Compare commits

..

3 commits

10 changed files with 282 additions and 21 deletions

View file

@ -7,4 +7,5 @@ resources:
- ./namespace.yaml
# Flux-Kustomizations
- ./home-assistant/ks.yaml
- ./mosquitto/ks.yaml
- ./matter-server/ks.yaml
- ./mosquitto/ks.yaml

View file

@ -0,0 +1,107 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: &app matter-server
spec:
interval: 15m
chart:
spec:
chart: app-template
version: 3.2.1
interval: 15m
sourceRef:
kind: HelmRepository
name: bjw-s
namespace: flux-system
maxHistory: 3
install:
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
strategy: rollback
retries: 3
values:
controllers:
matter-server:
type: statefulset
annotations:
reloader.stakater.com/auto: "true"
pod:
annotations:
k8s.v1.cni.cncf.io/networks: |
[{
"name":"multus-iot",
"namespace": "kube-system",
"ips": ["10.1.3.152/24"]
}]
securityContext:
runAsUser: 568
runAsGroup: 568
runAsNonRoot: true
fsGroup: 568
fsGroupChangePolicy: OnRootMismatch
containers:
app:
image:
repository: ghcr.io/home-assistant-libs/python-matter-server
tag: 6.0.1
pullPolicy: IfNotPresent
env:
TZ: "America/Chicago"
MATTER_SERVER__INSTANCE_NAME: Matter-Server
MATTER_SERVER__PORT: &port 5580
MATTER_SERVER__APPLICATION_URL: &host matter.jahanson.tech
MATTER_SERVER__LOG_LEVEL: info
probes:
liveness:
enabled: true
readiness:
enabled: true
startup:
enabled: true
spec:
failureThreshold: 30
periodSeconds: 5
resources:
requests:
memory: "100M"
limits:
memory: "500M"
service:
app:
controller: *app
type: LoadBalancer
annotations:
io.cilium/lb-ipam-ips: "10.1.1.37"
ports:
api:
enabled: true
primary: true
protocol: TCP
port: *port
externalTrafficPolicy: Cluster
persistence:
config:
enabled: true
existingClaim: matter-server
advancedMounts:
matter-server:
app:
- path: "/data"
ingress:
app:
className: internal-nginx
hosts:
- host: *host
paths:
- path: /
service:
identifier: app
port: http
tls:
- hosts: [*host]

View file

@ -0,0 +1,7 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./helmrelease.yaml
- ../../../../templates/volsync

View file

@ -0,0 +1,28 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: &app matter-server
namespace: flux-system
spec:
targetNamespace: home-automation
commonMetadata:
labels:
app.kubernetes.io/name: *app
dependsOn:
- name: openebs-cluster
- name: volsync
path: ./kubernetes/apps/home-automation/matter-server/app
prune: true
sourceRef:
kind: GitRepository
name: homelab
wait: false
interval: 30m
retryInterval: 1m
timeout: 5m
postBuild:
substitute:
APP: *app
VOLSYNC_CAPACITY: 1Gi

View file

@ -0,0 +1,17 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/cdi.kubevirt.io/datavolume_v1beta1.json
apiVersion: cdi.kubevirt.io/v1beta1
kind: DataVolume
metadata:
name: "nixos-minimal"
spec:
storage:
resources:
requests:
storage: 2Gi
storageClassName: "openebs-zfs"
accessModes:
- "ReadWriteOnce"
source:
http:
url: "https://channels.nixos.org/nixos-23.11/latest-nixos-minimal-x86_64-linux.iso"

View file

@ -0,0 +1,22 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/cdi.kubevirt.io/storageprofile_v1beta1.json
apiVersion: cdi.kubevirt.io/v1beta1
kind: StorageProfile
metadata:
labels:
app: containerized-data-importer
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-controller
cdi.kubevirt.io: ""
name: openebs-zfs
spec: {}
status:
cloneStrategy: snapshot
dataImportCronSourceFormat: pvc
provisioner: zfs.csi.openebs.io
snapshotClass: openebs-zfs
storageClass: openebs-zfs
claimPropertySets:
- volumeMode: Block
accessModes:
- "ReadWriteOnce"

View file

@ -0,0 +1,12 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: fj-runner-01-disk1
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 80Gi
storageClassName: openebs-zfs

View file

@ -5,37 +5,35 @@ kind: VirtualMachine
metadata:
name: fj-runner-01
namespace: default
uid: e0725361-eb07-44bc-bb01-7a1dba39622a
labels:
kubevirt-manager.io/managed: "true"
kubevirt.io/domain: fj-runner-01
spec:
running: true
running: false
template:
metadata:
creationTimestamp: null
labels:
kubevirt-manager.io/managed: "true"
kubevirt.io/domain: fj-runner-01
spec:
architecture: amd64
domain:
clock:
timezone: "America/Chicago"
cpu:
cores: 4
sockets: 1
threads: 2
devices:
disks:
- disk: {}
- disk:
bus: virtio
name: disk1
bootOrder: 0
- disk: {}
name: disk2
bootOrder: 1
- cdrom:
bus: sata
name: nixosiso
interfaces:
- bridge: {}
name: net1
networkInterfaceMultiqueue: true
firmware:
# this sets the bootloader type
bootloader:
efi:
secureBoot: false
machine:
type: q35
resources:
@ -48,9 +46,9 @@ spec:
kubernetes.io/hostname: shadowfax
priorityClassName: vm-standard
volumes:
- name: disk1
persistentVolumeClaim:
claimName: fj-runner-01-disk1
- dataVolume:
name: default-fj-runner-01-disk1
name: disk1
- dataVolume:
name: default-fj-runner-01-disk2
name: disk2
name: "nixos-minimal"
name: nixosiso

View file

@ -0,0 +1,15 @@
# yaml-language-server: $schema=https://ks.hsn.dev/cdi.kubevirt.io/datavolume_v1beta1.json
apiVersion: cdi.kubevirt.io/v1beta1
kind: DataVolume
metadata:
name: "fj-runner-02-disk1"
spec:
storage:
resources:
requests:
storage: 80Gi
storageClassName: "openebs-zfs"
accessModes:
- "ReadWriteOnce"
source:
blank: {}

View file

@ -0,0 +1,54 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/kubevirt.io/virtualmachine_v1.json
apiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
name: fj-runner-02
namespace: default
spec:
running: false
template:
spec:
architecture: amd64
domain:
clock:
timezone: "America/Chicago"
cpu:
cores: 4
sockets: 1
threads: 2
devices:
disks:
- disk:
bus: virtio
name: disk1
- cdrom:
bus: sata
name: nixosiso
interfaces:
- bridge: {}
name: net1
networkInterfaceMultiqueue: true
firmware:
# this sets the bootloader type
bootloader:
efi:
secureBoot: false
machine:
type: q35
resources:
requests:
memory: 8Gi
networks:
- name: net1
pod: {}
nodeSelector:
kubernetes.io/hostname: shadowfax
priorityClassName: vm-standard
volumes:
- dataVolume:
name: fj-runner-02-disk1
name: disk1
- dataVolume:
name: "nixos-minimal"
name: nixosiso