mirror of
https://github.com/auricom/home-cluster.git
synced 2025-09-30 05:44:34 +02:00
141 lines
4.0 KiB
YAML
141 lines
4.0 KiB
YAML
---
|
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: &app onepassword-connect
|
|
namespace: kube-system
|
|
spec:
|
|
interval: 30m
|
|
chart:
|
|
spec:
|
|
chart: app-template
|
|
version: 3.5.1
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: bjw-s
|
|
namespace: flux-system
|
|
maxHistory: 2
|
|
install:
|
|
createNamespace: true
|
|
remediation:
|
|
retries: 3
|
|
upgrade:
|
|
cleanupOnFail: true
|
|
remediation:
|
|
strategy: rollback
|
|
retries: 3
|
|
uninstall:
|
|
keepHistory: false
|
|
values:
|
|
controllers:
|
|
onepassword-connect:
|
|
annotations:
|
|
reloader.stakater.com/auto: "true"
|
|
pod:
|
|
securityContext:
|
|
runAsUser: 999
|
|
runAsGroup: 999
|
|
containers:
|
|
app:
|
|
image:
|
|
# repository: docker.io/1password/connect-api
|
|
repository: ghcr.io/haraldkoch/onepassword-connect-api
|
|
tag: 1.7.2@sha256:da8cb369fb841a7bd9447c909d273de4053ecc9c2b2e6432c5af6c2e08b82da1
|
|
env:
|
|
OP_BUS_PORT: "11220"
|
|
OP_BUS_PEERS: "localhost:11221"
|
|
OP_HTTP_PORT: &port 8080
|
|
OP_SESSION:
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: onepassword-connect-secret
|
|
key: onepassword-credentials.json
|
|
probes:
|
|
liveness:
|
|
enabled: true
|
|
custom: true
|
|
spec:
|
|
httpGet:
|
|
path: /heartbeat
|
|
port: *port
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 30
|
|
failureThreshold: 3
|
|
readiness:
|
|
enabled: true
|
|
custom: true
|
|
spec:
|
|
httpGet:
|
|
path: /health
|
|
port: *port
|
|
initialDelaySeconds: 15
|
|
startup:
|
|
enabled: false
|
|
resources:
|
|
requests:
|
|
cpu: 5m
|
|
memory: 10Mi
|
|
limits:
|
|
memory: 100Mi
|
|
sync:
|
|
# image: docker.io/1password/connect-sync:1.7.0
|
|
image:
|
|
repository: ghcr.io/haraldkoch/onepassword-sync
|
|
tag: 1.7.2@sha256:3e40f8903ec77b3476365fe300aeb326c75c94ff546e82060823561242ade674
|
|
env:
|
|
- { name: OP_HTTP_PORT, value: &sport 8081 }
|
|
- { name: OP_BUS_PORT, value: "11221" }
|
|
- { name: OP_BUS_PEERS, value: "localhost:11220" }
|
|
- name: OP_SESSION
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: onepassword-connect-secret
|
|
key: onepassword-credentials.json
|
|
probes:
|
|
readiness:
|
|
enabled: true
|
|
custom: true
|
|
spec:
|
|
httpGet:
|
|
path: /health
|
|
port: *sport
|
|
initialDelaySeconds: 15
|
|
liveness:
|
|
enabled: true
|
|
custom: true
|
|
spec:
|
|
httpGet:
|
|
path: /heartbeat
|
|
port: *sport
|
|
failureThreshold: 3
|
|
periodSeconds: 30
|
|
initialDelaySeconds: 15
|
|
service:
|
|
app:
|
|
controller: *app
|
|
ports:
|
|
http:
|
|
port: *port
|
|
ingress:
|
|
app:
|
|
enabled: true
|
|
className: nginx
|
|
annotations:
|
|
hajimari.io/enable: "false"
|
|
hosts:
|
|
- host: &host "{{ .Release.Name }}.${SECRET_EXTERNAL_DOMAIN}"
|
|
paths:
|
|
- path: /
|
|
service:
|
|
identifier: app
|
|
port: http
|
|
tls:
|
|
- hosts:
|
|
- *host
|
|
persistence:
|
|
shared:
|
|
type: emptyDir
|
|
globalMounts:
|
|
- path: /home/opuser/.op/data
|