lms/ks.yaml index 6e8290f63..332d916ae 100644 --- a/kubernetes/apps/default/lms/ks.yaml +++ b/kubernetes/apps/default/lms/ks.yaml @@ -3,16 +3,25 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-lms-app + name: &app lms namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-volsync-app + - name: volsync path: ./kubernetes/apps/default/lms/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/lychee/app/gatus.yaml b/kubernetes/apps/default/lychee/app/gatus.yaml deleted file mode 100644 index 57cadf3e5..000000000 --- a/kubernetes/apps/default/lychee/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: lychee-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: lychee - group: external - url: https://lychee.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/lychee/app/helmrelease.yaml b/kubernetes/apps/default/lychee/app/helmrelease.yaml index d72ab30a4..1538572de 100644 --- a/kubernetes/apps/default/lychee/app/helmrelease.yaml +++ b/kubernetes/apps/default/lychee/app/helmrelease.yaml @@ -33,7 +33,6 @@ spec: main: annotations: reloader.stakater.com/auto: "true" - type: statefulset initContainers: init-db: image: @@ -61,14 +60,6 @@ spec: requests: cpu: 100m memory: 256Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 50Gi - storageClass: rook-ceph-block - globalMounts: - - path: /uploads service: main: ports: @@ -92,6 +83,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /uploads photo: enabled: true type: nfs diff --git a/kubernetes/apps/default/lychee/app/kustomization.yaml b/kubernetes/apps/default/lychee/app/kustomization.yaml index c254171ab..48e972b27 100644 --- a/kubernetes/apps/default/lychee/app/kustomization.yaml +++ b/kubernetes/apps/default/lychee/app/kustomization.yaml @@ -5,6 +5,6 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/lychee/app/volsync.yaml b/kubernetes/apps/default/lychee/app/volsync.yaml deleted file mode 100644 index 79d9203fd..000000000 --- a/kubernetes/apps/default/lychee/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: lychee-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: lychee-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/lychee' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: lychee - namespace: default -spec: - sourcePVC: config-lychee-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: lychee-restic-secret - cacheCapacity: 20Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 33 - runAsGroup: 33 - fsGroup: 33 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/lychee/ks.yaml b/kubernetes/apps/default/lychee/ks.yaml index 06c4a775d..099a7b621 100644 --- a/kubernetes/apps/default/lychee/ks.yaml +++ b/kubernetes/apps/default/lychee/ks.yaml @@ -3,34 +3,49 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-lychee + name: &app lychee namespace: flux-system spec: + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/lychee/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-lychee-redis - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 80Gi --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-lychee-redis + name: lychee-redis namespace: flux-system spec: - interval: 10m + commonMetadata: + labels: + app.kubernetes.io/name: &app lychee path: ./kubernetes/apps/default/lychee/redis prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: false # no flux ks dependents + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/mailrise/app/gatus.yaml b/kubernetes/apps/default/mailrise/app/gatus.yaml deleted file mode 100644 index 33dc43473..000000000 --- a/kubernetes/apps/default/mailrise/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: mailrise-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: mailrise - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: mailrise.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/mailrise/app/kustomization.yaml b/kubernetes/apps/default/mailrise/app/kustomization.yaml index b93c58494..7b99e2c4f 100644 --- a/kubernetes/apps/default/mailrise/app/kustomization.yaml +++ b/kubernetes/apps/default/mailrise/app/kustomization.yaml @@ -5,8 +5,8 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded configMapGenerator: - name: mailrise-configmap files: diff --git a/kubernetes/apps/default/mailrise/ks.yaml b/kubernetes/apps/default/mailrise/ks.yaml index f93145982..c6b1725f3 100644 --- a/kubernetes/apps/default/mailrise/ks.yaml +++ b/kubernetes/apps/default/mailrise/ks.yaml @@ -3,16 +3,24 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-mailrise + name: &app mailrise namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/mailrise/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/media-browser/app/gatus.yaml b/kubernetes/apps/default/media-browser/app/gatus.yaml deleted file mode 100644 index 49046f76b..000000000 --- a/kubernetes/apps/default/media-browser/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: media-browser-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: media-browser - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: media-browser.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/media-browser/app/helmrelease.yaml b/kubernetes/apps/default/media-browser/app/helmrelease.yaml index 815b8c29b..4c425f623 100644 --- a/kubernetes/apps/default/media-browser/app/helmrelease.yaml +++ b/kubernetes/apps/default/media-browser/app/helmrelease.yaml @@ -29,7 +29,6 @@ spec: values: controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -64,14 +63,6 @@ spec: memory: 50Mi limits: memory: 500Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -99,6 +90,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config music: enabled: true type: nfs diff --git a/kubernetes/apps/default/media-browser/app/kustomization.yaml b/kubernetes/apps/default/media-browser/app/kustomization.yaml index 29079162f..35ff57401 100644 --- a/kubernetes/apps/default/media-browser/app/kustomization.yaml +++ b/kubernetes/apps/default/media-browser/app/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/media-browser/ks.yaml b/kubernetes/apps/default/media-browser/ks.yaml index f5c2ec0b8..346f27e02 100644 --- a/kubernetes/apps/default/media-browser/ks.yaml +++ b/kubernetes/apps/default/media-browser/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-media-browser + name: &app media-browser namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/media-browser/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/music-transcode/app/helm-release.yaml b/kubernetes/apps/default/music-transcode/app/helmrelease.yaml similarity index 100% rename from kubernetes/apps/default/music-transcode/app/helm-release.yaml rename to kubernetes/apps/default/music-transcode/app/helmrelease.yaml diff --git a/kubernetes/apps/default/music-transcode/app/kustomization.yaml b/kubernetes/apps/default/music-transcode/app/kustomization.yaml index d8ab28850..c74e8bc6b 100644 --- a/kubernetes/apps/default/music-transcode/app/kustomization.yaml +++ b/kubernetes/apps/default/music-transcode/app/kustomization.yaml @@ -4,7 +4,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./helm-release.yaml + - ./helmrelease.yaml configMapGenerator: - name: music-transcode-configmap files: diff --git a/kubernetes/apps/default/music-transcode/ks.yaml b/kubernetes/apps/default/music-transcode/ks.yaml index 6cafd413b..62446553e 100644 --- a/kubernetes/apps/default/music-transcode/ks.yaml +++ b/kubernetes/apps/default/music-transcode/ks.yaml @@ -3,15 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-music-transcode-app + name: &app music-transcode namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/music-transcode/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: true + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/navidrome/app/gatus.yaml b/kubernetes/apps/default/navidrome/app/gatus.yaml deleted file mode 100644 index 0819670d4..000000000 --- a/kubernetes/apps/default/navidrome/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: navidrome-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: navidrome - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: navidrome.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/navidrome/app/helmrelease.yaml b/kubernetes/apps/default/navidrome/app/helmrelease.yaml index b3e6d68cf..d98bdb4d6 100644 --- a/kubernetes/apps/default/navidrome/app/helmrelease.yaml +++ b/kubernetes/apps/default/navidrome/app/helmrelease.yaml @@ -34,7 +34,6 @@ spec: runAsGroup: 568 controllers: main: - type: statefulset containers: main: image: @@ -58,14 +57,6 @@ spec: memory: 250Mi limits: memory: 750Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -98,6 +89,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config music: type: nfs server: "${LOCAL_LAN_TRUENAS}" diff --git a/kubernetes/apps/default/navidrome/app/kustomization.yaml b/kubernetes/apps/default/navidrome/app/kustomization.yaml index 29079162f..35ff57401 100644 --- a/kubernetes/apps/default/navidrome/app/kustomization.yaml +++ b/kubernetes/apps/default/navidrome/app/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/navidrome/app/volsync.yaml b/kubernetes/apps/default/navidrome/app/volsync.yaml deleted file mode 100644 index 7807b1da2..000000000 --- a/kubernetes/apps/default/navidrome/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: navidrome-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: navidrome-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/navidrome' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: navidrome - namespace: default -spec: - sourcePVC: config-navidrome-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: navidrome-restic-secret - cacheCapacity: 20Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/navidrome/ks.yaml b/kubernetes/apps/default/navidrome/ks.yaml index bd63671a1..c4eedd395 100644 --- a/kubernetes/apps/default/navidrome/ks.yaml +++ b/kubernetes/apps/default/navidrome/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-navidrome + name: &app navidrome namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/navidrome/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/outline/app/gatus.yaml b/kubernetes/apps/default/outline/app/gatus.yaml deleted file mode 100644 index 962a34fbf..000000000 --- a/kubernetes/apps/default/outline/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: outline-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: outline - group: internal - url: https://docs.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/outline/app/kustomization.yaml b/kubernetes/apps/default/outline/app/kustomization.yaml index 504a7850d..f8c2e193c 100644 --- a/kubernetes/apps/default/outline/app/kustomization.yaml +++ b/kubernetes/apps/default/outline/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded diff --git a/kubernetes/apps/default/outline/ks.yaml b/kubernetes/apps/default/outline/ks.yaml index 4e1291f9a..34d56c075 100644 --- a/kubernetes/apps/default/outline/ks.yaml +++ b/kubernetes/apps/default/outline/ks.yaml @@ -3,32 +3,49 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-outline + name: &app outline namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/outline/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-outline-redis + - name: external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-outline-redis + name: outline-redis namespace: flux-system spec: - interval: 10m + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: &app outline path: ./kubernetes/apps/default/outline/redis prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: false # no flux ks dependents + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/paperless/app/gatus.yaml b/kubernetes/apps/default/paperless/app/gatus.yaml deleted file mode 100644 index 9ac25911d..000000000 --- a/kubernetes/apps/default/paperless/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: paperless-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: paperless - group: internal - url: https://paperless.${SECRET_CLUSTER_DOMAIN}/accounts/login/ - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/paperless/app/kustomization.yaml b/kubernetes/apps/default/paperless/app/kustomization.yaml index 504a7850d..f8c2e193c 100644 --- a/kubernetes/apps/default/paperless/app/kustomization.yaml +++ b/kubernetes/apps/default/paperless/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded diff --git a/kubernetes/apps/default/paperless/ks.yaml b/kubernetes/apps/default/paperless/ks.yaml index 27249b4ce..b47c14c34 100644 --- a/kubernetes/apps/default/paperless/ks.yaml +++ b/kubernetes/apps/default/paperless/ks.yaml @@ -3,32 +3,48 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-paperless + name: &app paperless namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/paperless/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-paperless-redis + - name: external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-paperless-redis + name: paperless-redis namespace: flux-system spec: - interval: 10m + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: &app paperless path: ./kubernetes/apps/default/paperless/redis prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: false # no flux ks dependents + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/pgadmin/app/gatus.yaml b/kubernetes/apps/default/pgadmin/app/gatus.yaml deleted file mode 100644 index aebd9f0a4..000000000 --- a/kubernetes/apps/default/pgadmin/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: pgadmin-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: pgadmin - group: internal - url: https://pgadmin.${SECRET_CLUSTER_DOMAIN}/login - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/pgadmin/app/helmrelease.yaml b/kubernetes/apps/default/pgadmin/app/helmrelease.yaml index 5054afe58..b4578d2d2 100644 --- a/kubernetes/apps/default/pgadmin/app/helmrelease.yaml +++ b/kubernetes/apps/default/pgadmin/app/helmrelease.yaml @@ -29,7 +29,6 @@ spec: values: controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" initContainers: @@ -59,14 +58,6 @@ spec: memory: 100Mi limits: memory: 500Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /var/lib/pgadmin service: main: ports: @@ -88,3 +79,9 @@ spec: tls: - hosts: - *host + persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /var/lib/pgadmin diff --git a/kubernetes/apps/default/pgadmin/app/kustomization.yaml b/kubernetes/apps/default/pgadmin/app/kustomization.yaml index c254171ab..48e972b27 100644 --- a/kubernetes/apps/default/pgadmin/app/kustomization.yaml +++ b/kubernetes/apps/default/pgadmin/app/kustomization.yaml @@ -5,6 +5,6 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/pgadmin/app/volsync.yaml b/kubernetes/apps/default/pgadmin/app/volsync.yaml deleted file mode 100644 index e62c010c3..000000000 --- a/kubernetes/apps/default/pgadmin/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: pgadmin-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: pgadmin-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/pgadmin' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: pgadmin - namespace: default -spec: - sourcePVC: config-pgadmin-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: pgadmin-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/pgadmin/ks.yaml b/kubernetes/apps/default/pgadmin/ks.yaml index 85df498cb..4ec1197cd 100644 --- a/kubernetes/apps/default/pgadmin/ks.yaml +++ b/kubernetes/apps/default/pgadmin/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-pgadmin + name: &app pgadmin namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/pgadmin/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-volsync-app + - name: rook-ceph-cluster + - name: external-secrets-stores + - name: volsync + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/prowlarr/app/gatus.yaml b/kubernetes/apps/default/prowlarr/app/gatus.yaml deleted file mode 100644 index bb5029aaa..000000000 --- a/kubernetes/apps/default/prowlarr/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: prowlarr-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: prowlarr - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: prowlarr.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/prowlarr/app/kustomization.yaml b/kubernetes/apps/default/prowlarr/app/kustomization.yaml index 504a7850d..f8c2e193c 100644 --- a/kubernetes/apps/default/prowlarr/app/kustomization.yaml +++ b/kubernetes/apps/default/prowlarr/app/kustomization.yaml @@ -5,5 +5,5 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded diff --git a/kubernetes/apps/default/prowlarr/ks.yaml b/kubernetes/apps/default/prowlarr/ks.yaml index 4a56f89fd..bfaabf86a 100644 --- a/kubernetes/apps/default/prowlarr/ks.yaml +++ b/kubernetes/apps/default/prowlarr/ks.yaml @@ -3,18 +3,26 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-prowlarr-app + name: &app prowlarr namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster path: ./kubernetes/apps/default/prowlarr/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/pushover-notifier/ks.yaml b/kubernetes/apps/default/pushover-notifier/ks.yaml index 08fda48a7..de6b116b5 100644 --- a/kubernetes/apps/default/pushover-notifier/ks.yaml +++ b/kubernetes/apps/default/pushover-notifier/ks.yaml @@ -3,16 +3,24 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-pushover-notifier + name: &app pushover-notifier namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores path: ./kubernetes/apps/default/pushover-notifier/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/pyload/app/gatus.yaml b/kubernetes/apps/default/pyload/app/gatus.yaml deleted file mode 100644 index 99b7bf5c6..000000000 --- a/kubernetes/apps/default/pyload/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: pyload-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: pyload - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: pyload.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/pyload/app/helmrelease.yaml b/kubernetes/apps/default/pyload/app/helmrelease.yaml index 4e98428fc..226384841 100644 --- a/kubernetes/apps/default/pyload/app/helmrelease.yaml +++ b/kubernetes/apps/default/pyload/app/helmrelease.yaml @@ -35,7 +35,6 @@ spec: fsGroupChangePolicy: OnRootMismatch controllers: main: - type: statefulset containers: main: image: @@ -63,14 +62,6 @@ spec: timeoutSeconds: 10 readiness: *probe startup: *probe - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -98,6 +89,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config downloads: type: nfs server: "${LOCAL_LAN_TRUENAS}" diff --git a/kubernetes/apps/default/pyload/app/kustomization.yaml b/kubernetes/apps/default/pyload/app/kustomization.yaml index 29079162f..35ff57401 100644 --- a/kubernetes/apps/default/pyload/app/kustomization.yaml +++ b/kubernetes/apps/default/pyload/app/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/pyload/app/volsync.yaml b/kubernetes/apps/default/pyload/app/volsync.yaml deleted file mode 100644 index 167622c9e..000000000 --- a/kubernetes/apps/default/pyload/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: pyload-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: pyload-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/pyload' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: pyload - namespace: default -spec: - sourcePVC: config-pyload-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: pyload-restic-secret - cacheCapacity: 2Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/pyload/ks.yaml b/kubernetes/apps/default/pyload/ks.yaml index 72042adb5..02da044b8 100644 --- a/kubernetes/apps/default/pyload/ks.yaml +++ b/kubernetes/apps/default/pyload/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-pyload-app + name: &app pyload namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/pyload/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/qbittorrent/app/gatus.yaml b/kubernetes/apps/default/qbittorrent/app/gatus.yaml deleted file mode 100644 index c6222523d..000000000 --- a/kubernetes/apps/default/qbittorrent/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: qbittorrent-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: qbittorrent - group: internal - url: https://qbittorrent.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/qbittorrent/app/helmrelease.yaml b/kubernetes/apps/default/qbittorrent/app/helmrelease.yaml index b5326695e..b21ae2ee2 100644 --- a/kubernetes/apps/default/qbittorrent/app/helmrelease.yaml +++ b/kubernetes/apps/default/qbittorrent/app/helmrelease.yaml @@ -35,7 +35,6 @@ spec: fsGroupChangePolicy: OnRootMismatch controllers: main: - type: statefulset containers: main: image: @@ -51,14 +50,6 @@ spec: memory: 1Gi limits: memory: 8Gi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -93,6 +84,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config downloads: type: nfs server: "${LOCAL_LAN_TRUENAS}" diff --git a/kubernetes/apps/default/qbittorrent/app/kustomization.yaml b/kubernetes/apps/default/qbittorrent/app/kustomization.yaml index cc759faa8..678de29dc 100644 --- a/kubernetes/apps/default/qbittorrent/app/kustomization.yaml +++ b/kubernetes/apps/default/qbittorrent/app/kustomization.yaml @@ -4,7 +4,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - ./upgrade-p2pblocklist - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/qbittorrent/app/upgrade-p2pblocklist/helmrelease.yaml b/kubernetes/apps/default/qbittorrent/app/upgrade-p2pblocklist/helmrelease.yaml index 7deab90b1..c4735a1f6 100644 --- a/kubernetes/apps/default/qbittorrent/app/upgrade-p2pblocklist/helmrelease.yaml +++ b/kubernetes/apps/default/qbittorrent/app/upgrade-p2pblocklist/helmrelease.yaml @@ -53,9 +53,9 @@ spec: QBITTORRENT_POD=$(echo $result | awk '{ print $NF }') if [[ $QBITTORRENT_POD == *"qbittorrent"* ]]; then kubectl cp /tmp/ipfilter.dat default/$QBITTORRENT_POD:/config/ipfilter.dat - kubectl rollout restart statefulset qbittorrent --namespace default + kubectl rollout restart deployment qbittorrent --namespace default else - echo "qbittorrent statefulset not found" + echo "qbittorrent deployment not found" exit 1 fi service: diff --git a/kubernetes/apps/default/qbittorrent/app/volsync.yaml b/kubernetes/apps/default/qbittorrent/app/volsync.yaml deleted file mode 100644 index 126c359a3..000000000 --- a/kubernetes/apps/default/qbittorrent/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: qbittorrent-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: qbittorrent-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/qbittorrent' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: qbittorrent - namespace: default -spec: - sourcePVC: config-qbittorrent-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: qbittorrent-restic-secret - cacheCapacity: 2Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/qbittorrent/ks.yaml b/kubernetes/apps/default/qbittorrent/ks.yaml index 7d2c86604..6ab74371b 100644 --- a/kubernetes/apps/default/qbittorrent/ks.yaml +++ b/kubernetes/apps/default/qbittorrent/ks.yaml @@ -3,17 +3,26 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-qbittorrent-app + name: &app qbittorrent namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/qbittorrent/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/radarr/app/gatus.yaml b/kubernetes/apps/default/radarr/app/gatus.yaml deleted file mode 100644 index 6174aa072..000000000 --- a/kubernetes/apps/default/radarr/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: radarr-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: radarr - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: radarr.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/radarr/app/helmrelease.yaml b/kubernetes/apps/default/radarr/app/helmrelease.yaml index 59471f663..3fd062ebe 100644 --- a/kubernetes/apps/default/radarr/app/helmrelease.yaml +++ b/kubernetes/apps/default/radarr/app/helmrelease.yaml @@ -35,7 +35,6 @@ spec: fsGroupChangePolicy: OnRootMismatch controllers: main: - type: statefulset annotations: configmap.reloader.stakater.com/reload: radarr-pushover reloader.stakater.com/auto: "true" @@ -96,6 +95,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config downloads: enabled: true type: nfs diff --git a/kubernetes/apps/default/radarr/app/kustomization.yaml b/kubernetes/apps/default/radarr/app/kustomization.yaml index cc40802c0..22afe0e44 100644 --- a/kubernetes/apps/default/radarr/app/kustomization.yaml +++ b/kubernetes/apps/default/radarr/app/kustomization.yaml @@ -5,8 +5,9 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync configMapGenerator: - name: radarr-pushover files: diff --git a/kubernetes/apps/default/radarr/ks.yaml b/kubernetes/apps/default/radarr/ks.yaml index 339f07a44..bd36c76cb 100644 --- a/kubernetes/apps/default/radarr/ks.yaml +++ b/kubernetes/apps/default/radarr/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-radarr-app + name: &app radarr namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/radarr/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 20Gi diff --git a/kubernetes/apps/default/recyclarr/app/helmrelease.yaml b/kubernetes/apps/default/recyclarr/app/helmrelease.yaml index 955590fee..5eb65cb34 100644 --- a/kubernetes/apps/default/recyclarr/app/helmrelease.yaml +++ b/kubernetes/apps/default/recyclarr/app/helmrelease.yaml @@ -29,7 +29,6 @@ spec: values: controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -54,18 +53,13 @@ spec: runAsGroup: 568 fsGroup: 568 fsGroupChangePolicy: OnRootMismatch - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: enabled: false persistence: + config: + enabled: true + existingClaim: recyclarr config-file: type: configMap name: recyclarr-configmap diff --git a/kubernetes/apps/default/recyclarr/app/kustomization.yaml b/kubernetes/apps/default/recyclarr/app/kustomization.yaml index 64e10e029..b7c667895 100644 --- a/kubernetes/apps/default/recyclarr/app/kustomization.yaml +++ b/kubernetes/apps/default/recyclarr/app/kustomization.yaml @@ -6,7 +6,7 @@ namespace: default resources: - ./externalsecret.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/volsync configMapGenerator: - name: recyclarr-configmap files: diff --git a/kubernetes/apps/default/recyclarr/app/volsync.yaml b/kubernetes/apps/default/recyclarr/app/volsync.yaml deleted file mode 100644 index b0f853a4e..000000000 --- a/kubernetes/apps/default/recyclarr/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: recyclarr-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: recyclarr-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/recyclarr' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: recyclarr - namespace: default -spec: - sourcePVC: config-recyclarr-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: recyclarr-restic-secret - cacheCapacity: 8Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/recyclarr/ks.yaml b/kubernetes/apps/default/recyclarr/ks.yaml index 1d6f4e269..b6282ec9e 100644 --- a/kubernetes/apps/default/recyclarr/ks.yaml +++ b/kubernetes/apps/default/recyclarr/ks.yaml @@ -3,18 +3,25 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-recyclarr-app + name: &app recyclarr namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-radarr-app - - name: cluster-apps-sonarr-app + - name: radarr + - name: sonarr path: ./kubernetes/apps/default/recyclarr/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: true + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/resilio-sync/claude/gatus.yaml b/kubernetes/apps/default/resilio-sync/claude/gatus.yaml deleted file mode 100644 index df31e7d79..000000000 --- a/kubernetes/apps/default/resilio-sync/claude/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: resilio-claude-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: resilio-claude - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: resilio-claude.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/resilio-sync/claude/helmrelease.yaml b/kubernetes/apps/default/resilio-sync/claude/helmrelease.yaml index 9ba40640c..84ce0583a 100644 --- a/kubernetes/apps/default/resilio-sync/claude/helmrelease.yaml +++ b/kubernetes/apps/default/resilio-sync/claude/helmrelease.yaml @@ -32,7 +32,6 @@ spec: runAsUser: 0 controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -49,14 +48,6 @@ spec: memory: 512Mi limits: memory: 2Gi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -81,6 +72,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config sync-conf: type: configMap name: resilio-claude-configmap diff --git a/kubernetes/apps/default/resilio-sync/claude/kustomization.yaml b/kubernetes/apps/default/resilio-sync/claude/kustomization.yaml index 800c99580..91e8a7337 100644 --- a/kubernetes/apps/default/resilio-sync/claude/kustomization.yaml +++ b/kubernetes/apps/default/resilio-sync/claude/kustomization.yaml @@ -4,9 +4,9 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync configMapGenerator: - name: resilio-claude-configmap files: diff --git a/kubernetes/apps/default/resilio-sync/claude/volsync.yaml b/kubernetes/apps/default/resilio-sync/claude/volsync.yaml deleted file mode 100644 index 0e5176740..000000000 --- a/kubernetes/apps/default/resilio-sync/claude/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: resilio-claude-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: resilio-claude-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/resilio-claude' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: resilio-claude - namespace: default -spec: - sourcePVC: config-resilio-claude-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: resilio-claude-restic-secret - cacheCapacity: 2Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/resilio-sync/helene/gatus.yaml b/kubernetes/apps/default/resilio-sync/helene/gatus.yaml deleted file mode 100644 index 6a146331b..000000000 --- a/kubernetes/apps/default/resilio-sync/helene/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: resilio-helene-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: resilio-helene - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: resilio-helene.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/resilio-sync/helene/helmrelease.yaml b/kubernetes/apps/default/resilio-sync/helene/helmrelease.yaml index 00cc623c5..158fcd9f5 100644 --- a/kubernetes/apps/default/resilio-sync/helene/helmrelease.yaml +++ b/kubernetes/apps/default/resilio-sync/helene/helmrelease.yaml @@ -32,7 +32,6 @@ spec: runAsUser: 0 controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -49,14 +48,6 @@ spec: memory: 512Mi limits: memory: 2Gi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -81,6 +72,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config sync-conf: type: configMap name: resilio-helene-configmap diff --git a/kubernetes/apps/default/resilio-sync/helene/kustomization.yaml b/kubernetes/apps/default/resilio-sync/helene/kustomization.yaml index 0b6048f6c..3d477d108 100644 --- a/kubernetes/apps/default/resilio-sync/helene/kustomization.yaml +++ b/kubernetes/apps/default/resilio-sync/helene/kustomization.yaml @@ -4,9 +4,9 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync configMapGenerator: - name: resilio-helene-configmap files: diff --git a/kubernetes/apps/default/resilio-sync/helene/volsync.yaml b/kubernetes/apps/default/resilio-sync/helene/volsync.yaml deleted file mode 100644 index 1b23540ba..000000000 --- a/kubernetes/apps/default/resilio-sync/helene/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: resilio-helene-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: resilio-helene-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/resilio-helene' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: resilio-helene - namespace: default -spec: - sourcePVC: config-resilio-helene-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: resilio-helene-restic-secret - cacheCapacity: 2Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/resilio-sync/ks.yaml b/kubernetes/apps/default/resilio-sync/ks.yaml index 00a18243b..80e8d48b9 100644 --- a/kubernetes/apps/default/resilio-sync/ks.yaml +++ b/kubernetes/apps/default/resilio-sync/ks.yaml @@ -3,36 +3,55 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-resilio-claude + name: &app resilio-claude namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/resilio-sync/claude prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: rook-ceph-cluster + - name: volsync + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi + --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-resilio-helene + name: &app resilio-helene namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/resilio-sync/helene prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: rook-ceph-cluster + - name: volsync + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/sabnzbd/app/gatus.yaml b/kubernetes/apps/default/sabnzbd/app/gatus.yaml deleted file mode 100644 index 7a1a9d818..000000000 --- a/kubernetes/apps/default/sabnzbd/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: sabnzbd-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: sabnzbd - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: sabnzbd.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/sabnzbd/app/helmrelease.yaml b/kubernetes/apps/default/sabnzbd/app/helmrelease.yaml index 4363c3996..ea3c367b1 100644 --- a/kubernetes/apps/default/sabnzbd/app/helmrelease.yaml +++ b/kubernetes/apps/default/sabnzbd/app/helmrelease.yaml @@ -39,7 +39,6 @@ spec: fsGroupChangePolicy: "OnRootMismatch" controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -81,14 +80,6 @@ spec: memory: 250Mi limits: memory: 8000Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -116,6 +107,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config downloads: type: nfs server: "${LOCAL_LAN_TRUENAS}" diff --git a/kubernetes/apps/default/sabnzbd/app/kustomization.yaml b/kubernetes/apps/default/sabnzbd/app/kustomization.yaml index c254171ab..48e972b27 100644 --- a/kubernetes/apps/default/sabnzbd/app/kustomization.yaml +++ b/kubernetes/apps/default/sabnzbd/app/kustomization.yaml @@ -5,6 +5,6 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/sabnzbd/app/volsync.yaml b/kubernetes/apps/default/sabnzbd/app/volsync.yaml deleted file mode 100644 index 6a75910d4..000000000 --- a/kubernetes/apps/default/sabnzbd/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: sabnzbd-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: sabnzbd-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/sabnzbd' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: sabnzbd - namespace: default -spec: - sourcePVC: config-sabnzbd-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: sabnzbd-restic-secret - cacheCapacity: 2Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/sabnzbd/ks.yaml b/kubernetes/apps/default/sabnzbd/ks.yaml index 747baf439..586764e34 100644 --- a/kubernetes/apps/default/sabnzbd/ks.yaml +++ b/kubernetes/apps/default/sabnzbd/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-sabnzbd-app + name: &app sabnzbd namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/sabnzbd/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/sharry/app/gatus.yaml b/kubernetes/apps/default/sharry/app/gatus.yaml deleted file mode 100644 index 3a8b9414b..000000000 --- a/kubernetes/apps/default/sharry/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: sharry-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: sharry - group: external - url: https://sharry.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/sharry/app/kustomization.yaml b/kubernetes/apps/default/sharry/app/kustomization.yaml index 20e7ceaad..2ed28ff03 100644 --- a/kubernetes/apps/default/sharry/app/kustomization.yaml +++ b/kubernetes/apps/default/sharry/app/kustomization.yaml @@ -5,8 +5,8 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded configMapGenerator: - name: sharry-configmap files: diff --git a/kubernetes/apps/default/sharry/ks.yaml b/kubernetes/apps/default/sharry/ks.yaml index b40bf61b8..bd39d7c44 100644 --- a/kubernetes/apps/default/sharry/ks.yaml +++ b/kubernetes/apps/default/sharry/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-sharry + name: &app sharry namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/sharry/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/smtp-relay/ks.yaml b/kubernetes/apps/default/smtp-relay/ks.yaml index d4900c673..f3cfec927 100644 --- a/kubernetes/apps/default/smtp-relay/ks.yaml +++ b/kubernetes/apps/default/smtp-relay/ks.yaml @@ -3,16 +3,25 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-smtp-relay + name: &app smtp-relay namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/smtp-relay/app prune: true dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/sonarr/app/gatus.yaml b/kubernetes/apps/default/sonarr/app/gatus.yaml deleted file mode 100644 index de24eef56..000000000 --- a/kubernetes/apps/default/sonarr/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: sonarr-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: sonarr - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: sonarr.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/sonarr/app/helmrelease.yaml b/kubernetes/apps/default/sonarr/app/helmrelease.yaml index 917c9f0cb..abd919948 100644 --- a/kubernetes/apps/default/sonarr/app/helmrelease.yaml +++ b/kubernetes/apps/default/sonarr/app/helmrelease.yaml @@ -114,7 +114,9 @@ spec: persistence: config: enabled: true - type: emptyDir + existingClaim: *app + globalMounts: + - path: /config downloads: type: nfs server: "${LOCAL_LAN_TRUENAS}" diff --git a/kubernetes/apps/default/sonarr/app/kustomization.yaml b/kubernetes/apps/default/sonarr/app/kustomization.yaml index ffd7eb942..07f4e5d32 100644 --- a/kubernetes/apps/default/sonarr/app/kustomization.yaml +++ b/kubernetes/apps/default/sonarr/app/kustomization.yaml @@ -5,8 +5,9 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync configMapGenerator: - name: sonarr-pushover files: diff --git a/kubernetes/apps/default/sonarr/ks.yaml b/kubernetes/apps/default/sonarr/ks.yaml index 1eb8fb66e..520e3fba3 100644 --- a/kubernetes/apps/default/sonarr/ks.yaml +++ b/kubernetes/apps/default/sonarr/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-sonarr-app + name: &app sonarr namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/sonarr/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 20Gi diff --git a/kubernetes/apps/default/tandoor/app/gatus.yaml b/kubernetes/apps/default/tandoor/app/gatus.yaml deleted file mode 100644 index 233b86e3d..000000000 --- a/kubernetes/apps/default/tandoor/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: tandoor-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: tandoor - group: internal - url: https://tandoor.${SECRET_CLUSTER_DOMAIN}/accounts/login/ - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/tandoor/app/helmrelease.yaml b/kubernetes/apps/default/tandoor/app/helmrelease.yaml index 3e9e956be..f2c9af8e8 100644 --- a/kubernetes/apps/default/tandoor/app/helmrelease.yaml +++ b/kubernetes/apps/default/tandoor/app/helmrelease.yaml @@ -34,7 +34,6 @@ spec: runAsGroup: 568 controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" initContainers: @@ -132,8 +131,7 @@ spec: persistence: config: type: persistentvolumeclaim - name: tandoor-configmap - existingClaim: tandoor-files + existingClaim: *app advancedMounts: main: main: diff --git a/kubernetes/apps/default/tandoor/app/kustomization.yaml b/kubernetes/apps/default/tandoor/app/kustomization.yaml index 82eab93de..c8bb5d512 100644 --- a/kubernetes/apps/default/tandoor/app/kustomization.yaml +++ b/kubernetes/apps/default/tandoor/app/kustomization.yaml @@ -5,10 +5,9 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml - - ./volume.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync configMapGenerator: - name: tandoor-configmap files: diff --git a/kubernetes/apps/default/tandoor/app/volsync.yaml b/kubernetes/apps/default/tandoor/app/volsync.yaml deleted file mode 100644 index d9e1c3c24..000000000 --- a/kubernetes/apps/default/tandoor/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: tandoor-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: tandoor-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/tandoor' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: tandoor - namespace: default -spec: - sourcePVC: tandoor-files - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: tandoor-restic-secret - cacheCapacity: 2Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/tandoor/app/volume.yaml b/kubernetes/apps/default/tandoor/app/volume.yaml deleted file mode 100644 index 1004e2c29..000000000 --- a/kubernetes/apps/default/tandoor/app/volume.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: tandoor-files - namespace: default - labels: - app.kubernetes.io/name: &name tandoor - app.kubernetes.io/instance: *name - snapshot.home.arpa/enabled: "true" -spec: - accessModes: - - ReadWriteOnce - storageClassName: rook-ceph-block - resources: - requests: - storage: 1Gi diff --git a/kubernetes/apps/default/tandoor/ks.yaml b/kubernetes/apps/default/tandoor/ks.yaml index fdd14011d..c21292818 100644 --- a/kubernetes/apps/default/tandoor/ks.yaml +++ b/kubernetes/apps/default/tandoor/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-tandoor + name: &app tandoor namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/tandoor/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/unifi/app/gatus.yaml b/kubernetes/apps/default/unifi/app/gatus.yaml deleted file mode 100644 index 12204dd71..000000000 --- a/kubernetes/apps/default/unifi/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: unifi-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: unifi - group: internal - url: https://unifi.${SECRET_CLUSTER_DOMAIN}/manage/account/login - interval: 1m - client: - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover - diff --git a/kubernetes/apps/default/unifi/app/helmrelease.yaml b/kubernetes/apps/default/unifi/app/helmrelease.yaml index a70633afb..314f60a62 100644 --- a/kubernetes/apps/default/unifi/app/helmrelease.yaml +++ b/kubernetes/apps/default/unifi/app/helmrelease.yaml @@ -29,7 +29,6 @@ spec: values: controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -49,14 +48,6 @@ spec: requests: memory: 2Gi cpu: 50m - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 10Gi - storageClass: rook-ceph-block - globalMounts: - - path: /unifi service: main: type: LoadBalancer @@ -111,3 +102,9 @@ spec: tls: - hosts: - *host + persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /unifi diff --git a/kubernetes/apps/default/unifi/app/kustomization.yaml b/kubernetes/apps/default/unifi/app/kustomization.yaml index 29079162f..35ff57401 100644 --- a/kubernetes/apps/default/unifi/app/kustomization.yaml +++ b/kubernetes/apps/default/unifi/app/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/unifi/app/volsync.yaml b/kubernetes/apps/default/unifi/app/volsync.yaml deleted file mode 100644 index bb13f56bc..000000000 --- a/kubernetes/apps/default/unifi/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: unifi-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: unifi-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/unifi' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: unifi - namespace: default -spec: - sourcePVC: config-unifi-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: unifi-restic-secret - cacheCapacity: 2Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 999 - runAsGroup: 999 - fsGroup: 999 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/unifi/ks.yaml b/kubernetes/apps/default/unifi/ks.yaml index f9be79179..99f568181 100644 --- a/kubernetes/apps/default/unifi/ks.yaml +++ b/kubernetes/apps/default/unifi/ks.yaml @@ -3,17 +3,26 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-unifi + name: &app unifi namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/unifi/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 10Gi diff --git a/kubernetes/apps/default/vaultwarden/app/gatus.yaml b/kubernetes/apps/default/vaultwarden/app/gatus.yaml deleted file mode 100644 index 0295736bb..000000000 --- a/kubernetes/apps/default/vaultwarden/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: vaultwarden-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: vaultwarden - group: external - url: https://vaultwarden.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/vaultwarden/app/helmrelease.yaml b/kubernetes/apps/default/vaultwarden/app/helmrelease.yaml index 801345e12..b552511f9 100644 --- a/kubernetes/apps/default/vaultwarden/app/helmrelease.yaml +++ b/kubernetes/apps/default/vaultwarden/app/helmrelease.yaml @@ -29,7 +29,6 @@ spec: values: controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" initContainers: @@ -67,14 +66,6 @@ spec: memory: 100Mi limits: memory: 2Gi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 10Gi - storageClass: rook-ceph-block - globalMounts: - - path: /data service: main: ports: @@ -98,3 +89,9 @@ spec: tls: - hosts: - *host + persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /data diff --git a/kubernetes/apps/default/vaultwarden/app/kustomization.yaml b/kubernetes/apps/default/vaultwarden/app/kustomization.yaml index c254171ab..72f9ab807 100644 --- a/kubernetes/apps/default/vaultwarden/app/kustomization.yaml +++ b/kubernetes/apps/default/vaultwarden/app/kustomization.yaml @@ -5,6 +5,6 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/external + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/vaultwarden/app/volsync.yaml b/kubernetes/apps/default/vaultwarden/app/volsync.yaml deleted file mode 100644 index e4536a501..000000000 --- a/kubernetes/apps/default/vaultwarden/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: vaultwarden-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: vaultwarden-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/vaultwarden' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: vaultwarden - namespace: default -spec: - sourcePVC: config-vaultwarden-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: vaultwarden-restic-secret - cacheCapacity: 20Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 33 - runAsGroup: 33 - fsGroup: 33 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/vaultwarden/ks.yaml b/kubernetes/apps/default/vaultwarden/ks.yaml index c5f63e401..dde6291f9 100644 --- a/kubernetes/apps/default/vaultwarden/ks.yaml +++ b/kubernetes/apps/default/vaultwarden/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-vaultwarden + name: &app vaultwarden namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/vaultwarden/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/vikunja/app/externalsecret.yaml b/kubernetes/apps/default/vikunja/app/externalsecret.yaml index 013c73f4d..7a664ab26 100644 --- a/kubernetes/apps/default/vikunja/app/externalsecret.yaml +++ b/kubernetes/apps/default/vikunja/app/externalsecret.yaml @@ -19,6 +19,7 @@ spec: VIKUNJA_DATABASE_DATABASE: &dbName vikunja VIKUNJA_DATABASE_USER: &dbUser "{{ .VIKUNJA_POSTGRES_USER }}" VIKUNJA_DATABASE_PASSWORD: &dbPass "{{ .VIKUNJA_POSTGRES_PASS }}" + VIKUNJA_DATABASE_SSLMODE: require VIKUNJA_DATABASE_TYPE: postgres VIKUNJA_SERVICE_JWTSECRET: "{{ .VIKUNJA_SERVICE_JWTSECRET }}" # Postgres Init diff --git a/kubernetes/apps/default/vikunja/app/gatus.yaml b/kubernetes/apps/default/vikunja/app/gatus.yaml deleted file mode 100644 index c891e6622..000000000 --- a/kubernetes/apps/default/vikunja/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: vikunja-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: vikunja - group: external - url: https://vikunja.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/vikunja/app/helmrelease.yaml b/kubernetes/apps/default/vikunja/app/helmrelease.yaml index 1e61ae627..db0a3b76f 100644 --- a/kubernetes/apps/default/vikunja/app/helmrelease.yaml +++ b/kubernetes/apps/default/vikunja/app/helmrelease.yaml @@ -29,7 +29,6 @@ spec: values: controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" configmap.reloader.stakater.com/reload: "lidarr-pushover" @@ -65,14 +64,6 @@ spec: image: repository: caddy tag: 2.7.6-alpine - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /app/vikunja/files service: main: ports: @@ -97,6 +88,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /app/vikunja/files caddy-config: type: configMap name: vikunja-configmap diff --git a/kubernetes/apps/default/vikunja/app/kustomization.yaml b/kubernetes/apps/default/vikunja/app/kustomization.yaml index d6a77b60b..760a5f125 100644 --- a/kubernetes/apps/default/vikunja/app/kustomization.yaml +++ b/kubernetes/apps/default/vikunja/app/kustomization.yaml @@ -5,9 +5,9 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/external + - ../../../../templates/volsync configMapGenerator: - name: vikunja-configmap files: diff --git a/kubernetes/apps/default/vikunja/app/volsync.yaml b/kubernetes/apps/default/vikunja/app/volsync.yaml deleted file mode 100644 index 39c1e718e..000000000 --- a/kubernetes/apps/default/vikunja/app/volsync.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: vikunja-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: vikunja-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/vikunja' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: vikunja - namespace: default -spec: - sourcePVC: vikunja-files - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: vikunja-restic-secret - cacheCapacity: 20Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - moverSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/vikunja/ks.yaml b/kubernetes/apps/default/vikunja/ks.yaml index 549c08978..c336d12e1 100644 --- a/kubernetes/apps/default/vikunja/ks.yaml +++ b/kubernetes/apps/default/vikunja/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-vikunja + name: &app vikunja namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/vikunja/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/wallabag/app/gatus.yaml b/kubernetes/apps/default/wallabag/app/gatus.yaml deleted file mode 100644 index 33de8e24c..000000000 --- a/kubernetes/apps/default/wallabag/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: wallabag-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: wallabag - group: external - url: https://wallabag.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/wallabag/app/helmrelease.yaml b/kubernetes/apps/default/wallabag/app/helmrelease.yaml index 393fea549..9c7710a0e 100644 --- a/kubernetes/apps/default/wallabag/app/helmrelease.yaml +++ b/kubernetes/apps/default/wallabag/app/helmrelease.yaml @@ -34,7 +34,6 @@ spec: runAsUser: 0 controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" pod: @@ -69,14 +68,6 @@ spec: - doctrine:migrations:migrate - --env=prod - --no-interaction - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 2Gi - storageClass: rook-ceph-block - globalMounts: - - path: /images containers: main: image: @@ -113,3 +104,9 @@ spec: tls: - hosts: - *host + persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /images diff --git a/kubernetes/apps/default/wallabag/app/kustomization.yaml b/kubernetes/apps/default/wallabag/app/kustomization.yaml index c254171ab..72f9ab807 100644 --- a/kubernetes/apps/default/wallabag/app/kustomization.yaml +++ b/kubernetes/apps/default/wallabag/app/kustomization.yaml @@ -5,6 +5,6 @@ kind: Kustomization namespace: default resources: - ./externalsecret.yaml - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/external + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/wallabag/app/volsync.yaml b/kubernetes/apps/default/wallabag/app/volsync.yaml deleted file mode 100644 index 2a80cdd05..000000000 --- a/kubernetes/apps/default/wallabag/app/volsync.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: wallabag-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: wallabag-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/wallabag' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: wallabag - namespace: default -spec: - sourcePVC: config-wallabag-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: wallabag-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/wallabag/ks.yaml b/kubernetes/apps/default/wallabag/ks.yaml index 83c495bdf..814ad2eb7 100644 --- a/kubernetes/apps/default/wallabag/ks.yaml +++ b/kubernetes/apps/default/wallabag/ks.yaml @@ -3,34 +3,51 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-wallabag + name: &app wallabag namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/wallabag/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app - - name: cluster-apps-wallabag-redis + - name: external-secrets-stores + - name: rook-ceph-cluster + - name: volsync + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-wallabag-redis + name: wallabag-redis namespace: flux-system spec: - interval: 10m + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: &app wallabag path: ./kubernetes/apps/default/wallabag/redis prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: false # no flux ks dependents + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/whoogle/app/gatus.yaml b/kubernetes/apps/default/whoogle/app/gatus.yaml deleted file mode 100644 index 643e1f797..000000000 --- a/kubernetes/apps/default/whoogle/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: whoogle-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: whoogle - group: external - url: https://whoogle.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/whoogle/app/kustomization.yaml b/kubernetes/apps/default/whoogle/app/kustomization.yaml index 6d9428ee4..e147a8dec 100644 --- a/kubernetes/apps/default/whoogle/app/kustomization.yaml +++ b/kubernetes/apps/default/whoogle/app/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/external diff --git a/kubernetes/apps/default/whoogle/ks.yaml b/kubernetes/apps/default/whoogle/ks.yaml index 8132db9ce..3c65fe078 100644 --- a/kubernetes/apps/default/whoogle/ks.yaml +++ b/kubernetes/apps/default/whoogle/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-whoogle + name: &app whoogle namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/default/whoogle/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/zigbee2mqtt/app/gatus.yaml b/kubernetes/apps/default/zigbee2mqtt/app/gatus.yaml deleted file mode 100644 index 53ee09070..000000000 --- a/kubernetes/apps/default/zigbee2mqtt/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: zigbee-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: zigbee - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: zigbee.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/zigbee2mqtt/app/helmrelease.yaml b/kubernetes/apps/default/zigbee2mqtt/app/helmrelease.yaml index f1e525cd2..d8b6156e1 100644 --- a/kubernetes/apps/default/zigbee2mqtt/app/helmrelease.yaml +++ b/kubernetes/apps/default/zigbee2mqtt/app/helmrelease.yaml @@ -32,7 +32,6 @@ spec: zzh.feature.node.kubernetes.io/zigbee: "true" controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -89,14 +88,6 @@ spec: memory: 128Mi limits: memory: 512Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /config service: main: ports: @@ -124,6 +115,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /config usb: enabled: true type: hostPath diff --git a/kubernetes/apps/default/zigbee2mqtt/app/kustomization.yaml b/kubernetes/apps/default/zigbee2mqtt/app/kustomization.yaml index da52dc6a0..861265573 100644 --- a/kubernetes/apps/default/zigbee2mqtt/app/kustomization.yaml +++ b/kubernetes/apps/default/zigbee2mqtt/app/kustomization.yaml @@ -3,6 +3,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: -- ./gatus.yaml -- ./helmrelease.yaml -- ./volsync.yaml + - ./helmrelease.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/zigbee2mqtt/app/volsync.yaml b/kubernetes/apps/default/zigbee2mqtt/app/volsync.yaml deleted file mode 100644 index 6ac68ea7f..000000000 --- a/kubernetes/apps/default/zigbee2mqtt/app/volsync.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: zigbee2mqtt-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: zigbee2mqtt-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/zigbee2mqtt' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: zigbee2mqtt - namespace: default -spec: - sourcePVC: config-zigbee2mqtt-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: zigbee2mqtt-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/zigbee2mqtt/ks.yaml b/kubernetes/apps/default/zigbee2mqtt/ks.yaml index 14a742f5e..7973af919 100644 --- a/kubernetes/apps/default/zigbee2mqtt/ks.yaml +++ b/kubernetes/apps/default/zigbee2mqtt/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-zigbee2mqtt-app + name: &app zigbee2mqtt namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-node-feature-discovery - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: node-feature-discovery + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/zigbee2mqtt/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/default/zwave-js-ui/app/gatus.yaml b/kubernetes/apps/default/zwave-js-ui/app/gatus.yaml deleted file mode 100644 index b964ed7f8..000000000 --- a/kubernetes/apps/default/zwave-js-ui/app/gatus.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: zwave-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: zwave - group: internal - url: 192.168.8.1 - interval: 1m - ui: - hide-hostname: true - hide-url: true - dns: - query-name: zwave.${SECRET_CLUSTER_DOMAIN} - query-type: A - conditions: - - "[BODY] == 192.168.169.101" - - "[DNS_RCODE] == NOERROR" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/zwave-js-ui/app/helmrelease.yaml b/kubernetes/apps/default/zwave-js-ui/app/helmrelease.yaml index 9285a877a..ee350fe77 100644 --- a/kubernetes/apps/default/zwave-js-ui/app/helmrelease.yaml +++ b/kubernetes/apps/default/zwave-js-ui/app/helmrelease.yaml @@ -32,7 +32,6 @@ spec: aeotec.feature.node.kubernetes.io/zwave: "true" controllers: main: - type: statefulset annotations: reloader.stakater.com/auto: "true" containers: @@ -65,14 +64,6 @@ spec: memory: 64Mi limits: memory: 512Mi - statefulset: - volumeClaimTemplates: - - name: config - accessMode: ReadWriteOnce - size: 1Gi - storageClass: rook-ceph-block - globalMounts: - - path: /usr/src/app/store service: main: ports: @@ -106,6 +97,11 @@ spec: - hosts: - *host persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /usr/src/app/store usb: type: hostPath hostPath: /dev/serial/by-id/usb-0658_0200-if00 diff --git a/kubernetes/apps/default/zwave-js-ui/app/kustomization.yaml b/kubernetes/apps/default/zwave-js-ui/app/kustomization.yaml index 29079162f..35ff57401 100644 --- a/kubernetes/apps/default/zwave-js-ui/app/kustomization.yaml +++ b/kubernetes/apps/default/zwave-js-ui/app/kustomization.yaml @@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: default resources: - - ./gatus.yaml - ./helmrelease.yaml - - ./volsync.yaml + - ../../../../templates/gatus/guarded + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/zwave-js-ui/app/volsync.yaml b/kubernetes/apps/default/zwave-js-ui/app/volsync.yaml deleted file mode 100644 index 2c6f71f6f..000000000 --- a/kubernetes/apps/default/zwave-js-ui/app/volsync.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: zwave-js-ui-restic - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: zwave-js-ui-restic-secret - template: - engineVersion: v2 - data: - RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/zwave-js-ui' - RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}' - AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}' - AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}' - dataFrom: - - extract: - key: volsync-restic-template ---- -# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: zwave-js-ui - namespace: default -spec: - sourcePVC: config-zwave-js-ui-0 - trigger: - schedule: "0 7 * * *" - restic: - copyMethod: Snapshot - pruneIntervalDays: 7 - repository: zwave-js-ui-restic-secret - cacheCapacity: 10Gi - volumeSnapshotClassName: csi-ceph-blockpool - storageClassName: rook-ceph-block - retain: - daily: 7 - within: 3d diff --git a/kubernetes/apps/default/zwave-js-ui/ks.yaml b/kubernetes/apps/default/zwave-js-ui/ks.yaml index b7bb10223..58048824f 100644 --- a/kubernetes/apps/default/zwave-js-ui/ks.yaml +++ b/kubernetes/apps/default/zwave-js-ui/ks.yaml @@ -3,18 +3,27 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-zwave-js-ui-app + name: &app zwave-js-ui namespace: flux-system spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-node-feature-discovery - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-volsync-app + - name: node-feature-discovery + - name: rook-ceph-cluster + - name: volsync path: ./kubernetes/apps/default/zwave-js-ui/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi diff --git a/kubernetes/apps/flux-system/addons/ks.yaml b/kubernetes/apps/flux-system/addons/ks.yaml index f3bf4c00d..e066e0ed1 100644 --- a/kubernetes/apps/flux-system/addons/ks.yaml +++ b/kubernetes/apps/flux-system/addons/ks.yaml @@ -3,49 +3,70 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-flux-monitoring + name: &app flux-monitoring namespace: flux-system spec: + targetNamespace: flux-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/flux-system/addons/monitoring prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: true + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-flux-notifications + name: &app flux-notifications namespace: flux-system spec: + targetNamespace: flux-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/flux-system/addons/notifications prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: true + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-flux-webhooks + name: &app flux-webhooks namespace: flux-system spec: + targetNamespace: flux-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/flux-system/addons/webhooks prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: true + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/flux-system/weave-gitops/ks.yaml b/kubernetes/apps/flux-system/weave-gitops/ks.yaml index 1863a27c1..448fb229f 100644 --- a/kubernetes/apps/flux-system/weave-gitops/ks.yaml +++ b/kubernetes/apps/flux-system/weave-gitops/ks.yaml @@ -3,16 +3,24 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-weave-gitops + name: &app weave-gitops namespace: flux-system spec: + targetNamespace: flux-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/flux-system/weave-gitops/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/kube-system/cilium/ks.yaml b/kubernetes/apps/kube-system/cilium/ks.yaml index 080e0d61c..bc5eea827 100644 --- a/kubernetes/apps/kube-system/cilium/ks.yaml +++ b/kubernetes/apps/kube-system/cilium/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-cilium-app + name: &app cilium namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/cilium/app prune: false sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/kube-system/descheduler/ks.yaml b/kubernetes/apps/kube-system/descheduler/ks.yaml index 0faa58b5b..56288a1c2 100644 --- a/kubernetes/apps/kube-system/descheduler/ks.yaml +++ b/kubernetes/apps/kube-system/descheduler/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-descheduler + name: &app descheduler namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/descheduler/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/kube-system/external-secrets/ks.yaml b/kubernetes/apps/kube-system/external-secrets/ks.yaml index 041a34cd3..129ce810e 100644 --- a/kubernetes/apps/kube-system/external-secrets/ks.yaml +++ b/kubernetes/apps/kube-system/external-secrets/ks.yaml @@ -3,34 +3,48 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-external-secrets + name: &app external-secrets namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/external-secrets/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: true + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-external-secrets-stores + name: external-secrets-stores namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: &app external-secrets dependsOn: - - name: cluster-apps-external-secrets + - name: external-secrets path: ./kubernetes/apps/kube-system/external-secrets/stores prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: true + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/kube-system/intel-device-plugin/ks.yaml b/kubernetes/apps/kube-system/intel-device-plugin/ks.yaml index 16060f0be..feacdae97 100644 --- a/kubernetes/apps/kube-system/intel-device-plugin/ks.yaml +++ b/kubernetes/apps/kube-system/intel-device-plugin/ks.yaml @@ -3,46 +3,70 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-intel-device-plugin + name: &app intel-device-plugin namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/intel-device-plugin/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-intel-device-plugin-gpu + name: &app intel-device-plugin-gpu namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/intel-device-plugin/gpu prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-intel-device-plugin-exporter + name: &app intel-device-plugin-exporter namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/intel-device-plugin/exporter prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/kube-system/k8s-ycl/ks.yaml b/kubernetes/apps/kube-system/k8s-ycl/ks.yaml index 35592b5a1..9a15c5f98 100644 --- a/kubernetes/apps/kube-system/k8s-ycl/ks.yaml +++ b/kubernetes/apps/kube-system/k8s-ycl/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-k8s-ycl + name: &app apps-k8s-ycl namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/k8s-ycl/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/kube-system/kubelet-csr-approver/ks.yaml b/kubernetes/apps/kube-system/kubelet-csr-approver/ks.yaml index 79978d3a2..78bc1c315 100644 --- a/kubernetes/apps/kube-system/kubelet-csr-approver/ks.yaml +++ b/kubernetes/apps/kube-system/kubelet-csr-approver/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-kubelet-csr-approver + name: &app kubelet-csr-approver namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/kubelet-csr-approver/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/kube-system/metrics-server/ks.yaml b/kubernetes/apps/kube-system/metrics-server/ks.yaml index 1c46b3c44..aad6237c9 100644 --- a/kubernetes/apps/kube-system/metrics-server/ks.yaml +++ b/kubernetes/apps/kube-system/metrics-server/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-metrics-server + name: &app metrics-server namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/metrics-server/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/kube-system/node-feature-discovery/ks.yaml b/kubernetes/apps/kube-system/node-feature-discovery/ks.yaml index cad1ec66a..3b26351e2 100644 --- a/kubernetes/apps/kube-system/node-feature-discovery/ks.yaml +++ b/kubernetes/apps/kube-system/node-feature-discovery/ks.yaml @@ -3,33 +3,48 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-node-feature-discovery + name: &app node-feature-discovery namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/node-feature-discovery/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-node-feature-discovery-rules + name: node-feature-discovery-rules namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: &app node-feature-discovery dependsOn: - - name: cluster-apps-node-feature-discovery + - name: node-feature-discovery path: ./kubernetes/apps/kube-system/node-feature-discovery/rules prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: true + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/kube-system/reloader/ks.yaml b/kubernetes/apps/kube-system/reloader/ks.yaml index a10b29a38..e498cd3de 100644 --- a/kubernetes/apps/kube-system/reloader/ks.yaml +++ b/kubernetes/apps/kube-system/reloader/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-reloader + name: &app reloader namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/reloader/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/kube-system/snapshot-controller/ks.yaml b/kubernetes/apps/kube-system/snapshot-controller/ks.yaml index f0802b082..72946bb0e 100644 --- a/kubernetes/apps/kube-system/snapshot-controller/ks.yaml +++ b/kubernetes/apps/kube-system/snapshot-controller/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-snapshot-controller + name: &app snapshot-controller namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/snapshot-controller/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/kube-system/spegel/ks.yaml b/kubernetes/apps/kube-system/spegel/ks.yaml index c712c0643..b17216e03 100644 --- a/kubernetes/apps/kube-system/spegel/ks.yaml +++ b/kubernetes/apps/kube-system/spegel/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-spegel + name: &app spegel namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/kube-system/spegel/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/monitoring/gatus/ks.yaml b/kubernetes/apps/monitoring/gatus/ks.yaml index b036cf818..d3113d460 100644 --- a/kubernetes/apps/monitoring/gatus/ks.yaml +++ b/kubernetes/apps/monitoring/gatus/ks.yaml @@ -3,17 +3,24 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-gatus + name: &app gatus namespace: flux-system spec: + targetNamespace: monitoring + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores path: ./kubernetes/apps/monitoring/gatus/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: false # no flux ks dependents + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/monitoring/grafana/ks.yaml b/kubernetes/apps/monitoring/grafana/ks.yaml index e58021824..e7f9df8fb 100644 --- a/kubernetes/apps/monitoring/grafana/ks.yaml +++ b/kubernetes/apps/monitoring/grafana/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-grafana + name: &app grafana namespace: flux-system spec: + targetNamespace: monitoring + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/monitoring/grafana/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/monitoring/kube-prometheus-stack/ks.yaml b/kubernetes/apps/monitoring/kube-prometheus-stack/ks.yaml index a6001ce3d..f8f366b7f 100644 --- a/kubernetes/apps/monitoring/kube-prometheus-stack/ks.yaml +++ b/kubernetes/apps/monitoring/kube-prometheus-stack/ks.yaml @@ -3,17 +3,25 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-kube-prometheus-stack-app + name: &app kube-prometheus-stack namespace: flux-system spec: + targetNamespace: monitoring + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-rook-ceph-cluster - - name: cluster-apps-thanos-app + - name: rook-ceph-cluster + - name: thanos path: ./kubernetes/apps/monitoring/kube-prometheus-stack/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/monitoring/loki/ks.yaml b/kubernetes/apps/monitoring/loki/ks.yaml index ab9d64998..f9c5a89be 100644 --- a/kubernetes/apps/monitoring/loki/ks.yaml +++ b/kubernetes/apps/monitoring/loki/ks.yaml @@ -3,16 +3,24 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-loki + name: &app loki namespace: flux-system spec: + targetNamespace: monitoring + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores path: ./kubernetes/apps/monitoring/loki/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/monitoring/thanos/app/helmrelease.yaml b/kubernetes/apps/monitoring/thanos/app/helmrelease.yaml index 83ae8b402..d6f232c26 100644 --- a/kubernetes/apps/monitoring/thanos/app/helmrelease.yaml +++ b/kubernetes/apps/monitoring/thanos/app/helmrelease.yaml @@ -37,7 +37,7 @@ spec: bucket: thanos endpoint: "minio.${SECRET_DOMAIN}:9000" region: "" - insecure: true + # insecure: true query: enabled: true replicaCount: 2 diff --git a/kubernetes/apps/monitoring/thanos/ks.yaml b/kubernetes/apps/monitoring/thanos/ks.yaml index a96a1b63f..8bf2a5576 100644 --- a/kubernetes/apps/monitoring/thanos/ks.yaml +++ b/kubernetes/apps/monitoring/thanos/ks.yaml @@ -3,17 +3,25 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-thanos-app + name: &app thanos namespace: flux-system spec: + targetNamespace: monitoring + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores - - name: cluster-apps-rook-ceph-cluster + - name: external-secrets-stores + - name: rook-ceph-cluster path: ./kubernetes/apps/monitoring/thanos/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/monitoring/vector/ks.yaml b/kubernetes/apps/monitoring/vector/ks.yaml index 2180c43bb..7e6ba74ad 100644 --- a/kubernetes/apps/monitoring/vector/ks.yaml +++ b/kubernetes/apps/monitoring/vector/ks.yaml @@ -3,16 +3,24 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-vector + name: &app vector namespace: flux-system spec: + targetNamespace: monitoring + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores path: ./kubernetes/apps/monitoring/vector prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/networking/external-dns/ks.yaml b/kubernetes/apps/networking/external-dns/ks.yaml index 164cd0f3c..975e45f13 100644 --- a/kubernetes/apps/networking/external-dns/ks.yaml +++ b/kubernetes/apps/networking/external-dns/ks.yaml @@ -3,16 +3,24 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-external-dns + name: &app external-dns namespace: flux-system spec: + targetNamespace: networking + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/networking/external-dns/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes dependsOn: - - name: cluster-apps-external-secrets-stores + - name: external-secrets-stores + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/networking/ingress-nginx/ks.yaml b/kubernetes/apps/networking/ingress-nginx/ks.yaml index 11c8f2d16..7222ba076 100644 --- a/kubernetes/apps/networking/ingress-nginx/ks.yaml +++ b/kubernetes/apps/networking/ingress-nginx/ks.yaml @@ -3,35 +3,50 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-ingress-nginx-certificates + name: ingress-nginx-certificates namespace: flux-system spec: + targetNamespace: networking + commonMetadata: + labels: + app.kubernetes.io/name: &app ingress-nginx dependsOn: - - name: cluster-apps-cert-manager-webhook-ovh + - name: cert-manager-webhook-ovh path: ./kubernetes/apps/networking/ingress-nginx/certificates prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - wait: true + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-ingress-nginx + name: &app ingress-nginx namespace: flux-system spec: + targetNamespace: networking + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-ingress-nginx-certificates + - name: ingress-nginx-certificates path: ./kubernetes/apps/networking/ingress-nginx/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/networking/k8s-gateway/ks.yaml b/kubernetes/apps/networking/k8s-gateway/ks.yaml index 0289d7a27..d24ffb197 100644 --- a/kubernetes/apps/networking/k8s-gateway/ks.yaml +++ b/kubernetes/apps/networking/k8s-gateway/ks.yaml @@ -3,14 +3,22 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-k8s-gateway + name: &app k8s-gateway namespace: flux-system spec: + targetNamespace: networking + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/networking/k8s-gateway/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/ngnode/landing-page/app/gatus.yaml b/kubernetes/apps/ngnode/landing-page/app/gatus.yaml deleted file mode 100644 index e1e69fac6..000000000 --- a/kubernetes/apps/ngnode/landing-page/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: ngnode-landing-page-gatus-ep - namespace: ngnode - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: ngnode-landing-page - group: external - url: https://ngnode-landing-page.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/ngnode/landing-page/app/kustomization.yaml b/kubernetes/apps/ngnode/landing-page/app/kustomization.yaml index 9d051af9c..c56190ebc 100644 --- a/kubernetes/apps/ngnode/landing-page/app/kustomization.yaml +++ b/kubernetes/apps/ngnode/landing-page/app/kustomization.yaml @@ -4,7 +4,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: ngnode resources: - - ./gatus.yaml - ./helmrelease.yaml + - ../../../../templates/gatus/external generatorOptions: disableNameSuffixHash: true diff --git a/kubernetes/apps/ngnode/landing-page/ks.yaml b/kubernetes/apps/ngnode/landing-page/ks.yaml index 2aa91a780..47f211084 100644 --- a/kubernetes/apps/ngnode/landing-page/ks.yaml +++ b/kubernetes/apps/ngnode/landing-page/ks.yaml @@ -3,14 +3,23 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-ngnode-landing-page + name: &app ngnode-landing-page namespace: flux-system spec: + targetNamespace: ngnode + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/apps/ngnode/landing-page/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/rook-ceph/rook-ceph/ks.yaml b/kubernetes/apps/rook-ceph/rook-ceph/ks.yaml index 06b281162..b8869d177 100644 --- a/kubernetes/apps/rook-ceph/rook-ceph/ks.yaml +++ b/kubernetes/apps/rook-ceph/rook-ceph/ks.yaml @@ -3,50 +3,76 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-rook-ceph-app + name: &app rook-ceph namespace: flux-system spec: + targetNamespace: rook-ceph + commonMetadata: + labels: + app.kubernetes.io/name: *app path: ./kubernetes/apps/rook-ceph/rook-ceph/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes - interval: 30m - retryInterval: 1m - timeout: 3m ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: cluster-apps-rook-ceph-cluster - namespace: flux-system -spec: - dependsOn: - - name: cluster-apps-rook-ceph-app - path: ./kubernetes/apps/rook-ceph/rook-ceph/cluster - prune: true - sourceRef: - kind: GitRepository - name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app + --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-rook-ceph-tools + name: &app rook-ceph-cluster namespace: flux-system spec: + targetNamespace: rook-ceph + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-rook-ceph-cluster + - name: rook-ceph + path: ./kubernetes/apps/rook-ceph/rook-ceph/cluster + prune: false + sourceRef: + kind: GitRepository + name: home-ops-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app + +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app rook-ceph-tools + namespace: flux-system +spec: + targetNamespace: rook-ceph + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: rook-ceph-cluster path: ./kubernetes/apps/rook-ceph/rook-ceph/tools prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/volsync/kustomization.yaml b/kubernetes/apps/volsync/kustomization.yaml index 03a7eb0e5..99edd052d 100644 --- a/kubernetes/apps/volsync/kustomization.yaml +++ b/kubernetes/apps/volsync/kustomization.yaml @@ -6,5 +6,4 @@ resources: # Pre Flux-Kustomizations - ./namespace.yaml # Flux-Kustomizations - - ./snapscheduler/ks.yaml - ./volsync/ks.yaml diff --git a/kubernetes/apps/volsync/snapscheduler/ks.yaml b/kubernetes/apps/volsync/snapscheduler/ks.yaml deleted file mode 100644 index e9171fa20..000000000 --- a/kubernetes/apps/volsync/snapscheduler/ks.yaml +++ /dev/null @@ -1,37 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: cluster-apps-snapscheduler - namespace: flux-system -spec: - dependsOn: - - name: cluster-apps-snapshot-controller - path: ./kubernetes/apps/volsync/snapscheduler/app - prune: true - sourceRef: - kind: GitRepository - name: home-ops-kubernetes - interval: 30m - retryInterval: 1m - timeout: 3m ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: cluster-apps-snapscheduler-schedules - namespace: flux-system -spec: - dependsOn: - - name: cluster-apps-snapscheduler - path: ./kubernetes/apps/volsync/snapscheduler/schedules - prune: true - sourceRef: - kind: GitRepository - name: home-ops-kubernetes - wait: true - interval: 30m - retryInterval: 1m - timeout: 3m diff --git a/kubernetes/apps/volsync/volsync/ks.yaml b/kubernetes/apps/volsync/volsync/ks.yaml index 793e568b3..418ad6beb 100644 --- a/kubernetes/apps/volsync/volsync/ks.yaml +++ b/kubernetes/apps/volsync/volsync/ks.yaml @@ -3,16 +3,24 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cluster-apps-volsync-app + name: &app volsync namespace: flux-system spec: + targetNamespace: *app + commonMetadata: + labels: + app.kubernetes.io/name: *app dependsOn: - - name: cluster-apps-snapshot-controller + - name: snapshot-controller path: ./kubernetes/apps/volsync/volsync/app prune: true sourceRef: kind: GitRepository name: home-ops-kubernetes + wait: false interval: 30m retryInterval: 1m - timeout: 3m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/flux/config/flux.yaml b/kubernetes/flux/config/flux.yaml index 8f67d10e7..56629f4e0 100644 --- a/kubernetes/flux/config/flux.yaml +++ b/kubernetes/flux/config/flux.yaml @@ -9,7 +9,7 @@ spec: interval: 10m url: oci://ghcr.io/fluxcd/flux-manifests ref: - tag: v2.2.2@sha256:3d370462597cf8d660b2b05b3ec62523d9799d0f86fbf781551d5b5ae884beb1 + tag: v2.2.2 --- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1