Compare commits
2 commits
890ab62da7
...
b4f59aa157
Author | SHA1 | Date | |
---|---|---|---|
b4f59aa157 | |||
51d231f343 |
9 changed files with 188 additions and 4 deletions
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/external-secrets.io/externalsecret_v1beta1.json
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/external-secrets.io/externalsecret_v1beta1.json
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
|
|
|
@ -7,3 +7,4 @@ resources:
|
|||
- ./namespace.yaml
|
||||
# Flux-Kustomizations
|
||||
- ./home-assistant/ks.yaml
|
||||
- ./mosquitto/ks.yaml
|
|
@ -0,0 +1,9 @@
|
|||
per_listener_settings false
|
||||
listener 1883
|
||||
allow_anonymous false
|
||||
persistence true
|
||||
persistence_location /data
|
||||
autosave_interval 1800
|
||||
connection_messages false
|
||||
autosave_interval 60
|
||||
password_file /mosquitto/external_config/mosquitto_pwd
|
|
@ -0,0 +1,27 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: mosquitto
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: onepassword-connect
|
||||
target:
|
||||
name: mosquitto-secret
|
||||
creationPolicy: Owner
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
mosquitto_pwd: |
|
||||
{{ .mosquitto_username }}:{{ .mosquitto_password }}
|
||||
{{ .mosquitto_zwave_username }}:{{ .mosquitto_zwave_password }}
|
||||
{{ .mosquitto_home_assistant_username }}:{{ .mosquitto_home_assistant_password }}
|
||||
dataFrom:
|
||||
- extract:
|
||||
key: mosquitto
|
||||
rewrite:
|
||||
- regexp:
|
||||
source: "(.*)"
|
||||
target: "mosquitto_$1"
|
105
kubernetes/apps/home-automation/mosquitto/app/helmrelease.yaml
Normal file
105
kubernetes/apps/home-automation/mosquitto/app/helmrelease.yaml
Normal file
|
@ -0,0 +1,105 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: mosquitto
|
||||
spec:
|
||||
interval: 30m
|
||||
chart:
|
||||
spec:
|
||||
chart: app-template
|
||||
version: 3.1.0
|
||||
interval: 30m
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bjw-s
|
||||
namespace: flux-system
|
||||
|
||||
values:
|
||||
controllers:
|
||||
mosquitto:
|
||||
annotations:
|
||||
reloader.stakater.com/auto: "true"
|
||||
|
||||
pod:
|
||||
securityContext:
|
||||
runAsUser: 568
|
||||
runAsGroup: 568
|
||||
fsGroup: 568
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
initContainers:
|
||||
init-config:
|
||||
image:
|
||||
repository: public.ecr.aws/docker/library/eclipse-mosquitto
|
||||
tag: 2.0.18
|
||||
command:
|
||||
- "/bin/sh"
|
||||
- "-c"
|
||||
args:
|
||||
- cp /tmp/secret/* /mosquitto/external_config/;
|
||||
mosquitto_passwd -U /mosquitto/external_config/mosquitto_pwd;
|
||||
chmod 0600 /mosquitto/external_config/mosquitto_pwd;
|
||||
|
||||
containers:
|
||||
app:
|
||||
image:
|
||||
repository: public.ecr.aws/docker/library/eclipse-mosquitto
|
||||
tag: 2.0.18
|
||||
probes:
|
||||
liveness:
|
||||
enabled: true
|
||||
readiness:
|
||||
enabled: true
|
||||
startup:
|
||||
enabled: true
|
||||
spec:
|
||||
failureThreshold: 30
|
||||
periodSeconds: 5
|
||||
resources:
|
||||
requests:
|
||||
cpu: 5m
|
||||
memory: 10M
|
||||
limits:
|
||||
memory: 10M
|
||||
|
||||
service:
|
||||
app:
|
||||
controller: mosquitto
|
||||
type: LoadBalancer
|
||||
annotations:
|
||||
external-dns.alpha.kubernetes.io/hostname: "mqtt.jahanson.tech"
|
||||
io.cilium/lb-ipam-ips: "10.45.0.10"
|
||||
externalTrafficPolicy: Local
|
||||
ports:
|
||||
mqtt:
|
||||
enabled: true
|
||||
port: 1883
|
||||
|
||||
persistence:
|
||||
data:
|
||||
existingClaim: mosquitto-data
|
||||
advancedMounts:
|
||||
mosquitto:
|
||||
app:
|
||||
- path: /data
|
||||
mosquitto-configfile:
|
||||
type: configMap
|
||||
name: mosquitto-configmap
|
||||
advancedMounts:
|
||||
mosquitto:
|
||||
app:
|
||||
- path: /mosquitto/config/mosquitto.conf
|
||||
subPath: mosquitto.conf
|
||||
mosquitto-secret:
|
||||
type: secret
|
||||
name: mosquitto-secret
|
||||
advancedMounts:
|
||||
mosquitto:
|
||||
init-config:
|
||||
- path: /tmp/secret
|
||||
mosquitto-externalconfig:
|
||||
type: emptyDir
|
||||
globalMounts:
|
||||
- path: /mosquitto/external_config
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./helmrelease.yaml
|
||||
- ./externalsecret.yaml
|
||||
- ../../../../templates/volsync
|
||||
configMapGenerator:
|
||||
- name: mosquitto-configmap
|
||||
files:
|
||||
- config/mosquitto.conf
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
28
kubernetes/apps/home-automation/mosquitto/ks.yaml
Normal file
28
kubernetes/apps/home-automation/mosquitto/ks.yaml
Normal file
|
@ -0,0 +1,28 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: &appname mosquitto
|
||||
namespace: flux-system
|
||||
spec:
|
||||
targetNamespace: home-automation
|
||||
commonMetadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: *appname
|
||||
interval: 10m
|
||||
path: "./kubernetes/apps/home-automation/mosquitto/app"
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: homelab
|
||||
wait: true
|
||||
dependsOn:
|
||||
- name: rook-ceph-cluster
|
||||
- name: volsync
|
||||
- name: external-secrets-stores
|
||||
postBuild:
|
||||
substitute:
|
||||
APP: *appname
|
||||
VOLSYNC_CLAIM: mosquitto-data
|
||||
VOLSYNC_CAPACITY: 512Mi
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/external-secrets.io/externalsecret_v1beta1.json
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
|
|
Loading…
Reference in a new issue