feat: nas refactor

2025-09-17 18:24:14 +02:00 · 2024-05-12 14:54:08 +02:00
parent 0fdcc976af
commit f78a0fe9e1
39 changed files with 59 additions and 61 deletions
--- a/kubernetes/apps/default/homelab/truenas/certs-deploy/helmrelease.yaml
+++ b/kubernetes/apps/default/homelab/truenas/certs-deploy/helmrelease.yaml
--- a/kubernetes/apps/default/homelab/truenas/certs-deploy/kustomization.yaml
+++ b/kubernetes/apps/default/homelab/truenas/certs-deploy/kustomization.yaml
--- a/kubernetes/apps/default/homelab/truenas/certs-deploy/truenas-certs-deploy.py
+++ b/kubernetes/apps/default/homelab/truenas/certs-deploy/truenas-certs-deploy.py
--- a/kubernetes/apps/default/homelab/truenas/certs-deploy/truenas-certs-deploy.sh
+++ b/kubernetes/apps/default/homelab/truenas/certs-deploy/truenas-certs-deploy.sh
--- a/kubernetes/apps/default/media-browser/app/helmrelease.yaml
+++ b/kubernetes/apps/default/media-browser/app/helmrelease.yaml
--- a/kubernetes/apps/default/media-browser/app/kustomization.yaml
+++ b/kubernetes/apps/default/media-browser/app/kustomization.yaml
--- a/kubernetes/apps/default/media-browser/app/volsync.yaml
+++ b/kubernetes/apps/default/media-browser/app/volsync.yaml
--- a/kubernetes/apps/default/media-browser/ks.yaml
+++ b/kubernetes/apps/default/media-browser/ks.yaml
--- a/kubernetes/apps/database/cloudnative-pg/cluster/cluster16.yaml
+++ b/kubernetes/apps/database/cloudnative-pg/cluster/cluster16.yaml
@@ -38,7 +38,7 @@ spec:
        compression: bzip2
        maxParallel: 8
      destinationPath: s3://postgresql/
-      endpointURL: https://minio.${SECRET_DOMAIN}:9000
+      endpointURL: https://s3.feisar.ovh
      # Note: serverName version needs to be inclemented
      # when recovering from an existing cnpg cluster
      serverName: postgres16-v3
@@ -58,7 +58,7 @@ spec:
  #   - name: postgres16-v2
  #     barmanObjectStore:
  #       destinationPath: s3://postgresql/
-  #       endpointURL: https://minio.${SECRET_DOMAIN}:9000
+  #       endpointURL: https://s3.feisar.ovh
  #       s3Credentials:
  #         accessKeyId:
  #           name: cloudnative-pg-secret
--- a/kubernetes/apps/database/cloudnative-pg/cluster/pgdump/helmrelease.yaml
+++ b/kubernetes/apps/database/cloudnative-pg/cluster/pgdump/helmrelease.yaml
@@ -101,6 +101,6 @@ spec:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/backups/postgresql
+        path: /var/mnt/vol1/backups/postgresql
        globalMounts:
          - path: /backups
--- a/kubernetes/apps/default/bazarr/app/helmrelease.yaml
+++ b/kubernetes/apps/default/bazarr/app/helmrelease.yaml
@@ -117,7 +117,7 @@ spec:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/video
+        path: /var/mnt/vol1/video
        globalMounts:
          - path: /mnt/storage/video
      scripts:
--- a/kubernetes/apps/default/calibre/app/helmrelease.yaml
+++ b/kubernetes/apps/default/calibre/app/helmrelease.yaml
@@ -82,6 +82,6 @@ spec:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/home/claude/books
+        path: /var/mnt/vol1/home/claude/books
        globalMounts:
          - path: /mnt/storage/home/claude/books
--- a/kubernetes/apps/default/frigate/app/helmrelease.yaml
+++ b/kubernetes/apps/default/frigate/app/helmrelease.yaml
@@ -129,7 +129,7 @@ spec:
      media:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/apps/frigate
+        path: /var/mnt/vol1/apps/frigate
        globalMounts:
          - path: /media/frigate
      cache:
--- a/kubernetes/apps/default/hajimari/app/helmrelease.yaml
+++ b/kubernetes/apps/default/hajimari/app/helmrelease.yaml
@@ -67,7 +67,7 @@ spec:
              url: "https://truenas-remote.${SECRET_DOMAIN}"
            - name: minio
              icon: mdi:aws
-              url: "https://minio.${SECRET_DOMAIN}:9000"
+              url: "https://s3.feisar.ovh"
            - name: pikvm
              icon: mdi:ip-network
              url: "https://pikvm.${SECRET_DOMAIN}"
--- a/kubernetes/apps/default/homelab/minio/backup/rclone.conf
+++ b/kubernetes/apps/default/homelab/minio/backup/rclone.conf
@@ -3,7 +3,7 @@ type = s3
 provider = Minio
 access_key_id = __RCLONE_ACCESS_ID__
 secret_access_key = __RCLONE_SECRET_KEY__
-endpoint = https://minio.${SECRET_DOMAIN}:9000
+endpoint = https://s3.feisar.ovh
 acl = private

 [gdrive-homelab-backups]
--- a/kubernetes/apps/default/homelab/opnsense/backup/helmrelease.yaml
+++ b/kubernetes/apps/default/homelab/opnsense/backup/helmrelease.yaml
@@ -41,8 +41,8 @@ spec:
              tag: 1.29.2@sha256:693ced2697bb7c7349419d4035a62bd474fc41710675b344f71773d8a687dfc3
            command: [/bin/bash, /app/opnsense-backup.sh]
            env:
-              OPNSENSE_URL: "https://opnsense.${SECRET_DOMAIN}"
-              S3_URL: "https://minio.${SECRET_DOMAIN}:9000"
+              OPNSENSE_URL: "https://opnsense.feisar.ovh"
+              S3_URL: "https://s3.feisar.ovh"
            envFrom:
              - secretRef:
                  name: homelab-opnsense-secret
--- a/kubernetes/apps/default/homelab/truenas/backup/truenas-backup.sh
+++ b/kubernetes/apps/default/homelab/truenas/backup/truenas-backup.sh
@@ -44,7 +44,7 @@ curl -fsSL \
    -H "Date: ${http_request_date}" \
    -H "Content-Type: ${http_content_type}" \
    -H "Authorization: AWS ${AWS_ACCESS_KEY_ID}:${http_signature}" \
-    "https://minio.${SECRET_DOMAIN}:9000/${http_filepath}"
+    "https://s3.feisar.ovh/${http_filepath}"

 rm /tmp/backup-*.tar

--- a/kubernetes/apps/default/homelab/truenas/kustomization.yaml
+++ b/kubernetes/apps/default/homelab/truenas/kustomization.yaml
@@ -5,7 +5,6 @@ kind: Kustomization
 namespace: default
 resources:
  - ./backup
-  - ./certs-deploy
  - ./externalsecret.yaml
  - ./photo-sort
  - ../../../../templates/gatus/guarded
--- a/kubernetes/apps/default/homelab/truenas/photo-sort/helmrelease.yaml
+++ b/kubernetes/apps/default/homelab/truenas/photo-sort/helmrelease.yaml
@@ -50,8 +50,8 @@ spec:

                /app/sort.sh
            env:
-              SORT_SOURCE_DIR: /mnt/storage/photo/mobile
-              SORT_DEST_DIR: /mnt/storage/photo
+              SORT_SOURCE_DIR: /var/mnt/vol1/photo/mobile
+              SORT_DEST_DIR: /var/mnt/vol1/photo
    service:
      app:
        controller: *app
@@ -67,7 +67,7 @@ spec:
            readOnly: true
      photo:
        type: nfs
-        path: /mnt/storage/photo
+        path: /var/mnt/vol1/photo
        server: 192.168.9.10
        globalMounts:
-          - path: /mnt/storage/photo
+          - path: /var/mnt/vol1/photo
--- a/kubernetes/apps/default/jellyfin/app/helmrelease.yaml
+++ b/kubernetes/apps/default/jellyfin/app/helmrelease.yaml
@@ -112,21 +112,21 @@ spec:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/music
+        path: /var/mnt/vol1/music
        globalMounts:
          - path: /mnt/storage/music
      photo:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/photo
+        path: /var/mnt/vol1/photo
        globalMounts:
          - path: /mnt/storage/photo
      video:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/video
+        path: /var/mnt/vol1/video
        globalMounts:
          - path: /mnt/storage/video
      transcode:
--- a/kubernetes/apps/default/komga/app/helmrelease.yaml
+++ b/kubernetes/apps/default/komga/app/helmrelease.yaml
@@ -75,6 +75,6 @@ spec:
      comics:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/home/claude/comics
+        path: /var/mnt/vol1/home/claude/comics
        globalMounts:
          - path: /mnt/storage/home/claude/comics
--- a/kubernetes/apps/default/kustomization.yaml
+++ b/kubernetes/apps/default/kustomization.yaml
@@ -33,7 +33,6 @@ resources:
  - ./lms/ks.yaml
  - ./lychee/ks.yaml
  - ./mailrise/ks.yaml
-  - ./media-browser/ks.yaml
  - ./music-transcode/ks.yaml
  - ./navidrome/ks.yaml
  - ./outline/ks.yaml
--- a/kubernetes/apps/default/lidarr/app/helmrelease.yaml
+++ b/kubernetes/apps/default/lidarr/app/helmrelease.yaml
@@ -105,13 +105,13 @@ spec:
      music:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/music
+        path: /var/mnt/vol1/music
        globalMounts:
          - path: /mnt/storage/music
      downloads:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/downloads
+        path: /var/mnt/vol1/downloads
        globalMounts:
          - path: /mnt/storage/downloads
      scripts:
--- a/kubernetes/apps/default/lms/app/helmrelease.yaml
+++ b/kubernetes/apps/default/lms/app/helmrelease.yaml
@@ -37,8 +37,8 @@ spec:
              repository: toertel/logitech-media-server
              tag: v8.4.0-1@sha256:07dde462237c0618034c9d2db33967f5bc0db34544558e8edaac32ef0614555a
            env:
-              AUDIO_DIR: &music /mnt/storage/music
-              PLAYLIST_DIR: &playlist /mnt/storage/apps/lms
+              AUDIO_DIR: &music /var/mnt/vol1/music
+              PLAYLIST_DIR: &playlist /var/mnt/vol1/music/.lms
            resources:
              requests:
                memory: 250Mi
@@ -97,9 +97,9 @@ spec:
      music-helene:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/home/helene/Musique
+        path: /var/mnt/vol1/home/helene/Musique
        globalMounts:
-          - path: /mnt/storage/home/helene/Musique
+          - path: /var/mnt/vol1/home/helene/Musique
      playlists:
        type: nfs
        server: 192.168.9.10
--- a/kubernetes/apps/default/lychee/app/helmrelease.yaml
+++ b/kubernetes/apps/default/lychee/app/helmrelease.yaml
@@ -93,6 +93,6 @@ spec:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/photo
+        path: /var/mnt/vol1/photo
        globalMounts:
          - path: /mnt/storage/photo
--- a/kubernetes/apps/default/music-transcode/app/helmrelease.yaml
+++ b/kubernetes/apps/default/music-transcode/app/helmrelease.yaml
@@ -79,13 +79,13 @@ spec:
            readOnly: true
      music:
        type: nfs
-        path: /mnt/storage/music
+        path: /var/mnt/vol1/music
        server: 192.168.9.10
        globalMounts:
          - path: /mnt/music
      music-transcoded:
        type: nfs
-        path: /mnt/storage/music_transcoded
+        path: /var/mnt/vol1/music_transcoded
        server: 192.168.9.10
        globalMounts:
          - path: /mnt/music_transcoded
--- a/kubernetes/apps/default/navidrome/app/helmrelease.yaml
+++ b/kubernetes/apps/default/navidrome/app/helmrelease.yaml
@@ -45,7 +45,7 @@ spec:
              ND_DATAFOLDER: /config
              ND_ENABLEGRAVATAR: "true"
              ND_LOGLEVEL: info
-              ND_MUSICFOLDER: /mnt/storage/music/Artistes
+              ND_MUSICFOLDER: /var/mnt/vol1/music/Artistes
              ND_PORT: &port 8080
              ND_PROMETHEUS_ENABLED: "true"
              ND_REVERSEPROXYUSERHEADER: Remote-User
@@ -96,7 +96,7 @@ spec:
      music:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/music
+        path: /var/mnt/vol1/music
        globalMounts:
-          - path: /mnt/storage/music
+          - path: /var/mnt/vol1/music
            readOnly: true
--- a/kubernetes/apps/default/outline/app/helmrelease.yaml
+++ b/kubernetes/apps/default/outline/app/helmrelease.yaml
@@ -53,7 +53,7 @@ spec:
              AWS_S3_ACL: private
              AWS_S3_FORCE_PATH_STYLE: "true"
              AWS_S3_UPLOAD_BUCKET_NAME: outline
-              AWS_S3_UPLOAD_BUCKET_URL: "https://minio.${SECRET_DOMAIN}:9000"
+              AWS_S3_UPLOAD_BUCKET_URL: "https://s3.feisar.ovh"
              ENABLE_UPDATES: "false"
              FILE_STORAGE_UPLOAD_MAX_SIZE: "26214400"
              OIDC_AUTH_URI: "https://auth.${SECRET_CLUSTER_DOMAIN}/api/oidc/authorization"
--- a/kubernetes/apps/default/paperless/app/helmrelease.yaml
+++ b/kubernetes/apps/default/paperless/app/helmrelease.yaml
@@ -95,27 +95,27 @@ spec:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/shared-documents/paperless/data
+        path: /var/mnt/vol1/shared-documents/paperless/data
        globalMounts:
          - path: /usr/src/paperless/data
      media:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/shared-documents/paperless/media
+        path: /var/mnt/vol1/shared-documents/paperless/media
        globalMounts:
          - path: /usr/src/paperless/media
      consume:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/shared-documents/paperless/watch
+        path: /var/mnt/vol1/shared-documents/paperless/watch
        globalMounts:
          - path: /usr/src/paperless/consume
      export:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/shared-documents/paperless/export
+        path: /var/mnt/vol1/shared-documents/paperless/export
        globalMounts:
          - path: /usr/src/paperless/export
--- a/kubernetes/apps/default/photoprism/app/helmrelease.yaml
+++ b/kubernetes/apps/default/photoprism/app/helmrelease.yaml
@@ -40,7 +40,7 @@ spec:
              tag: latest@sha256:92c0fb0775e2fa5ac681aef71ccfe3d8de578f659f2e577e2c540eaf56374a88
            env:
              PHOTOPRISM_STORAGE_PATH: &storage /config
-              PHOTOPRISM_ORIGINALS_PATH: &originals /mnt/storage/photo/Gallery
+              PHOTOPRISM_ORIGINALS_PATH: &originals /var/mnt/vol1/photo/Gallery
              PHOTOPRISM_DEBUG: "false"
              PHOTOPRISM_PUBLIC: "true"
              PHOTOPRISM_SITE_URL: "https://photos.${SECRET_CLUSTER_DOMAIN}/"
--- a/kubernetes/apps/default/qbittorrent/app/helmrelease.yaml
+++ b/kubernetes/apps/default/qbittorrent/app/helmrelease.yaml
@@ -94,18 +94,18 @@ spec:
      downloads:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/downloads
+        path: /var/mnt/vol1/downloads
        globalMounts:
          - path: /mnt/storage/downloads
      music-qbittorrent:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/music/.qbittorrent
+        path: /var/mnt/vol1/music/.qbittorrent
        globalMounts:
          - path: /mnt/storage/music/.qbittorrent
      video-qbittorrent:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/video/.qbittorrent
+        path: /var/mnt/vol1/video/.qbittorrent
        globalMounts:
          - path: /mnt/storage/video/.qbittorrent
--- a/kubernetes/apps/default/radarr/app/helmrelease.yaml
+++ b/kubernetes/apps/default/radarr/app/helmrelease.yaml
@@ -106,14 +106,14 @@ spec:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/downloads
+        path: /var/mnt/vol1/downloads
        globalMounts:
          - path: /mnt/storage/downloads
      video:
        enabled: true
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/video
+        path: /var/mnt/vol1/video
        globalMounts:
          - path: /mnt/storage/video
      scripts:
--- a/kubernetes/apps/default/resilio-sync/claude/helmrelease.yaml
+++ b/kubernetes/apps/default/resilio-sync/claude/helmrelease.yaml
@@ -88,36 +88,36 @@ spec:
      backups:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/backups
+        path: /var/mnt/vol1/backups
        globalMounts:
          - path: /sync/backup
      home-claude:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/home/claude
+        path: /var/mnt/vol1/home/claude
        globalMounts:
          - path: /sync/home/claude
      music-transcoded:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/music_transcoded
+        path: /var/mnt/vol1/music_transcoded
        globalMounts:
          - path: /sync/music_transcoded
      photo:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/photo
+        path: /var/mnt/vol1/photo
        globalMounts:
          - path: /sync/photo
      shared-documents:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/shared-documents
+        path: /var/mnt/vol1/shared-documents
        globalMounts:
          - path: /sync/shared-documents
      video:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/video
+        path: /var/mnt/vol1/video
        globalMounts:
          - path: /sync/video
--- a/kubernetes/apps/default/resilio-sync/helene/helmrelease.yaml
+++ b/kubernetes/apps/default/resilio-sync/helene/helmrelease.yaml
@@ -88,18 +88,18 @@ spec:
      backups:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/backups
+        path: /var/mnt/vol1/backups
        globalMounts:
          - path: /sync/backup
      home-helene:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/home/helene
+        path: /var/mnt/vol1/home/helene
        globalMounts:
          - path: /sync/home
      photo:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/photo
+        path: /var/mnt/vol1/photo
        globalMounts:
          - path: /sync/photo
--- a/kubernetes/apps/default/sabnzbd/app/helmrelease.yaml
+++ b/kubernetes/apps/default/sabnzbd/app/helmrelease.yaml
@@ -118,18 +118,18 @@ spec:
      downloads:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/downloads
+        path: /var/mnt/vol1/downloads
        globalMounts:
          - path: /mnt/storage/downloads
      music-usenet:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/music/.usenet
+        path: /var/mnt/vol1/music/.usenet
        globalMounts:
          - path: /mnt/storage/music/.usenet
      video-usenet:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/video/.usenet
+        path: /var/mnt/vol1/video/.usenet
        globalMounts:
          - path: /mnt/storage/video/.usenet
--- a/kubernetes/apps/default/sharry/app/config/sharry.conf
+++ b/kubernetes/apps/default/sharry/app/config/sharry.conf
@@ -33,7 +33,7 @@ sharry.restserver {
        minio =
          { enabled = true
            type = "s3"
-            endpoint = "https://minio.${SECRET_DOMAIN}:9000"
+            endpoint = "https://s3.feisar.ovh"
            access-key = "${SECRET_SHARRY_MINIO_S3_ACCESS_KEY}"
            secret-key = "${SECRET_SHARRY_MINIO_S3_SECRET_KEY}"
            bucket = "sharry"
--- a/kubernetes/apps/default/sonarr/app/helmrelease.yaml
+++ b/kubernetes/apps/default/sonarr/app/helmrelease.yaml
@@ -122,13 +122,13 @@ spec:
      downloads:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/downloads
+        path: /var/mnt/vol1/downloads
        globalMounts:
          - path: /mnt/storage/downloads
      video:
        type: nfs
        server: 192.168.9.10
-        path: /mnt/storage/video
+        path: /var/mnt/vol1/video
        globalMounts:
          - path: /mnt/storage/video
      scripts:
--- a/kubernetes/apps/monitoring/thanos/app/helmrelease.yaml
+++ b/kubernetes/apps/monitoring/thanos/app/helmrelease.yaml
@@ -35,7 +35,7 @@ spec:
      type: s3
      config:
        bucket: thanos
-        endpoint: "minio.${SECRET_DOMAIN}:9000"
+        endpoint: "s3.feisar.ovh"
        region: ""
        # insecure: true
    query:
--- a/kubernetes/templates/volsync/minio.yaml
+++ b/kubernetes/templates/volsync/minio.yaml
@@ -13,7 +13,7 @@ spec:
    template:
      engineVersion: v2
      data:
-        RESTIC_REPOSITORY: "{{ .REPOSITORY_TEMPLATE }}/${APP}"
+        RESTIC_REPOSITORY: s3:https://s3.feisar.ovh/volsync
        RESTIC_PASSWORD: "{{ .RESTIC_PASSWORD }}"
        AWS_ACCESS_KEY_ID: "{{ .AWS_ACCESS_KEY_ID }}"
        AWS_SECRET_ACCESS_KEY: "{{ .AWS_SECRET_ACCESS_KEY }}"