---
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: &app home-assistant
  namespace: default
spec:
  interval: 30m
  chart:
    spec:
      chart: app-template
      version: 3.2.1
      sourceRef:
        kind: HelmRepository
        name: bjw-s
        namespace: flux-system
  maxHistory: 2
  install:
    createNamespace: true
    remediation:
      retries: 3
  upgrade:
    cleanupOnFail: true
    remediation:
      strategy: rollback
      retries: 3
  uninstall:
    keepHistory: false
  values:
    defaultPodOptions:
      securityContext:
        runAsUser: 0
        runAsGroup: 0
        fsGroup: 0
        fsGroupChangePolicy: OnRootMismatch
      nodeSelector:
        nodo.feature.node.kubernetes.io/rflink: "true"
    controllers:
      home-assistant:
        annotations:
          reloader.stakater.com/auto: "true"
        initContainers:
          init-db:
            image:
              repository: ghcr.io/onedr0p/postgres-init
              tag: 16
            envFrom: &envFrom
              - secretRef:
                  name: home-assistant-secret
        containers:
          app:
            image:
              repository: ghcr.io/onedr0p/home-assistant
              tag: 2024.6.3@sha256:74e6ffd612eed81f093a3a2423518c849d84a8944459f806ad08777bf3a45d4d
            env:
              TZ: "${TIMEZONE}"
              POSTGRES_HOST: ${POSTGRES_HOST}
              POSTGRES_DB: home_assistant
            envFrom: *envFrom
            probes:
              liveness:
                enabled: false
              readiness:
                enabled: false
              startup:
                enabled: false
            resources:
              requests:
                cpu: 10m
                memory: 128Mi
              limits:
                memory: 1Gi
            securityContext:
              privileged: true
    service:
      app:
        controller: *app
        type: LoadBalancer
        loadBalancerIP: 192.168.169.107
        externalTrafficPolicy: Local
        ports:
          http:
            port: 8123
    ingress:
      app:
        enabled: true
        className: nginx
        annotations:
          hajimari.io/icon: mdi:home-assistant
        hosts:
          - host: &host "hass.${SECRET_EXTERNAL_DOMAIN}"
            paths:
              - path: /
                service:
                  identifier: app
                  port: http
        tls:
          - hosts:
              - *host
    persistence:
      config:
        enabled: true
        existingClaim: *app
        globalMounts:
          - path: /config
      usb:
        enabled: true
        type: hostPath
        hostPath: /dev/serial/by-id/usb-Arduino__www.arduino.cc__0042_5503731323735171A241-if00
        hostPathType: CharDevice
        globalMounts:
          - path: /dev/ttyUSB0