diff --git a/kubernetes/apps/default/kustomization.yaml b/kubernetes/apps/default/kustomization.yaml index aea2fec7..e135e77c 100644 --- a/kubernetes/apps/default/kustomization.yaml +++ b/kubernetes/apps/default/kustomization.yaml @@ -14,6 +14,7 @@ resources: - ./prowlarr/ks.yaml - ./radarr/ks.yaml - ./recyclarr/ks.yaml + - ./redlib/ks.yaml - ./sabnzbd/ks.yaml - ./searxng/ks.yaml - ./sonarr/ks.yaml diff --git a/kubernetes/apps/default/redlib/app/externalsecret.yaml b/kubernetes/apps/default/redlib/app/externalsecret.yaml new file mode 100644 index 00000000..93b59b4e --- /dev/null +++ b/kubernetes/apps/default/redlib/app/externalsecret.yaml @@ -0,0 +1,19 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: redlib +spec: + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-connect + target: + name: radarr-secret + template: + engineVersion: v2 + data: + REDLIB_DEFAULT_SUBSCRIPTIONS: "{{ .REDLIB_DEFAULT_SUBSCRIPTIONS }}" + dataFrom: + - extract: + key: redlib diff --git a/kubernetes/apps/default/redlib/app/helmrelease.yaml b/kubernetes/apps/default/redlib/app/helmrelease.yaml new file mode 100644 index 00000000..36578c4d --- /dev/null +++ b/kubernetes/apps/default/redlib/app/helmrelease.yaml @@ -0,0 +1,100 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app redlib + namespace: default +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 3.2.1 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + uninstall: + keepHistory: false + values: + defaultPodOptions: + securityContext: + runAsUser: 65534 + runAsGroup: 65534 + runAsNonRoot: true + controllers: + redlib: + annotations: + reloader.stakater.com/auto: "true" + containers: + app: + image: + repository: quay.io/redlib/redlib + tag: latest@sha256:4e2fcaa13352df94f27e970797bbf072b394dafacfeb79b2f33c6f6b79ade778 + env: + REDLIB_DEFAULT_SHOW_NSFW: on + REDLIB_DEFAULT_WIDE: on + REDLIB_DEFAULT_USE_HLS: on + REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION: on + envFrom: + - secretRef: + name: redlib-secret + resources: + requests: + cpu: 5m + memory: 50Mi + limits: + memory: 250Mi + probes: + liveness: &probes + enabled: true + custom: true + spec: + httpGet: + path: /settings + port: &port 8080 + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + readiness: *probes + startup: + enabled: false + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + service: + app: + controller: *app + ports: + http: + port: *port + ingress: + app: + enabled: true + className: external-nginx + annotations: + external-dns.alpha.kubernetes.io/cloudflare-proxied: "true" + external-dns.alpha.kubernetes.io/target: external.hsn.dev + + hosts: + - host: &host red.hsn.dev + paths: + - path: / + service: + identifier: app + port: http + tls: + - hosts: + - *host diff --git a/kubernetes/apps/default/redlib/app/kustomization.yaml b/kubernetes/apps/default/redlib/app/kustomization.yaml new file mode 100644 index 00000000..4eed917b --- /dev/null +++ b/kubernetes/apps/default/redlib/app/kustomization.yaml @@ -0,0 +1,7 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./externalsecret.yaml + - ./helmrelease.yaml diff --git a/kubernetes/apps/default/redlib/ks.yaml b/kubernetes/apps/default/redlib/ks.yaml new file mode 100644 index 00000000..6d71511b --- /dev/null +++ b/kubernetes/apps/default/redlib/ks.yaml @@ -0,0 +1,26 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app radarr + namespace: flux-system +spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: external-secrets-stores + path: ./kubernetes/apps/default/redlib/app + prune: true + sourceRef: + kind: GitRepository + name: homelab + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app